Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/04019c-ad17-428d-b3a2-1be13ba8d456/1/qmWvaX3x9s2vTLvWbePUO-2GnpA.mft
File: qmWvaX3x9s2vTLvWbePUO-2GnpA.mft (raw, json)
Hash identifier: L+SS12sPn07IYfvt1JzzvNF2QI/hsJg4loMPTs8IxX0=
Subject key identifier: 89:13:E9:62:C4:77:A5:13:0F:9E:A3:71:45:B5:81:B2:2F:CB:11:73
Authority key identifier: AA:65:AF:69:7D:F1:F6:CD:AF:4C:BB:D6:6D:E3:D4:3B:ED:86:9E:90
Certificate issuer: /CN=aa65af697df1f6cdaf4cbbd66de3d43bed869e90
Certificate serial: 019CAD903C4CB3935AE9635A91400F2C0B05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qmWvaX3x9s2vTLvWbePUO-2GnpA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/04019c-ad17-428d-b3a2-1be13ba8d456/1/qmWvaX3x9s2vTLvWbePUO-2GnpA.mft
Manifest number: 0E64
Signing time: Mon 02 Mar 2026 08:00:36 +0000
Manifest this update: Mon 02 Mar 2026 08:00:36 +0000
Manifest next update: Tue 03 Mar 2026 08:00:36 +0000
Files and hashes: 1: PGUUZM8u8YWCrmYPpZ5UGlkMe7E.roa (hash: vabTxUmDYcjlCjqakgT+rEZSHxdr7LOmZlkCx88W/fM=)
2: qmWvaX3x9s2vTLvWbePUO-2GnpA.crl (hash: 51ZgIshgv7zcqezO7ElQnMoSMOVgW2LtO5XMZFDNHQs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/04019c-ad17-428d-b3a2-1be13ba8d456/1/qmWvaX3x9s2vTLvWbePUO-2GnpA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/04019c-ad17-428d-b3a2-1be13ba8d456/1/qmWvaX3x9s2vTLvWbePUO-2GnpA.mft
rsync://rpki.ripe.net/repository/DEFAULT/qmWvaX3x9s2vTLvWbePUO-2GnpA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 08:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:90:3c:4c:b3:93:5a:e9:63:5a:91:40:0f:2c:0b:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa65af697df1f6cdaf4cbbd66de3d43bed869e90
Validity
Not Before: Mar 2 08:00:36 2026 GMT
Not After : Mar 3 08:00:36 2026 GMT
Subject: CN=8913e962c477a5130f9ea37145b581b22fcb1173
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:86:0d:c7:ef:cd:af:96:12:8b:df:17:b2:8b:
23:b7:a4:9e:11:68:4e:05:bf:7c:25:30:79:b2:c2:
bc:76:0b:16:16:bb:61:2a:0e:38:c0:28:33:6f:69:
26:96:38:fb:12:d4:2b:99:d8:4b:ff:a4:73:2e:ea:
49:9e:09:6e:d7:b1:86:cb:84:e8:32:fa:d3:47:e2:
5d:66:0c:f0:44:c7:e8:71:63:f0:3f:51:db:f0:ce:
a9:82:35:62:f2:2a:3c:6e:63:26:c7:5d:54:0e:2e:
21:2c:7d:3d:ce:e4:89:60:50:6f:42:78:df:f1:63:
f1:43:a3:d8:9b:29:e0:f8:e7:56:c0:a0:d4:07:24:
03:99:1a:f3:fe:d7:fe:dc:95:26:cd:1d:a4:d1:aa:
9f:4b:ea:9c:c5:61:b6:a7:9c:b1:47:da:73:80:81:
6b:29:dd:7a:b0:45:fa:8a:1f:e2:2a:32:be:fb:7f:
c9:65:6a:e3:4a:66:6c:57:60:4b:d2:f9:f3:f3:b4:
06:50:c6:24:dc:c1:89:e2:59:23:94:ad:71:22:19:
55:1f:53:4e:6a:28:22:21:b8:a1:4b:a9:3e:d6:35:
19:12:a9:08:04:49:e2:ff:77:ba:43:aa:7a:49:49:
b8:79:8b:7b:5c:64:14:1d:9f:bc:8b:e9:81:1e:98:
90:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:13:E9:62:C4:77:A5:13:0F:9E:A3:71:45:B5:81:B2:2F:CB:11:73
X509v3 Authority Key Identifier:
keyid:AA:65:AF:69:7D:F1:F6:CD:AF:4C:BB:D6:6D:E3:D4:3B:ED:86:9E:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qmWvaX3x9s2vTLvWbePUO-2GnpA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/04019c-ad17-428d-b3a2-1be13ba8d456/1/qmWvaX3x9s2vTLvWbePUO-2GnpA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/04019c-ad17-428d-b3a2-1be13ba8d456/1/qmWvaX3x9s2vTLvWbePUO-2GnpA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7a:44:24:44:a0:db:d1:06:ec:1f:f0:cf:47:85:68:69:63:e0:
0d:3c:97:22:42:76:c7:af:64:12:6b:b8:6a:49:de:05:d4:d8:
5b:37:00:e4:7c:3c:46:36:95:f6:b1:c2:11:15:ba:a3:a7:ff:
aa:eb:50:48:ca:c6:f8:35:87:4d:ce:b4:d6:e9:f4:63:c6:f0:
2a:ec:ca:9a:4e:62:dd:62:44:1e:52:fb:eb:1f:65:3a:60:06:
cc:ef:aa:2c:cd:4d:1a:c1:15:6b:4c:85:ae:d1:1d:83:25:21:
d0:42:46:99:ec:ff:e7:14:ae:b8:ee:9c:2f:5b:80:59:8c:1b:
b7:f3:46:96:94:92:31:8a:94:13:f5:be:34:7e:6e:cf:21:ea:
27:5b:bc:7c:9b:fd:44:b5:78:68:76:0f:26:62:df:9b:41:72:
ad:9f:d4:7c:12:b5:fa:dc:b6:83:e4:88:9f:84:9f:29:1c:c5:
84:37:01:0b:d7:64:8b:9f:8a:ff:93:64:fc:06:4f:70:55:e7:
bf:ea:23:d6:45:96:25:bf:05:68:0a:cf:9f:47:25:3a:db:e7:
d5:88:db:a8:b3:e2:3e:23:81:75:ae:bf:73:3c:17:b9:b0:c2:
c4:84:77:1c:d4:37:49:81:a1:f1:aa:2c:69:78:e1:47:da:1a:
92:b9:5a:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytkDxMs5Na6WNakUAPLAsFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNjVhZjY5N2RmMWY2Y2RhZjRjYmJkNjZkZTNkNDNiZWQ4
NjllOTAwHhcNMjYwMzAyMDgwMDM2WhcNMjYwMzAzMDgwMDM2WjAzMTEwLwYDVQQD
Eyg4OTEzZTk2MmM0NzdhNTEzMGY5ZWEzNzE0NWI1ODFiMjJmY2IxMTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4YNx+/Nr5YSi98Xsosjt6SeEWhO
Bb98JTB5ssK8dgsWFrthKg44wCgzb2kmljj7EtQrmdhL/6RzLupJnglu17GGy4To
MvrTR+JdZgzwRMfocWPwP1Hb8M6pgjVi8io8bmMmx11UDi4hLH09zuSJYFBvQnjf
8WPxQ6PYmyng+OdWwKDUByQDmRrz/tf+3JUmzR2k0aqfS+qcxWG2p5yxR9pzgIFr
Kd16sEX6ih/iKjK++3/JZWrjSmZsV2BL0vnz87QGUMYk3MGJ4lkjlK1xIhlVH1NO
aigiIbihS6k+1jUZEqkIBEni/3e6Q6p6SUm4eYt7XGQUHZ+8i+mBHpiQlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIkT6WLEd6UTD56jcUW1gbIvyxFzMB8GA1UdIwQY
MBaAFKplr2l98fbNr0y71m3j1Dvthp6QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW1XdmFYM3g5czJ2VEx2V2JlUFVPLTJHbnBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8wNDAxOWMtYWQxNy00MjhkLWIzYTIt
MWJlMTNiYThkNDU2LzEvcW1XdmFYM3g5czJ2VEx2V2JlUFVPLTJHbnBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8wNDAxOWMtYWQxNy00MjhkLWIzYTItMWJlMTNiYThkNDU2
LzEvcW1XdmFYM3g5czJ2VEx2V2JlUFVPLTJHbnBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAekQkRKDb
0QbsH/DPR4VoaWPgDTyXIkJ2x69kEmu4akneBdTYWzcA5Hw8RjaV9rHCERW6o6f/
qutQSMrG+DWHTc601un0Y8bwKuzKmk5i3WJEHlL76x9lOmAGzO+qLM1NGsEVa0yF
rtEdgyUh0EJGmez/5xSuuO6cL1uAWYwbt/NGlpSSMYqUE/W+NH5uzyHqJ1u8fJv9
RLV4aHYPJmLfm0FyrZ/UfBK1+ty2g+SIn4SfKRzFhDcBC9dki5+K/5Nk/AZPcFXn
v+oj1kWWJb8FaArPn0clOtvn1YjbqLPiPiOBda6/czwXubDCxIR3HNQ3SYGh8aos
aXjhR9oakrlaXQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 18:06:39 2026 by rpki-client