Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/f42ab1-1089-4b14-b2f9-17bf066da4c5/1/qDOwgB1A0FhJBy4vyBITsCXSorw.mft
File: qDOwgB1A0FhJBy4vyBITsCXSorw.mft (raw, json)
Hash identifier: AeYnQEmT1t7fXCzGg3vSiFDTzzwJZHknWpP3gCdfWZw=
Subject key identifier: 52:05:75:CD:8F:CA:7B:BA:1A:9A:7C:A2:39:7A:96:9B:19:F5:31:CD
Authority key identifier: A8:33:B0:80:1D:40:D0:58:49:07:2E:2F:C8:12:13:B0:25:D2:A2:BC
Certificate issuer: /CN=a833b0801d40d05849072e2fc81213b025d2a2bc
Certificate serial: 019D277251479097DD215E84266B3B9CD1FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qDOwgB1A0FhJBy4vyBITsCXSorw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/f42ab1-1089-4b14-b2f9-17bf066da4c5/1/qDOwgB1A0FhJBy4vyBITsCXSorw.mft
Manifest number: 023A
Signing time: Thu 26 Mar 2026 00:01:36 +0000
Manifest this update: Thu 26 Mar 2026 00:01:36 +0000
Manifest next update: Fri 27 Mar 2026 00:01:36 +0000
Files and hashes: 1: 8dx6CDeeDv1yQZPzxZW_CCsiWuI.roa (hash: d7H5FvAS5k9Xu18WJ58VOwYw00U/ixBu9RyNPrcPus0=)
2: qDOwgB1A0FhJBy4vyBITsCXSorw.crl (hash: W9fZ505ZKs5JOexoML0TwqsgjF8vIg/ExVqUCPgvkI0=)
3: vZtaog6rpuNltteEkdUJlHMVrcw.roa (hash: 7RtaWZDq5AUONnDyPCbjKsuXwOlICNTJNhflkjZkwLY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/f42ab1-1089-4b14-b2f9-17bf066da4c5/1/qDOwgB1A0FhJBy4vyBITsCXSorw.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/f42ab1-1089-4b14-b2f9-17bf066da4c5/1/qDOwgB1A0FhJBy4vyBITsCXSorw.mft
rsync://rpki.ripe.net/repository/DEFAULT/qDOwgB1A0FhJBy4vyBITsCXSorw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:72:51:47:90:97:dd:21:5e:84:26:6b:3b:9c:d1:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a833b0801d40d05849072e2fc81213b025d2a2bc
Validity
Not Before: Mar 26 00:01:36 2026 GMT
Not After : Mar 27 00:01:36 2026 GMT
Subject: CN=520575cd8fca7bba1a9a7ca2397a969b19f531cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:34:1d:87:26:84:dd:fe:34:5b:97:f3:27:14:
a5:b2:12:30:c9:b1:d6:85:99:0a:35:f7:b7:92:36:
45:3c:4d:29:de:be:1c:1e:8a:d6:7c:3a:c6:dc:14:
07:52:22:8d:a5:f1:73:70:38:b6:e2:8c:e6:fd:9d:
e5:1c:d7:94:e5:36:b2:ef:59:2a:f8:33:eb:2f:7e:
3e:fb:a6:06:27:73:f8:d4:d7:8a:75:75:72:8a:bc:
aa:e8:b6:cb:4c:2e:e8:c2:93:bd:28:7d:7a:ca:30:
25:22:c8:23:a5:29:02:6c:7c:2a:92:18:36:bf:07:
ee:01:82:69:58:8f:d6:fb:62:03:a1:54:5a:6c:54:
0d:e4:74:9d:41:2e:5d:4e:ad:5a:e9:70:c7:a7:b9:
a6:8f:7b:6b:75:5a:5a:1f:58:32:0f:b1:60:3d:93:
72:34:2f:ef:aa:94:18:ce:74:9a:45:40:0e:ac:39:
71:ad:06:4f:8c:3f:21:8c:7e:ec:82:06:b6:3c:17:
aa:0b:06:fe:fa:54:f8:6d:56:33:37:f2:30:83:61:
54:da:1d:b4:99:40:2e:46:0b:f3:57:f8:0c:91:dc:
e9:e7:22:bb:d1:8a:e7:6e:2b:92:b8:f7:0c:d9:46:
0c:25:73:e6:91:39:1c:87:de:e9:f6:1e:10:77:c1:
40:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:05:75:CD:8F:CA:7B:BA:1A:9A:7C:A2:39:7A:96:9B:19:F5:31:CD
X509v3 Authority Key Identifier:
keyid:A8:33:B0:80:1D:40:D0:58:49:07:2E:2F:C8:12:13:B0:25:D2:A2:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qDOwgB1A0FhJBy4vyBITsCXSorw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/f42ab1-1089-4b14-b2f9-17bf066da4c5/1/qDOwgB1A0FhJBy4vyBITsCXSorw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/f42ab1-1089-4b14-b2f9-17bf066da4c5/1/qDOwgB1A0FhJBy4vyBITsCXSorw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
33:97:3a:46:03:c3:64:45:f3:7f:67:e0:25:54:67:34:b0:0a:
a0:3c:d4:6c:dc:cf:13:57:b2:a0:16:4d:48:ad:ec:96:cf:b3:
6e:f7:80:53:38:6f:8c:65:c9:9d:6d:64:94:f7:0b:01:ae:32:
de:1f:c7:77:6e:a3:c8:a8:b0:10:91:90:f9:6d:44:df:4a:3e:
14:07:ab:0a:f7:b4:10:7c:b7:16:b5:70:99:0b:ee:64:eb:e1:
c0:0c:5c:4a:1c:63:93:c3:fb:de:86:2b:8f:a9:1f:ff:c3:c6:
c8:8c:ae:75:cd:2e:db:fa:dd:c1:de:d4:79:7f:fe:15:f8:b0:
99:b4:b9:87:af:66:0e:73:d0:78:c8:a5:3e:8a:f8:f5:46:ee:
17:45:f0:30:a2:cd:06:0f:e8:e3:2e:a7:70:0a:47:a4:dd:a9:
8b:bd:63:1f:93:a3:3e:a9:01:5b:34:9f:e5:96:29:99:3c:68:
df:65:f6:5e:6f:7f:40:a8:77:23:5e:c2:e2:1c:35:56:f9:74:
2e:3c:ae:4f:f2:6a:a3:a7:b4:fe:65:bc:86:8e:ff:da:28:50:
30:7b:cd:bc:da:e5:15:cb:b5:8a:21:b1:00:23:4f:cc:10:5c:
68:3a:17:f8:ad:ac:98:3a:96:7c:c2:f9:41:7b:b0:b4:d2:0c:
1d:3b:58:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nclFHkJfdIV6EJms7nNH6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MzNiMDgwMWQ0MGQwNTg0OTA3MmUyZmM4MTIxM2IwMjVk
MmEyYmMwHhcNMjYwMzI2MDAwMTM2WhcNMjYwMzI3MDAwMTM2WjAzMTEwLwYDVQQD
Eyg1MjA1NzVjZDhmY2E3YmJhMWE5YTdjYTIzOTdhOTY5YjE5ZjUzMWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTQdhyaE3f40W5fzJxSlshIwybHW
hZkKNfe3kjZFPE0p3r4cHorWfDrG3BQHUiKNpfFzcDi24ozm/Z3lHNeU5Tay71kq
+DPrL34++6YGJ3P41NeKdXVyiryq6LbLTC7owpO9KH16yjAlIsgjpSkCbHwqkhg2
vwfuAYJpWI/W+2IDoVRabFQN5HSdQS5dTq1a6XDHp7mmj3trdVpaH1gyD7FgPZNy
NC/vqpQYznSaRUAOrDlxrQZPjD8hjH7sgga2PBeqCwb++lT4bVYzN/Iwg2FU2h20
mUAuRgvzV/gMkdzp5yK70YrnbiuSuPcM2UYMJXPmkTkch97p9h4Qd8FAUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFIFdc2Pynu6Gpp8ojl6lpsZ9THNMB8GA1UdIwQY
MBaAFKgzsIAdQNBYSQcuL8gSE7Al0qK8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcURPd2dCMUEwRmhKQnk0dnlCSVRzQ1hTb3J3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9mNDJhYjEtMTA4OS00YjE0LWIyZjkt
MTdiZjA2NmRhNGM1LzEvcURPd2dCMUEwRmhKQnk0dnlCSVRzQ1hTb3J3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9mNDJhYjEtMTA4OS00YjE0LWIyZjktMTdiZjA2NmRhNGM1
LzEvcURPd2dCMUEwRmhKQnk0dnlCSVRzQ1hTb3J3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM5c6RgPD
ZEXzf2fgJVRnNLAKoDzUbNzPE1eyoBZNSK3sls+zbveAUzhvjGXJnW1klPcLAa4y
3h/Hd26jyKiwEJGQ+W1E30o+FAerCve0EHy3FrVwmQvuZOvhwAxcShxjk8P73oYr
j6kf/8PGyIyudc0u2/rdwd7UeX/+FfiwmbS5h69mDnPQeMilPor49UbuF0XwMKLN
Bg/o4y6ncApHpN2pi71jH5OjPqkBWzSf5ZYpmTxo32X2Xm9/QKh3I17C4hw1Vvl0
LjyuT/Jqo6e0/mW8ho7/2ihQMHvNvNrlFcu1iiGxACNPzBBcaDoX+K2smDqWfML5
QXuwtNIMHTtYDA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:24:16 2026 by rpki-client