Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/04019c-ad17-428d-b3a2-1be13ba8d456/1/qmWvaX3x9s2vTLvWbePUO-2GnpA.mft
File: qmWvaX3x9s2vTLvWbePUO-2GnpA.mft (raw, json)
Hash identifier: XlR0ToxYMP3rQPytsfEMbMQeKsgydorseJlVppuV1Uk=
Subject key identifier: C5:59:39:71:69:68:2E:59:48:D4:0B:3C:87:23:9E:5A:AF:36:10:C3
Authority key identifier: AA:65:AF:69:7D:F1:F6:CD:AF:4C:BB:D6:6D:E3:D4:3B:ED:86:9E:90
Certificate issuer: /CN=aa65af697df1f6cdaf4cbbd66de3d43bed869e90
Certificate serial: 019D2929188FE0D18A18EB380D7937DBC779
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qmWvaX3x9s2vTLvWbePUO-2GnpA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/04019c-ad17-428d-b3a2-1be13ba8d456/1/qmWvaX3x9s2vTLvWbePUO-2GnpA.mft
Manifest number: 0EA4
Signing time: Thu 26 Mar 2026 08:00:52 +0000
Manifest this update: Thu 26 Mar 2026 08:00:52 +0000
Manifest next update: Fri 27 Mar 2026 08:00:52 +0000
Files and hashes: 1: PGUUZM8u8YWCrmYPpZ5UGlkMe7E.roa (hash: vabTxUmDYcjlCjqakgT+rEZSHxdr7LOmZlkCx88W/fM=)
2: qmWvaX3x9s2vTLvWbePUO-2GnpA.crl (hash: 4RH19LtiWaZvFpwdwL2zY0hBhUykmOY6reI0LFfnPlY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/04019c-ad17-428d-b3a2-1be13ba8d456/1/qmWvaX3x9s2vTLvWbePUO-2GnpA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/04019c-ad17-428d-b3a2-1be13ba8d456/1/qmWvaX3x9s2vTLvWbePUO-2GnpA.mft
rsync://rpki.ripe.net/repository/DEFAULT/qmWvaX3x9s2vTLvWbePUO-2GnpA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 08:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:29:18:8f:e0:d1:8a:18:eb:38:0d:79:37:db:c7:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa65af697df1f6cdaf4cbbd66de3d43bed869e90
Validity
Not Before: Mar 26 08:00:52 2026 GMT
Not After : Mar 27 08:00:52 2026 GMT
Subject: CN=c559397169682e5948d40b3c87239e5aaf3610c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:bd:08:39:2f:fd:06:ab:3c:58:45:eb:c1:77:
ab:f6:b8:33:b1:e3:91:6e:bc:c0:70:ad:63:fb:bc:
d6:8d:7d:1e:a6:58:0e:79:02:52:78:c9:b6:a6:24:
6d:05:5e:70:46:cf:29:ba:f1:ef:65:66:33:72:bc:
29:ac:ce:84:86:e7:91:2b:67:75:8c:cb:22:22:19:
a3:48:9f:64:16:36:2e:52:aa:8e:a5:d3:4a:d0:e5:
68:5e:d9:4f:75:ca:ec:92:5c:92:28:de:fe:5c:b1:
6f:92:6c:eb:d3:5a:03:18:b1:c4:52:0f:74:78:a3:
08:29:80:58:e4:15:52:78:f2:45:b0:e0:cb:40:f1:
52:42:03:9d:86:3d:b9:6a:fc:2c:de:dc:2b:c7:b1:
ef:d9:c0:d5:39:8f:40:8b:47:41:78:6c:a1:ba:27:
2c:74:05:77:6a:bf:ac:c0:91:ed:3b:cf:67:27:bb:
32:4a:d6:c0:20:de:12:2e:07:86:59:18:7c:19:e3:
fe:bf:9d:92:07:00:2c:61:3f:91:74:1e:89:ba:4d:
d1:a4:e4:70:8d:c0:92:06:c7:7b:8f:0d:3a:0d:0e:
67:45:84:a1:2f:c5:3d:c6:ce:6b:71:11:5d:cb:3a:
a7:ba:f5:5e:e4:09:47:a3:a2:a7:8c:9b:41:8b:75:
df:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:59:39:71:69:68:2E:59:48:D4:0B:3C:87:23:9E:5A:AF:36:10:C3
X509v3 Authority Key Identifier:
keyid:AA:65:AF:69:7D:F1:F6:CD:AF:4C:BB:D6:6D:E3:D4:3B:ED:86:9E:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qmWvaX3x9s2vTLvWbePUO-2GnpA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/04019c-ad17-428d-b3a2-1be13ba8d456/1/qmWvaX3x9s2vTLvWbePUO-2GnpA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/04019c-ad17-428d-b3a2-1be13ba8d456/1/qmWvaX3x9s2vTLvWbePUO-2GnpA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
48:0d:a3:49:ed:fd:0f:81:0f:20:bb:6b:0f:e2:78:86:67:22:
8c:5b:69:9c:8c:26:22:70:7c:a3:0e:2a:11:67:34:0e:25:08:
a8:a9:d5:6d:3b:00:05:f3:4f:e6:8e:d0:85:a2:b8:e4:59:de:
85:bf:6c:c7:9a:3d:8e:e3:63:ce:94:de:12:3a:70:d1:65:40:
11:65:a7:b1:b9:c8:5c:a6:ce:3c:1c:65:30:23:c4:e8:6c:03:
24:24:cf:dc:71:16:2a:1f:48:d2:63:8a:37:d6:d5:95:21:e0:
b0:b3:e5:0c:98:2f:77:33:22:27:63:f6:8c:a6:d8:c5:59:e2:
65:20:41:0c:b1:d1:bc:d8:df:a0:59:94:91:bf:8f:c0:21:4f:
25:e4:d9:9b:38:ba:c7:53:1f:36:b5:46:a2:50:b3:44:d7:a1:
51:b3:44:39:6e:33:be:06:d3:e2:37:a3:c5:92:6d:d6:15:1b:
6c:98:cf:2e:51:64:f4:8b:44:50:c0:83:d9:37:f7:60:c7:00:
d5:36:fc:07:98:79:cb:64:4a:14:f0:d1:f7:e5:46:31:7c:be:
b7:2e:bb:3a:b7:97:58:8b:73:03:e1:98:88:b7:29:d6:e5:de:
49:c6:ff:25:c0:98:66:2d:3a:a2:df:ed:f5:c1:73:4c:3f:69:
af:f0:4f:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pKRiP4NGKGOs4DXk328d5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNjVhZjY5N2RmMWY2Y2RhZjRjYmJkNjZkZTNkNDNiZWQ4
NjllOTAwHhcNMjYwMzI2MDgwMDUyWhcNMjYwMzI3MDgwMDUyWjAzMTEwLwYDVQQD
EyhjNTU5Mzk3MTY5NjgyZTU5NDhkNDBiM2M4NzIzOWU1YWFmMzYxMGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArL0IOS/9Bqs8WEXrwXer9rgzseOR
brzAcK1j+7zWjX0eplgOeQJSeMm2piRtBV5wRs8puvHvZWYzcrwprM6EhueRK2d1
jMsiIhmjSJ9kFjYuUqqOpdNK0OVoXtlPdcrsklySKN7+XLFvkmzr01oDGLHEUg90
eKMIKYBY5BVSePJFsODLQPFSQgOdhj25avws3twrx7Hv2cDVOY9Ai0dBeGyhuics
dAV3ar+swJHtO89nJ7syStbAIN4SLgeGWRh8GeP+v52SBwAsYT+RdB6Juk3RpORw
jcCSBsd7jw06DQ5nRYShL8U9xs5rcRFdyzqnuvVe5AlHo6KnjJtBi3Xf8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMVZOXFpaC5ZSNQLPIcjnlqvNhDDMB8GA1UdIwQY
MBaAFKplr2l98fbNr0y71m3j1Dvthp6QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW1XdmFYM3g5czJ2VEx2V2JlUFVPLTJHbnBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8wNDAxOWMtYWQxNy00MjhkLWIzYTIt
MWJlMTNiYThkNDU2LzEvcW1XdmFYM3g5czJ2VEx2V2JlUFVPLTJHbnBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8wNDAxOWMtYWQxNy00MjhkLWIzYTItMWJlMTNiYThkNDU2
LzEvcW1XdmFYM3g5czJ2VEx2V2JlUFVPLTJHbnBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASA2jSe39
D4EPILtrD+J4hmcijFtpnIwmInB8ow4qEWc0DiUIqKnVbTsABfNP5o7QhaK45Fne
hb9sx5o9juNjzpTeEjpw0WVAEWWnsbnIXKbOPBxlMCPE6GwDJCTP3HEWKh9I0mOK
N9bVlSHgsLPlDJgvdzMiJ2P2jKbYxVniZSBBDLHRvNjfoFmUkb+PwCFPJeTZmzi6
x1MfNrVGolCzRNehUbNEOW4zvgbT4jejxZJt1hUbbJjPLlFk9ItEUMCD2Tf3YMcA
1Tb8B5h5y2RKFPDR9+VGMXy+ty67OreXWItzA+GYiLcp1uXeScb/JcCYZi06ot/t
9cFzTD9pr/BPfg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:08:56 2026 by rpki-client