Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/04019c-ad17-428d-b3a2-1be13ba8d456/1/qmWvaX3x9s2vTLvWbePUO-2GnpA.mft
File: qmWvaX3x9s2vTLvWbePUO-2GnpA.mft (raw, json)
Hash identifier: +1IWIBLdOT7CtRL1dQT2uZ0J0Mna4WiUHMnY6Tjc9iI=
Subject key identifier: 90:B5:93:FF:B0:48:54:7C:28:44:B6:19:B3:21:85:41:56:38:5D:C0
Authority key identifier: AA:65:AF:69:7D:F1:F6:CD:AF:4C:BB:D6:6D:E3:D4:3B:ED:86:9E:90
Certificate issuer: /CN=aa65af697df1f6cdaf4cbbd66de3d43bed869e90
Certificate serial: 019D389BEA0F5AD331B5A38FBD115BAE0179
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qmWvaX3x9s2vTLvWbePUO-2GnpA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/04019c-ad17-428d-b3a2-1be13ba8d456/1/qmWvaX3x9s2vTLvWbePUO-2GnpA.mft
Manifest number: 0EAC
Signing time: Sun 29 Mar 2026 08:00:35 +0000
Manifest this update: Sun 29 Mar 2026 08:00:35 +0000
Manifest next update: Mon 30 Mar 2026 08:00:35 +0000
Files and hashes: 1: PGUUZM8u8YWCrmYPpZ5UGlkMe7E.roa (hash: vabTxUmDYcjlCjqakgT+rEZSHxdr7LOmZlkCx88W/fM=)
2: qmWvaX3x9s2vTLvWbePUO-2GnpA.crl (hash: y8bdcv3dw7DnqdJ8x7wyvtBGDrgEo1Cy+1mQUEv1264=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/04019c-ad17-428d-b3a2-1be13ba8d456/1/qmWvaX3x9s2vTLvWbePUO-2GnpA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/04019c-ad17-428d-b3a2-1be13ba8d456/1/qmWvaX3x9s2vTLvWbePUO-2GnpA.mft
rsync://rpki.ripe.net/repository/DEFAULT/qmWvaX3x9s2vTLvWbePUO-2GnpA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9b:ea:0f:5a:d3:31:b5:a3:8f:bd:11:5b:ae:01:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa65af697df1f6cdaf4cbbd66de3d43bed869e90
Validity
Not Before: Mar 29 08:00:35 2026 GMT
Not After : Mar 30 08:00:35 2026 GMT
Subject: CN=90b593ffb048547c2844b619b321854156385dc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:91:1c:06:1a:fa:b8:58:4a:e5:cc:7c:7d:d2:
e0:06:07:c7:c9:7e:d1:de:f4:2c:f7:68:0b:46:9d:
54:32:43:98:cb:b2:70:00:55:e1:2d:72:73:f1:6e:
78:be:bb:78:ca:af:c6:7d:22:7d:7f:db:c5:43:65:
88:a7:b0:f7:6b:21:77:51:69:46:c7:07:d1:ef:b2:
b3:f4:58:07:b7:0b:2e:18:bf:13:10:29:7e:e9:ee:
63:bf:49:65:a8:2f:f1:fd:44:20:c8:89:76:f7:01:
40:70:32:1a:d7:73:c1:d5:36:4a:bc:55:5d:3e:5f:
fd:76:18:80:95:be:0d:79:94:64:99:ae:ac:e2:d3:
95:c5:d1:91:8e:d9:be:db:b0:e7:59:06:6f:d0:aa:
a2:87:b1:2a:84:91:33:b1:4c:7d:9d:64:cf:33:46:
87:b1:1a:24:5c:47:e3:1a:a2:65:13:9d:9d:9e:d9:
c3:b3:a6:6a:e9:1e:87:ff:55:57:73:90:8c:cc:da:
20:ce:1e:08:d0:5f:0c:94:42:03:4c:68:28:72:e3:
8a:69:f8:e4:e8:f3:a5:79:6e:a7:55:5b:ee:a8:99:
9b:04:e8:6e:f8:cf:a1:0b:08:bd:9a:1e:60:30:69:
0b:7b:f2:3f:55:e3:5c:18:22:a3:0d:28:b7:4e:6b:
45:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:B5:93:FF:B0:48:54:7C:28:44:B6:19:B3:21:85:41:56:38:5D:C0
X509v3 Authority Key Identifier:
keyid:AA:65:AF:69:7D:F1:F6:CD:AF:4C:BB:D6:6D:E3:D4:3B:ED:86:9E:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qmWvaX3x9s2vTLvWbePUO-2GnpA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/04019c-ad17-428d-b3a2-1be13ba8d456/1/qmWvaX3x9s2vTLvWbePUO-2GnpA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/04019c-ad17-428d-b3a2-1be13ba8d456/1/qmWvaX3x9s2vTLvWbePUO-2GnpA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
82:df:44:1b:de:ba:b5:04:79:9f:da:dd:79:b8:28:7a:59:d7:
ee:ca:53:5b:c2:70:18:7c:51:3f:46:ee:29:6c:f1:32:18:bc:
1e:12:d9:a0:8d:21:63:7f:0f:db:8d:9a:e7:07:3a:56:49:b3:
3b:71:74:12:1b:bd:18:a5:61:55:f8:b5:14:6a:03:6c:ba:bf:
1d:ae:93:4e:15:f2:82:b0:d9:b6:00:03:63:7f:69:13:0d:d6:
14:13:bc:0e:68:2e:da:28:07:b8:59:2a:97:96:aa:42:ea:1e:
7a:1e:f3:01:59:d2:ae:ed:88:b9:b6:30:91:71:0f:9a:7c:cb:
71:79:0e:f6:67:ce:3b:c6:36:87:79:e2:21:e9:ec:02:cc:ce:
81:9d:66:ea:4d:b4:09:7d:24:df:7d:65:d7:ba:e6:95:26:09:
b5:d5:56:e1:f5:3f:58:a2:12:b2:94:c5:f9:60:d6:16:45:5f:
a7:a3:7c:a4:48:8b:69:29:cb:63:78:53:ba:8b:d7:5e:3e:5c:
49:4d:d4:fd:64:47:3d:4d:4a:f8:e7:51:85:7f:33:dc:2c:05:
88:95:ee:94:86:18:63:f8:3f:a8:84:44:da:97:ea:75:3a:4c:
c6:82:4d:4e:42:af:8e:c5:80:17:93:ce:e5:d1:a0:2c:27:a8:
91:1a:f7:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04m+oPWtMxtaOPvRFbrgF5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNjVhZjY5N2RmMWY2Y2RhZjRjYmJkNjZkZTNkNDNiZWQ4
NjllOTAwHhcNMjYwMzI5MDgwMDM1WhcNMjYwMzMwMDgwMDM1WjAzMTEwLwYDVQQD
Eyg5MGI1OTNmZmIwNDg1NDdjMjg0NGI2MTliMzIxODU0MTU2Mzg1ZGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZEcBhr6uFhK5cx8fdLgBgfHyX7R
3vQs92gLRp1UMkOYy7JwAFXhLXJz8W54vrt4yq/GfSJ9f9vFQ2WIp7D3ayF3UWlG
xwfR77Kz9FgHtwsuGL8TECl+6e5jv0llqC/x/UQgyIl29wFAcDIa13PB1TZKvFVd
Pl/9dhiAlb4NeZRkma6s4tOVxdGRjtm+27DnWQZv0Kqih7EqhJEzsUx9nWTPM0aH
sRokXEfjGqJlE52dntnDs6Zq6R6H/1VXc5CMzNogzh4I0F8MlEIDTGgocuOKafjk
6POleW6nVVvuqJmbBOhu+M+hCwi9mh5gMGkLe/I/VeNcGCKjDSi3TmtF7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJC1k/+wSFR8KES2GbMhhUFWOF3AMB8GA1UdIwQY
MBaAFKplr2l98fbNr0y71m3j1Dvthp6QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW1XdmFYM3g5czJ2VEx2V2JlUFVPLTJHbnBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8wNDAxOWMtYWQxNy00MjhkLWIzYTIt
MWJlMTNiYThkNDU2LzEvcW1XdmFYM3g5czJ2VEx2V2JlUFVPLTJHbnBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8wNDAxOWMtYWQxNy00MjhkLWIzYTItMWJlMTNiYThkNDU2
LzEvcW1XdmFYM3g5czJ2VEx2V2JlUFVPLTJHbnBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgt9EG966
tQR5n9rdebgoelnX7spTW8JwGHxRP0buKWzxMhi8HhLZoI0hY38P242a5wc6Vkmz
O3F0Ehu9GKVhVfi1FGoDbLq/Ha6TThXygrDZtgADY39pEw3WFBO8Dmgu2igHuFkq
l5aqQuoeeh7zAVnSru2IubYwkXEPmnzLcXkO9mfOO8Y2h3niIensAszOgZ1m6k20
CX0k331l17rmlSYJtdVW4fU/WKISspTF+WDWFkVfp6N8pEiLaSnLY3hTuovXXj5c
SU3U/WRHPU1K+OdRhX8z3CwFiJXulIYYY/g/qIRE2pfqdTpMxoJNTkKvjsWAF5PO
5dGgLCeokRr3JQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:19:24 2026 by rpki-client