Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft
File: CQKHJW4l-jQNOvungOrGDVVq3sA.mft (raw, json)
Hash identifier: eDkb7sroyeoUhMFBod+GCFBjvSgZv6p1/AK4nvg1rZI=
Subject key identifier: 75:0A:CA:A6:B3:8B:19:53:45:9E:E2:D5:CD:44:22:97:C9:58:1F:59
Authority key identifier: 09:02:87:25:6E:25:FA:34:0D:3A:FB:A7:80:EA:C6:0D:55:6A:DE:C0
Certificate issuer: /CN=090287256e25fa340d3afba780eac60d556adec0
Certificate serial: 019D26CD79255B60C1B415A70591C87D528E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CQKHJW4l-jQNOvungOrGDVVq3sA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft
Manifest number: 0BA3
Signing time: Wed 25 Mar 2026 21:01:33 +0000
Manifest this update: Wed 25 Mar 2026 21:01:33 +0000
Manifest next update: Thu 26 Mar 2026 21:01:33 +0000
Files and hashes: 1: 4TWnkEehYGPz8S3MxMCECSR21Hk.roa (hash: n3+/E4ft5KJ8lIw6jVs8x5Mt/ftJJPREMORWJ+SrYKM=)
2: CQKHJW4l-jQNOvungOrGDVVq3sA.crl (hash: ggJ+nLzhm4rI0XiaaTC68Vbf+3U7Ou5g586dqwhVvKA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft
rsync://rpki.ripe.net/repository/DEFAULT/CQKHJW4l-jQNOvungOrGDVVq3sA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 21:01:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:cd:79:25:5b:60:c1:b4:15:a7:05:91:c8:7d:52:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=090287256e25fa340d3afba780eac60d556adec0
Validity
Not Before: Mar 25 21:01:33 2026 GMT
Not After : Mar 26 21:01:33 2026 GMT
Subject: CN=750acaa6b38b1953459ee2d5cd442297c9581f59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:7a:b2:23:e2:38:6e:be:d6:58:63:65:68:ec:
e9:7a:3d:47:da:c7:95:61:a5:82:71:3f:0a:08:44:
68:40:1e:27:e3:bd:c3:87:72:cc:22:58:42:dc:7d:
c7:db:f3:67:e8:ea:c6:77:3e:1b:ff:0a:a9:77:df:
cf:d3:89:39:94:1d:cd:8a:f7:96:b6:06:50:68:bf:
ca:d6:85:45:8a:49:ec:97:cd:1b:ff:c2:8b:97:a6:
2d:8f:e2:23:b2:65:23:b1:90:09:b7:77:2b:24:25:
57:99:fb:7d:6b:d2:76:16:62:7f:11:81:83:0b:5f:
70:2f:22:94:b6:7d:9d:72:a5:46:b9:cc:1e:e6:d3:
15:b1:d0:7b:3d:90:a3:a5:df:d6:2d:c5:83:be:7b:
58:e4:0c:50:38:c0:09:b2:e7:0b:95:be:de:a9:9f:
05:fa:01:63:ad:67:9b:89:52:5b:21:02:01:30:6d:
b0:70:b4:7e:e7:9a:fb:3d:bc:a3:b5:79:16:2f:a7:
4e:6d:64:aa:23:c4:19:97:55:90:4a:77:66:86:0c:
3c:82:73:81:60:0b:b0:d2:8f:e7:6a:c6:c2:02:90:
7b:3d:99:95:a7:b2:a5:fb:2e:37:b2:b5:62:11:03:
e1:cb:46:31:77:98:70:77:fc:b9:5a:0d:4e:15:60:
36:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:0A:CA:A6:B3:8B:19:53:45:9E:E2:D5:CD:44:22:97:C9:58:1F:59
X509v3 Authority Key Identifier:
keyid:09:02:87:25:6E:25:FA:34:0D:3A:FB:A7:80:EA:C6:0D:55:6A:DE:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CQKHJW4l-jQNOvungOrGDVVq3sA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
39:ed:3b:70:b6:37:20:df:b9:66:d2:b5:96:e9:a9:47:b9:ef:
86:a3:74:07:dc:c3:a5:49:d5:74:df:a3:1b:2d:da:58:48:6c:
db:69:3b:4e:0e:3b:7c:a5:90:73:63:25:d2:a1:28:df:5e:e7:
92:56:b2:34:7b:52:39:99:ef:0d:8f:4e:0c:d7:74:6b:ef:50:
f1:41:96:c9:32:b7:79:6e:83:85:0c:fa:e1:10:31:d7:a0:ef:
83:36:83:8c:ce:6c:d4:25:d6:81:0a:2a:fe:3c:c0:df:f2:14:
f3:6f:65:c9:68:3a:bf:db:38:b4:e2:2b:6a:0b:cf:8c:ca:4f:
97:55:22:11:02:e1:9f:c3:8e:1d:9e:1b:d0:17:c5:c0:c2:08:
c0:62:75:6b:fb:d4:01:c3:8a:71:da:89:a8:89:34:fe:5e:39:
a7:3b:1b:35:c4:41:bb:fd:df:39:ab:19:d7:1c:44:4e:41:86:
02:38:0d:d5:ae:6b:a6:cd:66:a6:9d:25:d7:33:0b:af:6e:37:
6e:6c:be:3f:64:3f:f8:6b:d0:0c:9d:26:8a:c4:33:f8:42:2f:
df:7c:65:14:57:ad:68:cc:b1:a0:2e:05:78:d6:57:03:4f:66:
58:f1:2f:c9:75:dc:07:aa:47:36:71:c3:44:50:ac:0f:ae:f1:
d5:ac:52:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mzXklW2DBtBWnBZHIfVKOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MDI4NzI1NmUyNWZhMzQwZDNhZmJhNzgwZWFjNjBkNTU2
YWRlYzAwHhcNMjYwMzI1MjEwMTMzWhcNMjYwMzI2MjEwMTMzWjAzMTEwLwYDVQQD
Eyg3NTBhY2FhNmIzOGIxOTUzNDU5ZWUyZDVjZDQ0MjI5N2M5NTgxZjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonqyI+I4br7WWGNlaOzpej1H2seV
YaWCcT8KCERoQB4n473Dh3LMIlhC3H3H2/Nn6OrGdz4b/wqpd9/P04k5lB3NiveW
tgZQaL/K1oVFiknsl80b/8KLl6Ytj+IjsmUjsZAJt3crJCVXmft9a9J2FmJ/EYGD
C19wLyKUtn2dcqVGucwe5tMVsdB7PZCjpd/WLcWDvntY5AxQOMAJsucLlb7eqZ8F
+gFjrWebiVJbIQIBMG2wcLR+55r7PbyjtXkWL6dObWSqI8QZl1WQSndmhgw8gnOB
YAuw0o/nasbCApB7PZmVp7Kl+y43srViEQPhy0Yxd5hwd/y5Wg1OFWA25QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHUKyqazixlTRZ7i1c1EIpfJWB9ZMB8GA1UdIwQY
MBaAFAkChyVuJfo0DTr7p4Dqxg1Vat7AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1FLSEpXNGwtalFOT3Z1bmdPckdEVlZxM3NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC81YjBmZjUtODRjMy00OWJiLTlmYWIt
NzdiMjFjMDRiYzdkLzEvQ1FLSEpXNGwtalFOT3Z1bmdPckdEVlZxM3NBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC81YjBmZjUtODRjMy00OWJiLTlmYWItNzdiMjFjMDRiYzdk
LzEvQ1FLSEpXNGwtalFOT3Z1bmdPckdEVlZxM3NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOe07cLY3
IN+5ZtK1lumpR7nvhqN0B9zDpUnVdN+jGy3aWEhs22k7Tg47fKWQc2Ml0qEo317n
klayNHtSOZnvDY9ODNd0a+9Q8UGWyTK3eW6DhQz64RAx16DvgzaDjM5s1CXWgQoq
/jzA3/IU829lyWg6v9s4tOIragvPjMpPl1UiEQLhn8OOHZ4b0BfFwMIIwGJ1a/vU
AcOKcdqJqIk0/l45pzsbNcRBu/3fOasZ1xxETkGGAjgN1a5rps1mpp0l1zMLr243
bmy+P2Q/+GvQDJ0misQz+EIv33xlFFetaMyxoC4FeNZXA09mWPEvyXXcB6pHNnHD
RFCsD67x1axSxA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 03:36:16 2026 by rpki-client