Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.mft
File: qltHHQugidnp9GwpExlnT6yBKNA.mft (raw, json)
Hash identifier: uDvXnOfSKgyAoOQBh0l23QZGz7xsFTKVBuhPAkfQmAE=
Subject key identifier: 2A:D2:CC:1A:21:93:E9:33:90:8E:45:BD:59:03:46:94:CF:23:EB:65
Authority key identifier: AA:5B:47:1D:0B:A0:89:D9:E9:F4:6C:29:13:19:67:4F:AC:81:28:D0
Certificate issuer: /CN=aa5b471d0ba089d9e9f46c291319674fac8128d0
Certificate serial: 019D37C0C7740B4274B6517930D2B3003DBA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qltHHQugidnp9GwpExlnT6yBKNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.mft
Manifest number: 0EE1
Signing time: Sun 29 Mar 2026 04:01:13 +0000
Manifest this update: Sun 29 Mar 2026 04:01:13 +0000
Manifest next update: Mon 30 Mar 2026 04:01:13 +0000
Files and hashes: 1: RGHMhabHZkPW5wXprVh6WUeUNEU.roa (hash: aWxpktwD4HwK4DqUq/i3jSDZlGsjYGbb6rrk+6zxpz0=)
2: hW9pmZmoOAPv4EQxUHQXTXDJr6s.roa (hash: mjwhxdNEgH8aH/IfZWkqyz4fW356i+YVNu/YE2e6m8A=)
3: qltHHQugidnp9GwpExlnT6yBKNA.crl (hash: 3ScckPkCk6Dh+NMgFSsoG3gFDDupyjJxeZ+jvkKwBa0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.mft
rsync://rpki.ripe.net/repository/DEFAULT/qltHHQugidnp9GwpExlnT6yBKNA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 04:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:c0:c7:74:0b:42:74:b6:51:79:30:d2:b3:00:3d:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa5b471d0ba089d9e9f46c291319674fac8128d0
Validity
Not Before: Mar 29 04:01:13 2026 GMT
Not After : Mar 30 04:01:13 2026 GMT
Subject: CN=2ad2cc1a2193e933908e45bd59034694cf23eb65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:14:5f:ec:8f:55:e4:b7:82:65:66:5b:03:63:
70:6a:3c:bb:d3:85:5e:54:dc:c8:a7:73:ce:7b:f4:
e3:a4:b5:8d:65:ef:d9:ad:4f:f1:90:e1:a7:c0:05:
df:7c:98:0b:99:ca:25:d8:73:2c:c3:0e:22:90:59:
9b:d4:87:f0:30:a9:23:63:34:25:f0:2a:8c:12:0b:
d1:61:c4:01:04:be:9e:63:14:e6:36:3a:1b:1e:16:
91:1f:0b:93:37:a4:63:49:8b:f1:61:40:95:a8:04:
3c:03:a6:7c:fc:5f:d1:99:9e:30:92:af:b8:d9:e7:
5a:96:92:25:7b:83:bd:31:20:4d:61:bd:fb:69:b7:
9e:d3:66:79:a5:2b:a0:ca:dc:d8:c1:44:12:c8:1b:
40:e0:32:1e:10:a4:c5:5a:c7:85:e0:71:48:5f:04:
c9:47:f3:2c:75:b2:f8:df:ec:2b:00:45:78:45:d9:
25:a6:28:cd:0b:99:fe:d1:eb:3e:e0:5c:21:b4:f4:
8a:e1:60:de:fd:f8:a2:25:65:76:02:78:81:aa:9a:
95:85:ba:07:f8:7e:94:73:aa:96:9a:7d:7d:7d:ec:
04:67:63:bc:af:84:01:a1:21:2b:ee:35:f1:b5:c6:
6e:ae:5c:41:9d:61:ce:cb:f1:0c:9a:04:5e:12:12:
9c:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:D2:CC:1A:21:93:E9:33:90:8E:45:BD:59:03:46:94:CF:23:EB:65
X509v3 Authority Key Identifier:
keyid:AA:5B:47:1D:0B:A0:89:D9:E9:F4:6C:29:13:19:67:4F:AC:81:28:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qltHHQugidnp9GwpExlnT6yBKNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0f:25:7b:23:34:18:53:3c:92:c8:12:04:91:39:2e:2d:ef:f6:
28:35:95:2b:c2:23:85:c4:bd:22:82:54:0b:97:26:02:4e:1c:
c3:e7:be:45:68:d1:72:eb:42:f7:66:1a:97:30:14:3f:9a:1f:
50:7a:d7:fb:78:39:ba:43:70:75:d2:19:bd:b6:21:a0:05:11:
2d:8e:f8:9e:ed:b7:d8:8f:b2:ac:53:7f:fd:cb:cf:15:90:a3:
78:23:c2:be:e7:fe:ac:d5:fb:74:9b:a4:a6:4f:f4:b1:5d:49:
14:72:c7:e0:dd:52:1d:c6:2a:26:67:23:f2:ad:3d:19:9f:15:
1d:78:91:d3:49:eb:af:0e:8c:de:46:cb:b5:58:58:82:8e:af:
24:17:eb:88:c5:32:c6:e7:d5:21:03:f7:da:c6:bc:e5:71:a0:
54:85:17:4b:ef:35:01:1b:2b:c1:18:2a:a9:c5:39:4e:6a:5d:
be:28:bc:57:ae:b3:c3:37:cf:32:0b:54:a3:3d:80:e5:c2:52:
19:47:57:d4:63:26:a1:18:54:b1:73:f1:32:8c:3f:15:83:41:
f7:6f:b9:83:43:cf:36:f5:0c:c4:a9:81:b3:12:24:e3:6e:ee:
7b:34:13:3a:87:47:10:d7:7e:ea:af:0d:80:88:cd:86:33:e8:
16:2d:f7:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wMd0C0J0tlF5MNKzAD26MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNWI0NzFkMGJhMDg5ZDllOWY0NmMyOTEzMTk2NzRmYWM4
MTI4ZDAwHhcNMjYwMzI5MDQwMTEzWhcNMjYwMzMwMDQwMTEzWjAzMTEwLwYDVQQD
EygyYWQyY2MxYTIxOTNlOTMzOTA4ZTQ1YmQ1OTAzNDY5NGNmMjNlYjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRRf7I9V5LeCZWZbA2Nwajy704Ve
VNzIp3POe/TjpLWNZe/ZrU/xkOGnwAXffJgLmcol2HMsww4ikFmb1IfwMKkjYzQl
8CqMEgvRYcQBBL6eYxTmNjobHhaRHwuTN6RjSYvxYUCVqAQ8A6Z8/F/RmZ4wkq+4
2edalpIle4O9MSBNYb37abee02Z5pSugytzYwUQSyBtA4DIeEKTFWseF4HFIXwTJ
R/MsdbL43+wrAEV4RdklpijNC5n+0es+4FwhtPSK4WDe/fiiJWV2AniBqpqVhboH
+H6Uc6qWmn19fewEZ2O8r4QBoSEr7jXxtcZurlxBnWHOy/EMmgReEhKcHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCrSzBohk+kzkI5FvVkDRpTPI+tlMB8GA1UdIwQY
MBaAFKpbRx0LoInZ6fRsKRMZZ0+sgSjQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWx0SEhRdWdpZG5wOUd3cEV4bG5UNnlCS05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS80YmUwMjctODhlOS00N2UzLWJiODgt
NmYyZTI1MjliZTgyLzEvcWx0SEhRdWdpZG5wOUd3cEV4bG5UNnlCS05BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS80YmUwMjctODhlOS00N2UzLWJiODgtNmYyZTI1MjliZTgy
LzEvcWx0SEhRdWdpZG5wOUd3cEV4bG5UNnlCS05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADyV7IzQY
UzySyBIEkTkuLe/2KDWVK8IjhcS9IoJUC5cmAk4cw+e+RWjRcutC92YalzAUP5of
UHrX+3g5ukNwddIZvbYhoAURLY74nu232I+yrFN//cvPFZCjeCPCvuf+rNX7dJuk
pk/0sV1JFHLH4N1SHcYqJmcj8q09GZ8VHXiR00nrrw6M3kbLtVhYgo6vJBfriMUy
xufVIQP32sa85XGgVIUXS+81ARsrwRgqqcU5Tmpdvii8V66zwzfPMgtUoz2A5cJS
GUdX1GMmoRhUsXPxMow/FYNB92+5g0PPNvUMxKmBsxIk427uezQTOodHENd+6q8N
gIjNhjPoFi33zA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:30:56 2026 by rpki-client