Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/157f1e-7cf8-4d98-a924-97c332f7239d/1/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.mft
File: rqhNfmS6PoW1cDbHMY-TzD2U0Yc.mft (raw, json)
Hash identifier: tuWXtmmZED0tmf7YyAE44qsKyF/lwc0RC9hsLCNbHlg=
Subject key identifier: F9:56:CE:69:E1:04:AE:0B:3B:DA:18:B6:C3:B0:E9:57:2D:6A:4C:CD
Authority key identifier: AE:A8:4D:7E:64:BA:3E:85:B5:70:36:C7:31:8F:93:CC:3D:94:D1:87
Certificate issuer: /CN=aea84d7e64ba3e85b57036c7318f93cc3d94d187
Certificate serial: 019CAD90C54790FC8CF160007D372A1D60CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/157f1e-7cf8-4d98-a924-97c332f7239d/1/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.mft
Manifest number: 1242
Signing time: Mon 02 Mar 2026 08:01:11 +0000
Manifest this update: Mon 02 Mar 2026 08:01:11 +0000
Manifest next update: Tue 03 Mar 2026 08:01:11 +0000
Files and hashes: 1: O1uFtg6wuLhrdqUneGoI-viUEDA.roa (hash: 4WLi2bkwD7hhzZv3R/usE+9JZdJI8FhP2vDUzbQmMeM=)
2: rqhNfmS6PoW1cDbHMY-TzD2U0Yc.crl (hash: MJEbw3O/f+fYWJcAO8AK6idEj3DFrsn5fY8cWG5zdkM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/157f1e-7cf8-4d98-a924-97c332f7239d/1/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/157f1e-7cf8-4d98-a924-97c332f7239d/1/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.mft
rsync://rpki.ripe.net/repository/DEFAULT/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:90:c5:47:90:fc:8c:f1:60:00:7d:37:2a:1d:60:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aea84d7e64ba3e85b57036c7318f93cc3d94d187
Validity
Not Before: Mar 2 08:01:11 2026 GMT
Not After : Mar 3 08:01:11 2026 GMT
Subject: CN=f956ce69e104ae0b3bda18b6c3b0e9572d6a4ccd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ad:ba:d5:77:a5:54:cc:57:a4:72:cc:03:39:
0e:5b:3f:11:f3:72:41:07:5e:92:0c:43:e1:83:d8:
a3:53:32:20:a9:08:ec:fe:6f:41:78:c7:31:0d:97:
97:5d:f5:5f:30:c5:89:d8:0f:3e:a5:55:f2:b7:db:
93:90:af:dc:32:ad:93:73:d1:68:cd:bc:fe:76:fb:
26:f9:65:b9:75:fd:12:5f:8c:22:a0:b1:87:32:ce:
47:4d:1f:56:4c:fc:3c:a7:57:13:ce:41:3c:1d:68:
10:21:f4:04:d6:27:70:56:f7:aa:e1:d4:5e:ef:5d:
2d:7a:4a:b8:95:04:30:98:ee:86:a6:31:80:37:77:
ea:83:54:7d:b7:e5:5a:aa:d1:2d:79:2b:ac:6a:b4:
96:73:d0:88:29:63:98:22:ea:7b:76:21:7c:7a:ba:
ba:e2:da:6a:e7:ce:58:ff:f2:31:59:b7:46:5e:8a:
d6:6d:46:43:57:56:d4:32:d5:44:11:d7:44:d6:8c:
c8:ce:ce:60:9b:6e:69:3e:38:44:c7:d3:31:22:8b:
2f:c4:ef:96:79:21:5a:ad:5b:85:4c:28:4a:f7:ed:
ae:15:88:c5:e0:96:18:e1:28:ae:8e:30:87:2d:15:
b3:c2:bf:8b:48:aa:66:96:3a:43:0d:b2:f8:ae:a2:
aa:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:56:CE:69:E1:04:AE:0B:3B:DA:18:B6:C3:B0:E9:57:2D:6A:4C:CD
X509v3 Authority Key Identifier:
keyid:AE:A8:4D:7E:64:BA:3E:85:B5:70:36:C7:31:8F:93:CC:3D:94:D1:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/157f1e-7cf8-4d98-a924-97c332f7239d/1/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/157f1e-7cf8-4d98-a924-97c332f7239d/1/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7f:99:05:f5:f0:1a:e2:7a:ce:f2:c5:f4:c3:33:d4:9e:d7:61:
52:5f:a6:ab:99:35:8a:a4:92:c1:a7:34:e4:28:d5:1a:69:46:
35:3d:12:c0:33:fd:3c:d6:e6:e2:b2:c4:1f:5e:18:3a:6e:7d:
93:69:a0:48:6d:59:af:52:46:2f:00:2c:2e:40:b3:58:4e:3b:
5c:dd:33:64:4b:8a:bd:ed:c4:e6:61:8b:dd:ea:4a:a4:88:a7:
57:b7:fa:b1:4c:82:82:c5:62:c3:0c:ad:6c:65:b8:fa:48:82:
3f:42:e7:7e:18:94:9c:f5:90:9d:97:74:8f:86:a3:d1:ac:81:
df:3e:4f:c1:46:05:44:7e:31:0c:40:1a:a3:07:17:0c:ff:7a:
7c:d2:7a:c2:78:d8:98:eb:e8:96:75:be:b5:63:f8:ff:75:3d:
e1:00:29:e3:2f:0d:eb:74:1b:7b:dc:59:f3:c0:bb:4f:64:46:
6a:9a:1b:da:9e:9f:38:43:32:a1:88:b9:86:30:5c:45:33:4c:
37:21:8f:1f:2e:65:32:69:f7:65:e0:21:ab:13:f5:ff:24:82:
5e:1d:20:ee:62:18:81:60:8b:9e:25:1a:ba:6d:fa:4b:30:35:
9f:77:8a:83:e9:74:54:05:9f:2f:45:30:51:90:5e:7c:a9:79:
f2:db:1e:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytkMVHkPyM8WAAfTcqHWDOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYTg0ZDdlNjRiYTNlODViNTcwMzZjNzMxOGY5M2NjM2Q5
NGQxODcwHhcNMjYwMzAyMDgwMTExWhcNMjYwMzAzMDgwMTExWjAzMTEwLwYDVQQD
EyhmOTU2Y2U2OWUxMDRhZTBiM2JkYTE4YjZjM2IwZTk1NzJkNmE0Y2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6261XelVMxXpHLMAzkOWz8R83JB
B16SDEPhg9ijUzIgqQjs/m9BeMcxDZeXXfVfMMWJ2A8+pVXyt9uTkK/cMq2Tc9Fo
zbz+dvsm+WW5df0SX4wioLGHMs5HTR9WTPw8p1cTzkE8HWgQIfQE1idwVveq4dRe
710tekq4lQQwmO6GpjGAN3fqg1R9t+VaqtEteSusarSWc9CIKWOYIup7diF8erq6
4tpq585Y//IxWbdGXorWbUZDV1bUMtVEEddE1ozIzs5gm25pPjhEx9MxIosvxO+W
eSFarVuFTChK9+2uFYjF4JYY4SiujjCHLRWzwr+LSKpmljpDDbL4rqKqEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPlWzmnhBK4LO9oYtsOw6VctakzNMB8GA1UdIwQY
MBaAFK6oTX5kuj6FtXA2xzGPk8w9lNGHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnFoTmZtUzZQb1cxY0RiSE1ZLVR6RDJVMFljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xNTdmMWUtN2NmOC00ZDk4LWE5MjQt
OTdjMzMyZjcyMzlkLzEvcnFoTmZtUzZQb1cxY0RiSE1ZLVR6RDJVMFljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xNTdmMWUtN2NmOC00ZDk4LWE5MjQtOTdjMzMyZjcyMzlk
LzEvcnFoTmZtUzZQb1cxY0RiSE1ZLVR6RDJVMFljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf5kF9fAa
4nrO8sX0wzPUntdhUl+mq5k1iqSSwac05CjVGmlGNT0SwDP9PNbm4rLEH14YOm59
k2mgSG1Zr1JGLwAsLkCzWE47XN0zZEuKve3E5mGL3epKpIinV7f6sUyCgsViwwyt
bGW4+kiCP0LnfhiUnPWQnZd0j4aj0ayB3z5PwUYFRH4xDEAaowcXDP96fNJ6wnjY
mOvolnW+tWP4/3U94QAp4y8N63Qbe9xZ88C7T2RGapob2p6fOEMyoYi5hjBcRTNM
NyGPHy5lMmn3ZeAhqxP1/ySCXh0g7mIYgWCLniUaum36SzA1n3eKg+l0VAWfL0Uw
UZBefKl58tsejA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:55:18 2026 by rpki-client