Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/42692b-a460-477c-baa0-eccdac8b6a98/1/qOeaWm0FfybaCYxi-R31ExEa7a0.mft
File: qOeaWm0FfybaCYxi-R31ExEa7a0.mft (raw, json)
Hash identifier: S6lU5bgUbocJpbzxZGFZJgHXKdtm19JbqxwfWkv1AI4=
Subject key identifier: E5:89:D1:18:8D:4D:06:96:8F:77:FB:D8:73:42:DB:AA:44:48:4F:AD
Authority key identifier: A8:E7:9A:5A:6D:05:7F:26:DA:09:8C:62:F9:1D:F5:13:11:1A:ED:AD
Certificate issuer: /CN=a8e79a5a6d057f26da098c62f91df513111aedad
Certificate serial: 019D386605DCADD1FBBD84FF2DF91602F922
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qOeaWm0FfybaCYxi-R31ExEa7a0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/42692b-a460-477c-baa0-eccdac8b6a98/1/qOeaWm0FfybaCYxi-R31ExEa7a0.mft
Manifest number: 0343
Signing time: Sun 29 Mar 2026 07:01:43 +0000
Manifest this update: Sun 29 Mar 2026 07:01:43 +0000
Manifest next update: Mon 30 Mar 2026 07:01:43 +0000
Files and hashes: 1: qOeaWm0FfybaCYxi-R31ExEa7a0.crl (hash: yicEFpnnCJoFqxqA7kuuO8AH1BlQl2RqogEwUxsEEqI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/42692b-a460-477c-baa0-eccdac8b6a98/1/qOeaWm0FfybaCYxi-R31ExEa7a0.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/42692b-a460-477c-baa0-eccdac8b6a98/1/qOeaWm0FfybaCYxi-R31ExEa7a0.mft
rsync://rpki.ripe.net/repository/DEFAULT/qOeaWm0FfybaCYxi-R31ExEa7a0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:66:05:dc:ad:d1:fb:bd:84:ff:2d:f9:16:02:f9:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8e79a5a6d057f26da098c62f91df513111aedad
Validity
Not Before: Mar 29 07:01:43 2026 GMT
Not After : Mar 30 07:01:43 2026 GMT
Subject: CN=e589d1188d4d06968f77fbd87342dbaa44484fad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:cb:37:34:64:7a:09:40:a0:98:4a:31:af:7a:
1b:5c:4b:12:3b:92:5b:b5:3a:11:2a:a5:fe:9e:e2:
90:66:dd:4b:26:2a:92:ad:5d:47:a9:f0:94:08:b5:
9e:27:f3:cc:1b:00:4d:57:40:09:9d:ed:41:a7:9c:
ef:47:f2:5b:dc:ce:a9:f7:d7:3a:f4:8b:30:39:e4:
d9:a6:bb:35:93:53:fd:fc:96:22:f9:3e:15:5d:23:
73:13:68:9c:56:ae:bc:88:4e:ad:90:95:61:c7:3d:
d1:3a:cf:ec:b6:0a:80:4e:53:1a:04:0d:93:af:9e:
bf:3c:f2:ce:ce:5a:46:e5:08:ed:40:35:9c:80:ee:
6c:58:a3:d1:24:50:5b:7e:d9:08:24:37:cb:96:73:
87:7d:33:df:52:78:89:c4:f9:6a:d2:ae:97:a6:a5:
6b:6d:af:c0:c0:09:20:c0:04:67:a4:9a:ca:d6:95:
f7:e8:b4:8f:44:ee:38:ec:f9:6e:ef:3b:f3:7a:ad:
1d:20:a7:75:55:f5:23:68:73:54:c6:04:e4:46:2b:
e7:b6:86:bc:6f:79:c5:da:8c:09:ea:6c:2d:51:69:
ff:32:39:ba:79:c7:47:f4:ca:77:4f:f2:13:d8:b0:
f9:97:c7:b5:eb:00:d1:73:53:67:1d:9b:40:0b:f2:
14:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:89:D1:18:8D:4D:06:96:8F:77:FB:D8:73:42:DB:AA:44:48:4F:AD
X509v3 Authority Key Identifier:
keyid:A8:E7:9A:5A:6D:05:7F:26:DA:09:8C:62:F9:1D:F5:13:11:1A:ED:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qOeaWm0FfybaCYxi-R31ExEa7a0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/42692b-a460-477c-baa0-eccdac8b6a98/1/qOeaWm0FfybaCYxi-R31ExEa7a0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/42692b-a460-477c-baa0-eccdac8b6a98/1/qOeaWm0FfybaCYxi-R31ExEa7a0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1a:68:d4:06:8b:d2:0d:01:22:9b:8c:88:62:02:e3:54:c5:b1:
3b:1c:41:a3:2d:d2:00:ee:d9:5a:6d:76:6f:1c:57:98:9f:55:
d0:34:b1:5e:48:2c:cb:46:b7:cc:a5:8e:f9:c2:cd:34:fa:7a:
aa:58:ee:8d:02:7c:55:a8:d5:0f:89:46:0a:5d:a5:39:b3:27:
8f:7b:bf:1f:56:48:90:69:d6:42:b6:2b:0e:85:0e:a3:8f:ef:
52:28:c5:ad:5e:a9:11:a7:ed:fa:8a:ec:48:e2:93:1d:5d:c3:
44:17:f3:48:bd:91:c4:c1:1b:43:ff:1c:1d:b9:95:94:a8:5a:
6c:a8:8f:05:9f:6c:1a:bb:1a:9c:c1:e0:72:29:d0:b1:18:2f:
ae:87:81:47:d9:9a:14:2e:27:78:f6:17:61:b1:af:a4:b0:02:
2f:48:6a:57:44:58:ec:2c:68:54:ae:d8:a7:7c:0b:75:93:cc:
75:9e:ba:4b:74:1b:2e:42:22:ac:dc:d1:87:57:f3:f5:36:c2:
09:44:3c:00:8a:b5:7e:6a:cd:0b:97:fb:9a:5b:0a:75:22:1a:
a9:15:f1:22:ab:de:2f:cd:d5:18:e5:f8:be:81:16:37:4b:5c:
cd:1f:bb:2f:e8:10:a1:90:cb:6a:87:ab:06:e6:2c:5e:2a:25:
1b:ca:2d:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZgXcrdH7vYT/LfkWAvkiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4ZTc5YTVhNmQwNTdmMjZkYTA5OGM2MmY5MWRmNTEzMTEx
YWVkYWQwHhcNMjYwMzI5MDcwMTQzWhcNMjYwMzMwMDcwMTQzWjAzMTEwLwYDVQQD
EyhlNTg5ZDExODhkNGQwNjk2OGY3N2ZiZDg3MzQyZGJhYTQ0NDg0ZmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8ss3NGR6CUCgmEoxr3obXEsSO5Jb
tToRKqX+nuKQZt1LJiqSrV1HqfCUCLWeJ/PMGwBNV0AJne1Bp5zvR/Jb3M6p99c6
9IswOeTZprs1k1P9/JYi+T4VXSNzE2icVq68iE6tkJVhxz3ROs/stgqATlMaBA2T
r56/PPLOzlpG5QjtQDWcgO5sWKPRJFBbftkIJDfLlnOHfTPfUniJxPlq0q6XpqVr
ba/AwAkgwARnpJrK1pX36LSPRO447Plu7zvzeq0dIKd1VfUjaHNUxgTkRivntoa8
b3nF2owJ6mwtUWn/Mjm6ecdH9Mp3T/IT2LD5l8e16wDRc1NnHZtAC/IUWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOWJ0RiNTQaWj3f72HNC26pESE+tMB8GA1UdIwQY
MBaAFKjnmlptBX8m2gmMYvkd9RMRGu2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcU9lYVdtMEZmeWJhQ1l4aS1SMzFFeEVhN2EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS80MjY5MmItYTQ2MC00NzdjLWJhYTAt
ZWNjZGFjOGI2YTk4LzEvcU9lYVdtMEZmeWJhQ1l4aS1SMzFFeEVhN2EwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS80MjY5MmItYTQ2MC00NzdjLWJhYTAtZWNjZGFjOGI2YTk4
LzEvcU9lYVdtMEZmeWJhQ1l4aS1SMzFFeEVhN2EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGmjUBovS
DQEim4yIYgLjVMWxOxxBoy3SAO7ZWm12bxxXmJ9V0DSxXkgsy0a3zKWO+cLNNPp6
qljujQJ8VajVD4lGCl2lObMnj3u/H1ZIkGnWQrYrDoUOo4/vUijFrV6pEaft+ors
SOKTHV3DRBfzSL2RxMEbQ/8cHbmVlKhabKiPBZ9sGrsanMHgcinQsRgvroeBR9ma
FC4nePYXYbGvpLACL0hqV0RY7CxoVK7Yp3wLdZPMdZ66S3QbLkIirNzRh1fz9TbC
CUQ8AIq1fmrNC5f7mlsKdSIaqRXxIqveL83VGOX4voEWN0tczR+7L+gQoZDLaoer
BuYsXiolG8ot7w==
-----END CERTIFICATE-----
Generated at Sun Mar 29 16:23:13 2026 by rpki-client