Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/a074e2-66ea-43cc-94a7-b380453267f9/1/QdFPKPmNO9zEXhkibx9WFw4xKr8.mft
File: QdFPKPmNO9zEXhkibx9WFw4xKr8.mft (raw, json)
Hash identifier: bFjWhgCXU1Vrimip0KjoGkXRIj0WyJ9GSPnRW4MkHzw=
Subject key identifier: C2:BB:EB:BD:61:0A:8A:7E:40:88:60:03:40:DF:97:73:11:2D:2D:F9
Authority key identifier: 41:D1:4F:28:F9:8D:3B:DC:C4:5E:19:22:6F:1F:56:17:0E:31:2A:BF
Certificate issuer: /CN=41d14f28f98d3bdcc45e19226f1f56170e312abf
Certificate serial: 019D378957ABCB7B9431E7D160AAC903BF7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QdFPKPmNO9zEXhkibx9WFw4xKr8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/a074e2-66ea-43cc-94a7-b380453267f9/1/QdFPKPmNO9zEXhkibx9WFw4xKr8.mft
Manifest number: 1890
Signing time: Sun 29 Mar 2026 03:00:40 +0000
Manifest this update: Sun 29 Mar 2026 03:00:40 +0000
Manifest next update: Mon 30 Mar 2026 03:00:40 +0000
Files and hashes: 1: NuvWFYQk-kiKl2MmMjAPNDb8So4.roa (hash: HNkfwrKS+V0tdXG/bTci5kuusdPPHQbnnFcQ26SERCU=)
2: QdFPKPmNO9zEXhkibx9WFw4xKr8.crl (hash: FBH0p01NQ/15hgFz3xalYYxCJW6dERe4HMx0+Ovjuow=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/a074e2-66ea-43cc-94a7-b380453267f9/1/QdFPKPmNO9zEXhkibx9WFw4xKr8.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/a074e2-66ea-43cc-94a7-b380453267f9/1/QdFPKPmNO9zEXhkibx9WFw4xKr8.mft
rsync://rpki.ripe.net/repository/DEFAULT/QdFPKPmNO9zEXhkibx9WFw4xKr8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 03:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:89:57:ab:cb:7b:94:31:e7:d1:60:aa:c9:03:bf:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41d14f28f98d3bdcc45e19226f1f56170e312abf
Validity
Not Before: Mar 29 03:00:40 2026 GMT
Not After : Mar 30 03:00:40 2026 GMT
Subject: CN=c2bbebbd610a8a7e4088600340df9773112d2df9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:de:01:6e:f3:0a:36:0b:b6:ce:08:25:70:fa:
6d:62:dd:74:86:d6:a6:9b:50:02:63:a0:11:db:82:
5a:fe:55:cf:d4:e0:e4:60:27:ef:94:ad:3b:2b:8b:
f2:d2:0e:49:79:f5:a8:c2:e8:63:ac:9d:38:1a:cb:
92:7a:53:9c:96:2f:ef:20:99:c1:7d:ef:ff:60:57:
44:be:ac:f2:77:99:51:02:de:52:5e:7b:66:09:be:
0f:e0:19:3a:f8:2f:68:e7:0d:20:20:dd:29:3c:8c:
08:22:74:18:c1:3f:49:c3:11:5a:c0:cd:c1:1b:e3:
4c:e2:65:9f:d1:22:e0:1f:ab:d3:54:46:af:d7:15:
ed:44:2f:28:2c:d6:99:fb:bc:80:a7:94:b5:92:7c:
b2:00:27:97:91:37:89:7f:f4:32:fe:1d:44:10:9f:
8d:d6:79:14:94:b2:d2:e2:ec:6e:83:d0:2a:dd:a1:
95:68:ad:da:ee:d1:68:b2:a4:77:26:b1:09:50:c0:
19:f9:e8:2c:0b:6a:de:e0:99:e8:46:90:b3:2b:20:
b6:9b:e5:63:2b:27:85:2d:ac:af:fa:34:b6:2b:ae:
38:72:a5:50:f4:6f:c1:99:b8:89:f2:6c:13:b3:5d:
e7:88:da:5f:b7:04:0c:6f:9c:55:4d:7c:c0:f2:f6:
00:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:BB:EB:BD:61:0A:8A:7E:40:88:60:03:40:DF:97:73:11:2D:2D:F9
X509v3 Authority Key Identifier:
keyid:41:D1:4F:28:F9:8D:3B:DC:C4:5E:19:22:6F:1F:56:17:0E:31:2A:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QdFPKPmNO9zEXhkibx9WFw4xKr8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/a074e2-66ea-43cc-94a7-b380453267f9/1/QdFPKPmNO9zEXhkibx9WFw4xKr8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/a074e2-66ea-43cc-94a7-b380453267f9/1/QdFPKPmNO9zEXhkibx9WFw4xKr8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
97:40:df:11:f5:3c:09:9f:84:13:e6:39:9c:92:e5:7a:94:21:
2f:8f:59:70:98:d9:13:ff:b9:e8:d8:fd:7e:b7:be:8e:d6:a7:
33:96:93:63:98:33:b3:96:ae:dd:da:42:a2:fe:08:77:1f:3a:
19:9d:eb:77:22:99:4b:47:0c:e1:e2:32:fe:61:ea:6d:11:bd:
77:1c:19:3a:24:a1:32:85:0c:80:28:3e:3a:65:93:04:8b:07:
00:ce:e0:a4:0c:93:5a:37:c1:7e:68:bc:76:2b:b7:d8:94:d1:
b2:12:88:f3:57:4c:2d:49:1b:54:b9:d8:98:e1:20:3a:d6:e8:
12:d5:7c:54:70:d8:49:3b:d4:33:12:3f:59:c1:ba:ab:ba:c0:
03:c2:3b:d8:b9:9f:09:5f:ce:6f:0d:23:38:92:57:4c:f1:86:
43:fe:31:2b:f6:49:e4:e1:f8:1b:0e:e5:70:96:1e:93:3f:00:
e9:78:e3:19:3f:c1:73:71:ef:b5:08:3e:9f:97:16:7e:ed:ad:
bb:e1:e3:3e:21:4d:fa:0e:ee:fa:78:e5:ec:db:04:e8:65:83:
94:c1:db:85:e1:48:80:f9:33:45:f8:8b:4d:c4:db:b4:d6:bd:
b7:19:b5:24:9c:50:1b:1d:eb:a2:64:44:45:26:ca:fa:b1:d8:
e5:9b:78:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iVery3uUMefRYKrJA799MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZDE0ZjI4Zjk4ZDNiZGNjNDVlMTkyMjZmMWY1NjE3MGUz
MTJhYmYwHhcNMjYwMzI5MDMwMDQwWhcNMjYwMzMwMDMwMDQwWjAzMTEwLwYDVQQD
EyhjMmJiZWJiZDYxMGE4YTdlNDA4ODYwMDM0MGRmOTc3MzExMmQyZGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAot4BbvMKNgu2zgglcPptYt10htam
m1ACY6AR24Ja/lXP1ODkYCfvlK07K4vy0g5JefWowuhjrJ04GsuSelOcli/vIJnB
fe//YFdEvqzyd5lRAt5SXntmCb4P4Bk6+C9o5w0gIN0pPIwIInQYwT9JwxFawM3B
G+NM4mWf0SLgH6vTVEav1xXtRC8oLNaZ+7yAp5S1knyyACeXkTeJf/Qy/h1EEJ+N
1nkUlLLS4uxug9Aq3aGVaK3a7tFosqR3JrEJUMAZ+egsC2re4JnoRpCzKyC2m+Vj
KyeFLayv+jS2K644cqVQ9G/BmbiJ8mwTs13niNpftwQMb5xVTXzA8vYA1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMK7671hCop+QIhgA0Dfl3MRLS35MB8GA1UdIwQY
MBaAFEHRTyj5jTvcxF4ZIm8fVhcOMSq/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWRGUEtQbU5POXpFWGhraWJ4OVdGdzR4S3I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9hMDc0ZTItNjZlYS00M2NjLTk0YTct
YjM4MDQ1MzI2N2Y5LzEvUWRGUEtQbU5POXpFWGhraWJ4OVdGdzR4S3I4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9hMDc0ZTItNjZlYS00M2NjLTk0YTctYjM4MDQ1MzI2N2Y5
LzEvUWRGUEtQbU5POXpFWGhraWJ4OVdGdzR4S3I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl0DfEfU8
CZ+EE+Y5nJLlepQhL49ZcJjZE/+56Nj9fre+jtanM5aTY5gzs5au3dpCov4Idx86
GZ3rdyKZS0cM4eIy/mHqbRG9dxwZOiShMoUMgCg+OmWTBIsHAM7gpAyTWjfBfmi8
diu32JTRshKI81dMLUkbVLnYmOEgOtboEtV8VHDYSTvUMxI/WcG6q7rAA8I72Lmf
CV/Obw0jOJJXTPGGQ/4xK/ZJ5OH4Gw7lcJYekz8A6XjjGT/Bc3HvtQg+n5cWfu2t
u+HjPiFN+g7u+njl7NsE6GWDlMHbheFIgPkzRfiLTcTbtNa9txm1JJxQGx3romRE
RSbK+rHY5Zt4oA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:01:29 2026 by rpki-client