Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ba12cd-2e7e-40dc-ae88-248b59c3696b/1/QsCVkBFifd0NBX1zHo-lpRApZZI.mft
File: QsCVkBFifd0NBX1zHo-lpRApZZI.mft (raw, json)
Hash identifier: Y92z81Hrc/FJdCTr0MpizZXRdiPpJzeOKaxDIWjehu8=
Subject key identifier: 22:8C:25:1E:D3:F5:C9:39:B3:36:3D:FD:A9:AD:BA:36:12:62:CC:50
Authority key identifier: 42:C0:95:90:11:62:7D:DD:0D:05:7D:73:1E:8F:A5:A5:10:29:65:92
Certificate issuer: /CN=42c0959011627ddd0d057d731e8fa5a510296592
Certificate serial: 019CAB6B20DE7B8C2FDEF2B7DEE7764E14B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QsCVkBFifd0NBX1zHo-lpRApZZI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ba12cd-2e7e-40dc-ae88-248b59c3696b/1/QsCVkBFifd0NBX1zHo-lpRApZZI.mft
Manifest number: 1847
Signing time: Sun 01 Mar 2026 22:00:50 +0000
Manifest this update: Sun 01 Mar 2026 22:00:50 +0000
Manifest next update: Mon 02 Mar 2026 22:00:50 +0000
Files and hashes: 1: QsCVkBFifd0NBX1zHo-lpRApZZI.crl (hash: hdhdb385mBKGpnkwqTWq0HVah7l8S73X4oQBrMpbMPI=)
2: RMmBnfd1TCGUmEC2O6JokpnQVQ8.roa (hash: wPMgtMcsG/KMNrN9/altEtQua2Hm0vaKQpeGiiY5B3Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/ba12cd-2e7e-40dc-ae88-248b59c3696b/1/QsCVkBFifd0NBX1zHo-lpRApZZI.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/ba12cd-2e7e-40dc-ae88-248b59c3696b/1/QsCVkBFifd0NBX1zHo-lpRApZZI.mft
rsync://rpki.ripe.net/repository/DEFAULT/QsCVkBFifd0NBX1zHo-lpRApZZI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 22:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:6b:20:de:7b:8c:2f:de:f2:b7:de:e7:76:4e:14:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42c0959011627ddd0d057d731e8fa5a510296592
Validity
Not Before: Mar 1 22:00:50 2026 GMT
Not After : Mar 2 22:00:50 2026 GMT
Subject: CN=228c251ed3f5c939b3363dfda9adba361262cc50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:49:96:42:ff:a5:0a:a4:e6:63:56:7a:bb:d4:
66:60:7f:36:3e:3b:39:6c:69:48:d8:cb:36:e2:65:
69:2a:a7:27:35:d3:b1:69:6e:b2:f4:41:26:43:63:
ea:04:72:2e:0f:6e:d3:63:30:9b:3a:6a:4f:fc:34:
16:52:6d:6f:96:c1:02:d1:61:f3:d2:e1:39:6b:1f:
cf:a4:dd:7b:d3:c7:45:bc:c6:a1:d3:8c:fb:d5:4d:
97:3c:0f:6e:af:ad:d3:4e:f6:cb:37:53:2a:df:7c:
d2:d8:42:39:1b:a2:62:5e:46:0b:0d:dd:c3:b4:78:
3b:67:d0:1c:9f:00:b2:42:ff:16:69:77:97:d2:6f:
7a:6c:c2:10:1a:48:15:7a:16:e7:05:c3:11:94:9b:
0e:fd:c3:89:63:61:f8:aa:07:64:fc:63:52:38:5c:
2a:2c:70:62:5b:e0:75:bf:76:d5:13:38:ab:49:ab:
39:28:52:94:fc:16:24:fb:ba:5e:e9:9f:bf:50:ec:
ae:14:91:02:2e:dd:b9:28:2b:97:d6:15:bf:05:15:
45:f3:d3:e8:f3:9c:d9:88:ec:27:51:cb:01:ba:54:
51:f9:6e:c1:1c:40:44:54:d0:4c:60:15:4c:9e:c7:
6d:3a:fe:1f:54:7e:29:df:b4:2e:cb:bf:ea:52:4e:
27:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:8C:25:1E:D3:F5:C9:39:B3:36:3D:FD:A9:AD:BA:36:12:62:CC:50
X509v3 Authority Key Identifier:
keyid:42:C0:95:90:11:62:7D:DD:0D:05:7D:73:1E:8F:A5:A5:10:29:65:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QsCVkBFifd0NBX1zHo-lpRApZZI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ba12cd-2e7e-40dc-ae88-248b59c3696b/1/QsCVkBFifd0NBX1zHo-lpRApZZI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ba12cd-2e7e-40dc-ae88-248b59c3696b/1/QsCVkBFifd0NBX1zHo-lpRApZZI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8f:45:34:27:aa:0b:93:fd:d4:b7:81:48:bb:df:df:a0:14:10:
f2:da:c1:3a:57:4f:69:bc:da:ca:e9:d3:27:2a:da:9c:48:57:
7c:a4:dd:3e:b6:08:30:e7:a0:67:58:6f:bc:8d:ad:56:c3:b6:
1b:cf:b8:32:3b:47:de:80:b6:d8:62:7d:88:db:55:10:c6:0a:
03:a4:21:dc:6b:47:8e:99:a1:d0:f6:92:fc:11:5f:50:95:c9:
54:98:57:91:5a:01:31:2d:7f:de:6e:88:97:a0:1f:b5:10:ee:
00:0a:a5:d3:23:44:10:09:a0:54:e4:a9:60:e7:d5:75:e7:5e:
20:f1:fe:ff:d5:91:a1:aa:28:0a:c9:1b:43:a5:20:7e:ec:75:
78:d9:58:88:34:fd:b9:b3:9e:19:a6:e3:05:94:80:46:4a:3a:
36:ce:55:b0:42:5e:17:ee:12:db:fa:61:6d:df:b3:25:be:06:
0b:20:45:5e:9a:4c:a9:2d:3a:3d:ec:c1:02:35:aa:d2:36:64:
1b:4e:f5:3d:d1:7e:d5:d4:1e:3c:f2:10:b0:1c:10:53:6e:fd:
3d:0f:b9:96:40:ea:ea:b1:7c:06:b7:85:42:82:66:96:09:5a:
e5:2e:e6:3d:42:9f:8a:e2:a0:f2:9a:8a:1f:d6:33:54:96:56:
38:ca:5b:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrayDee4wv3vK33ud2ThS0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyYzA5NTkwMTE2MjdkZGQwZDA1N2Q3MzFlOGZhNWE1MTAy
OTY1OTIwHhcNMjYwMzAxMjIwMDUwWhcNMjYwMzAyMjIwMDUwWjAzMTEwLwYDVQQD
EygyMjhjMjUxZWQzZjVjOTM5YjMzNjNkZmRhOWFkYmEzNjEyNjJjYzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz0mWQv+lCqTmY1Z6u9RmYH82Pjs5
bGlI2Ms24mVpKqcnNdOxaW6y9EEmQ2PqBHIuD27TYzCbOmpP/DQWUm1vlsEC0WHz
0uE5ax/PpN1708dFvMah04z71U2XPA9ur63TTvbLN1Mq33zS2EI5G6JiXkYLDd3D
tHg7Z9AcnwCyQv8WaXeX0m96bMIQGkgVehbnBcMRlJsO/cOJY2H4qgdk/GNSOFwq
LHBiW+B1v3bVEzirSas5KFKU/BYk+7pe6Z+/UOyuFJECLt25KCuX1hW/BRVF89Po
85zZiOwnUcsBulRR+W7BHEBEVNBMYBVMnsdtOv4fVH4p37Quy7/qUk4nhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCKMJR7T9ck5szY9/amtujYSYsxQMB8GA1UdIwQY
MBaAFELAlZARYn3dDQV9cx6PpaUQKWWSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXNDVmtCRmlmZDBOQlgxekhvLWxwUkFwWlpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9iYTEyY2QtMmU3ZS00MGRjLWFlODgt
MjQ4YjU5YzM2OTZiLzEvUXNDVmtCRmlmZDBOQlgxekhvLWxwUkFwWlpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9iYTEyY2QtMmU3ZS00MGRjLWFlODgtMjQ4YjU5YzM2OTZi
LzEvUXNDVmtCRmlmZDBOQlgxekhvLWxwUkFwWlpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj0U0J6oL
k/3Ut4FIu9/foBQQ8trBOldPabzayunTJyranEhXfKTdPrYIMOegZ1hvvI2tVsO2
G8+4MjtH3oC22GJ9iNtVEMYKA6Qh3GtHjpmh0PaS/BFfUJXJVJhXkVoBMS1/3m6I
l6AftRDuAAql0yNEEAmgVOSpYOfVdedeIPH+/9WRoaooCskbQ6Ugfux1eNlYiDT9
ubOeGabjBZSARko6Ns5VsEJeF+4S2/phbd+zJb4GCyBFXppMqS06PezBAjWq0jZk
G071PdF+1dQePPIQsBwQU279PQ+5lkDq6rF8BreFQoJmlgla5S7mPUKfiuKg8pqK
H9YzVJZWOMpbwg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 05:50:11 2026 by rpki-client