Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/438008-338d-4c31-97c5-4cb97076cff2/1/QwPxM011rEMsDKp404mnDAnBLKY.mft
File: QwPxM011rEMsDKp404mnDAnBLKY.mft (raw, json)
Hash identifier: 0f1ZJWA57W5blwOtY29BElab20jx+TnpqrF8aqsK9Mw=
Subject key identifier: D8:04:38:3C:BD:61:0E:CC:15:FD:95:A8:DB:44:04:A5:98:70:73:FD
Authority key identifier: 43:03:F1:33:4D:75:AC:43:2C:0C:AA:78:D3:89:A7:0C:09:C1:2C:A6
Certificate issuer: /CN=4303f1334d75ac432c0caa78d389a70c09c12ca6
Certificate serial: 019D273AAA56BB04F8142C9E40C703888FA6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwPxM011rEMsDKp404mnDAnBLKY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/438008-338d-4c31-97c5-4cb97076cff2/1/QwPxM011rEMsDKp404mnDAnBLKY.mft
Manifest number: 03DC
Signing time: Wed 25 Mar 2026 23:00:49 +0000
Manifest this update: Wed 25 Mar 2026 23:00:49 +0000
Manifest next update: Thu 26 Mar 2026 23:00:49 +0000
Files and hashes: 1: 3R5g76dVvoZ3hbqttjNUSKbFIB0.roa (hash: rtDmg5+SMVya5wLcSYnXovjRonU3uTPe2cR9Qa4/bgU=)
2: QwPxM011rEMsDKp404mnDAnBLKY.crl (hash: 60FLERSBJZrxZLGAAGuUG8cdM201X3pazNjw5nsD2bs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/438008-338d-4c31-97c5-4cb97076cff2/1/QwPxM011rEMsDKp404mnDAnBLKY.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/438008-338d-4c31-97c5-4cb97076cff2/1/QwPxM011rEMsDKp404mnDAnBLKY.mft
rsync://rpki.ripe.net/repository/DEFAULT/QwPxM011rEMsDKp404mnDAnBLKY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:3a:aa:56:bb:04:f8:14:2c:9e:40:c7:03:88:8f:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4303f1334d75ac432c0caa78d389a70c09c12ca6
Validity
Not Before: Mar 25 23:00:49 2026 GMT
Not After : Mar 26 23:00:49 2026 GMT
Subject: CN=d804383cbd610ecc15fd95a8db4404a5987073fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:56:b3:d5:4c:91:84:31:4f:ff:69:80:82:71:
11:d5:ae:5f:30:64:c7:df:e3:41:6e:31:45:b9:82:
69:a1:82:17:33:a5:ea:d6:2d:92:3f:e3:3e:2b:d6:
d3:c6:1f:c8:85:e3:6d:5a:9e:5d:b6:cb:0e:99:39:
5e:87:16:06:08:9a:e2:76:c9:85:21:60:39:a4:eb:
ae:0e:61:95:c6:e0:bb:fd:0e:a7:c4:c7:75:e3:2d:
b7:3c:f0:f9:b6:f6:e3:15:da:30:6e:c9:61:b0:33:
03:39:47:58:bb:f5:5d:1e:39:96:5f:58:e5:d5:c6:
05:8b:eb:61:6c:98:90:98:72:6e:6a:b8:30:32:a6:
65:b8:d6:17:3f:12:ec:21:8b:f0:72:e0:79:a6:ca:
b2:e6:8f:66:48:36:8a:32:7c:40:77:b1:d2:8b:4b:
1c:cf:c7:77:cf:01:c8:e8:dc:5b:5e:01:10:0d:f9:
09:e9:b1:19:f8:3a:23:d4:40:98:5f:4b:a0:fd:d3:
d4:55:b9:a6:b5:65:d9:aa:02:46:77:ca:40:f4:25:
0f:ca:5a:d2:0b:8a:89:7c:43:5b:cf:4e:c5:f6:de:
0e:68:2d:54:58:36:fe:8c:45:9d:ad:e3:75:51:2c:
4a:c0:11:74:2f:6d:02:0a:b4:f6:69:a5:4c:fc:c0:
a0:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:04:38:3C:BD:61:0E:CC:15:FD:95:A8:DB:44:04:A5:98:70:73:FD
X509v3 Authority Key Identifier:
keyid:43:03:F1:33:4D:75:AC:43:2C:0C:AA:78:D3:89:A7:0C:09:C1:2C:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwPxM011rEMsDKp404mnDAnBLKY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/438008-338d-4c31-97c5-4cb97076cff2/1/QwPxM011rEMsDKp404mnDAnBLKY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/438008-338d-4c31-97c5-4cb97076cff2/1/QwPxM011rEMsDKp404mnDAnBLKY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a4:2f:a4:7c:bd:ec:c9:fd:1c:9d:9e:18:c4:75:77:4a:1e:6e:
9b:14:7b:4c:b5:fd:de:e2:e5:74:1e:45:d2:23:28:b2:6a:1a:
b6:f1:4c:e2:3d:39:20:43:68:cd:21:26:61:6f:81:c7:c7:26:
b6:d2:55:ba:bd:41:cb:a0:02:8b:aa:8e:b3:24:09:27:99:c5:
39:70:a3:21:29:ca:1a:ab:b0:a1:70:ab:d9:00:a6:3d:86:0a:
59:90:41:cd:72:cf:07:4e:9a:0e:cf:11:23:a5:c7:09:ef:86:
d3:d2:14:5b:b6:df:bf:d2:de:38:2f:c3:49:67:c5:d9:a4:72:
06:56:67:82:55:37:ca:3f:66:4e:7b:bd:10:0e:26:aa:de:64:
46:21:d1:3b:60:ce:33:2f:9a:1c:be:ed:3d:c7:06:18:9a:ab:
1f:df:3d:b4:32:e0:7b:1a:e4:9d:38:68:72:c5:70:90:48:ad:
bf:7a:94:24:b8:1b:1b:1b:72:b9:92:cf:e8:f4:24:44:e3:43:
61:15:07:0f:ab:ad:6e:7d:35:73:4e:68:5c:9c:c8:b3:a7:e9:
5a:ec:91:a7:d0:d8:60:4e:e1:ef:bf:9b:83:25:b5:cd:f4:6e:
c8:60:61:86:10:63:b3:34:ab:b4:76:50:59:3a:a0:db:39:ae:
80:c7:39:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nOqpWuwT4FCyeQMcDiI+mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDNmMTMzNGQ3NWFjNDMyYzBjYWE3OGQzODlhNzBjMDlj
MTJjYTYwHhcNMjYwMzI1MjMwMDQ5WhcNMjYwMzI2MjMwMDQ5WjAzMTEwLwYDVQQD
EyhkODA0MzgzY2JkNjEwZWNjMTVmZDk1YThkYjQ0MDRhNTk4NzA3M2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFaz1UyRhDFP/2mAgnER1a5fMGTH
3+NBbjFFuYJpoYIXM6Xq1i2SP+M+K9bTxh/IheNtWp5dtssOmTlehxYGCJridsmF
IWA5pOuuDmGVxuC7/Q6nxMd14y23PPD5tvbjFdowbslhsDMDOUdYu/VdHjmWX1jl
1cYFi+thbJiQmHJuargwMqZluNYXPxLsIYvwcuB5psqy5o9mSDaKMnxAd7HSi0sc
z8d3zwHI6NxbXgEQDfkJ6bEZ+Doj1ECYX0ug/dPUVbmmtWXZqgJGd8pA9CUPylrS
C4qJfENbz07F9t4OaC1UWDb+jEWdreN1USxKwBF0L20CCrT2aaVM/MCghwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNgEODy9YQ7MFf2VqNtEBKWYcHP9MB8GA1UdIwQY
MBaAFEMD8TNNdaxDLAyqeNOJpwwJwSymMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdQeE0wMTFyRU1zREtwNDA0bW5EQW5CTEtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS80MzgwMDgtMzM4ZC00YzMxLTk3YzUt
NGNiOTcwNzZjZmYyLzEvUXdQeE0wMTFyRU1zREtwNDA0bW5EQW5CTEtZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS80MzgwMDgtMzM4ZC00YzMxLTk3YzUtNGNiOTcwNzZjZmYy
LzEvUXdQeE0wMTFyRU1zREtwNDA0bW5EQW5CTEtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApC+kfL3s
yf0cnZ4YxHV3Sh5umxR7TLX93uLldB5F0iMosmoatvFM4j05IENozSEmYW+Bx8cm
ttJVur1By6ACi6qOsyQJJ5nFOXCjISnKGquwoXCr2QCmPYYKWZBBzXLPB06aDs8R
I6XHCe+G09IUW7bfv9LeOC/DSWfF2aRyBlZnglU3yj9mTnu9EA4mqt5kRiHRO2DO
My+aHL7tPccGGJqrH989tDLgexrknThocsVwkEitv3qUJLgbGxtyuZLP6PQkROND
YRUHD6utbn01c05oXJzIs6fpWuyRp9DYYE7h77+bgyW1zfRuyGBhhhBjszSrtHZQ
WTqg2zmugMc5Zg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:16:30 2026 by rpki-client