Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/52a97f-2ad6-4059-8646-0686160a7e68/1/Qw4JSd9ZMPa3nvy9nLoXTKIT9Wk.mft
File: Qw4JSd9ZMPa3nvy9nLoXTKIT9Wk.mft (raw, json)
Hash identifier: yCuNrMXHqwlZjPRutIdxGzBunZcvdYUPqx1I50Zv6/o=
Subject key identifier: 5D:90:FB:CE:C2:D7:53:81:CF:63:2E:49:13:AD:E5:F8:CB:83:9C:D7
Authority key identifier: 43:0E:09:49:DF:59:30:F6:B7:9E:FC:BD:9C:BA:17:4C:A2:13:F5:69
Certificate issuer: /CN=430e0949df5930f6b79efcbd9cba174ca213f569
Certificate serial: 019CAD59C9D00497A0E26DA5583DF939F087
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qw4JSd9ZMPa3nvy9nLoXTKIT9Wk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/52a97f-2ad6-4059-8646-0686160a7e68/1/Qw4JSd9ZMPa3nvy9nLoXTKIT9Wk.mft
Manifest number: 17DB
Signing time: Mon 02 Mar 2026 07:01:08 +0000
Manifest this update: Mon 02 Mar 2026 07:01:08 +0000
Manifest next update: Tue 03 Mar 2026 07:01:08 +0000
Files and hashes: 1: Qw4JSd9ZMPa3nvy9nLoXTKIT9Wk.crl (hash: 5f22mOjcyvt3dDN+z8LN4r7Se3uU+K4SFi+brDFMRi8=)
2: e3szWYnRwcnVrlDIwYxJ3pYMom4.roa (hash: BKtUpfmwzLTGUQniKBkvPeoFHhYGa5oaDqKuTCxUab8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/52a97f-2ad6-4059-8646-0686160a7e68/1/Qw4JSd9ZMPa3nvy9nLoXTKIT9Wk.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/52a97f-2ad6-4059-8646-0686160a7e68/1/Qw4JSd9ZMPa3nvy9nLoXTKIT9Wk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Qw4JSd9ZMPa3nvy9nLoXTKIT9Wk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:59:c9:d0:04:97:a0:e2:6d:a5:58:3d:f9:39:f0:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=430e0949df5930f6b79efcbd9cba174ca213f569
Validity
Not Before: Mar 2 07:01:08 2026 GMT
Not After : Mar 3 07:01:08 2026 GMT
Subject: CN=5d90fbcec2d75381cf632e4913ade5f8cb839cd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:3f:f9:cf:ea:fc:1d:3d:3b:dd:49:97:82:01:
94:98:07:8f:c4:4a:91:f7:09:f0:22:a6:43:22:a1:
63:29:f8:0d:64:2f:bd:8e:53:c2:ec:34:d7:ab:0b:
3c:d7:a3:52:9a:f8:64:5c:f1:32:84:5d:0d:89:03:
99:8a:bd:b0:0b:3e:0c:95:e0:c0:ba:38:d3:0c:c6:
14:03:a0:24:9c:84:a5:ed:9b:f5:27:47:32:5e:9c:
0f:e0:16:83:73:85:0d:f6:e3:89:5d:fb:cf:b6:c2:
f4:33:d4:00:dd:78:43:66:64:15:d2:6c:5c:ee:84:
c5:95:de:a2:e4:3f:b1:b2:ce:f2:04:03:e8:58:f1:
2f:87:e1:5a:d8:3b:fe:4b:5e:1b:30:5d:65:45:57:
b5:81:fa:b6:06:b6:56:9d:3c:63:db:ba:66:dc:8d:
cf:f1:68:1c:9e:7d:7c:40:9b:36:42:5b:12:18:47:
a6:27:f6:3a:04:7e:5b:37:02:ed:a7:cb:c2:d4:38:
e4:df:84:73:43:e9:bb:75:2a:4b:2d:d0:70:b1:12:
24:cc:e0:da:bf:9f:ae:e6:20:af:db:ac:0b:f9:c8:
af:2b:69:d9:d9:c0:26:c5:b8:a3:90:69:87:0a:b1:
5d:96:9f:48:49:ed:62:63:4a:84:ab:89:43:25:2d:
4b:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:90:FB:CE:C2:D7:53:81:CF:63:2E:49:13:AD:E5:F8:CB:83:9C:D7
X509v3 Authority Key Identifier:
keyid:43:0E:09:49:DF:59:30:F6:B7:9E:FC:BD:9C:BA:17:4C:A2:13:F5:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qw4JSd9ZMPa3nvy9nLoXTKIT9Wk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/52a97f-2ad6-4059-8646-0686160a7e68/1/Qw4JSd9ZMPa3nvy9nLoXTKIT9Wk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/52a97f-2ad6-4059-8646-0686160a7e68/1/Qw4JSd9ZMPa3nvy9nLoXTKIT9Wk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
87:d6:7c:db:f5:86:21:35:e0:25:0c:29:5b:fc:33:c4:ef:11:
31:aa:c2:09:ee:af:8b:18:07:aa:4e:07:30:98:2e:0e:61:64:
36:93:85:84:9f:e0:5a:f2:b2:f1:94:64:60:47:03:d4:ac:3a:
8b:ca:ab:1a:86:08:46:a6:70:35:02:47:fa:6c:5d:f1:cd:8e:
ae:04:68:a6:16:81:86:fc:5c:a9:00:b4:bb:6b:07:65:92:53:
f3:4d:ae:74:5c:18:22:b1:b3:81:74:ee:03:62:19:9e:8a:bd:
65:36:ae:60:af:ec:6b:3d:7a:9f:09:fb:c9:0f:20:96:02:80:
5c:dd:9e:0e:d4:b7:12:ec:5c:1c:3c:30:90:03:8c:8e:1e:49:
ce:f5:55:f0:fb:5e:e5:c4:87:3c:b5:4a:a2:3f:89:7d:73:f4:
48:1f:bf:a1:2b:1a:b7:f1:4f:27:a6:7e:d6:2b:1a:d0:75:0f:
8c:83:f5:c8:4c:2c:3b:3a:33:4e:b4:87:09:96:d7:4f:d1:9d:
c9:e6:74:e2:b1:36:b8:a8:0f:5d:c5:6a:19:bf:41:7e:18:e8:
6c:ba:b6:57:8c:f5:0a:da:7a:dd:ba:a2:5b:c6:1c:c6:e3:6e:
a1:76:af:6b:5b:ac:07:bd:89:2f:08:ca:e9:40:f9:63:22:c1:
e1:b2:4b:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWcnQBJeg4m2lWD35OfCHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMGUwOTQ5ZGY1OTMwZjZiNzllZmNiZDljYmExNzRjYTIx
M2Y1NjkwHhcNMjYwMzAyMDcwMTA4WhcNMjYwMzAzMDcwMTA4WjAzMTEwLwYDVQQD
Eyg1ZDkwZmJjZWMyZDc1MzgxY2Y2MzJlNDkxM2FkZTVmOGNiODM5Y2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArD/5z+r8HT073UmXggGUmAePxEqR
9wnwIqZDIqFjKfgNZC+9jlPC7DTXqws816NSmvhkXPEyhF0NiQOZir2wCz4MleDA
ujjTDMYUA6AknISl7Zv1J0cyXpwP4BaDc4UN9uOJXfvPtsL0M9QA3XhDZmQV0mxc
7oTFld6i5D+xss7yBAPoWPEvh+Fa2Dv+S14bMF1lRVe1gfq2BrZWnTxj27pm3I3P
8Wgcnn18QJs2QlsSGEemJ/Y6BH5bNwLtp8vC1Djk34RzQ+m7dSpLLdBwsRIkzODa
v5+u5iCv26wL+civK2nZ2cAmxbijkGmHCrFdlp9ISe1iY0qEq4lDJS1LPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF2Q+87C11OBz2MuSROt5fjLg5zXMB8GA1UdIwQY
MBaAFEMOCUnfWTD2t578vZy6F0yiE/VpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXc0SlNkOVpNUGEzbnZ5OW5Mb1hUS0lUOVdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC81MmE5N2YtMmFkNi00MDU5LTg2NDYt
MDY4NjE2MGE3ZTY4LzEvUXc0SlNkOVpNUGEzbnZ5OW5Mb1hUS0lUOVdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC81MmE5N2YtMmFkNi00MDU5LTg2NDYtMDY4NjE2MGE3ZTY4
LzEvUXc0SlNkOVpNUGEzbnZ5OW5Mb1hUS0lUOVdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh9Z82/WG
ITXgJQwpW/wzxO8RMarCCe6vixgHqk4HMJguDmFkNpOFhJ/gWvKy8ZRkYEcD1Kw6
i8qrGoYIRqZwNQJH+mxd8c2OrgRophaBhvxcqQC0u2sHZZJT802udFwYIrGzgXTu
A2IZnoq9ZTauYK/saz16nwn7yQ8glgKAXN2eDtS3EuxcHDwwkAOMjh5JzvVV8Pte
5cSHPLVKoj+JfXP0SB+/oSsat/FPJ6Z+1isa0HUPjIP1yEwsOzozTrSHCZbXT9Gd
yeZ04rE2uKgPXcVqGb9BfhjobLq2V4z1Ctp63bqiW8YcxuNuoXava1usB72JLwjK
6UD5YyLB4bJLYw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:05:31 2026 by rpki-client