Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/0a030f-abb5-4e37-96a3-b4f120122922/1/WqKpJUebz8vBloipUqJDAfTnaDk.mft
File: WqKpJUebz8vBloipUqJDAfTnaDk.mft (raw, json)
Hash identifier: Br9U2leYMcfs8g6iA0omXhdMOKhqezpgrYMqrIMHINY=
Subject key identifier: 17:49:58:A1:0E:5F:12:5C:3F:8F:4A:56:3C:8B:EF:7C:5C:E7:07:BC
Authority key identifier: 5A:A2:A9:25:47:9B:CF:CB:C1:96:88:A9:52:A2:43:01:F4:E7:68:39
Certificate issuer: /CN=5aa2a925479bcfcbc19688a952a24301f4e76839
Certificate serial: 019D27DFDAA914E8919969293AEDEB3E58F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WqKpJUebz8vBloipUqJDAfTnaDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/0a030f-abb5-4e37-96a3-b4f120122922/1/WqKpJUebz8vBloipUqJDAfTnaDk.mft
Manifest number: 09DE
Signing time: Thu 26 Mar 2026 02:01:15 +0000
Manifest this update: Thu 26 Mar 2026 02:01:15 +0000
Manifest next update: Fri 27 Mar 2026 02:01:15 +0000
Files and hashes: 1: Kri8lcqdAC5Txkl5fI-cqACqq6c.roa (hash: J1QbpgXMbeBVuARIX0Ol8v/rcfJIXCmPbQPctcPNzxM=)
2: WqKpJUebz8vBloipUqJDAfTnaDk.crl (hash: WAs44YA20r/jX9H3blEq0cxKBIK8VCe3YOgiVDWJ0Es=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/0a030f-abb5-4e37-96a3-b4f120122922/1/WqKpJUebz8vBloipUqJDAfTnaDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/0a030f-abb5-4e37-96a3-b4f120122922/1/WqKpJUebz8vBloipUqJDAfTnaDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/WqKpJUebz8vBloipUqJDAfTnaDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:df:da:a9:14:e8:91:99:69:29:3a:ed:eb:3e:58:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5aa2a925479bcfcbc19688a952a24301f4e76839
Validity
Not Before: Mar 26 02:01:15 2026 GMT
Not After : Mar 27 02:01:15 2026 GMT
Subject: CN=174958a10e5f125c3f8f4a563c8bef7c5ce707bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:5b:1b:8a:57:4c:c0:69:82:27:8e:79:86:a7:
80:2c:e6:49:0c:68:f3:d2:6a:d9:50:db:60:8e:a9:
f7:ca:88:8c:a7:07:d4:45:91:55:b9:4b:7f:3d:66:
9d:d9:e1:01:45:12:76:b3:38:5b:66:08:24:c0:d0:
b6:68:1d:91:bd:15:ec:75:dc:24:f9:ae:0d:e9:03:
a6:c2:ba:75:06:82:62:d7:ee:df:1e:89:b9:ff:25:
99:fc:3d:21:e1:fb:e3:3e:33:bc:d6:03:d2:6e:2b:
0f:38:96:9e:a6:c3:8e:7b:4a:08:b2:c8:9e:57:95:
fb:bc:40:66:8c:2b:bb:44:c0:98:d6:f1:f6:7d:30:
63:28:7f:3c:b4:56:ce:ff:5b:0c:28:3b:e4:7f:d3:
5b:d1:3e:42:8c:1e:3e:16:1e:10:7d:6e:17:0d:c3:
11:e9:8e:c0:34:48:d9:b7:c9:3d:63:95:13:81:d0:
3c:30:f5:8b:ff:33:47:0d:50:6b:72:c5:04:3a:97:
27:0e:1b:5f:bd:52:15:6a:89:17:d5:72:09:75:20:
83:ea:98:4b:13:e4:77:63:c5:90:f3:9e:58:a0:f7:
6e:77:a9:f0:4d:bf:27:0d:7f:15:6b:6f:b7:af:7c:
a1:cf:e4:94:01:3c:ed:ee:aa:ba:a2:fb:2b:e7:10:
6e:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:49:58:A1:0E:5F:12:5C:3F:8F:4A:56:3C:8B:EF:7C:5C:E7:07:BC
X509v3 Authority Key Identifier:
keyid:5A:A2:A9:25:47:9B:CF:CB:C1:96:88:A9:52:A2:43:01:F4:E7:68:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WqKpJUebz8vBloipUqJDAfTnaDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/0a030f-abb5-4e37-96a3-b4f120122922/1/WqKpJUebz8vBloipUqJDAfTnaDk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/0a030f-abb5-4e37-96a3-b4f120122922/1/WqKpJUebz8vBloipUqJDAfTnaDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0c:40:80:a7:3b:e6:03:db:b2:d8:03:fb:95:c5:58:79:16:0c:
1c:41:62:c7:84:70:fc:60:4e:da:00:26:d9:a7:bf:4a:9f:68:
b9:68:8c:eb:b9:d2:cc:75:72:98:ec:b0:18:e8:5e:c4:cf:47:
ce:61:ce:6c:5c:55:bb:b0:61:34:35:63:85:7c:3d:5a:ed:ea:
d8:6e:7f:51:49:76:93:ca:86:d9:97:6b:31:d2:4a:5f:27:6e:
7a:f3:ee:97:0d:50:96:b6:c1:bb:cf:65:e9:b8:8c:88:7a:ac:
63:53:a3:f5:4f:53:c3:11:cf:cb:21:af:28:a5:b9:93:5a:68:
1f:72:e9:a8:5d:d9:64:dd:b6:b3:53:a4:78:08:f6:7b:0a:66:
b9:f7:51:cd:d9:6f:9d:0c:70:5f:b6:ba:c0:1d:6f:98:2e:12:
19:60:66:f8:88:2d:04:df:6d:58:24:38:89:fb:2d:d1:5f:46:
57:84:f8:8a:26:35:7c:c8:8d:b2:20:43:53:99:34:58:42:a8:
ce:b9:a8:79:ed:3d:4e:aa:cc:cc:b8:33:5d:e3:43:f0:1d:5b:
19:c1:a4:37:cf:2f:d7:0b:2c:7f:05:6f:8e:df:a4:57:79:52:
a8:51:05:09:6f:b6:85:a2:f7:13:f2:fd:00:4e:b3:74:51:bd:
e9:c4:f8:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n39qpFOiRmWkpOu3rPlj1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhYTJhOTI1NDc5YmNmY2JjMTk2ODhhOTUyYTI0MzAxZjRl
NzY4MzkwHhcNMjYwMzI2MDIwMTE1WhcNMjYwMzI3MDIwMTE1WjAzMTEwLwYDVQQD
EygxNzQ5NThhMTBlNWYxMjVjM2Y4ZjRhNTYzYzhiZWY3YzVjZTcwN2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA21sbildMwGmCJ455hqeALOZJDGjz
0mrZUNtgjqn3yoiMpwfURZFVuUt/PWad2eEBRRJ2szhbZggkwNC2aB2RvRXsddwk
+a4N6QOmwrp1BoJi1+7fHom5/yWZ/D0h4fvjPjO81gPSbisPOJaepsOOe0oIssie
V5X7vEBmjCu7RMCY1vH2fTBjKH88tFbO/1sMKDvkf9Nb0T5CjB4+Fh4QfW4XDcMR
6Y7ANEjZt8k9Y5UTgdA8MPWL/zNHDVBrcsUEOpcnDhtfvVIVaokX1XIJdSCD6phL
E+R3Y8WQ855YoPdud6nwTb8nDX8Va2+3r3yhz+SUATzt7qq6ovsr5xBu5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBdJWKEOXxJcP49KVjyL73xc5we8MB8GA1UdIwQY
MBaAFFqiqSVHm8/LwZaIqVKiQwH052g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3FLcEpVZWJ6OHZCbG9pcFVxSkRBZlRuYURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8wYTAzMGYtYWJiNS00ZTM3LTk2YTMt
YjRmMTIwMTIyOTIyLzEvV3FLcEpVZWJ6OHZCbG9pcFVxSkRBZlRuYURrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8wYTAzMGYtYWJiNS00ZTM3LTk2YTMtYjRmMTIwMTIyOTIy
LzEvV3FLcEpVZWJ6OHZCbG9pcFVxSkRBZlRuYURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADECApzvm
A9uy2AP7lcVYeRYMHEFix4Rw/GBO2gAm2ae/Sp9ouWiM67nSzHVymOywGOhexM9H
zmHObFxVu7BhNDVjhXw9Wu3q2G5/UUl2k8qG2ZdrMdJKXyduevPulw1QlrbBu89l
6biMiHqsY1Oj9U9TwxHPyyGvKKW5k1poH3LpqF3ZZN22s1OkeAj2ewpmufdRzdlv
nQxwX7a6wB1vmC4SGWBm+IgtBN9tWCQ4ifst0V9GV4T4iiY1fMiNsiBDU5k0WEKo
zrmoee09TqrMzLgzXeND8B1bGcGkN88v1wssfwVvjt+kV3lSqFEFCW+2haL3E/L9
AE6zdFG96cT44w==
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:53:54 2026 by rpki-client