Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.mft
File: QH0twQwC9ewk9pD59mBVVIZWLlk.mft (raw, json)
Hash identifier: AvMyMCgAMzmmDdjMSH5pQXK83YuWTRineW9J7ce30lY=
Subject key identifier: 07:95:15:39:EE:23:95:BB:5C:63:2E:E2:E4:BE:61:E6:DE:3D:49:7C
Authority key identifier: 40:7D:2D:C1:0C:02:F5:EC:24:F6:90:F9:F6:60:55:54:86:56:2E:59
Certificate issuer: /CN=407d2dc10c02f5ec24f690f9f660555486562e59
Certificate serial: 019D2772D3228BB769BF968C131277DD8622
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QH0twQwC9ewk9pD59mBVVIZWLlk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.mft
Manifest number: 1585
Signing time: Thu 26 Mar 2026 00:02:09 +0000
Manifest this update: Thu 26 Mar 2026 00:02:09 +0000
Manifest next update: Fri 27 Mar 2026 00:02:09 +0000
Files and hashes: 1: FtvcAFkah5MC2Z1_PcfWmzKSll8.roa (hash: lAzH9ctEUVZ0nWk96qJfvTNhA1rNNyQ5u0vfPKjJ5TI=)
2: QH0twQwC9ewk9pD59mBVVIZWLlk.crl (hash: yn8uY4e2QH2+yh339SJdmz3mQLnTQS3BIxTPgeDDYkg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.mft
rsync://rpki.ripe.net/repository/DEFAULT/QH0twQwC9ewk9pD59mBVVIZWLlk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:72:d3:22:8b:b7:69:bf:96:8c:13:12:77:dd:86:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=407d2dc10c02f5ec24f690f9f660555486562e59
Validity
Not Before: Mar 26 00:02:09 2026 GMT
Not After : Mar 27 00:02:09 2026 GMT
Subject: CN=07951539ee2395bb5c632ee2e4be61e6de3d497c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:38:67:0c:88:45:5c:9d:8c:27:06:b9:e1:6f:
c4:f9:5d:68:7a:e0:fd:8d:c4:b5:68:a4:81:3c:6a:
0f:c4:7d:98:e1:b6:a8:47:ba:b7:66:cb:2e:46:3b:
31:3e:4a:b6:17:cf:9a:e6:74:95:21:cc:eb:04:54:
3c:0b:47:bd:23:b6:06:5f:f7:32:d0:27:9d:6e:8e:
e4:e9:94:ef:bb:30:a1:e5:b9:e5:d1:50:13:b5:41:
d3:1d:59:fe:06:77:d2:47:cf:6a:87:9a:56:4b:00:
67:c8:e4:49:3a:2d:bc:0d:4c:05:65:8d:17:6f:8d:
96:9c:f4:bb:79:2c:77:32:ab:79:bf:40:b1:30:82:
f4:54:d6:87:41:f2:1c:95:c5:d2:86:18:dd:49:3f:
2f:a1:ef:c6:ac:f0:50:40:a9:5c:e5:6d:65:16:38:
89:54:5a:8e:fd:dd:36:d4:b8:61:8a:92:48:33:db:
12:fe:94:0c:48:da:34:42:25:7c:7f:13:4b:c2:3f:
d8:83:bf:a1:01:5e:5b:d4:89:58:0f:de:ee:66:cf:
1a:c1:18:47:3e:63:1a:e4:61:27:38:0b:48:6b:b3:
83:0a:15:91:c2:d2:f3:d5:20:39:16:5b:ec:13:cb:
65:f1:f6:69:f5:eb:57:78:76:71:ba:49:5a:44:94:
a7:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:95:15:39:EE:23:95:BB:5C:63:2E:E2:E4:BE:61:E6:DE:3D:49:7C
X509v3 Authority Key Identifier:
keyid:40:7D:2D:C1:0C:02:F5:EC:24:F6:90:F9:F6:60:55:54:86:56:2E:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QH0twQwC9ewk9pD59mBVVIZWLlk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2b:2c:63:c0:9e:ea:8c:75:54:7a:ae:c7:01:54:2f:14:77:92:
cb:1f:d3:2a:d0:c8:69:96:24:21:90:fe:fd:7f:38:77:5b:7e:
eb:c9:33:65:89:ad:8d:bc:d3:c1:4d:a0:92:c2:3a:23:26:73:
9b:d1:df:3c:44:87:df:df:29:75:cc:74:99:53:a3:4d:cb:03:
ee:1b:ce:f1:11:d1:5f:82:ea:7d:72:cc:ab:69:15:11:cd:81:
32:ee:bf:cd:7c:9e:58:56:4a:eb:7f:a2:b0:9d:43:86:35:d0:
fb:65:9f:a2:4f:0c:ec:cf:77:6e:be:8c:57:28:fc:7f:70:17:
fe:cc:2a:47:a0:89:7b:6b:c4:60:2d:5c:41:c2:5d:eb:53:7d:
e5:c1:f7:01:28:8c:bc:6d:de:26:a2:b9:18:05:4c:a7:19:d1:
e2:f3:9d:b7:34:11:1a:df:df:51:08:3b:8f:e8:0e:52:30:d7:
da:8e:30:36:4d:a9:d3:7f:a4:b8:25:c3:fe:5a:d2:76:e6:19:
d8:4b:de:17:eb:9a:8d:39:37:95:e8:fc:7e:0b:4f:80:81:a8:
cb:ec:5d:20:37:41:6d:fd:d4:b3:05:23:1b:5b:5e:0c:5b:e6:
50:ff:3d:74:70:1e:46:af:79:08:6d:40:d5:d7:cc:6e:3d:57:
34:e4:b2:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nctMii7dpv5aMExJ33YYiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwN2QyZGMxMGMwMmY1ZWMyNGY2OTBmOWY2NjA1NTU0ODY1
NjJlNTkwHhcNMjYwMzI2MDAwMjA5WhcNMjYwMzI3MDAwMjA5WjAzMTEwLwYDVQQD
EygwNzk1MTUzOWVlMjM5NWJiNWM2MzJlZTJlNGJlNjFlNmRlM2Q0OTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsThnDIhFXJ2MJwa54W/E+V1oeuD9
jcS1aKSBPGoPxH2Y4baoR7q3ZssuRjsxPkq2F8+a5nSVIczrBFQ8C0e9I7YGX/cy
0Cedbo7k6ZTvuzCh5bnl0VATtUHTHVn+BnfSR89qh5pWSwBnyORJOi28DUwFZY0X
b42WnPS7eSx3Mqt5v0CxMIL0VNaHQfIclcXShhjdST8voe/GrPBQQKlc5W1lFjiJ
VFqO/d021LhhipJIM9sS/pQMSNo0QiV8fxNLwj/Yg7+hAV5b1IlYD97uZs8awRhH
PmMa5GEnOAtIa7ODChWRwtLz1SA5FlvsE8tl8fZp9etXeHZxuklaRJSn9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAeVFTnuI5W7XGMu4uS+YebePUl8MB8GA1UdIwQY
MBaAFEB9LcEMAvXsJPaQ+fZgVVSGVi5ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUgwdHdRd0M5ZXdrOXBENTltQlZWSVpXTGxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9hNmZjYzktZDI1MS00MmRjLWFkMDIt
OTY3YzIyODVlYTYyLzEvUUgwdHdRd0M5ZXdrOXBENTltQlZWSVpXTGxrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9hNmZjYzktZDI1MS00MmRjLWFkMDItOTY3YzIyODVlYTYy
LzEvUUgwdHdRd0M5ZXdrOXBENTltQlZWSVpXTGxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKyxjwJ7q
jHVUeq7HAVQvFHeSyx/TKtDIaZYkIZD+/X84d1t+68kzZYmtjbzTwU2gksI6IyZz
m9HfPESH398pdcx0mVOjTcsD7hvO8RHRX4LqfXLMq2kVEc2BMu6/zXyeWFZK63+i
sJ1DhjXQ+2Wfok8M7M93br6MVyj8f3AX/swqR6CJe2vEYC1cQcJd61N95cH3ASiM
vG3eJqK5GAVMpxnR4vOdtzQRGt/fUQg7j+gOUjDX2o4wNk2p03+kuCXD/lrSduYZ
2EveF+uajTk3lej8fgtPgIGoy+xdIDdBbf3UswUjG1teDFvmUP89dHAeRq95CG1A
1dfMbj1XNOSymw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 12:16:24 2026 by rpki-client