Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/654b89-37c1-4061-90b3-6b95500da23b/1/QxfdFbYr3XESWZuBQjNg7uegEpY.mft
File: QxfdFbYr3XESWZuBQjNg7uegEpY.mft (raw, json)
Hash identifier: tyLc0w6T3rEHabU9Y2UEblvTli1eIYvbeVgJwyqSkk8=
Subject key identifier: EA:E7:33:C6:8B:15:05:22:E1:CA:0B:38:D9:61:9B:3C:48:C3:7C:70
Authority key identifier: 43:17:DD:15:B6:2B:DD:71:12:59:9B:81:42:33:60:EE:E7:A0:12:96
Certificate issuer: /CN=4317dd15b62bdd7112599b81423360eee7a01296
Certificate serial: 019CAC0FCF3B7EAEEEB4BEA7765837E7F6F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QxfdFbYr3XESWZuBQjNg7uegEpY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/654b89-37c1-4061-90b3-6b95500da23b/1/QxfdFbYr3XESWZuBQjNg7uegEpY.mft
Manifest number: 09AC
Signing time: Mon 02 Mar 2026 01:00:43 +0000
Manifest this update: Mon 02 Mar 2026 01:00:43 +0000
Manifest next update: Tue 03 Mar 2026 01:00:43 +0000
Files and hashes: 1: QxfdFbYr3XESWZuBQjNg7uegEpY.crl (hash: PusigvdpE/PG/H38o+rFItibGdsAKwBpQwIPpy7s9Ps=)
2: aPWLJM6IziuoIQ-9dg15aPOtRRI.roa (hash: nW9Lbvb0zK8UkUgMG6xc5L/WUYzGO8kQcti52apyWJQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/654b89-37c1-4061-90b3-6b95500da23b/1/QxfdFbYr3XESWZuBQjNg7uegEpY.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/654b89-37c1-4061-90b3-6b95500da23b/1/QxfdFbYr3XESWZuBQjNg7uegEpY.mft
rsync://rpki.ripe.net/repository/DEFAULT/QxfdFbYr3XESWZuBQjNg7uegEpY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:0f:cf:3b:7e:ae:ee:b4:be:a7:76:58:37:e7:f6:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4317dd15b62bdd7112599b81423360eee7a01296
Validity
Not Before: Mar 2 01:00:43 2026 GMT
Not After : Mar 3 01:00:43 2026 GMT
Subject: CN=eae733c68b150522e1ca0b38d9619b3c48c37c70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:30:02:d0:9a:b5:30:ea:65:67:d6:2a:c1:43:
d4:43:1a:bb:6c:ad:c2:5e:15:bc:24:bb:f3:37:9d:
cc:81:8a:7c:fe:7b:5b:2c:d9:aa:be:15:6e:e6:12:
34:78:27:0e:96:22:ad:84:af:a2:1d:15:80:73:93:
b2:36:c6:a8:6c:4a:2b:47:3e:71:87:17:35:d9:78:
f6:2a:ec:08:78:5b:58:f7:27:f8:85:97:ca:ca:02:
28:29:34:6d:d6:3b:0a:d5:f0:ca:f2:87:8d:d7:42:
ea:11:b0:e2:8a:ec:52:d0:5a:b4:58:f4:f8:3b:9e:
3d:f7:d7:cf:df:f5:4b:84:27:bc:3b:29:97:6b:49:
c0:30:af:6c:80:43:0e:8f:e1:9e:a8:ff:55:1b:28:
53:64:36:af:dc:61:97:29:26:ab:1c:11:d1:cc:c1:
8d:e2:97:ec:5d:eb:6c:e8:f7:b5:e2:9b:44:44:aa:
18:a1:1c:be:8f:62:2e:cc:12:c3:9e:a7:eb:79:ed:
93:02:12:b0:4b:56:35:61:36:47:b1:4e:cf:43:be:
cc:cb:2e:89:ee:d9:bf:2d:02:0e:eb:e3:51:9a:b1:
c6:63:b2:f9:11:7e:a6:8c:9b:24:4c:18:68:86:8a:
bc:30:59:46:8c:77:14:ff:9d:96:e8:d4:91:91:6e:
11:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:E7:33:C6:8B:15:05:22:E1:CA:0B:38:D9:61:9B:3C:48:C3:7C:70
X509v3 Authority Key Identifier:
keyid:43:17:DD:15:B6:2B:DD:71:12:59:9B:81:42:33:60:EE:E7:A0:12:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QxfdFbYr3XESWZuBQjNg7uegEpY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/654b89-37c1-4061-90b3-6b95500da23b/1/QxfdFbYr3XESWZuBQjNg7uegEpY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/654b89-37c1-4061-90b3-6b95500da23b/1/QxfdFbYr3XESWZuBQjNg7uegEpY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
cc:0d:0b:f0:57:5b:ea:b7:d0:27:23:05:eb:5e:a9:42:0d:1f:
f4:40:6a:2f:4a:23:8b:20:b6:da:b5:f4:ad:b4:b8:88:15:40:
e1:2d:1b:38:10:33:e4:a5:c1:35:04:f2:e8:91:b8:26:dc:36:
c1:cb:b6:2e:df:e0:97:52:f3:1a:bc:3f:b5:b3:15:70:d7:37:
f1:10:b2:50:e6:d1:74:61:e8:e5:9e:a1:a5:8e:2e:eb:63:96:
68:e8:21:2e:72:3b:cc:92:63:b2:b4:87:95:1b:0f:1b:87:6b:
ea:a1:a9:e3:3d:ea:78:b9:f2:58:36:f5:c0:38:be:a9:cf:85:
54:46:b0:f5:03:84:ae:b8:91:3b:b5:d9:a4:5a:46:73:da:f2:
dd:94:a0:67:98:f1:6a:23:98:0c:cd:89:68:d4:c1:9a:b4:db:
50:4e:b5:2b:88:2c:74:89:3f:18:10:cc:f9:e7:0b:80:c3:36:
f3:50:32:46:e5:16:86:6c:9c:06:ec:dc:02:e4:74:df:bb:a0:
4a:c5:7b:2a:24:78:4f:cd:fa:eb:6e:91:6d:66:eb:42:8b:f9:
4e:66:4a:a7:27:26:e2:4b:e4:f3:f9:84:5d:7a:24:f0:8a:d8:
05:96:a8:3d:e2:20:f0:0a:ef:e8:97:db:8c:40:48:7a:35:09:
ce:ce:dd:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysD887fq7utL6ndlg35/b3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMTdkZDE1YjYyYmRkNzExMjU5OWI4MTQyMzM2MGVlZTdh
MDEyOTYwHhcNMjYwMzAyMDEwMDQzWhcNMjYwMzAzMDEwMDQzWjAzMTEwLwYDVQQD
EyhlYWU3MzNjNjhiMTUwNTIyZTFjYTBiMzhkOTYxOWIzYzQ4YzM3YzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjAC0Jq1MOplZ9YqwUPUQxq7bK3C
XhW8JLvzN53MgYp8/ntbLNmqvhVu5hI0eCcOliKthK+iHRWAc5OyNsaobEorRz5x
hxc12Xj2KuwIeFtY9yf4hZfKygIoKTRt1jsK1fDK8oeN10LqEbDiiuxS0Fq0WPT4
O54999fP3/VLhCe8OymXa0nAMK9sgEMOj+GeqP9VGyhTZDav3GGXKSarHBHRzMGN
4pfsXets6Pe14ptERKoYoRy+j2IuzBLDnqfree2TAhKwS1Y1YTZHsU7PQ77Myy6J
7tm/LQIO6+NRmrHGY7L5EX6mjJskTBhohoq8MFlGjHcU/52W6NSRkW4RuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOrnM8aLFQUi4coLONlhmzxIw3xwMB8GA1UdIwQY
MBaAFEMX3RW2K91xElmbgUIzYO7noBKWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXhmZEZiWXIzWEVTV1p1QlFqTmc3dWVnRXBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi82NTRiODktMzdjMS00MDYxLTkwYjMt
NmI5NTUwMGRhMjNiLzEvUXhmZEZiWXIzWEVTV1p1QlFqTmc3dWVnRXBZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi82NTRiODktMzdjMS00MDYxLTkwYjMtNmI5NTUwMGRhMjNi
LzEvUXhmZEZiWXIzWEVTV1p1QlFqTmc3dWVnRXBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzA0L8Fdb
6rfQJyMF616pQg0f9EBqL0ojiyC22rX0rbS4iBVA4S0bOBAz5KXBNQTy6JG4Jtw2
wcu2Lt/gl1LzGrw/tbMVcNc38RCyUObRdGHo5Z6hpY4u62OWaOghLnI7zJJjsrSH
lRsPG4dr6qGp4z3qeLnyWDb1wDi+qc+FVEaw9QOErriRO7XZpFpGc9ry3ZSgZ5jx
aiOYDM2JaNTBmrTbUE61K4gsdIk/GBDM+ecLgMM281AyRuUWhmycBuzcAuR037ug
SsV7KiR4T836626RbWbrQov5TmZKpycm4kvk8/mEXXok8IrYBZaoPeIg8Arv6Jfb
jEBIejUJzs7dYg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:13:39 2026 by rpki-client