Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.mft
File: QHxwg0YOGkxyxLxCdjE9OoWUSoc.mft (raw, json)
Hash identifier: b00+wDEjzsBqgEimZ/HmkZ8QLioVauIA+dMExvcgmb4=
Subject key identifier: 99:6A:B1:0E:2F:E9:BC:DF:59:F5:1D:1D:35:77:E2:5E:FA:06:8B:D6
Authority key identifier: 40:7C:70:83:46:0E:1A:4C:72:C4:BC:42:76:31:3D:3A:85:94:4A:87
Certificate issuer: /CN=407c7083460e1a4c72c4bc4276313d3a85944a87
Certificate serial: 019CAEDA33BADDF3825BC4E29AB8362C67A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QHxwg0YOGkxyxLxCdjE9OoWUSoc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.mft
Manifest number: 0FDA
Signing time: Mon 02 Mar 2026 14:01:01 +0000
Manifest this update: Mon 02 Mar 2026 14:01:01 +0000
Manifest next update: Tue 03 Mar 2026 14:01:01 +0000
Files and hashes: 1: 9l35f4vtEnwERy91rSIzMefrFvk.roa (hash: o4NZxjI3TjEffFvPCpSdso698d9KA9gU7jcbU25ovX4=)
2: QHxwg0YOGkxyxLxCdjE9OoWUSoc.crl (hash: hNQcDaDENcpUDCTeolEklkaWrdXPmYVsAt/b4C3Bpgw=)
3: _DMWomZ-zw9r2w8AsNSptLxDmfA.roa (hash: 5DRqqMVL9GM/PG8SfYwPRoOqjNYLEPPU5+fO2uX+eWE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.mft
rsync://rpki.ripe.net/repository/DEFAULT/QHxwg0YOGkxyxLxCdjE9OoWUSoc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 14:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ae:da:33:ba:dd:f3:82:5b:c4:e2:9a:b8:36:2c:67:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=407c7083460e1a4c72c4bc4276313d3a85944a87
Validity
Not Before: Mar 2 14:01:01 2026 GMT
Not After : Mar 3 14:01:01 2026 GMT
Subject: CN=996ab10e2fe9bcdf59f51d1d3577e25efa068bd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:99:7b:1c:81:c7:d1:37:4a:bd:20:67:da:c6:
ca:19:44:94:e7:51:82:e4:49:30:0b:aa:f8:ba:a8:
b0:8b:0e:2e:70:c4:2c:bc:c2:ef:9d:66:d6:6a:5d:
52:ee:9c:59:b0:e2:cf:5a:9d:0a:39:2c:1f:b7:7e:
7d:32:cb:b6:72:23:a4:b6:75:f8:3a:8f:98:23:d6:
3f:ba:fb:67:24:87:55:20:5c:85:93:47:ed:a1:2c:
f8:d9:02:f1:7d:16:55:66:5a:aa:6c:f7:81:f6:69:
87:e0:68:9b:d9:38:06:2c:cd:f0:80:b4:51:5d:34:
b0:ed:ba:d0:4b:10:0a:56:ff:bb:8c:a6:9c:55:5d:
3d:12:ca:46:4d:b1:c5:04:2f:3c:c9:5e:cc:f4:3b:
ec:dc:4b:d7:05:e9:60:0d:54:1d:40:b7:ed:19:28:
a4:49:e1:d5:a5:34:37:80:0b:b0:f8:68:0c:c3:eb:
a5:c2:d2:2a:cd:18:4c:89:2b:23:b9:79:c9:f0:73:
d3:6f:8e:a0:3a:07:d7:bd:61:da:d9:ac:91:92:52:
10:0a:0c:a6:31:d9:ab:fb:e6:a0:10:4d:2a:74:d4:
2e:2f:3a:72:d7:a5:88:bb:d0:f7:9d:81:ff:c0:3c:
ba:6b:e7:3d:f6:b3:b4:4e:fe:39:a3:80:01:fe:b5:
99:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:6A:B1:0E:2F:E9:BC:DF:59:F5:1D:1D:35:77:E2:5E:FA:06:8B:D6
X509v3 Authority Key Identifier:
keyid:40:7C:70:83:46:0E:1A:4C:72:C4:BC:42:76:31:3D:3A:85:94:4A:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QHxwg0YOGkxyxLxCdjE9OoWUSoc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
84:64:da:36:8b:ad:f5:97:5c:0d:42:c1:ae:e0:ab:4f:be:87:
ac:37:ee:55:58:2c:73:14:3b:9c:9f:7d:8a:fd:bb:f2:4e:0b:
0d:e8:db:d3:a5:3d:21:af:29:e0:e6:9e:27:ed:d7:c8:31:a6:
dd:9a:65:f0:c0:f6:06:56:08:41:e2:ef:f3:71:08:ff:cd:0a:
48:a1:83:2f:b4:03:fe:ab:6e:7a:9e:d3:15:35:10:e8:f3:e7:
d2:bb:d8:9b:1f:24:5a:6b:2b:33:e8:c9:45:a6:22:b6:54:fd:
8b:6a:fc:97:96:bf:9a:ac:81:e3:b5:82:c1:9a:0d:ff:78:73:
c7:97:c4:50:c8:48:64:1a:fd:e9:7a:05:d0:7d:05:1c:56:57:
d4:ff:f9:5e:e3:54:9d:87:c9:52:9a:50:51:ea:10:b6:3d:97:
e4:a4:00:3c:9c:1c:f3:85:59:fc:86:d5:98:f0:cc:ec:d2:4a:
ae:89:ba:6b:6e:37:59:a3:be:9c:1c:8f:f4:ad:39:f2:57:16:
3e:35:4e:2b:2f:d3:18:94:60:ee:42:cf:03:70:9c:d3:b5:35:
fb:83:cc:ac:e4:5c:31:63:c8:c5:9b:68:d6:70:50:0b:b2:42:
70:3d:61:a8:ad:69:30:c6:76:b0:5b:a5:3c:a3:9a:a7:a1:a4:
7c:d5:30:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyu2jO63fOCW8Timrg2LGeiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwN2M3MDgzNDYwZTFhNGM3MmM0YmM0Mjc2MzEzZDNhODU5
NDRhODcwHhcNMjYwMzAyMTQwMTAxWhcNMjYwMzAzMTQwMTAxWjAzMTEwLwYDVQQD
Eyg5OTZhYjEwZTJmZTliY2RmNTlmNTFkMWQzNTc3ZTI1ZWZhMDY4YmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5l7HIHH0TdKvSBn2sbKGUSU51GC
5EkwC6r4uqiwiw4ucMQsvMLvnWbWal1S7pxZsOLPWp0KOSwft359Msu2ciOktnX4
Oo+YI9Y/uvtnJIdVIFyFk0ftoSz42QLxfRZVZlqqbPeB9mmH4Gib2TgGLM3wgLRR
XTSw7brQSxAKVv+7jKacVV09EspGTbHFBC88yV7M9Dvs3EvXBelgDVQdQLftGSik
SeHVpTQ3gAuw+GgMw+ulwtIqzRhMiSsjuXnJ8HPTb46gOgfXvWHa2ayRklIQCgym
Mdmr++agEE0qdNQuLzpy16WIu9D3nYH/wDy6a+c99rO0Tv45o4AB/rWZOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJlqsQ4v6bzfWfUdHTV34l76BovWMB8GA1UdIwQY
MBaAFEB8cINGDhpMcsS8QnYxPTqFlEqHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUh4d2cwWU9Ha3h5eEx4Q2RqRTlPb1dVU29jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi84YTc1NjktZWQ3NC00YTkyLTg2Mjct
OTg1ZWQxNWM5YWViLzEvUUh4d2cwWU9Ha3h5eEx4Q2RqRTlPb1dVU29jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi84YTc1NjktZWQ3NC00YTkyLTg2MjctOTg1ZWQxNWM5YWVi
LzEvUUh4d2cwWU9Ha3h5eEx4Q2RqRTlPb1dVU29jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhGTaNout
9ZdcDULBruCrT76HrDfuVVgscxQ7nJ99iv278k4LDejb06U9Ia8p4OaeJ+3XyDGm
3Zpl8MD2BlYIQeLv83EI/80KSKGDL7QD/qtuep7TFTUQ6PPn0rvYmx8kWmsrM+jJ
RaYitlT9i2r8l5a/mqyB47WCwZoN/3hzx5fEUMhIZBr96XoF0H0FHFZX1P/5XuNU
nYfJUppQUeoQtj2X5KQAPJwc84VZ/IbVmPDM7NJKrom6a243WaO+nByP9K058lcW
PjVOKy/TGJRg7kLPA3Cc07U1+4PMrORcMWPIxZto1nBQC7JCcD1hqK1pMMZ2sFul
PKOap6GkfNUwvg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:43:40 2026 by rpki-client