Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/b62439-7e47-42e1-8fdc-18e91296022d/1/QOpeOfhjVzbkjfU4IqXKzBC0Oh8.mft
File: QOpeOfhjVzbkjfU4IqXKzBC0Oh8.mft (raw, json)
Hash identifier: lIr7GbLHVB8K5MNsaD/8b3vpZYdAMZyVHeHK09SYmOQ=
Subject key identifier: 5C:CB:2D:97:64:20:E0:8D:76:22:91:8F:6F:03:8D:5C:DA:69:26:72
Authority key identifier: 40:EA:5E:39:F8:63:57:36:E4:8D:F5:38:22:A5:CA:CC:10:B4:3A:1F
Certificate issuer: /CN=40ea5e39f8635736e48df53822a5cacc10b43a1f
Certificate serial: 019D37522686D5C8B3C0D9102656C2E979A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QOpeOfhjVzbkjfU4IqXKzBC0Oh8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/b62439-7e47-42e1-8fdc-18e91296022d/1/QOpeOfhjVzbkjfU4IqXKzBC0Oh8.mft
Manifest number: 1890
Signing time: Sun 29 Mar 2026 02:00:23 +0000
Manifest this update: Sun 29 Mar 2026 02:00:23 +0000
Manifest next update: Mon 30 Mar 2026 02:00:23 +0000
Files and hashes: 1: QOpeOfhjVzbkjfU4IqXKzBC0Oh8.crl (hash: OiAkVfDUBHPFkEvHWO718w83E4E3swz+sfvD/szhRdY=)
2: aS8mVetVV64JjwlhI8fk4CgYJuY.roa (hash: 5ScmfISq4FtoPsxtoa+DY1bHZcOcz3J826X0cZ02V54=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/b62439-7e47-42e1-8fdc-18e91296022d/1/QOpeOfhjVzbkjfU4IqXKzBC0Oh8.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/b62439-7e47-42e1-8fdc-18e91296022d/1/QOpeOfhjVzbkjfU4IqXKzBC0Oh8.mft
rsync://rpki.ripe.net/repository/DEFAULT/QOpeOfhjVzbkjfU4IqXKzBC0Oh8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 02:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:52:26:86:d5:c8:b3:c0:d9:10:26:56:c2:e9:79:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40ea5e39f8635736e48df53822a5cacc10b43a1f
Validity
Not Before: Mar 29 02:00:23 2026 GMT
Not After : Mar 30 02:00:23 2026 GMT
Subject: CN=5ccb2d976420e08d7622918f6f038d5cda692672
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:47:73:e0:40:17:9e:d8:ed:59:2a:ed:a8:7e:
c8:30:ac:10:a2:16:37:70:d6:11:1d:4d:09:72:71:
a2:28:af:a3:40:a1:10:57:2c:7a:62:df:b6:8a:39:
0a:0f:4c:43:60:2e:b6:2d:5a:78:e7:4c:c4:1a:2c:
c0:5a:af:f1:88:08:77:c8:97:a9:42:ad:80:80:03:
08:37:5a:c9:75:c3:26:86:76:f0:14:b3:5e:f3:a7:
a4:c2:5c:32:ed:13:20:6d:b2:fe:96:0f:2f:dd:d8:
9d:f3:27:14:cf:1b:82:e2:14:9f:52:6d:a9:59:19:
09:44:69:ed:8f:36:90:6d:44:a3:c5:c8:92:01:af:
5d:1a:bc:cb:0a:62:56:e0:65:fe:38:89:a2:7f:b5:
6c:20:3a:ff:b0:af:67:b3:18:6e:92:2b:26:e2:35:
45:bf:d5:21:2a:f9:e4:65:25:ad:2a:65:e6:59:92:
73:f1:df:46:c5:e3:23:73:14:2e:1a:b2:f1:03:31:
db:ac:5e:ef:5e:ea:64:e2:bd:2e:65:92:ac:84:a9:
5c:0b:34:f3:f1:e1:1e:f3:d5:c6:b2:f9:be:12:57:
31:ae:a6:7b:47:1e:1b:09:de:27:fd:02:ee:01:ae:
b7:20:e5:94:9f:a2:c7:d2:ac:7d:22:dd:72:19:2d:
70:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:CB:2D:97:64:20:E0:8D:76:22:91:8F:6F:03:8D:5C:DA:69:26:72
X509v3 Authority Key Identifier:
keyid:40:EA:5E:39:F8:63:57:36:E4:8D:F5:38:22:A5:CA:CC:10:B4:3A:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QOpeOfhjVzbkjfU4IqXKzBC0Oh8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/b62439-7e47-42e1-8fdc-18e91296022d/1/QOpeOfhjVzbkjfU4IqXKzBC0Oh8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/b62439-7e47-42e1-8fdc-18e91296022d/1/QOpeOfhjVzbkjfU4IqXKzBC0Oh8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
67:71:22:a8:d1:85:4f:9f:c0:14:41:aa:fd:ed:1e:e4:c2:44:
82:bb:8b:47:62:f3:99:87:ea:97:5c:92:16:5c:17:12:b9:d2:
e5:25:6c:42:a0:84:f6:1a:74:4f:71:5a:12:06:8e:e6:04:11:
d6:04:10:df:bf:36:e1:34:f9:b8:eb:38:9c:bd:5b:01:b5:3a:
07:33:e9:7f:10:87:c7:dd:82:79:f3:e3:01:f2:a7:69:63:fc:
c2:be:d2:48:f9:e2:5e:19:c4:02:cc:cc:59:30:05:17:2e:8f:
47:cb:63:b9:2b:4d:39:c2:be:51:4f:71:31:b6:83:fc:c7:9f:
4a:2d:79:c8:7b:6d:12:95:fb:ff:19:22:6b:0a:78:4a:bc:44:
2b:9c:64:e7:12:c7:40:e8:7d:31:47:50:62:eb:dd:05:cf:0c:
c8:ed:b4:ed:8f:84:3d:13:b7:9d:88:48:cb:e4:0e:f3:8f:e4:
66:42:61:15:82:7b:d0:72:58:f1:7b:c4:20:2b:f2:1b:d5:4b:
57:77:bd:3b:15:8a:c0:8c:83:34:5a:c9:f2:ec:bb:1c:ed:d1:
69:43:05:25:ae:35:c2:b6:dd:29:7a:82:3a:c3:15:94:d5:1d:
66:ee:0d:dc:7d:bf:7a:da:a2:9a:cc:78:26:1b:62:aa:6e:52:
f0:5c:02:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03UiaG1cizwNkQJlbC6XmlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZWE1ZTM5Zjg2MzU3MzZlNDhkZjUzODIyYTVjYWNjMTBi
NDNhMWYwHhcNMjYwMzI5MDIwMDIzWhcNMjYwMzMwMDIwMDIzWjAzMTEwLwYDVQQD
Eyg1Y2NiMmQ5NzY0MjBlMDhkNzYyMjkxOGY2ZjAzOGQ1Y2RhNjkyNjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsUdz4EAXntjtWSrtqH7IMKwQohY3
cNYRHU0JcnGiKK+jQKEQVyx6Yt+2ijkKD0xDYC62LVp450zEGizAWq/xiAh3yJep
Qq2AgAMIN1rJdcMmhnbwFLNe86ekwlwy7RMgbbL+lg8v3did8ycUzxuC4hSfUm2p
WRkJRGntjzaQbUSjxciSAa9dGrzLCmJW4GX+OImif7VsIDr/sK9nsxhukism4jVF
v9UhKvnkZSWtKmXmWZJz8d9GxeMjcxQuGrLxAzHbrF7vXupk4r0uZZKshKlcCzTz
8eEe89XGsvm+ElcxrqZ7Rx4bCd4n/QLuAa63IOWUn6LH0qx9It1yGS1wKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFzLLZdkIOCNdiKRj28DjVzaaSZyMB8GA1UdIwQY
MBaAFEDqXjn4Y1c25I31OCKlyswQtDofMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU9wZU9maGpWemJramZVNElxWEt6QkMwT2g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9iNjI0MzktN2U0Ny00MmUxLThmZGMt
MThlOTEyOTYwMjJkLzEvUU9wZU9maGpWemJramZVNElxWEt6QkMwT2g4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9iNjI0MzktN2U0Ny00MmUxLThmZGMtMThlOTEyOTYwMjJk
LzEvUU9wZU9maGpWemJramZVNElxWEt6QkMwT2g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ3EiqNGF
T5/AFEGq/e0e5MJEgruLR2LzmYfql1ySFlwXErnS5SVsQqCE9hp0T3FaEgaO5gQR
1gQQ37824TT5uOs4nL1bAbU6BzPpfxCHx92CefPjAfKnaWP8wr7SSPniXhnEAszM
WTAFFy6PR8tjuStNOcK+UU9xMbaD/MefSi15yHttEpX7/xkiawp4SrxEK5xk5xLH
QOh9MUdQYuvdBc8MyO207Y+EPRO3nYhIy+QO84/kZkJhFYJ70HJY8XvEICvyG9VL
V3e9OxWKwIyDNFrJ8uy7HO3RaUMFJa41wrbdKXqCOsMVlNUdZu4N3H2/etqimsx4
Jhtiqm5S8FwCvw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:27:44 2026 by rpki-client