Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/2f36b6-d701-4335-af30-48fe633b1b3f/1/QA4H15n7NVyVICXz0nsA6bTuNO0.mft
File: QA4H15n7NVyVICXz0nsA6bTuNO0.mft (raw, json)
Hash identifier: JdJKKSiaXdLljfBL3wwDtKY4aBusrHRtQ4h9mWjac24=
Subject key identifier: 8C:64:C7:D4:23:44:EC:D2:FD:38:BD:02:78:2B:D6:73:96:44:F3:D1
Authority key identifier: 40:0E:07:D7:99:FB:35:5C:95:20:25:F3:D2:7B:00:E9:B4:EE:34:ED
Certificate issuer: /CN=400e07d799fb355c952025f3d27b00e9b4ee34ed
Certificate serial: 019D29CEABC8DA5AD1BEB299DAFB817B4CC3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QA4H15n7NVyVICXz0nsA6bTuNO0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/2f36b6-d701-4335-af30-48fe633b1b3f/1/QA4H15n7NVyVICXz0nsA6bTuNO0.mft
Manifest number: 0AF1
Signing time: Thu 26 Mar 2026 11:01:43 +0000
Manifest this update: Thu 26 Mar 2026 11:01:43 +0000
Manifest next update: Fri 27 Mar 2026 11:01:43 +0000
Files and hashes: 1: QA4H15n7NVyVICXz0nsA6bTuNO0.crl (hash: Cl0epM2e6FqNICZRjerfR/NQPCVeR68cGouJn+6BqN0=)
2: YFsmm4apHvY6ZL8EsMyBPmZGQ-E.roa (hash: QK8FK49xDAR7s4a20/0YVNHlxDPHbZSZvfiRmsUbSrc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/2f36b6-d701-4335-af30-48fe633b1b3f/1/QA4H15n7NVyVICXz0nsA6bTuNO0.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/2f36b6-d701-4335-af30-48fe633b1b3f/1/QA4H15n7NVyVICXz0nsA6bTuNO0.mft
rsync://rpki.ripe.net/repository/DEFAULT/QA4H15n7NVyVICXz0nsA6bTuNO0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 11:01:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:ce:ab:c8:da:5a:d1:be:b2:99:da:fb:81:7b:4c:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=400e07d799fb355c952025f3d27b00e9b4ee34ed
Validity
Not Before: Mar 26 11:01:43 2026 GMT
Not After : Mar 27 11:01:43 2026 GMT
Subject: CN=8c64c7d42344ecd2fd38bd02782bd6739644f3d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:1d:f9:c2:12:ec:bd:64:44:74:c2:28:63:96:
18:60:e5:eb:17:5e:ad:2f:a6:5a:a5:aa:69:87:5f:
8d:47:71:d5:3c:54:6d:f9:9a:78:1e:e5:84:60:91:
00:1e:6e:b2:33:9b:f8:52:aa:6d:a9:7e:28:11:9b:
ac:22:02:f4:66:8b:a3:aa:da:e9:b5:24:2b:9b:cf:
82:a8:a2:2e:ef:5e:e9:53:d0:c1:3a:3f:ce:c3:3c:
90:34:d4:bf:63:f4:15:4d:36:c7:74:29:ce:e3:47:
61:24:bf:78:55:2f:79:3e:e5:63:49:14:23:63:29:
9b:a5:12:6b:af:15:b6:04:cb:41:c4:cb:74:69:51:
28:ca:df:21:72:62:9e:92:8b:a5:2c:5c:d9:2c:ad:
f9:a0:5d:8d:fa:23:9f:c1:8b:ee:af:8f:90:a9:c3:
87:19:24:7b:6c:8a:32:3d:0f:89:a4:df:49:7c:0e:
e3:ea:e4:22:05:47:a4:22:1e:bb:02:dc:92:cb:e3:
bb:22:93:23:f2:7e:da:dd:59:4a:9a:51:4c:38:a1:
26:b7:1a:3d:31:1b:54:f2:03:3b:df:61:e8:20:db:
23:41:d1:95:29:97:9d:e5:49:0f:8e:d9:04:94:d5:
a4:23:f0:c0:c0:10:ef:43:e3:73:36:f4:fe:33:58:
52:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:64:C7:D4:23:44:EC:D2:FD:38:BD:02:78:2B:D6:73:96:44:F3:D1
X509v3 Authority Key Identifier:
keyid:40:0E:07:D7:99:FB:35:5C:95:20:25:F3:D2:7B:00:E9:B4:EE:34:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QA4H15n7NVyVICXz0nsA6bTuNO0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/2f36b6-d701-4335-af30-48fe633b1b3f/1/QA4H15n7NVyVICXz0nsA6bTuNO0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/2f36b6-d701-4335-af30-48fe633b1b3f/1/QA4H15n7NVyVICXz0nsA6bTuNO0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2f:d7:ce:cf:11:56:59:f0:6d:c1:41:1c:1b:23:db:f2:91:24:
f6:e8:35:c0:fe:68:8f:0b:e3:aa:7e:d9:37:18:c5:ab:ea:05:
54:5e:3e:fd:d0:b5:31:31:f0:5d:6c:bb:61:c8:6a:05:34:83:
84:02:a2:87:b0:de:2a:e8:5c:86:e9:44:5e:35:8c:48:51:62:
35:7f:64:44:0e:c8:2c:5e:2a:e4:b6:59:a3:4f:3d:aa:34:57:
2c:21:45:2f:9e:3b:cc:d8:1e:af:d8:cf:15:dc:c0:e6:0e:78:
97:0c:02:70:36:b3:df:a3:89:16:9f:50:c2:3d:b4:9b:47:96:
5d:44:d3:cc:db:02:3f:e8:b6:03:3f:b3:6e:cd:55:af:78:77:
91:76:88:41:0c:75:7f:3a:60:5e:89:22:d1:de:0b:70:72:88:
56:b5:a5:8c:64:1c:f0:cc:b8:dc:b6:2f:c0:a4:0d:63:62:6b:
c6:33:2d:d9:91:7b:ed:e6:1a:f1:13:d5:96:02:92:8d:1b:15:
18:8a:70:e1:b4:52:e6:00:91:3d:0a:74:de:ad:6f:29:62:a5:
ca:f4:89:3b:eb:e5:76:3c:61:75:23:ff:b8:c7:fa:68:6b:35:
3c:09:7b:55:02:61:b9:8c:ac:ed:47:a2:94:8e:bd:32:c7:df:
a5:31:c3:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pzqvI2lrRvrKZ2vuBe0zDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMGUwN2Q3OTlmYjM1NWM5NTIwMjVmM2QyN2IwMGU5YjRl
ZTM0ZWQwHhcNMjYwMzI2MTEwMTQzWhcNMjYwMzI3MTEwMTQzWjAzMTEwLwYDVQQD
Eyg4YzY0YzdkNDIzNDRlY2QyZmQzOGJkMDI3ODJiZDY3Mzk2NDRmM2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6B35whLsvWREdMIoY5YYYOXrF16t
L6Zapapph1+NR3HVPFRt+Zp4HuWEYJEAHm6yM5v4UqptqX4oEZusIgL0Zoujqtrp
tSQrm8+CqKIu717pU9DBOj/OwzyQNNS/Y/QVTTbHdCnO40dhJL94VS95PuVjSRQj
YymbpRJrrxW2BMtBxMt0aVEoyt8hcmKekoulLFzZLK35oF2N+iOfwYvur4+QqcOH
GSR7bIoyPQ+JpN9JfA7j6uQiBUekIh67AtySy+O7IpMj8n7a3VlKmlFMOKEmtxo9
MRtU8gM732HoINsjQdGVKZed5UkPjtkElNWkI/DAwBDvQ+NzNvT+M1hSXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIxkx9QjROzS/Ti9Angr1nOWRPPRMB8GA1UdIwQY
MBaAFEAOB9eZ+zVclSAl89J7AOm07jTtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUE0SDE1bjdOVnlWSUNYejBuc0E2YlR1Tk8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8yZjM2YjYtZDcwMS00MzM1LWFmMzAt
NDhmZTYzM2IxYjNmLzEvUUE0SDE1bjdOVnlWSUNYejBuc0E2YlR1Tk8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8yZjM2YjYtZDcwMS00MzM1LWFmMzAtNDhmZTYzM2IxYjNm
LzEvUUE0SDE1bjdOVnlWSUNYejBuc0E2YlR1Tk8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL9fOzxFW
WfBtwUEcGyPb8pEk9ug1wP5ojwvjqn7ZNxjFq+oFVF4+/dC1MTHwXWy7YchqBTSD
hAKih7DeKuhchulEXjWMSFFiNX9kRA7ILF4q5LZZo089qjRXLCFFL547zNger9jP
FdzA5g54lwwCcDaz36OJFp9Qwj20m0eWXUTTzNsCP+i2Az+zbs1Vr3h3kXaIQQx1
fzpgXoki0d4LcHKIVrWljGQc8My43LYvwKQNY2JrxjMt2ZF77eYa8RPVlgKSjRsV
GIpw4bRS5gCRPQp03q1vKWKlyvSJO+vldjxhdSP/uMf6aGs1PAl7VQJhuYys7Uei
lI69MsffpTHDKQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 20:36:55 2026 by rpki-client