Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.mft
File: QpeJWSkM6bssG1thREOEQVta-tY.mft (raw, json)
Hash identifier: 50ymsc8tSyNJbapVWU1Wpz9bYsdjfQJ0Q4M35+Xz/us=
Subject key identifier: A2:D0:11:EF:B0:55:35:00:A4:6E:C7:C1:8A:7D:4E:7A:AF:A9:09:A6
Authority key identifier: 42:97:89:59:29:0C:E9:BB:2C:1B:5B:61:44:43:84:41:5B:5A:FA:D6
Certificate issuer: /CN=42978959290ce9bb2c1b5b61444384415b5afad6
Certificate serial: 019C262A947972FDCEB26856ED260E3EF075
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QpeJWSkM6bssG1thREOEQVta-tY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.mft
Manifest number: 17FD
Signing time: Wed 04 Feb 2026 01:00:50 +0000
Manifest this update: Wed 04 Feb 2026 01:00:50 +0000
Manifest next update: Thu 05 Feb 2026 01:00:50 +0000
Files and hashes: 1: QpeJWSkM6bssG1thREOEQVta-tY.crl (hash: v7ZYaT4M2lzWFmtVw1aJlaygzKqSAlfL62V83vdOAkI=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:26:2a:94:79:72:fd:ce:b2:68:56:ed:26:0e:3e:f0:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42978959290ce9bb2c1b5b61444384415b5afad6
Validity
Not Before: Feb 4 01:00:50 2026 GMT
Not After : Feb 5 01:00:50 2026 GMT
Subject: CN=a2d011efb0553500a46ec7c18a7d4e7aafa909a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:0b:5f:d5:de:90:f0:2c:09:bd:2c:e3:c4:8b:
82:99:40:20:df:ff:b6:52:c2:6f:06:36:ee:d6:e9:
da:96:78:5c:73:89:35:d1:ee:e8:7c:54:f0:04:fe:
2c:75:2e:0b:f5:f2:8b:59:57:e7:5c:9c:1b:e0:3c:
a4:29:05:c4:bd:0b:48:98:19:c6:e6:81:58:fc:2a:
46:4e:4f:97:a5:c0:b7:4a:db:31:e5:1f:1f:f1:f5:
33:ce:a4:c5:9b:0f:95:a8:9b:45:95:91:07:3c:ee:
cb:7f:1e:20:39:9a:a4:7a:66:fc:31:51:1d:78:1b:
df:44:ab:6e:eb:13:fa:5c:1f:63:f9:45:49:ad:fa:
7e:64:b0:3c:5f:5f:1d:73:ae:eb:81:8e:96:1e:38:
b9:5c:dc:3b:fd:cc:60:2a:dc:dc:81:02:0c:af:5e:
00:58:7c:4b:53:09:7b:6a:0b:b0:da:0d:5d:c3:17:
dd:c2:a0:01:7d:7c:7d:71:b2:07:6a:21:d9:e3:23:
51:24:66:93:7a:a2:b6:d5:fd:d1:a9:e6:38:d8:d7:
86:bf:9a:17:b8:27:ad:f8:b8:eb:e8:7e:b9:56:aa:
50:0d:e6:b1:8f:98:b1:a9:e0:dc:91:5c:2d:ca:59:
78:1c:14:27:4a:d2:49:f9:c8:e6:d7:f1:d3:65:3e:
bb:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:D0:11:EF:B0:55:35:00:A4:6E:C7:C1:8A:7D:4E:7A:AF:A9:09:A6
X509v3 Authority Key Identifier:
keyid:42:97:89:59:29:0C:E9:BB:2C:1B:5B:61:44:43:84:41:5B:5A:FA:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpeJWSkM6bssG1thREOEQVta-tY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
36:b7:19:a7:12:81:13:41:9b:1c:3c:2a:65:1f:a2:1b:60:4f:
3f:70:15:62:e6:04:81:73:7f:50:1d:39:f4:fb:74:d9:52:b9:
45:eb:60:19:00:9c:15:18:95:04:11:37:e7:cd:e1:e9:f5:f3:
a8:b1:ca:ce:fe:4b:43:d4:f8:91:4c:f1:9e:0c:7b:24:f2:f9:
d9:d4:18:35:20:97:0d:b1:99:b8:20:6a:f9:c1:95:ae:a5:01:
92:cf:f0:d7:46:91:0f:0d:05:d5:53:25:47:3b:f0:07:18:72:
75:6a:c7:2d:8c:78:73:b5:2c:bf:b7:2d:b1:c4:34:89:3c:46:
0f:25:29:e0:8d:f3:44:f8:ec:29:ba:9a:32:dc:cb:44:bc:04:
c4:64:57:b2:a9:da:b4:07:04:6c:2c:0c:e3:06:ec:a8:d9:2d:
1f:fa:5f:f4:bf:a7:e8:0a:16:b7:c5:90:64:86:8f:18:2c:8b:
98:a9:de:92:3d:43:b3:8c:c6:4b:14:16:83:05:cb:74:01:13:
2b:2c:50:8f:d8:c0:8c:61:ac:82:d2:fe:86:17:90:cc:cb:43:
9c:47:5c:7d:84:e5:90:94:9e:2e:2a:fb:9f:13:67:63:9d:eb:
41:09:47:04:6a:a5:14:6e:21:0f:64:ed:4e:5d:61:e9:b8:02:
55:b1:96:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZwmKpR5cv3OsmhW7SYOPvB1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTc4OTU5MjkwY2U5YmIyYzFiNWI2MTQ0NDM4NDQxNWI1
YWZhZDYwHhcNMjYwMjA0MDEwMDUwWhcNMjYwMjA1MDEwMDUwWjAzMTEwLwYDVQQD
EyhhMmQwMTFlZmIwNTUzNTAwYTQ2ZWM3YzE4YTdkNGU3YWFmYTkwOWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Atf1d6Q8CwJvSzjxIuCmUAg3/+2
UsJvBjbu1unalnhcc4k10e7ofFTwBP4sdS4L9fKLWVfnXJwb4DykKQXEvQtImBnG
5oFY/CpGTk+XpcC3Stsx5R8f8fUzzqTFmw+VqJtFlZEHPO7Lfx4gOZqkemb8MVEd
eBvfRKtu6xP6XB9j+UVJrfp+ZLA8X18dc67rgY6WHji5XNw7/cxgKtzcgQIMr14A
WHxLUwl7aguw2g1dwxfdwqABfXx9cbIHaiHZ4yNRJGaTeqK21f3RqeY42NeGv5oX
uCet+Ljr6H65VqpQDeaxj5ixqeDckVwtyll4HBQnStJJ+cjm1/HTZT67RQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKLQEe+wVTUApG7HwYp9TnqvqQmmMB8GA1UdIwQY
MBaAFEKXiVkpDOm7LBtbYURDhEFbWvrWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBlSldTa002YnNzRzF0aFJFT0VRVnRhLXRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9hYzBiMGEtMmU4My00NjlkLWI4OWIt
MzI2ODA4ZWNjY2NjLzEvUXBlSldTa002YnNzRzF0aFJFT0VRVnRhLXRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9hYzBiMGEtMmU4My00NjlkLWI4OWItMzI2ODA4ZWNjY2Nj
LzEvUXBlSldTa002YnNzRzF0aFJFT0VRVnRhLXRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANrcZpxKB
E0GbHDwqZR+iG2BPP3AVYuYEgXN/UB059Pt02VK5RetgGQCcFRiVBBE3583h6fXz
qLHKzv5LQ9T4kUzxngx7JPL52dQYNSCXDbGZuCBq+cGVrqUBks/w10aRDw0F1VMl
RzvwBxhydWrHLYx4c7Usv7ctscQ0iTxGDyUp4I3zRPjsKbqaMtzLRLwExGRXsqna
tAcEbCwM4wbsqNktH/pf9L+n6AoWt8WQZIaPGCyLmKnekj1Ds4zGSxQWgwXLdAET
KyxQj9jAjGGsgtL+hheQzMtDnEdcfYTlkJSeLir7nxNnY53rQQlHBGqlFG4hD2Tt
Tl1h6bgCVbGWbw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:08:48 2026 by rpki-client