Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.mft
File: QH0twQwC9ewk9pD59mBVVIZWLlk.mft (raw, json)
Hash identifier: NomfqetdUMi5bY42F0cy9C4CDKeH6J6koq6dqvGRAGs=
Subject key identifier: 3B:3B:C6:8D:9D:7D:6B:0B:AF:07:5D:F4:BF:D1:AB:D7:AC:D8:8B:29
Authority key identifier: 40:7D:2D:C1:0C:02:F5:EC:24:F6:90:F9:F6:60:55:54:86:56:2E:59
Certificate issuer: /CN=407d2dc10c02f5ec24f690f9f660555486562e59
Certificate serial: 019CABD9B9AA5A59F3431F155C7FBFDA2597
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QH0twQwC9ewk9pD59mBVVIZWLlk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.mft
Manifest number: 1545
Signing time: Mon 02 Mar 2026 00:01:38 +0000
Manifest this update: Mon 02 Mar 2026 00:01:38 +0000
Manifest next update: Tue 03 Mar 2026 00:01:38 +0000
Files and hashes: 1: FtvcAFkah5MC2Z1_PcfWmzKSll8.roa (hash: lAzH9ctEUVZ0nWk96qJfvTNhA1rNNyQ5u0vfPKjJ5TI=)
2: QH0twQwC9ewk9pD59mBVVIZWLlk.crl (hash: dRok0THjJDDC8lBqGzTEKDF7zFVYdJqz7lzG7PxAWOM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.mft
rsync://rpki.ripe.net/repository/DEFAULT/QH0twQwC9ewk9pD59mBVVIZWLlk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:d9:b9:aa:5a:59:f3:43:1f:15:5c:7f:bf:da:25:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=407d2dc10c02f5ec24f690f9f660555486562e59
Validity
Not Before: Mar 2 00:01:38 2026 GMT
Not After : Mar 3 00:01:38 2026 GMT
Subject: CN=3b3bc68d9d7d6b0baf075df4bfd1abd7acd88b29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:d5:15:8b:01:2a:21:35:33:11:ee:31:f3:70:
df:eb:a6:f4:92:a9:49:75:36:af:b0:5c:3c:08:30:
e4:e8:b1:8f:10:f2:f5:cd:f5:aa:fc:da:9e:43:2c:
fe:98:42:d4:58:06:65:9c:ed:3a:eb:08:93:3a:06:
65:38:21:c0:94:98:e7:6f:3e:a1:de:f6:70:8e:18:
07:57:c5:1c:b7:c7:0f:63:72:33:b9:43:f6:74:87:
a7:97:df:b3:bf:02:2a:1d:de:2d:1d:4d:67:8b:16:
b3:e3:cd:02:67:ea:90:44:8b:50:73:d2:2e:90:ec:
8a:8e:0e:d1:85:ac:ab:a4:2a:71:2b:cc:4e:c7:aa:
99:66:4d:5f:fd:b1:5d:70:63:43:cc:c4:80:d1:16:
d3:dc:4c:be:5c:b9:58:42:66:c2:73:48:e3:ff:2f:
d8:3d:b5:29:60:9c:06:d9:15:09:85:ab:49:98:22:
4c:de:cc:4d:47:cb:e9:11:33:22:ba:b7:18:59:43:
df:a7:63:77:90:b6:4c:02:f6:d9:ed:ef:2e:fc:00:
72:43:2a:7a:f7:ed:73:5b:51:27:76:41:26:d6:aa:
61:1b:06:45:7c:49:88:9d:db:c9:4d:72:1f:4d:75:
48:bc:3b:f8:c2:31:d3:06:4b:8c:ed:74:47:98:4a:
67:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:3B:C6:8D:9D:7D:6B:0B:AF:07:5D:F4:BF:D1:AB:D7:AC:D8:8B:29
X509v3 Authority Key Identifier:
keyid:40:7D:2D:C1:0C:02:F5:EC:24:F6:90:F9:F6:60:55:54:86:56:2E:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QH0twQwC9ewk9pD59mBVVIZWLlk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b0:32:71:86:cc:ee:ae:05:c4:18:6c:dd:b0:26:15:98:76:e8:
c4:82:08:6e:c8:4e:6e:b9:b7:02:d3:15:a2:1f:6e:99:e7:e1:
91:7f:07:45:09:6a:a7:23:71:60:54:c3:8e:3f:ee:54:b3:82:
c8:11:0b:e1:bd:08:7b:0a:4c:ed:06:c9:80:f7:f5:b5:b0:3b:
2e:fb:93:b1:a6:8b:87:d9:81:a8:7a:d3:d2:c1:a3:7a:38:17:
fc:86:3a:37:21:ed:81:1c:99:6a:53:66:98:b0:51:76:38:f9:
8f:55:1a:a6:95:fc:ed:7f:de:00:a4:ea:05:2c:62:f3:d7:3f:
1b:12:d0:06:bd:fd:24:f8:fd:7d:72:62:84:2d:c9:1e:29:b9:
44:cd:9c:ee:95:ea:04:43:63:37:fa:1c:19:49:f6:43:5e:02:
15:b5:92:f6:08:05:16:9b:90:4e:11:bf:48:6a:07:c8:07:5e:
85:13:04:29:88:0a:2f:b3:04:52:0c:cb:18:40:c0:88:34:77:
bd:a0:93:a2:51:05:6b:d3:bb:7c:28:4f:c2:60:6a:32:a4:10:
d2:00:42:36:57:43:3c:6b:ee:7c:9f:b1:25:b7:31:1b:02:78:
a1:78:4b:9e:16:d0:65:03:03:08:c0:de:5b:0e:a1:04:a3:e7:
fd:62:a5:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2bmqWlnzQx8VXH+/2iWXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwN2QyZGMxMGMwMmY1ZWMyNGY2OTBmOWY2NjA1NTU0ODY1
NjJlNTkwHhcNMjYwMzAyMDAwMTM4WhcNMjYwMzAzMDAwMTM4WjAzMTEwLwYDVQQD
EygzYjNiYzY4ZDlkN2Q2YjBiYWYwNzVkZjRiZmQxYWJkN2FjZDg4YjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzdUViwEqITUzEe4x83Df66b0kqlJ
dTavsFw8CDDk6LGPEPL1zfWq/NqeQyz+mELUWAZlnO066wiTOgZlOCHAlJjnbz6h
3vZwjhgHV8Uct8cPY3IzuUP2dIenl9+zvwIqHd4tHU1nixaz480CZ+qQRItQc9Iu
kOyKjg7RhayrpCpxK8xOx6qZZk1f/bFdcGNDzMSA0RbT3Ey+XLlYQmbCc0jj/y/Y
PbUpYJwG2RUJhatJmCJM3sxNR8vpETMiurcYWUPfp2N3kLZMAvbZ7e8u/AByQyp6
9+1zW1EndkEm1qphGwZFfEmIndvJTXIfTXVIvDv4wjHTBkuM7XRHmEpnVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDs7xo2dfWsLrwdd9L/Rq9es2IspMB8GA1UdIwQY
MBaAFEB9LcEMAvXsJPaQ+fZgVVSGVi5ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUgwdHdRd0M5ZXdrOXBENTltQlZWSVpXTGxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9hNmZjYzktZDI1MS00MmRjLWFkMDIt
OTY3YzIyODVlYTYyLzEvUUgwdHdRd0M5ZXdrOXBENTltQlZWSVpXTGxrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9hNmZjYzktZDI1MS00MmRjLWFkMDItOTY3YzIyODVlYTYy
LzEvUUgwdHdRd0M5ZXdrOXBENTltQlZWSVpXTGxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsDJxhszu
rgXEGGzdsCYVmHboxIIIbshObrm3AtMVoh9umefhkX8HRQlqpyNxYFTDjj/uVLOC
yBEL4b0IewpM7QbJgPf1tbA7LvuTsaaLh9mBqHrT0sGjejgX/IY6NyHtgRyZalNm
mLBRdjj5j1UappX87X/eAKTqBSxi89c/GxLQBr39JPj9fXJihC3JHim5RM2c7pXq
BENjN/ocGUn2Q14CFbWS9ggFFpuQThG/SGoHyAdehRMEKYgKL7MEUgzLGEDAiDR3
vaCTolEFa9O7fChPwmBqMqQQ0gBCNldDPGvufJ+xJbcxGwJ4oXhLnhbQZQMDCMDe
Ww6hBKPn/WKlIg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:12:06 2026 by rpki-client