Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.mft
File: QHxwg0YOGkxyxLxCdjE9OoWUSoc.mft (raw, json)
Hash identifier: URTMYTRiLGO1U+rmkPNOepWW+Xf97VWXxrTz5pWaAqc=
Subject key identifier: 38:18:73:60:B1:DF:F1:1F:40:97:7D:20:4F:7D:F8:7A:2A:37:56:AE
Authority key identifier: 40:7C:70:83:46:0E:1A:4C:72:C4:BC:42:76:31:3D:3A:85:94:4A:87
Certificate issuer: /CN=407c7083460e1a4c72c4bc4276313d3a85944a87
Certificate serial: 019D9C634EAC21F441ADCD5A835F7253EE0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QHxwg0YOGkxyxLxCdjE9OoWUSoc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.mft
Manifest number: 1055
Signing time: Fri 17 Apr 2026 17:00:46 +0000
Manifest this update: Fri 17 Apr 2026 17:00:46 +0000
Manifest next update: Sat 18 Apr 2026 17:00:46 +0000
Files and hashes: 1: 9l35f4vtEnwERy91rSIzMefrFvk.roa (hash: o4NZxjI3TjEffFvPCpSdso698d9KA9gU7jcbU25ovX4=)
2: QHxwg0YOGkxyxLxCdjE9OoWUSoc.crl (hash: ruBkQIK2YN2gCnrJoZazTlkfnzth1r77qvHDCylRSHk=)
3: _DMWomZ-zw9r2w8AsNSptLxDmfA.roa (hash: 5DRqqMVL9GM/PG8SfYwPRoOqjNYLEPPU5+fO2uX+eWE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.mft
rsync://rpki.ripe.net/repository/DEFAULT/QHxwg0YOGkxyxLxCdjE9OoWUSoc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9c:63:4e:ac:21:f4:41:ad:cd:5a:83:5f:72:53:ee:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=407c7083460e1a4c72c4bc4276313d3a85944a87
Validity
Not Before: Apr 17 17:00:46 2026 GMT
Not After : Apr 18 17:00:46 2026 GMT
Subject: CN=38187360b1dff11f40977d204f7df87a2a3756ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:63:f1:82:dd:9c:6b:42:ea:79:4d:d3:eb:6b:
fa:8e:fc:a8:86:40:74:23:89:56:87:a3:1d:96:f1:
ee:9d:a4:6c:1b:48:2a:54:6e:37:81:67:ae:04:c4:
f3:82:5c:28:12:a0:d4:cd:e9:0b:a4:8f:de:76:43:
0f:6c:4d:32:ce:44:0d:d9:ea:95:90:50:20:8a:74:
a2:5a:e1:03:de:fe:de:a5:8e:ef:3f:ff:db:ef:2f:
a7:9f:7f:ec:3e:15:c5:3c:17:bc:61:87:80:c0:3b:
27:b9:15:2e:76:e9:c0:b9:5e:dd:3e:82:18:f0:cc:
44:0c:57:82:01:fc:0a:5c:f7:87:1e:dd:cd:31:18:
8a:2e:22:d3:7b:71:f3:db:ee:0a:47:5a:4b:ed:00:
7d:2a:dc:bb:42:e8:60:e7:b0:97:95:12:98:6e:8b:
50:87:bc:f0:d5:4f:a9:e6:dd:f9:8e:4a:c3:3a:b9:
0e:b1:f0:52:76:eb:0f:79:28:ac:68:5c:cc:01:47:
ff:96:66:19:32:61:f6:fc:b0:8c:85:b4:99:44:d5:
ae:97:cd:55:c6:9a:03:52:eb:b5:76:ca:2f:e3:ee:
89:6d:1c:0a:0a:ba:3b:9c:b1:a4:08:c2:f4:7f:ea:
9b:b6:b1:a5:e4:60:6e:a9:6e:bb:6e:c7:ed:c0:f4:
42:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:18:73:60:B1:DF:F1:1F:40:97:7D:20:4F:7D:F8:7A:2A:37:56:AE
X509v3 Authority Key Identifier:
keyid:40:7C:70:83:46:0E:1A:4C:72:C4:BC:42:76:31:3D:3A:85:94:4A:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QHxwg0YOGkxyxLxCdjE9OoWUSoc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9a:03:cc:3d:83:32:86:bb:5e:8e:a7:69:25:89:10:30:f0:82:
5f:e3:ba:fb:f1:ef:74:9f:f4:59:4a:fe:f1:ad:e3:b9:aa:22:
2c:54:5a:44:b5:e9:c2:a0:64:ac:9c:e6:10:74:78:c9:9e:69:
bc:6a:43:a1:55:6b:b7:67:a3:6a:29:9b:b5:c0:53:59:ef:3b:
1b:8e:8d:96:45:b8:00:d8:a3:7b:ac:84:d1:1c:25:ed:d8:f8:
89:f4:52:e3:b8:3a:74:28:cf:db:50:ac:f9:8b:b3:04:dc:63:
09:b1:76:ea:96:f2:7f:91:9b:14:29:d2:53:f5:c7:99:fc:ea:
0a:47:55:6a:6c:72:0b:9b:ba:79:07:f7:98:71:3a:bc:41:db:
03:24:7e:d7:e8:89:ad:32:85:be:73:96:ab:53:4b:e5:93:cc:
86:1a:be:12:20:d5:2f:27:f0:f4:47:a3:c4:50:12:11:a3:a9:
1d:af:d6:d3:d7:b5:b0:13:09:5e:71:77:b9:bc:f1:a2:b3:87:
d6:d1:3f:56:84:c0:51:47:78:68:bb:30:c7:12:bc:da:49:10:
bc:09:6d:ca:db:e7:2c:1f:84:08:a8:0a:79:e9:8e:c6:2c:75:
45:7a:ff:c9:14:0f:fc:57:39:ee:01:80:fb:47:72:3a:7c:c6:
10:5b:d9:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2cY06sIfRBrc1ag19yU+4LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwN2M3MDgzNDYwZTFhNGM3MmM0YmM0Mjc2MzEzZDNhODU5
NDRhODcwHhcNMjYwNDE3MTcwMDQ2WhcNMjYwNDE4MTcwMDQ2WjAzMTEwLwYDVQQD
EygzODE4NzM2MGIxZGZmMTFmNDA5NzdkMjA0ZjdkZjg3YTJhMzc1NmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWPxgt2ca0LqeU3T62v6jvyohkB0
I4lWh6MdlvHunaRsG0gqVG43gWeuBMTzglwoEqDUzekLpI/edkMPbE0yzkQN2eqV
kFAginSiWuED3v7epY7vP//b7y+nn3/sPhXFPBe8YYeAwDsnuRUudunAuV7dPoIY
8MxEDFeCAfwKXPeHHt3NMRiKLiLTe3Hz2+4KR1pL7QB9Kty7Quhg57CXlRKYbotQ
h7zw1U+p5t35jkrDOrkOsfBSdusPeSisaFzMAUf/lmYZMmH2/LCMhbSZRNWul81V
xpoDUuu1dsov4+6JbRwKCro7nLGkCML0f+qbtrGl5GBuqW67bsftwPRCqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDgYc2Cx3/EfQJd9IE99+HoqN1auMB8GA1UdIwQY
MBaAFEB8cINGDhpMcsS8QnYxPTqFlEqHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUh4d2cwWU9Ha3h5eEx4Q2RqRTlPb1dVU29jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi84YTc1NjktZWQ3NC00YTkyLTg2Mjct
OTg1ZWQxNWM5YWViLzEvUUh4d2cwWU9Ha3h5eEx4Q2RqRTlPb1dVU29jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi84YTc1NjktZWQ3NC00YTkyLTg2MjctOTg1ZWQxNWM5YWVi
LzEvUUh4d2cwWU9Ha3h5eEx4Q2RqRTlPb1dVU29jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmgPMPYMy
hrtejqdpJYkQMPCCX+O6+/HvdJ/0WUr+8a3juaoiLFRaRLXpwqBkrJzmEHR4yZ5p
vGpDoVVrt2ejaimbtcBTWe87G46NlkW4ANije6yE0Rwl7dj4ifRS47g6dCjP21Cs
+YuzBNxjCbF26pbyf5GbFCnSU/XHmfzqCkdVamxyC5u6eQf3mHE6vEHbAyR+1+iJ
rTKFvnOWq1NL5ZPMhhq+EiDVLyfw9EejxFASEaOpHa/W09e1sBMJXnF3ubzxorOH
1tE/VoTAUUd4aLswxxK82kkQvAltytvnLB+ECKgKeemOxix1RXr/yRQP/Fc57gGA
+0dyOnzGEFvZ4Q==
-----END CERTIFICATE-----
Generated at Fri Apr 17 19:13:57 2026 by rpki-client