Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/5dc87a-f329-4c44-8235-77e3beab61eb/1/QPwHKZcRrfoiLiexKLdtHZdFBYI.mft
File: QPwHKZcRrfoiLiexKLdtHZdFBYI.mft (raw, json)
Hash identifier: +U4FBlj03Stm6BnvIYZAJWyRlbXMNRyYY4nHrpYaehc=
Subject key identifier: 99:84:46:3A:A3:C6:A6:B6:74:51:E5:EC:87:A9:6E:A9:A1:AF:76:71
Authority key identifier: 40:FC:07:29:97:11:AD:FA:22:2E:27:B1:28:B7:6D:1D:97:45:05:82
Certificate issuer: /CN=40fc07299711adfa222e27b128b76d1d97450582
Certificate serial: 019D37892C55A65C3786D489787B1A6E0046
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QPwHKZcRrfoiLiexKLdtHZdFBYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/5dc87a-f329-4c44-8235-77e3beab61eb/1/QPwHKZcRrfoiLiexKLdtHZdFBYI.mft
Manifest number: 153D
Signing time: Sun 29 Mar 2026 03:00:29 +0000
Manifest this update: Sun 29 Mar 2026 03:00:29 +0000
Manifest next update: Mon 30 Mar 2026 03:00:29 +0000
Files and hashes: 1: QPwHKZcRrfoiLiexKLdtHZdFBYI.crl (hash: kiu150YIWAUUB+qdegWFeCcnaNZqRI6dw4NhYTx9QUE=)
2: n3unGkFIp8-n-TNUkOQRjOKqebU.roa (hash: CIWlXFkIaFdHtn2kvnhoUCJuy+xps7328gEToUVe6jM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/5dc87a-f329-4c44-8235-77e3beab61eb/1/QPwHKZcRrfoiLiexKLdtHZdFBYI.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/5dc87a-f329-4c44-8235-77e3beab61eb/1/QPwHKZcRrfoiLiexKLdtHZdFBYI.mft
rsync://rpki.ripe.net/repository/DEFAULT/QPwHKZcRrfoiLiexKLdtHZdFBYI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 03:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:89:2c:55:a6:5c:37:86:d4:89:78:7b:1a:6e:00:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40fc07299711adfa222e27b128b76d1d97450582
Validity
Not Before: Mar 29 03:00:29 2026 GMT
Not After : Mar 30 03:00:29 2026 GMT
Subject: CN=9984463aa3c6a6b67451e5ec87a96ea9a1af7671
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:28:8e:93:81:44:4e:05:03:a1:1d:70:3f:d1:
85:0e:9f:86:33:ed:0e:68:78:6b:ea:44:96:51:79:
54:ff:2a:ea:ea:a6:40:a1:f5:65:76:fd:fa:7c:72:
13:96:c9:bb:2a:4a:aa:fb:ea:ec:63:e7:01:84:ed:
0c:84:bd:9a:9e:2c:70:04:f0:19:0d:e1:95:55:af:
fd:aa:76:c2:09:26:88:39:68:92:8b:5f:6c:fd:ad:
bb:d0:f9:09:f1:b7:ca:58:65:63:e9:35:f0:ef:9c:
f9:b7:5e:d5:b8:90:75:8c:b6:27:1a:eb:45:a7:56:
1e:45:ec:4c:8c:df:b3:35:bc:6e:e6:88:4a:dc:9e:
56:f1:5e:ff:4c:4c:43:75:96:90:b1:8b:e2:00:6a:
1d:08:d7:83:99:10:f7:ff:91:88:fb:7a:78:4e:49:
f3:04:a3:ad:85:cb:be:8f:a3:33:09:cc:8f:d6:28:
e7:88:1c:e6:ab:6f:51:2f:cb:f3:60:9e:32:e5:36:
6e:01:0d:49:73:19:04:b6:fd:0a:18:00:5a:76:0c:
1c:66:06:b1:9a:ad:2a:14:5d:87:58:d0:98:eb:62:
96:2f:47:02:fd:72:59:20:b3:f4:a6:51:79:4b:23:
ae:6e:8e:ee:00:6e:95:d8:fb:a9:6f:c9:08:e2:30:
1f:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:84:46:3A:A3:C6:A6:B6:74:51:E5:EC:87:A9:6E:A9:A1:AF:76:71
X509v3 Authority Key Identifier:
keyid:40:FC:07:29:97:11:AD:FA:22:2E:27:B1:28:B7:6D:1D:97:45:05:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QPwHKZcRrfoiLiexKLdtHZdFBYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/5dc87a-f329-4c44-8235-77e3beab61eb/1/QPwHKZcRrfoiLiexKLdtHZdFBYI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/5dc87a-f329-4c44-8235-77e3beab61eb/1/QPwHKZcRrfoiLiexKLdtHZdFBYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
53:e4:ee:b8:7a:ea:97:db:ea:14:e4:54:c2:7a:cc:52:0c:6b:
81:34:7c:04:0b:8e:95:fb:1a:48:1c:67:36:7a:be:23:92:6c:
4a:1d:32:e1:b0:a0:0b:1f:58:88:f4:be:52:f5:9a:d2:49:90:
cf:85:d0:0a:3c:a0:76:08:ca:23:68:c9:e0:41:f9:d7:ac:ca:
b8:0d:46:82:de:1e:9e:e7:2c:e7:ab:9b:b7:80:54:cc:14:cb:
c7:4b:2a:97:7a:a1:7d:48:5c:f6:35:bc:50:7b:07:5d:0d:6b:
41:79:17:68:0c:1c:a1:8d:d2:63:fb:a7:d7:a6:0d:9b:dc:e0:
fe:f0:b1:63:75:7e:d2:7f:da:37:71:83:d2:94:0c:7e:72:e9:
12:28:9c:f4:47:9c:34:b3:23:a5:b7:87:7b:ab:df:d1:81:b7:
a2:60:07:7b:d3:8f:f0:42:11:09:41:f1:e9:6f:48:8d:2c:eb:
f2:7a:05:f1:87:fb:82:1b:38:04:dd:a2:0b:c0:22:4e:9d:5f:
1a:dc:f8:37:1c:c6:6c:2d:d8:7e:3f:1c:fe:1c:1f:81:b6:5c:
e3:f7:12:98:ee:3d:dd:de:4f:8e:50:93:be:ca:87:f3:e4:c1:
cc:ac:cb:53:26:14:ef:37:3a:37:92:46:ab:ac:f4:14:a7:ee:
18:32:78:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iSxVplw3htSJeHsabgBGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZmMwNzI5OTcxMWFkZmEyMjJlMjdiMTI4Yjc2ZDFkOTc0
NTA1ODIwHhcNMjYwMzI5MDMwMDI5WhcNMjYwMzMwMDMwMDI5WjAzMTEwLwYDVQQD
Eyg5OTg0NDYzYWEzYzZhNmI2NzQ1MWU1ZWM4N2E5NmVhOWExYWY3NjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCiOk4FETgUDoR1wP9GFDp+GM+0O
aHhr6kSWUXlU/yrq6qZAofVldv36fHITlsm7Kkqq++rsY+cBhO0MhL2anixwBPAZ
DeGVVa/9qnbCCSaIOWiSi19s/a270PkJ8bfKWGVj6TXw75z5t17VuJB1jLYnGutF
p1YeRexMjN+zNbxu5ohK3J5W8V7/TExDdZaQsYviAGodCNeDmRD3/5GI+3p4Tknz
BKOthcu+j6MzCcyP1ijniBzmq29RL8vzYJ4y5TZuAQ1JcxkEtv0KGABadgwcZgax
mq0qFF2HWNCY62KWL0cC/XJZILP0plF5SyOubo7uAG6V2Pupb8kI4jAfwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJmERjqjxqa2dFHl7Iepbqmhr3ZxMB8GA1UdIwQY
MBaAFED8BymXEa36Ii4nsSi3bR2XRQWCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVB3SEtaY1JyZm9pTGlleEtMZHRIWmRGQllJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi81ZGM4N2EtZjMyOS00YzQ0LTgyMzUt
NzdlM2JlYWI2MWViLzEvUVB3SEtaY1JyZm9pTGlleEtMZHRIWmRGQllJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi81ZGM4N2EtZjMyOS00YzQ0LTgyMzUtNzdlM2JlYWI2MWVi
LzEvUVB3SEtaY1JyZm9pTGlleEtMZHRIWmRGQllJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU+TuuHrq
l9vqFORUwnrMUgxrgTR8BAuOlfsaSBxnNnq+I5JsSh0y4bCgCx9YiPS+UvWa0kmQ
z4XQCjygdgjKI2jJ4EH516zKuA1Ggt4enucs56ubt4BUzBTLx0sql3qhfUhc9jW8
UHsHXQ1rQXkXaAwcoY3SY/un16YNm9zg/vCxY3V+0n/aN3GD0pQMfnLpEiic9Eec
NLMjpbeHe6vf0YG3omAHe9OP8EIRCUHx6W9IjSzr8noF8Yf7ghs4BN2iC8AiTp1f
Gtz4NxzGbC3Yfj8c/hwfgbZc4/cSmO493d5PjlCTvsqH8+TBzKzLUyYU7zc6N5JG
q6z0FKfuGDJ4AA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:13:45 2026 by rpki-client