Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/f42ab1-1089-4b14-b2f9-17bf066da4c5/1/qDOwgB1A0FhJBy4vyBITsCXSorw.mft
File: qDOwgB1A0FhJBy4vyBITsCXSorw.mft (raw, json)
Hash identifier: 7SCtXpiiokEv3qMXxZnecvPxHQgkc/vV9r8d1fVNUFU=
Subject key identifier: 8A:A9:AB:F1:62:49:B4:E2:6D:02:E8:28:0A:A0:26:93:22:76:EE:9D
Authority key identifier: A8:33:B0:80:1D:40:D0:58:49:07:2E:2F:C8:12:13:B0:25:D2:A2:BC
Certificate issuer: /CN=a833b0801d40d05849072e2fc81213b025d2a2bc
Certificate serial: 019D2B4E6F43EEE9086CDBC9B879C692A9D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qDOwgB1A0FhJBy4vyBITsCXSorw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/f42ab1-1089-4b14-b2f9-17bf066da4c5/1/qDOwgB1A0FhJBy4vyBITsCXSorw.mft
Manifest number: 023C
Signing time: Thu 26 Mar 2026 18:00:53 +0000
Manifest this update: Thu 26 Mar 2026 18:00:53 +0000
Manifest next update: Fri 27 Mar 2026 18:00:53 +0000
Files and hashes: 1: 8dx6CDeeDv1yQZPzxZW_CCsiWuI.roa (hash: d7H5FvAS5k9Xu18WJ58VOwYw00U/ixBu9RyNPrcPus0=)
2: qDOwgB1A0FhJBy4vyBITsCXSorw.crl (hash: thYvJdgPdy/M+nz9f7AjgKINzZ7fFcS9CgV7ygs1wuk=)
3: vZtaog6rpuNltteEkdUJlHMVrcw.roa (hash: 7RtaWZDq5AUONnDyPCbjKsuXwOlICNTJNhflkjZkwLY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/f42ab1-1089-4b14-b2f9-17bf066da4c5/1/qDOwgB1A0FhJBy4vyBITsCXSorw.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/f42ab1-1089-4b14-b2f9-17bf066da4c5/1/qDOwgB1A0FhJBy4vyBITsCXSorw.mft
rsync://rpki.ripe.net/repository/DEFAULT/qDOwgB1A0FhJBy4vyBITsCXSorw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 18:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2b:4e:6f:43:ee:e9:08:6c:db:c9:b8:79:c6:92:a9:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a833b0801d40d05849072e2fc81213b025d2a2bc
Validity
Not Before: Mar 26 18:00:53 2026 GMT
Not After : Mar 27 18:00:53 2026 GMT
Subject: CN=8aa9abf16249b4e26d02e8280aa026932276ee9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:66:ed:8a:cc:3f:76:ed:1e:5f:fd:44:1f:34:
8e:bd:e1:57:e0:21:dc:92:fd:e9:e0:98:6a:cf:c8:
5a:d3:bd:d1:38:e3:bc:ab:74:aa:8b:59:72:42:46:
5c:56:ad:ae:8a:06:01:89:4f:8d:98:57:06:5c:36:
03:7f:7a:14:e5:13:be:59:39:d8:da:ee:a7:5a:fc:
8d:32:d4:b9:f2:cb:29:9c:46:ef:e4:36:af:9e:38:
17:21:5f:55:d4:fa:d2:ea:e0:fa:7c:ad:b0:6d:71:
c6:8b:58:13:73:eb:8a:47:44:c8:7a:fd:27:98:f0:
85:73:e0:1d:03:fd:2d:09:3e:47:fc:83:1b:62:0d:
95:b0:19:75:d1:66:72:c5:4c:48:28:dc:25:69:db:
db:3d:bf:b2:21:af:98:c8:f6:d0:45:04:9c:fe:4a:
f4:75:f6:94:ee:e0:99:79:d6:22:02:7d:cf:92:61:
c1:d7:b8:ed:fb:7e:e1:82:e9:f4:49:e5:a3:cd:11:
3d:66:f7:ef:52:40:38:ed:e6:c2:b7:4a:40:de:e6:
07:d3:26:48:52:50:f6:0d:c9:34:ca:6b:a7:b5:8b:
8e:70:9b:39:c5:5f:61:6e:1e:1b:24:07:d1:11:26:
b3:0b:91:13:70:9b:db:36:d8:c9:18:af:8b:f4:6f:
b0:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:A9:AB:F1:62:49:B4:E2:6D:02:E8:28:0A:A0:26:93:22:76:EE:9D
X509v3 Authority Key Identifier:
keyid:A8:33:B0:80:1D:40:D0:58:49:07:2E:2F:C8:12:13:B0:25:D2:A2:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qDOwgB1A0FhJBy4vyBITsCXSorw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/f42ab1-1089-4b14-b2f9-17bf066da4c5/1/qDOwgB1A0FhJBy4vyBITsCXSorw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/f42ab1-1089-4b14-b2f9-17bf066da4c5/1/qDOwgB1A0FhJBy4vyBITsCXSorw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
85:29:d8:29:31:be:09:0e:1c:9b:58:c3:d5:ed:a3:e5:b6:bb:
6d:e8:23:2a:be:92:98:b9:e6:af:d2:a2:3f:19:7a:e1:99:45:
99:ed:f7:d2:8e:ef:b2:cd:38:d0:dc:c4:a7:0c:a2:55:12:b1:
1a:26:85:4c:6a:0e:a9:db:75:15:4b:ca:34:5f:4c:ac:fe:45:
e5:be:74:04:98:81:df:9e:0b:44:97:73:94:7f:2d:c8:0c:68:
c5:b1:56:d3:f6:c4:f5:71:8c:46:fe:39:f2:1b:a1:06:b0:b6:
91:8b:9d:38:df:d9:ae:51:c9:c0:e7:ae:2d:f7:04:70:93:34:
6c:08:97:5b:42:f7:09:c3:f6:a4:4f:42:cf:34:7e:fd:1a:9f:
90:f2:e9:21:02:4e:79:27:ab:6f:a6:ec:f7:b5:d4:9f:b4:52:
93:61:3a:e8:7c:b7:79:31:db:a1:a9:c3:76:4d:bc:6c:9a:ea:
20:70:31:51:0d:c6:84:bc:0c:95:c2:60:d8:18:be:94:00:10:
65:fd:b8:3e:57:4b:c5:74:c6:a4:55:70:9f:8f:81:7e:06:14:
6f:33:ce:9a:e8:8c:dd:8f:47:d5:a4:a5:9b:ae:7f:85:33:7d:
87:19:4d:44:21:48:1b:85:8e:b9:04:e8:89:17:2e:8e:ee:9b:
cb:04:fb:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0rTm9D7ukIbNvJuHnGkqnRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MzNiMDgwMWQ0MGQwNTg0OTA3MmUyZmM4MTIxM2IwMjVk
MmEyYmMwHhcNMjYwMzI2MTgwMDUzWhcNMjYwMzI3MTgwMDUzWjAzMTEwLwYDVQQD
Eyg4YWE5YWJmMTYyNDliNGUyNmQwMmU4MjgwYWEwMjY5MzIyNzZlZTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA72btisw/du0eX/1EHzSOveFX4CHc
kv3p4Jhqz8ha073ROOO8q3Sqi1lyQkZcVq2uigYBiU+NmFcGXDYDf3oU5RO+WTnY
2u6nWvyNMtS58sspnEbv5DavnjgXIV9V1PrS6uD6fK2wbXHGi1gTc+uKR0TIev0n
mPCFc+AdA/0tCT5H/IMbYg2VsBl10WZyxUxIKNwladvbPb+yIa+YyPbQRQSc/kr0
dfaU7uCZedYiAn3PkmHB17jt+37hgun0SeWjzRE9ZvfvUkA47ebCt0pA3uYH0yZI
UlD2Dck0ymuntYuOcJs5xV9hbh4bJAfRESazC5ETcJvbNtjJGK+L9G+w3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIqpq/FiSbTibQLoKAqgJpMidu6dMB8GA1UdIwQY
MBaAFKgzsIAdQNBYSQcuL8gSE7Al0qK8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcURPd2dCMUEwRmhKQnk0dnlCSVRzQ1hTb3J3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9mNDJhYjEtMTA4OS00YjE0LWIyZjkt
MTdiZjA2NmRhNGM1LzEvcURPd2dCMUEwRmhKQnk0dnlCSVRzQ1hTb3J3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9mNDJhYjEtMTA4OS00YjE0LWIyZjktMTdiZjA2NmRhNGM1
LzEvcURPd2dCMUEwRmhKQnk0dnlCSVRzQ1hTb3J3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhSnYKTG+
CQ4cm1jD1e2j5ba7begjKr6SmLnmr9KiPxl64ZlFme330o7vss040NzEpwyiVRKx
GiaFTGoOqdt1FUvKNF9MrP5F5b50BJiB354LRJdzlH8tyAxoxbFW0/bE9XGMRv45
8huhBrC2kYudON/ZrlHJwOeuLfcEcJM0bAiXW0L3CcP2pE9CzzR+/RqfkPLpIQJO
eSerb6bs97XUn7RSk2E66Hy3eTHboanDdk28bJrqIHAxUQ3GhLwMlcJg2Bi+lAAQ
Zf24PldLxXTGpFVwn4+BfgYUbzPOmuiM3Y9H1aSlm65/hTN9hxlNRCFIG4WOuQTo
iRcuju6bywT7WA==
-----END CERTIFICATE-----
Generated at Fri Mar 27 03:36:53 2026 by rpki-client