Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/d910d1-94c6-4412-8506-9cb51e51ff77/1/QGYnM7yHPRPh-fZujf91yCDV0vc.mft
File: QGYnM7yHPRPh-fZujf91yCDV0vc.mft (raw, json)
Hash identifier: sw+AFpjUV6z6L+MKQQKrEKnpZptl37jg7u+FlvfvufA=
Subject key identifier: 2A:92:1F:E7:96:C9:34:FD:74:FA:FC:92:4F:E4:C6:A5:EB:56:9C:5B
Authority key identifier: 40:66:27:33:BC:87:3D:13:E1:F9:F6:6E:8D:FF:75:C8:20:D5:D2:F7
Certificate issuer: /CN=40662733bc873d13e1f9f66e8dff75c820d5d2f7
Certificate serial: 019DA89E0453B5E446C017EBC3BEED331B06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QGYnM7yHPRPh-fZujf91yCDV0vc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/d910d1-94c6-4412-8506-9cb51e51ff77/1/QGYnM7yHPRPh-fZujf91yCDV0vc.mft
Manifest number: 10CF
Signing time: Mon 20 Apr 2026 02:00:21 +0000
Manifest this update: Mon 20 Apr 2026 02:00:21 +0000
Manifest next update: Tue 21 Apr 2026 02:00:21 +0000
Files and hashes: 1: 41UHcYawFZ6dwCf_FfKVxB6pAyA.roa (hash: mxz0vZfXkFbrjS45D2R+Mi2lF9MSSxAbkahXO8KfBYc=)
2: QGYnM7yHPRPh-fZujf91yCDV0vc.crl (hash: QPUTMsoEa/j0Q7c8vquofeC6+xnMbuYLCzODaqzDRl8=)
3: gDO3yGlii3vGStP0g8IXSinnODc.asa (hash: 4GKXfRU/6q53CGfLh+IE//Y0yEXtQGF8Ot458LYjOwE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/d910d1-94c6-4412-8506-9cb51e51ff77/1/QGYnM7yHPRPh-fZujf91yCDV0vc.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/d910d1-94c6-4412-8506-9cb51e51ff77/1/QGYnM7yHPRPh-fZujf91yCDV0vc.mft
rsync://rpki.ripe.net/repository/DEFAULT/QGYnM7yHPRPh-fZujf91yCDV0vc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Apr 2026 02:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a8:9e:04:53:b5:e4:46:c0:17:eb:c3:be:ed:33:1b:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40662733bc873d13e1f9f66e8dff75c820d5d2f7
Validity
Not Before: Apr 20 02:00:21 2026 GMT
Not After : Apr 21 02:00:21 2026 GMT
Subject: CN=2a921fe796c934fd74fafc924fe4c6a5eb569c5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e3:f0:d3:aa:fd:17:13:c2:2f:fc:2a:f5:fa:
3e:88:cb:83:c4:6f:bb:86:af:c0:18:54:71:36:f0:
f1:e0:7a:8a:3a:88:5d:75:72:7c:04:03:3f:fd:19:
9d:97:61:98:3a:47:ff:f9:5e:35:cf:52:4b:a5:0b:
db:ae:f9:7e:c0:ef:23:4d:b8:e4:dd:48:cd:01:cc:
c9:0e:41:12:02:e8:81:6e:84:1a:f4:4a:05:0a:3d:
18:17:57:05:3d:15:22:6a:c3:85:12:28:dc:14:d5:
09:f6:10:69:9c:01:4d:5e:31:ae:b8:04:06:c5:ce:
6f:1f:5a:05:e2:6e:32:6c:f1:84:6f:d4:f3:ec:24:
65:c6:59:f0:c3:ad:99:0f:3b:bd:ec:14:1b:fc:78:
57:85:64:73:88:4a:dd:9f:95:2b:c0:d8:fc:bf:93:
e0:15:ed:0b:05:ae:45:b7:5a:6f:84:e3:f4:8f:74:
b2:91:34:5e:62:92:a1:cd:b1:88:0c:55:e9:e3:5d:
6b:53:7a:97:e0:2a:f0:22:a1:3d:79:fb:1f:98:d3:
e4:4c:a4:45:5a:7a:51:98:5e:47:7f:d9:54:7a:ff:
71:b3:75:5d:0f:6a:3a:7a:83:6b:22:17:f9:8a:8a:
c9:bd:f2:ef:20:49:42:28:b3:27:61:bb:e2:cd:19:
17:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:92:1F:E7:96:C9:34:FD:74:FA:FC:92:4F:E4:C6:A5:EB:56:9C:5B
X509v3 Authority Key Identifier:
keyid:40:66:27:33:BC:87:3D:13:E1:F9:F6:6E:8D:FF:75:C8:20:D5:D2:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QGYnM7yHPRPh-fZujf91yCDV0vc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/d910d1-94c6-4412-8506-9cb51e51ff77/1/QGYnM7yHPRPh-fZujf91yCDV0vc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/d910d1-94c6-4412-8506-9cb51e51ff77/1/QGYnM7yHPRPh-fZujf91yCDV0vc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
15:19:e6:84:6c:13:31:9a:05:e9:d8:32:dc:89:9f:58:5b:17:
4c:b5:af:43:cf:61:28:42:4b:ea:af:2e:e9:5d:90:76:37:11:
04:24:45:fd:af:cc:5f:2b:a8:d7:a7:c0:91:7b:51:78:55:3d:
3b:88:f9:af:34:99:c7:bb:c9:d4:f3:8e:5c:8d:f7:cb:64:f8:
9e:54:2e:8e:b8:ed:b7:97:34:5a:7e:bd:13:19:02:33:26:c5:
e7:81:10:9d:5a:b0:4c:ae:2e:b9:46:98:01:d0:84:8d:26:7b:
70:cd:01:30:da:62:e5:10:1e:ed:23:9b:66:fb:44:c0:f8:e1:
23:e2:c2:44:b6:30:cb:37:75:55:1f:2b:6e:58:f3:5b:22:ca:
8f:ba:31:98:b2:8f:dd:79:10:7d:63:55:85:1a:74:e3:fc:84:
55:56:7d:73:3e:f5:2a:06:bf:3b:be:93:c8:2e:84:20:9e:94:
a3:27:95:60:b5:39:eb:fc:5d:6d:2b:b3:fa:4e:77:66:e1:97:
e8:32:6f:77:58:af:13:f6:46:bb:97:02:ba:be:98:50:30:f7:
6f:66:ac:d8:80:9b:cc:1a:03:b5:65:d5:de:ac:cf:11:c5:4c:
13:39:87:8e:10:47:45:66:9d:92:35:1e:b4:00:d7:48:84:fe:
23:fa:0e:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ongRTteRGwBfrw77tMxsGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNjYyNzMzYmM4NzNkMTNlMWY5ZjY2ZThkZmY3NWM4MjBk
NWQyZjcwHhcNMjYwNDIwMDIwMDIxWhcNMjYwNDIxMDIwMDIxWjAzMTEwLwYDVQQD
EygyYTkyMWZlNzk2YzkzNGZkNzRmYWZjOTI0ZmU0YzZhNWViNTY5YzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtePw06r9FxPCL/wq9fo+iMuDxG+7
hq/AGFRxNvDx4HqKOohddXJ8BAM//Rmdl2GYOkf/+V41z1JLpQvbrvl+wO8jTbjk
3UjNAczJDkESAuiBboQa9EoFCj0YF1cFPRUiasOFEijcFNUJ9hBpnAFNXjGuuAQG
xc5vH1oF4m4ybPGEb9Tz7CRlxlnww62ZDzu97BQb/HhXhWRziErdn5UrwNj8v5Pg
Fe0LBa5Ft1pvhOP0j3SykTReYpKhzbGIDFXp411rU3qX4CrwIqE9efsfmNPkTKRF
WnpRmF5Hf9lUev9xs3VdD2o6eoNrIhf5iorJvfLvIElCKLMnYbvizRkXywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCqSH+eWyTT9dPr8kk/kxqXrVpxbMB8GA1UdIwQY
MBaAFEBmJzO8hz0T4fn2bo3/dcgg1dL3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUdZbk03eUhQUlBoLWZadWpmOTF5Q0RWMHZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9kOTEwZDEtOTRjNi00NDEyLTg1MDYt
OWNiNTFlNTFmZjc3LzEvUUdZbk03eUhQUlBoLWZadWpmOTF5Q0RWMHZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9kOTEwZDEtOTRjNi00NDEyLTg1MDYtOWNiNTFlNTFmZjc3
LzEvUUdZbk03eUhQUlBoLWZadWpmOTF5Q0RWMHZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFRnmhGwT
MZoF6dgy3ImfWFsXTLWvQ89hKEJL6q8u6V2QdjcRBCRF/a/MXyuo16fAkXtReFU9
O4j5rzSZx7vJ1POOXI33y2T4nlQujrjtt5c0Wn69ExkCMybF54EQnVqwTK4uuUaY
AdCEjSZ7cM0BMNpi5RAe7SObZvtEwPjhI+LCRLYwyzd1VR8rbljzWyLKj7oxmLKP
3XkQfWNVhRp04/yEVVZ9cz71Kga/O76TyC6EIJ6UoyeVYLU56/xdbSuz+k53ZuGX
6DJvd1ivE/ZGu5cCur6YUDD3b2as2ICbzBoDtWXV3qzPEcVMEzmHjhBHRWadkjUe
tADXSIT+I/oOFg==
-----END CERTIFICATE-----
Generated at Mon Apr 20 08:47:40 2026 by rpki-client