Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.mft
File: QkMqMZ9UsFg3L9MlKOrlH8kMFbI.mft (raw, json)
Hash identifier: cQmYXRZGMWNhpfVXJzDVYPnfSTDPCb5a1fx/8e8/hgo=
Subject key identifier: 12:D9:36:C8:EE:8D:06:B4:4C:22:09:46:C0:D8:90:01:A7:4E:D0:E2
Authority key identifier: 42:43:2A:31:9F:54:B0:58:37:2F:D3:25:28:EA:E5:1F:C9:0C:15:B2
Certificate issuer: /CN=42432a319f54b058372fd32528eae51fc90c15b2
Certificate serial: 019D28BBC75003A1AFBAF0F696389A7ABE95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.mft
Manifest number: 0535
Signing time: Thu 26 Mar 2026 06:01:28 +0000
Manifest this update: Thu 26 Mar 2026 06:01:28 +0000
Manifest next update: Fri 27 Mar 2026 06:01:28 +0000
Files and hashes: 1: BMVk-OA-2PhTMA5A-sORM1prfMQ.roa (hash: E5dCIP4UxhH+T0A81jHL6M9IWvcHzJuPi1U0SLcMSqE=)
2: MBMbLrsZWEsBNYoYuyLSlAPF2WE.roa (hash: BixX2lk4Zd4GgNurHhSn7REJ4Le+26ZBWj1SCXORrcE=)
3: QkMqMZ9UsFg3L9MlKOrlH8kMFbI.crl (hash: 5fdATHBCJHU81K0jbbzq6UFda5/oFPcClSUs9f+kuMg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.mft
rsync://rpki.ripe.net/repository/DEFAULT/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 06:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:bb:c7:50:03:a1:af:ba:f0:f6:96:38:9a:7a:be:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42432a319f54b058372fd32528eae51fc90c15b2
Validity
Not Before: Mar 26 06:01:28 2026 GMT
Not After : Mar 27 06:01:28 2026 GMT
Subject: CN=12d936c8ee8d06b44c220946c0d89001a74ed0e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:f9:3d:03:68:04:ba:0f:27:3d:21:5d:68:91:
bc:ce:20:64:de:50:b7:08:1d:43:f0:6a:1f:10:71:
e3:4c:05:ae:0f:3d:75:e7:db:5b:cc:c0:c2:03:e8:
6b:50:26:74:15:21:bf:17:e7:12:ba:ef:df:54:d8:
d6:64:c4:32:9f:e8:e9:a7:21:3b:f1:b1:bf:7f:0a:
cc:d4:93:62:f0:e3:3a:42:50:41:e8:f2:22:5e:b1:
4f:57:d6:a0:52:96:b6:f5:61:52:c9:d0:36:18:37:
69:2e:bb:ec:4e:1c:53:d1:24:6e:c8:5b:dc:0c:27:
8e:5f:f6:ac:9a:69:f1:44:a6:a8:7d:c4:be:76:db:
9d:e1:de:80:37:0a:87:09:18:f9:1d:2e:66:56:cb:
cf:59:f2:61:bf:69:af:35:69:f5:f3:1b:83:d4:97:
7f:ba:f2:21:f3:e9:36:3b:2a:3d:e0:e7:35:12:52:
75:ab:90:0a:f5:ff:53:53:96:c6:a6:ce:d7:3f:e0:
1e:3a:a4:ac:1b:c0:ab:78:ac:9f:34:23:8b:4e:15:
59:f3:64:14:bf:2e:5f:32:a5:b1:82:86:e7:c8:69:
fd:7a:f9:28:73:98:5c:2e:e3:79:02:71:e6:d3:0c:
96:87:e1:ef:af:96:1b:00:0c:31:d2:a5:a0:f6:b0:
71:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:D9:36:C8:EE:8D:06:B4:4C:22:09:46:C0:D8:90:01:A7:4E:D0:E2
X509v3 Authority Key Identifier:
keyid:42:43:2A:31:9F:54:B0:58:37:2F:D3:25:28:EA:E5:1F:C9:0C:15:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3d:65:77:37:d0:3e:b0:39:1c:0b:14:b4:4d:7a:64:7a:57:e3:
5d:b3:86:d3:e9:43:7d:67:58:e9:52:65:7e:14:36:a3:a5:4c:
ef:aa:4c:b9:cf:1d:54:9b:25:79:ca:72:3f:00:bf:d9:b5:d3:
15:0a:02:29:63:4b:c5:d5:24:3d:b8:90:84:2b:c1:ec:e7:e7:
02:46:87:cf:fe:7b:d2:cd:60:cb:35:12:fa:5a:ac:40:b5:e8:
64:b1:d3:af:af:7f:54:9b:5f:6d:ab:fe:7a:e0:bf:35:8e:35:
77:b8:3e:36:4e:ec:da:a4:79:aa:09:91:c8:66:de:a0:2c:f9:
b3:05:64:d6:c0:de:e5:23:98:fc:fd:59:03:c9:bb:01:f8:12:
e9:77:b5:4c:93:cf:90:8c:d0:85:c5:71:2a:b6:61:cb:5b:37:
a7:78:99:80:00:8f:57:e3:03:94:90:20:bc:0d:90:07:90:0e:
d3:45:44:51:fa:17:62:c1:27:bd:a6:7e:72:cc:e4:79:53:cf:
bc:67:63:c6:59:f6:f4:17:26:b1:64:e6:ae:67:db:6b:71:d9:
76:55:fc:f4:07:3e:f1:9b:8f:80:04:fd:f5:7b:6b:ad:06:be:
7d:cf:d9:47:4e:fb:93:5f:ae:d4:43:72:d2:5b:26:e1:6c:39:
72:76:4e:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ou8dQA6GvuvD2ljiaer6VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyNDMyYTMxOWY1NGIwNTgzNzJmZDMyNTI4ZWFlNTFmYzkw
YzE1YjIwHhcNMjYwMzI2MDYwMTI4WhcNMjYwMzI3MDYwMTI4WjAzMTEwLwYDVQQD
EygxMmQ5MzZjOGVlOGQwNmI0NGMyMjA5NDZjMGQ4OTAwMWE3NGVkMGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/k9A2gEug8nPSFdaJG8ziBk3lC3
CB1D8GofEHHjTAWuDz1159tbzMDCA+hrUCZ0FSG/F+cSuu/fVNjWZMQyn+jppyE7
8bG/fwrM1JNi8OM6QlBB6PIiXrFPV9agUpa29WFSydA2GDdpLrvsThxT0SRuyFvc
DCeOX/asmmnxRKaofcS+dtud4d6ANwqHCRj5HS5mVsvPWfJhv2mvNWn18xuD1Jd/
uvIh8+k2Oyo94Oc1ElJ1q5AK9f9TU5bGps7XP+AeOqSsG8CreKyfNCOLThVZ82QU
vy5fMqWxgobnyGn9evkoc5hcLuN5AnHm0wyWh+Hvr5YbAAwx0qWg9rBxtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBLZNsjujQa0TCIJRsDYkAGnTtDiMB8GA1UdIwQY
MBaAFEJDKjGfVLBYNy/TJSjq5R/JDBWyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWtNcU1aOVVzRmczTDlNbEtPcmxIOGtNRmJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS83YWI3OWMtOWRmZi00YTVkLWFlODMt
MTMxZGMyYmEyZWM4LzEvUWtNcU1aOVVzRmczTDlNbEtPcmxIOGtNRmJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS83YWI3OWMtOWRmZi00YTVkLWFlODMtMTMxZGMyYmEyZWM4
LzEvUWtNcU1aOVVzRmczTDlNbEtPcmxIOGtNRmJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPWV3N9A+
sDkcCxS0TXpkelfjXbOG0+lDfWdY6VJlfhQ2o6VM76pMuc8dVJslecpyPwC/2bXT
FQoCKWNLxdUkPbiQhCvB7OfnAkaHz/570s1gyzUS+lqsQLXoZLHTr69/VJtfbav+
euC/NY41d7g+Nk7s2qR5qgmRyGbeoCz5swVk1sDe5SOY/P1ZA8m7AfgS6Xe1TJPP
kIzQhcVxKrZhy1s3p3iZgACPV+MDlJAgvA2QB5AO00VEUfoXYsEnvaZ+cszkeVPP
vGdjxln29BcmsWTmrmfba3HZdlX89Ac+8ZuPgAT99XtrrQa+fc/ZR077k1+u1ENy
0lsm4Ww5cnZOIQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 13:58:55 2026 by rpki-client