Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/442a9b-9ed7-493d-83f3-3ca488deee89/1/gQrwAiUQayCW6bIdmsLyBAaI3qI.mft
File: gQrwAiUQayCW6bIdmsLyBAaI3qI.mft (raw, json)
Hash identifier: rpHxGwC66uyzyoPPR87DgsxNBuj79szphaotMnrFBVc=
Subject key identifier: CC:F1:07:52:F2:3F:3E:DA:27:EB:25:68:53:CD:D4:23:1B:72:8E:B1
Authority key identifier: 81:0A:F0:02:25:10:6B:20:96:E9:B2:1D:9A:C2:F2:04:06:88:DE:A2
Certificate issuer: /CN=810af00225106b2096e9b21d9ac2f2040688dea2
Certificate serial: 019D265F9627E9ACF93E60B1FCA8619B43AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gQrwAiUQayCW6bIdmsLyBAaI3qI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/442a9b-9ed7-493d-83f3-3ca488deee89/1/gQrwAiUQayCW6bIdmsLyBAaI3qI.mft
Manifest number: 0BCE
Signing time: Wed 25 Mar 2026 19:01:31 +0000
Manifest this update: Wed 25 Mar 2026 19:01:31 +0000
Manifest next update: Thu 26 Mar 2026 19:01:31 +0000
Files and hashes: 1: Dg5PEYmKpTVI2DCPpp7B0MOqhXQ.roa (hash: 0r9Wvfa6jCmlqCpm1KLg+xpqhpapVEOAPFkYXdbs38g=)
2: H-gl84k76iOlzZYYJCblbDHN-l8.roa (hash: 9kM+SrqoWq0lxyCjUYdOI+zgBattq8/xzQWtVJ/ldQQ=)
3: gQrwAiUQayCW6bIdmsLyBAaI3qI.crl (hash: KmotRsBheSz2VO3Sj47QWrWLIOa68qG3jav10LkU6sw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/442a9b-9ed7-493d-83f3-3ca488deee89/1/gQrwAiUQayCW6bIdmsLyBAaI3qI.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/442a9b-9ed7-493d-83f3-3ca488deee89/1/gQrwAiUQayCW6bIdmsLyBAaI3qI.mft
rsync://rpki.ripe.net/repository/DEFAULT/gQrwAiUQayCW6bIdmsLyBAaI3qI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 19:01:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:5f:96:27:e9:ac:f9:3e:60:b1:fc:a8:61:9b:43:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=810af00225106b2096e9b21d9ac2f2040688dea2
Validity
Not Before: Mar 25 19:01:31 2026 GMT
Not After : Mar 26 19:01:31 2026 GMT
Subject: CN=ccf10752f23f3eda27eb256853cdd4231b728eb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:31:84:4e:22:e7:36:27:e1:6a:29:a7:cf:cd:
04:89:b8:e3:04:bd:24:75:c2:38:d1:9b:90:cc:66:
6f:f8:14:3b:4d:fa:6d:56:2c:a1:ad:2d:6f:84:c2:
e2:7e:f3:2a:01:c5:4b:5c:ca:80:ee:35:87:c4:91:
ee:c7:ed:ba:68:94:36:c7:b6:6d:cf:ad:5c:b2:84:
41:1d:eb:6b:24:67:d9:7d:ff:d6:86:37:d5:62:4f:
5c:c7:ca:3a:e4:c3:2a:46:ac:7e:fc:1d:90:d4:33:
e6:ad:c1:b1:35:40:0f:7f:b4:0c:b0:84:1e:2f:19:
a6:2b:16:ed:fc:57:34:7c:b1:fd:8a:c3:e4:fc:42:
92:d6:fb:8f:f0:0f:03:93:7c:ee:5d:81:59:3a:d1:
9c:e9:b1:3f:f4:ac:b9:8a:3f:89:b1:1b:b0:53:36:
c3:a1:60:b7:5d:c1:40:94:01:d8:d4:7c:3d:ab:1c:
84:2d:63:e8:7d:cb:f6:ae:2f:18:11:a5:c0:a7:64:
8e:ce:72:e5:4c:73:03:ea:06:08:2b:5a:fe:3e:23:
80:ab:fa:b3:47:84:6d:ac:30:98:08:3e:41:90:6c:
0d:b4:a5:d5:c8:c6:86:55:a6:c9:da:09:7e:f9:94:
83:b0:dd:85:92:41:65:24:b9:32:a4:d4:a0:ce:a0:
9a:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:F1:07:52:F2:3F:3E:DA:27:EB:25:68:53:CD:D4:23:1B:72:8E:B1
X509v3 Authority Key Identifier:
keyid:81:0A:F0:02:25:10:6B:20:96:E9:B2:1D:9A:C2:F2:04:06:88:DE:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gQrwAiUQayCW6bIdmsLyBAaI3qI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/442a9b-9ed7-493d-83f3-3ca488deee89/1/gQrwAiUQayCW6bIdmsLyBAaI3qI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/442a9b-9ed7-493d-83f3-3ca488deee89/1/gQrwAiUQayCW6bIdmsLyBAaI3qI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5d:a3:b5:88:25:d6:a1:1f:30:80:53:5a:89:f8:dd:1d:be:2d:
4e:23:e7:fa:16:1d:d3:59:a3:a3:6f:ce:76:9a:ce:2d:c0:13:
f9:2a:e2:13:7f:d4:fa:25:f9:c4:49:6c:09:20:3e:0b:5a:25:
5b:15:31:75:0c:67:04:85:b7:5b:3d:a9:8c:16:6c:ba:20:92:
8e:39:39:42:f7:71:1a:b6:2e:fb:30:c2:5e:0c:66:88:ea:41:
2d:e3:6c:32:4a:d2:81:fd:8c:92:fe:7c:57:68:02:b7:fc:70:
90:f7:eb:40:c9:72:1d:37:57:ae:8b:2e:27:12:17:54:2d:a5:
73:b5:3d:be:cd:6b:71:c4:97:f0:84:95:24:21:c8:9b:3e:84:
cc:4a:6e:91:64:7d:a4:ab:07:f5:00:04:ee:53:53:9d:dc:8e:
48:2e:70:c9:cf:71:48:78:43:92:e0:90:f0:e7:78:42:d5:05:
8c:29:ed:34:13:4c:08:9c:bd:f4:00:54:da:85:cc:34:fa:e7:
97:51:3b:bd:e1:f1:05:ff:2c:92:b9:71:bb:0f:76:e8:f5:95:
6e:95:bb:24:d7:ae:c4:ac:84:67:41:08:eb:38:33:ce:9c:b3:
e9:54:25:f0:4a:86:01:85:fd:be:55:65:79:49:74:05:cd:37:
f1:6e:42:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mX5Yn6az5PmCx/Khhm0OvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxMGFmMDAyMjUxMDZiMjA5NmU5YjIxZDlhYzJmMjA0MDY4
OGRlYTIwHhcNMjYwMzI1MTkwMTMxWhcNMjYwMzI2MTkwMTMxWjAzMTEwLwYDVQQD
EyhjY2YxMDc1MmYyM2YzZWRhMjdlYjI1Njg1M2NkZDQyMzFiNzI4ZWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijGETiLnNifhaimnz80EibjjBL0k
dcI40ZuQzGZv+BQ7TfptViyhrS1vhMLifvMqAcVLXMqA7jWHxJHux+26aJQ2x7Zt
z61csoRBHetrJGfZff/WhjfVYk9cx8o65MMqRqx+/B2Q1DPmrcGxNUAPf7QMsIQe
LxmmKxbt/Fc0fLH9isPk/EKS1vuP8A8Dk3zuXYFZOtGc6bE/9Ky5ij+JsRuwUzbD
oWC3XcFAlAHY1Hw9qxyELWPofcv2ri8YEaXAp2SOznLlTHMD6gYIK1r+PiOAq/qz
R4RtrDCYCD5BkGwNtKXVyMaGVabJ2gl++ZSDsN2FkkFlJLkypNSgzqCaVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMzxB1LyPz7aJ+slaFPN1CMbco6xMB8GA1UdIwQY
MBaAFIEK8AIlEGsglumyHZrC8gQGiN6iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1Fyd0FpVVFheUNXNmJJZG1zTHlCQWFJM3FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC80NDJhOWItOWVkNy00OTNkLTgzZjMt
M2NhNDg4ZGVlZTg5LzEvZ1Fyd0FpVVFheUNXNmJJZG1zTHlCQWFJM3FJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC80NDJhOWItOWVkNy00OTNkLTgzZjMtM2NhNDg4ZGVlZTg5
LzEvZ1Fyd0FpVVFheUNXNmJJZG1zTHlCQWFJM3FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXaO1iCXW
oR8wgFNaifjdHb4tTiPn+hYd01mjo2/OdprOLcAT+SriE3/U+iX5xElsCSA+C1ol
WxUxdQxnBIW3Wz2pjBZsuiCSjjk5QvdxGrYu+zDCXgxmiOpBLeNsMkrSgf2Mkv58
V2gCt/xwkPfrQMlyHTdXrosuJxIXVC2lc7U9vs1rccSX8ISVJCHImz6EzEpukWR9
pKsH9QAE7lNTndyOSC5wyc9xSHhDkuCQ8Od4QtUFjCntNBNMCJy99ABU2oXMNPrn
l1E7veHxBf8skrlxuw926PWVbpW7JNeuxKyEZ0EI6zgzzpyz6VQl8EqGAYX9vlVl
eUl0Bc038W5C0Q==
-----END CERTIFICATE-----
Generated at Thu Mar 26 03:34:00 2026 by rpki-client