Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/51ad54-dd30-4f35-906c-811dcb7c44fc/1/1-qe1orkHCRPTSTKBX-tH42Mf318.mft
File: 1-qe1orkHCRPTSTKBX-tH42Mf318.mft (raw, json)
Hash identifier: npsbGWp0ArWUEMx9N/imznIFeugWJALxCsRCW4wQqQs=
Subject key identifier: 89:5F:C6:8E:CF:35:B9:65:E7:59:37:55:57:0E:C1:1A:F8:2E:EF:CF
Authority key identifier: FA:A7:B5:A2:B9:07:09:13:D3:49:32:81:5F:EB:47:E3:63:1F:DF:5F
Certificate issuer: /CN=faa7b5a2b9070913d34932815feb47e3631fdf5f
Certificate serial: 019D270436C1ADF326A8FB142E3548A9C0FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-qe1orkHCRPTSTKBX-tH42Mf318.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/51ad54-dd30-4f35-906c-811dcb7c44fc/1/1-qe1orkHCRPTSTKBX-tH42Mf318.mft
Manifest number: 1661
Signing time: Wed 25 Mar 2026 22:01:20 +0000
Manifest this update: Wed 25 Mar 2026 22:01:20 +0000
Manifest next update: Thu 26 Mar 2026 22:01:20 +0000
Files and hashes: 1: 1-qe1orkHCRPTSTKBX-tH42Mf318.crl (hash: 1ziey+5B+fNz6CF5GTaNzdOeuO38UuKMl4h4fF8V4C4=)
2: z8zovr62ahngZe9eyLY1UmJJA_E.roa (hash: h9t0xBYGXyCoUtS+tRL/Tqf5YaJCLff6uGboBY8MeD8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/51ad54-dd30-4f35-906c-811dcb7c44fc/1/1-qe1orkHCRPTSTKBX-tH42Mf318.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/51ad54-dd30-4f35-906c-811dcb7c44fc/1/1-qe1orkHCRPTSTKBX-tH42Mf318.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-qe1orkHCRPTSTKBX-tH42Mf318.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 22:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:04:36:c1:ad:f3:26:a8:fb:14:2e:35:48:a9:c0:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=faa7b5a2b9070913d34932815feb47e3631fdf5f
Validity
Not Before: Mar 25 22:01:20 2026 GMT
Not After : Mar 26 22:01:20 2026 GMT
Subject: CN=895fc68ecf35b965e7593755570ec11af82eefcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:80:63:a5:45:c3:43:06:0d:d0:7a:10:5b:b3:
d9:a6:31:a4:cf:84:78:ef:01:b1:be:dc:ac:90:d0:
a5:55:15:6c:87:b4:b8:06:ba:86:42:dd:12:1b:d6:
23:5f:29:b1:76:12:33:d5:b0:40:8e:02:f7:a1:c6:
e7:e7:dc:44:f6:16:9b:ad:79:d1:9b:f9:69:9a:4e:
1c:66:64:74:b8:e9:84:dd:42:56:0f:7b:3e:19:b9:
05:b3:c3:d7:c4:e6:55:4b:41:f2:94:8f:6e:75:98:
a4:6f:67:62:91:65:ef:0d:8d:0d:d6:84:ca:c2:5f:
3f:91:e3:06:0f:7d:79:76:30:6c:e6:56:52:31:ac:
b0:6a:81:cc:2e:d7:12:cc:3d:25:1e:e4:6f:75:f3:
ea:b8:54:33:5c:3a:85:8f:95:b8:33:0f:19:1c:d2:
e0:4d:0b:17:97:29:06:a4:d5:4c:53:4c:78:5d:1e:
b5:8b:54:dc:b0:f1:07:f0:56:70:77:64:91:80:6f:
7a:0e:4f:93:9f:1b:33:0b:b5:dd:b7:d8:c0:ef:6b:
a8:1d:ef:c2:fc:9d:1f:82:7a:da:c9:ec:f9:d0:af:
3b:c9:d2:c3:21:65:52:c7:9f:c5:5f:d4:86:1a:8a:
24:ef:5e:96:93:23:79:04:9a:64:7b:47:0e:f3:8d:
c1:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:5F:C6:8E:CF:35:B9:65:E7:59:37:55:57:0E:C1:1A:F8:2E:EF:CF
X509v3 Authority Key Identifier:
keyid:FA:A7:B5:A2:B9:07:09:13:D3:49:32:81:5F:EB:47:E3:63:1F:DF:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-qe1orkHCRPTSTKBX-tH42Mf318.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/51ad54-dd30-4f35-906c-811dcb7c44fc/1/1-qe1orkHCRPTSTKBX-tH42Mf318.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/51ad54-dd30-4f35-906c-811dcb7c44fc/1/1-qe1orkHCRPTSTKBX-tH42Mf318.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5c:8e:02:dd:2e:0f:ec:6a:dc:1d:5f:4a:c4:7d:4d:b1:5b:60:
57:75:21:78:5c:e8:f6:5c:e3:e6:6e:5b:99:1f:08:5f:87:be:
d5:d1:99:7b:27:31:a2:8e:17:c8:74:23:09:59:0b:ba:90:bb:
6f:4c:a3:cf:ca:92:d5:75:a4:7b:c0:f5:03:ca:95:41:31:75:
74:d9:c6:cb:cd:fa:2c:aa:d7:d2:92:9e:64:f1:a5:7f:4c:c7:
c7:d4:26:90:0b:05:2c:e1:32:c7:7f:d6:61:33:68:4f:c4:f3:
17:d5:8a:04:06:64:47:43:6c:e5:3b:12:f9:70:f5:de:8f:42:
b0:55:ae:fd:d5:9b:5c:25:96:13:40:16:54:78:4e:2a:de:ec:
bf:38:39:3d:8b:57:da:c3:29:1b:7a:d4:00:68:e5:0a:b1:bc:
fc:fc:9a:be:24:9c:f1:30:aa:f2:1f:bb:95:b7:48:b4:a1:2c:
1f:bc:d9:18:0f:80:17:2d:5f:6e:bb:12:a5:11:04:f2:1c:b9:
a2:84:1d:14:c8:f6:a2:07:50:a4:dc:52:78:a5:f0:5f:ff:36:
51:44:16:20:67:47:67:27:24:ae:80:25:25:79:e0:8a:73:f3:
ca:69:ad:12:c5:87:fa:8b:f2:bd:45:6f:17:ac:28:07:f6:89:
fc:cb:3f:4c
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZ0nBDbBrfMmqPsULjVIqcD9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhYTdiNWEyYjkwNzA5MTNkMzQ5MzI4MTVmZWI0N2UzNjMx
ZmRmNWYwHhcNMjYwMzI1MjIwMTIwWhcNMjYwMzI2MjIwMTIwWjAzMTEwLwYDVQQD
Eyg4OTVmYzY4ZWNmMzViOTY1ZTc1OTM3NTU1NzBlYzExYWY4MmVlZmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIBjpUXDQwYN0HoQW7PZpjGkz4R4
7wGxvtyskNClVRVsh7S4BrqGQt0SG9YjXymxdhIz1bBAjgL3ocbn59xE9habrXnR
m/lpmk4cZmR0uOmE3UJWD3s+GbkFs8PXxOZVS0HylI9udZikb2dikWXvDY0N1oTK
wl8/keMGD315djBs5lZSMaywaoHMLtcSzD0lHuRvdfPquFQzXDqFj5W4Mw8ZHNLg
TQsXlykGpNVMU0x4XR61i1TcsPEH8FZwd2SRgG96Dk+TnxszC7Xdt9jA72uoHe/C
/J0fgnrayez50K87ydLDIWVSx5/FX9SGGook716WkyN5BJpke0cO843BSQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFIlfxo7PNbll51k3VVcOwRr4Lu/PMB8GA1UdIwQY
MBaAFPqntaK5BwkT00kygV/rR+NjH99fMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1xZTFvcmtIQ1JQVFNUS0JYLXRINDJNZjMxOC5jZXIw
gY4GCCsGAQUFBwELBIGBMH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWQvNTFhZDU0LWRkMzAtNGYzNS05MDZj
LTgxMWRjYjdjNDRmYy8xLzEtcWUxb3JrSENSUFRTVEtCWC10SDQyTWYzMTgubWZ0
MIGCBgNVHR8EezB5MHegdaBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3Np
dG9yeS9ERUZBVUxUL2VkLzUxYWQ1NC1kZDMwLTRmMzUtOTA2Yy04MTFkY2I3YzQ0
ZmMvMS8xLXFlMW9ya0hDUlBUU1RLQlgtdEg0Mk1mMzE4LmNybDAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgAC
BQAwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXI4C
3S4P7GrcHV9KxH1NsVtgV3UheFzo9lzj5m5bmR8IX4e+1dGZeycxoo4XyHQjCVkL
upC7b0yjz8qS1XWke8D1A8qVQTF1dNnGy836LKrX0pKeZPGlf0zHx9QmkAsFLOEy
x3/WYTNoT8TzF9WKBAZkR0Ns5TsS+XD13o9CsFWu/dWbXCWWE0AWVHhOKt7svzg5
PYtX2sMpG3rUAGjlCrG8/PyaviSc8TCq8h+7lbdItKEsH7zZGA+AFy1fbrsSpREE
8hy5ooQdFMj2ogdQpNxSeKXwX/82UUQWIGdHZyckroAlJXnginPzymmtEsWH+ovy
vUVvF6woB/aJ/Ms/TA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 10:06:13 2026 by rpki-client