Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/QHznj0rDupAqDDjcAaDF8hJlGbA.mft
File: QHznj0rDupAqDDjcAaDF8hJlGbA.mft (raw, json)
Hash identifier: DEe+/OzUma+5OXk9nVx7UFk30dwgrMBShGJMH4lU2HE=
Subject key identifier: 7C:19:35:A2:CA:22:9E:63:F0:82:46:58:E6:4C:D4:82:BF:87:F8:94
Authority key identifier: 40:7C:E7:8F:4A:C3:BA:90:2A:0C:38:DC:01:A0:C5:F2:12:65:19:B0
Certificate issuer: /CN=407ce78f4ac3ba902a0c38dc01a0c5f2126519b0
Certificate serial: 019D28BBD7ADCAC5499D6EBCD9EFB9BE2E84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QHznj0rDupAqDDjcAaDF8hJlGbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/QHznj0rDupAqDDjcAaDF8hJlGbA.mft
Manifest number: 0CF5
Signing time: Thu 26 Mar 2026 06:01:32 +0000
Manifest this update: Thu 26 Mar 2026 06:01:32 +0000
Manifest next update: Fri 27 Mar 2026 06:01:32 +0000
Files and hashes: 1: QHznj0rDupAqDDjcAaDF8hJlGbA.crl (hash: zMRE6DVWqZq8rjemZqFqOG+G+KF8E/qk043xj1pyrQM=)
2: UKN4qXdB5emZZX9TzM0PF4jJuRs.roa (hash: Y842Sm+wv4FkMHDbdNeBmo19SEMhJtIByCHRBpFd6qo=)
3: qOyavHaQUzWIgFJKhwDzN8qp-NU.roa (hash: 6+GcU7ai/o4JeNdvfA796blKNzslNJ8s8dxyOTcoPxA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/QHznj0rDupAqDDjcAaDF8hJlGbA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/QHznj0rDupAqDDjcAaDF8hJlGbA.mft
rsync://rpki.ripe.net/repository/DEFAULT/QHznj0rDupAqDDjcAaDF8hJlGbA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:bb:d7:ad:ca:c5:49:9d:6e:bc:d9:ef:b9:be:2e:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=407ce78f4ac3ba902a0c38dc01a0c5f2126519b0
Validity
Not Before: Mar 26 06:01:32 2026 GMT
Not After : Mar 27 06:01:32 2026 GMT
Subject: CN=7c1935a2ca229e63f0824658e64cd482bf87f894
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:ea:d3:86:bd:1c:d1:98:9f:1e:07:fc:64:2c:
0e:c9:38:23:a5:f2:72:51:63:96:8f:e2:43:b4:82:
eb:c5:83:80:67:ce:ca:8a:64:e6:80:94:46:bb:58:
ed:11:a6:f1:f9:af:52:d0:e7:12:d6:80:47:7b:57:
df:85:b3:9c:95:9f:59:7b:32:1f:78:b1:0d:22:6f:
e1:3f:93:b1:14:bb:81:44:2d:fc:d9:d1:e1:1e:82:
51:d4:3c:74:05:6e:f2:2e:c8:8e:d9:05:48:1d:0b:
46:50:e8:0c:a7:5b:91:16:41:43:21:8c:2f:e1:bd:
4c:f0:83:18:d1:a9:15:f8:89:0a:8a:66:0e:70:93:
97:82:72:a5:55:67:00:65:ce:f8:06:cc:35:44:33:
6d:c4:6a:a4:50:b2:f0:aa:f6:e5:66:25:ab:95:26:
65:80:fe:64:fd:e9:9c:09:63:0c:75:4d:78:e4:6e:
36:ea:56:03:f3:7a:45:0b:19:5e:2b:67:75:74:2d:
d2:5f:fc:08:1c:92:87:d7:da:bc:09:45:55:ca:a3:
55:58:cf:be:23:2e:c2:49:67:3f:0d:ce:f8:57:8f:
b8:5c:1d:9c:b4:53:73:6d:a4:dd:85:1d:fd:a7:3c:
a4:91:a8:48:bc:14:78:be:20:4f:4b:d5:20:4a:08:
a4:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:19:35:A2:CA:22:9E:63:F0:82:46:58:E6:4C:D4:82:BF:87:F8:94
X509v3 Authority Key Identifier:
keyid:40:7C:E7:8F:4A:C3:BA:90:2A:0C:38:DC:01:A0:C5:F2:12:65:19:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QHznj0rDupAqDDjcAaDF8hJlGbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/QHznj0rDupAqDDjcAaDF8hJlGbA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/QHznj0rDupAqDDjcAaDF8hJlGbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
06:af:4d:8b:28:3f:fd:b7:6d:fd:48:8d:88:ac:d5:9d:17:15:
df:1a:8d:8e:c4:1b:23:9c:90:88:00:60:8f:c4:5a:c8:ea:68:
e9:df:fa:5a:82:be:2c:d6:93:6c:0b:9a:43:2b:42:af:cf:63:
29:58:df:03:1a:f2:9b:5a:e1:3b:a4:4f:22:77:9a:75:60:27:
bf:c8:34:53:a1:08:38:a2:d8:53:8a:3a:20:d7:5a:05:41:ce:
21:9d:8b:ba:70:df:4a:13:24:3d:c9:58:17:6e:6c:cb:4a:f5:
27:b1:7e:e5:7d:c0:70:07:9a:82:6a:9d:e0:4c:bd:6c:d6:72:
29:c0:e8:f8:dc:3f:15:f6:f4:97:f7:93:80:b8:ae:62:e8:ed:
f6:5b:0e:e5:a1:46:a2:23:32:5e:d1:b5:c3:d3:a8:8e:f2:f2:
1d:b9:bf:55:47:01:7c:8c:23:c6:7a:43:01:e3:40:64:51:40:
fa:07:97:ea:a0:80:c4:99:9d:4f:f1:ea:7e:d4:b0:13:47:bf:
f1:e0:af:ab:82:53:fa:5b:9f:a7:41:f3:66:1c:0a:30:63:a4:
94:f6:1b:8f:54:30:d8:84:ce:61:15:6d:1f:b7:b1:58:2b:51:
c5:cc:fc:65:2c:d6:da:44:9d:02:73:86:c5:8b:57:af:5c:25:
f3:6f:b7:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ou9etysVJnW682e+5vi6EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwN2NlNzhmNGFjM2JhOTAyYTBjMzhkYzAxYTBjNWYyMTI2
NTE5YjAwHhcNMjYwMzI2MDYwMTMyWhcNMjYwMzI3MDYwMTMyWjAzMTEwLwYDVQQD
Eyg3YzE5MzVhMmNhMjI5ZTYzZjA4MjQ2NThlNjRjZDQ4MmJmODdmODk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2+rThr0c0ZifHgf8ZCwOyTgjpfJy
UWOWj+JDtILrxYOAZ87KimTmgJRGu1jtEabx+a9S0OcS1oBHe1ffhbOclZ9ZezIf
eLENIm/hP5OxFLuBRC382dHhHoJR1Dx0BW7yLsiO2QVIHQtGUOgMp1uRFkFDIYwv
4b1M8IMY0akV+IkKimYOcJOXgnKlVWcAZc74Bsw1RDNtxGqkULLwqvblZiWrlSZl
gP5k/emcCWMMdU145G426lYD83pFCxleK2d1dC3SX/wIHJKH19q8CUVVyqNVWM++
Iy7CSWc/Dc74V4+4XB2ctFNzbaTdhR39pzykkahIvBR4viBPS9UgSgik4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHwZNaLKIp5j8IJGWOZM1IK/h/iUMB8GA1UdIwQY
MBaAFEB8549Kw7qQKgw43AGgxfISZRmwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUh6bmowckR1cEFxRERqY0FhREY4aEpsR2JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9hODdlYTgtYzNiNi00NzJkLWE5NmMt
YTk3MWEzMzRmYWE0LzEvUUh6bmowckR1cEFxRERqY0FhREY4aEpsR2JBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9hODdlYTgtYzNiNi00NzJkLWE5NmMtYTk3MWEzMzRmYWE0
LzEvUUh6bmowckR1cEFxRERqY0FhREY4aEpsR2JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABq9Niyg/
/bdt/UiNiKzVnRcV3xqNjsQbI5yQiABgj8RayOpo6d/6WoK+LNaTbAuaQytCr89j
KVjfAxrym1rhO6RPIneadWAnv8g0U6EIOKLYU4o6INdaBUHOIZ2LunDfShMkPclY
F25sy0r1J7F+5X3AcAeagmqd4Ey9bNZyKcDo+Nw/Ffb0l/eTgLiuYujt9lsO5aFG
oiMyXtG1w9OojvLyHbm/VUcBfIwjxnpDAeNAZFFA+geX6qCAxJmdT/HqftSwE0e/
8eCvq4JT+lufp0HzZhwKMGOklPYbj1Qw2ITOYRVtH7exWCtRxcz8ZSzW2kSdAnOG
xYtXr1wl82+3TA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:57:23 2026 by rpki-client