Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/709e07-47d5-4720-b777-c6bca01b2ff8/1/qMbzkzUMd1mMEhrNPJL3BIV274k.mft
File: qMbzkzUMd1mMEhrNPJL3BIV274k.mft (raw, json)
Hash identifier: Bn5IEMX680EgnZ7ts7fFAxV2eQQzaYNqHD+KkhB5yEc=
Subject key identifier: 06:4B:ED:68:D0:C9:A8:99:BF:8A:D2:DA:16:64:8C:1C:EA:A7:66:78
Authority key identifier: A8:C6:F3:93:35:0C:77:59:8C:12:1A:CD:3C:92:F7:04:85:76:EF:89
Certificate issuer: /CN=a8c6f393350c77598c121acd3c92f7048576ef89
Certificate serial: 019D39AE9FC341A3F3BF94E49AE22BC209C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qMbzkzUMd1mMEhrNPJL3BIV274k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/709e07-47d5-4720-b777-c6bca01b2ff8/1/qMbzkzUMd1mMEhrNPJL3BIV274k.mft
Manifest number: 0FC6
Signing time: Sun 29 Mar 2026 13:00:38 +0000
Manifest this update: Sun 29 Mar 2026 13:00:38 +0000
Manifest next update: Mon 30 Mar 2026 13:00:38 +0000
Files and hashes: 1: GuUQabt2k0I5-qJJOMBc68ywwdc.roa (hash: Xq2BynkEhHcna9VYb0KvlZPGBlElBggMhxm3EhEPnM0=)
2: NSXY549oyeJh_ywPWUFsoFAfnFE.roa (hash: PqAKJQyPO77ShWqR8N9V3ypCb33ovrN70zA1E2ZocLc=)
3: qMbzkzUMd1mMEhrNPJL3BIV274k.crl (hash: GWic1PU6/a5Q+hEmG+6c1oWPgI2ZoaOdxdSqHhecpV8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/709e07-47d5-4720-b777-c6bca01b2ff8/1/qMbzkzUMd1mMEhrNPJL3BIV274k.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/709e07-47d5-4720-b777-c6bca01b2ff8/1/qMbzkzUMd1mMEhrNPJL3BIV274k.mft
rsync://rpki.ripe.net/repository/DEFAULT/qMbzkzUMd1mMEhrNPJL3BIV274k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:ae:9f:c3:41:a3:f3:bf:94:e4:9a:e2:2b:c2:09:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8c6f393350c77598c121acd3c92f7048576ef89
Validity
Not Before: Mar 29 13:00:38 2026 GMT
Not After : Mar 30 13:00:38 2026 GMT
Subject: CN=064bed68d0c9a899bf8ad2da16648c1ceaa76678
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:18:fd:29:0d:e4:dc:4a:74:a6:2a:5d:d8:ea:
8f:d9:61:3f:bb:f0:df:b3:63:68:be:5f:f2:b5:43:
0f:06:f5:cd:41:43:e6:55:38:26:12:3d:53:a8:e0:
90:7f:60:03:09:90:49:7b:bc:28:84:10:c8:83:a2:
4c:c2:b0:22:11:94:71:37:8c:79:33:d9:a6:d4:6c:
ad:06:11:18:77:23:cd:4e:f2:95:77:9c:9a:fa:da:
9c:e0:b9:62:5f:54:8e:ee:36:bc:6b:5a:a4:36:56:
84:c6:64:ea:52:eb:c8:5f:e4:2f:bc:c3:c2:a9:db:
bf:c7:c7:fc:0b:22:b3:fb:cd:83:60:97:f7:ed:78:
f8:ab:b5:b7:11:aa:75:51:f0:bf:d8:52:ee:3c:3f:
a5:fd:df:aa:31:d5:78:24:ee:51:ce:03:81:94:20:
b0:54:09:5b:4c:12:d7:a9:31:22:6a:2e:05:92:6e:
25:a5:d4:1d:e3:c0:59:0a:c1:0e:65:d7:6c:13:f1:
15:ae:b1:57:bf:5c:98:f7:7e:35:83:d8:a4:b9:d2:
53:a2:f9:f9:74:13:98:ff:7c:33:b1:fc:97:11:35:
5a:05:3e:64:9b:2d:05:b5:08:40:eb:06:a4:86:3e:
36:be:12:3e:af:b8:ee:bc:2c:59:a9:36:ab:5e:5e:
3f:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:4B:ED:68:D0:C9:A8:99:BF:8A:D2:DA:16:64:8C:1C:EA:A7:66:78
X509v3 Authority Key Identifier:
keyid:A8:C6:F3:93:35:0C:77:59:8C:12:1A:CD:3C:92:F7:04:85:76:EF:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qMbzkzUMd1mMEhrNPJL3BIV274k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/709e07-47d5-4720-b777-c6bca01b2ff8/1/qMbzkzUMd1mMEhrNPJL3BIV274k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/709e07-47d5-4720-b777-c6bca01b2ff8/1/qMbzkzUMd1mMEhrNPJL3BIV274k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8e:1e:ff:71:a0:74:f0:2e:a2:81:44:1e:f7:97:f9:ff:86:c1:
06:2b:26:c4:72:3f:81:87:a0:b7:fb:f5:13:25:8b:b4:20:8d:
41:10:5f:21:7a:9f:ec:0e:a1:fa:1a:66:94:82:5d:93:7f:a6:
e5:67:cc:e0:82:d8:c1:cf:93:17:e3:f2:9e:98:e8:df:1a:f9:
62:e2:12:bb:95:26:13:e3:09:58:59:00:f1:a6:23:4d:16:b2:
02:c9:c0:1d:f9:6f:43:fb:7c:6a:45:b2:ba:fd:b0:3c:4a:0e:
45:6e:9d:ef:78:9f:af:2d:f8:95:ac:04:1c:1f:f9:20:dd:21:
46:e6:37:1a:59:be:6f:98:82:e0:6b:f5:40:e1:2c:40:3b:68:
73:2a:b8:04:0e:fb:c1:7e:8e:aa:39:05:ba:c9:94:df:d2:2d:
78:0c:c6:c5:bb:cd:11:a7:9e:88:ec:f2:f3:78:9e:e1:97:34:
1b:9f:40:81:1d:de:5c:08:a9:da:5a:db:02:75:31:e5:00:16:
16:9a:26:5c:66:02:7d:33:1c:0b:ba:ac:7c:34:15:41:73:85:
02:82:ce:1c:0f:79:a2:b1:ac:ba:40:1f:43:08:4e:e2:dd:ab:
b7:0f:78:ce:72:41:76:b1:e5:9b:e8:6f:45:03:c9:31:d9:90:
cc:d8:88:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05rp/DQaPzv5TkmuIrwgnDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4YzZmMzkzMzUwYzc3NTk4YzEyMWFjZDNjOTJmNzA0ODU3
NmVmODkwHhcNMjYwMzI5MTMwMDM4WhcNMjYwMzMwMTMwMDM4WjAzMTEwLwYDVQQD
EygwNjRiZWQ2OGQwYzlhODk5YmY4YWQyZGExNjY0OGMxY2VhYTc2Njc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBj9KQ3k3Ep0pipd2OqP2WE/u/Df
s2Novl/ytUMPBvXNQUPmVTgmEj1TqOCQf2ADCZBJe7wohBDIg6JMwrAiEZRxN4x5
M9mm1GytBhEYdyPNTvKVd5ya+tqc4LliX1SO7ja8a1qkNlaExmTqUuvIX+QvvMPC
qdu/x8f8CyKz+82DYJf37Xj4q7W3Eap1UfC/2FLuPD+l/d+qMdV4JO5RzgOBlCCw
VAlbTBLXqTEiai4Fkm4lpdQd48BZCsEOZddsE/EVrrFXv1yY9341g9ikudJTovn5
dBOY/3wzsfyXETVaBT5kmy0FtQhA6wakhj42vhI+r7juvCxZqTarXl4/fQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAZL7WjQyaiZv4rS2hZkjBzqp2Z4MB8GA1UdIwQY
MBaAFKjG85M1DHdZjBIazTyS9wSFdu+JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcU1iemt6VU1kMW1NRWhyTlBKTDNCSVYyNzRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS83MDllMDctNDdkNS00NzIwLWI3Nzct
YzZiY2EwMWIyZmY4LzEvcU1iemt6VU1kMW1NRWhyTlBKTDNCSVYyNzRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS83MDllMDctNDdkNS00NzIwLWI3NzctYzZiY2EwMWIyZmY4
LzEvcU1iemt6VU1kMW1NRWhyTlBKTDNCSVYyNzRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjh7/caB0
8C6igUQe95f5/4bBBismxHI/gYegt/v1EyWLtCCNQRBfIXqf7A6h+hpmlIJdk3+m
5WfM4ILYwc+TF+Pynpjo3xr5YuISu5UmE+MJWFkA8aYjTRayAsnAHflvQ/t8akWy
uv2wPEoORW6d73ifry34lawEHB/5IN0hRuY3Glm+b5iC4Gv1QOEsQDtocyq4BA77
wX6OqjkFusmU39IteAzGxbvNEaeeiOzy83ie4Zc0G59AgR3eXAip2lrbAnUx5QAW
FpomXGYCfTMcC7qsfDQVQXOFAoLOHA95orGsukAfQwhO4t2rtw94znJBdrHlm+hv
RQPJMdmQzNiIuw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:00:28 2026 by rpki-client