Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/438008-338d-4c31-97c5-4cb97076cff2/1/QwPxM011rEMsDKp404mnDAnBLKY.mft
File: QwPxM011rEMsDKp404mnDAnBLKY.mft (raw, json)
Hash identifier: Fhf6fTyy/xdOGN/SnnUg4hH4bb654shdqTEGVuUTJps=
Subject key identifier: 9B:03:2F:D1:AB:C4:CC:97:AD:19:0B:B2:09:A1:EA:2A:FB:B4:94:32
Authority key identifier: 43:03:F1:33:4D:75:AC:43:2C:0C:AA:78:D3:89:A7:0C:09:C1:2C:A6
Certificate issuer: /CN=4303f1334d75ac432c0caa78d389a70c09c12ca6
Certificate serial: 019D389BCC24DAE17938EBED5904329096D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwPxM011rEMsDKp404mnDAnBLKY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/438008-338d-4c31-97c5-4cb97076cff2/1/QwPxM011rEMsDKp404mnDAnBLKY.mft
Manifest number: 03E5
Signing time: Sun 29 Mar 2026 08:00:27 +0000
Manifest this update: Sun 29 Mar 2026 08:00:27 +0000
Manifest next update: Mon 30 Mar 2026 08:00:27 +0000
Files and hashes: 1: 3R5g76dVvoZ3hbqttjNUSKbFIB0.roa (hash: rtDmg5+SMVya5wLcSYnXovjRonU3uTPe2cR9Qa4/bgU=)
2: QwPxM011rEMsDKp404mnDAnBLKY.crl (hash: 6YRNMPPb1/KkXkJGyz+SGbjMyNdJFGtVjyHCpafuIYI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/438008-338d-4c31-97c5-4cb97076cff2/1/QwPxM011rEMsDKp404mnDAnBLKY.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/438008-338d-4c31-97c5-4cb97076cff2/1/QwPxM011rEMsDKp404mnDAnBLKY.mft
rsync://rpki.ripe.net/repository/DEFAULT/QwPxM011rEMsDKp404mnDAnBLKY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 08:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9b:cc:24:da:e1:79:38:eb:ed:59:04:32:90:96:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4303f1334d75ac432c0caa78d389a70c09c12ca6
Validity
Not Before: Mar 29 08:00:27 2026 GMT
Not After : Mar 30 08:00:27 2026 GMT
Subject: CN=9b032fd1abc4cc97ad190bb209a1ea2afbb49432
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:76:f1:e4:30:b6:ec:b8:74:65:b0:b6:06:6a:
8e:f8:79:d2:81:89:58:f1:b8:7c:bb:19:18:05:d4:
58:95:24:7a:e1:b8:dd:26:58:dc:cc:96:e4:58:70:
88:a9:50:09:9a:8a:40:56:62:f6:22:9b:e0:6a:ab:
12:90:b8:de:3f:17:59:cd:d5:8f:d5:7a:19:ac:76:
58:a7:14:d0:dc:bd:64:e0:98:1c:e5:82:91:ff:79:
3c:e5:83:ce:34:24:4e:67:5c:78:d6:f5:40:4a:f5:
20:ac:12:67:9a:79:57:3c:6c:3e:ab:90:ea:aa:13:
dd:9d:91:d6:73:f1:30:e7:e7:86:cc:84:9d:7d:2f:
e4:23:e9:31:03:b5:52:a8:a7:e2:b6:2c:b5:a3:35:
a4:6d:64:48:88:5d:3e:8b:4e:0a:ec:25:f5:09:97:
e1:fc:63:7f:49:24:59:61:7f:f0:dc:b6:c7:99:ec:
5a:7f:91:28:94:d5:90:12:85:cf:28:b8:00:98:b5:
92:78:21:86:b3:9e:66:04:fc:a0:60:6b:e4:29:cb:
ce:f5:63:ee:d0:6c:b5:b9:28:e7:e3:24:48:01:eb:
56:94:8c:98:10:47:4d:06:64:e8:ef:21:cd:75:0b:
47:e7:c5:9b:e3:ca:6c:7c:e2:75:b3:6a:e4:26:d5:
3e:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:03:2F:D1:AB:C4:CC:97:AD:19:0B:B2:09:A1:EA:2A:FB:B4:94:32
X509v3 Authority Key Identifier:
keyid:43:03:F1:33:4D:75:AC:43:2C:0C:AA:78:D3:89:A7:0C:09:C1:2C:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwPxM011rEMsDKp404mnDAnBLKY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/438008-338d-4c31-97c5-4cb97076cff2/1/QwPxM011rEMsDKp404mnDAnBLKY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/438008-338d-4c31-97c5-4cb97076cff2/1/QwPxM011rEMsDKp404mnDAnBLKY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5b:53:38:8c:36:f7:22:70:06:a0:74:6a:17:da:3f:ae:77:0d:
13:8d:2c:17:37:d3:bf:fe:6f:48:aa:65:ce:88:08:8f:c6:3d:
5f:e8:b4:61:03:61:15:42:8b:8b:5a:31:1d:5b:40:73:c8:78:
0f:03:f3:92:7b:0f:3d:92:03:3f:38:0a:2c:5d:29:f2:29:b7:
26:0d:79:ff:42:c1:25:f8:18:86:5e:83:b0:cf:fb:34:da:f5:
fb:77:dd:70:a8:64:a0:b0:bd:10:9b:7d:0a:6c:8c:15:b9:0c:
da:a9:b2:56:75:d4:b8:89:26:43:00:42:26:56:66:a9:f2:5b:
f5:6a:86:ca:83:8a:c8:4b:d1:c9:44:a2:b1:72:7e:c8:ec:83:
16:b4:97:b8:a2:aa:55:b4:9c:54:5d:7d:8d:21:67:ba:a4:ef:
ea:f5:c1:cb:c3:c1:03:72:67:a4:b3:a9:21:2a:9d:46:48:6c:
76:5e:d0:45:2f:cc:c4:61:b3:08:22:c4:a5:71:bf:79:00:93:
81:d1:3f:1e:f2:ef:05:68:94:a7:35:15:79:28:0d:cd:2a:2c:
53:65:32:64:70:cd:ff:33:32:36:6d:8b:22:73:1e:19:2d:ad:
dc:d3:44:5c:0a:3b:8d:5c:50:34:1a:cf:d3:19:76:2c:d0:7a:
07:19:16:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04m8wk2uF5OOvtWQQykJbXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDNmMTMzNGQ3NWFjNDMyYzBjYWE3OGQzODlhNzBjMDlj
MTJjYTYwHhcNMjYwMzI5MDgwMDI3WhcNMjYwMzMwMDgwMDI3WjAzMTEwLwYDVQQD
Eyg5YjAzMmZkMWFiYzRjYzk3YWQxOTBiYjIwOWExZWEyYWZiYjQ5NDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHbx5DC27Lh0ZbC2BmqO+HnSgYlY
8bh8uxkYBdRYlSR64bjdJljczJbkWHCIqVAJmopAVmL2IpvgaqsSkLjePxdZzdWP
1XoZrHZYpxTQ3L1k4Jgc5YKR/3k85YPONCROZ1x41vVASvUgrBJnmnlXPGw+q5Dq
qhPdnZHWc/Ew5+eGzISdfS/kI+kxA7VSqKfitiy1ozWkbWRIiF0+i04K7CX1CZfh
/GN/SSRZYX/w3LbHmexaf5EolNWQEoXPKLgAmLWSeCGGs55mBPygYGvkKcvO9WPu
0Gy1uSjn4yRIAetWlIyYEEdNBmTo7yHNdQtH58Wb48psfOJ1s2rkJtU+OQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJsDL9GrxMyXrRkLsgmh6ir7tJQyMB8GA1UdIwQY
MBaAFEMD8TNNdaxDLAyqeNOJpwwJwSymMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdQeE0wMTFyRU1zREtwNDA0bW5EQW5CTEtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS80MzgwMDgtMzM4ZC00YzMxLTk3YzUt
NGNiOTcwNzZjZmYyLzEvUXdQeE0wMTFyRU1zREtwNDA0bW5EQW5CTEtZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS80MzgwMDgtMzM4ZC00YzMxLTk3YzUtNGNiOTcwNzZjZmYy
LzEvUXdQeE0wMTFyRU1zREtwNDA0bW5EQW5CTEtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW1M4jDb3
InAGoHRqF9o/rncNE40sFzfTv/5vSKplzogIj8Y9X+i0YQNhFUKLi1oxHVtAc8h4
DwPzknsPPZIDPzgKLF0p8im3Jg15/0LBJfgYhl6DsM/7NNr1+3fdcKhkoLC9EJt9
CmyMFbkM2qmyVnXUuIkmQwBCJlZmqfJb9WqGyoOKyEvRyUSisXJ+yOyDFrSXuKKq
VbScVF19jSFnuqTv6vXBy8PBA3JnpLOpISqdRkhsdl7QRS/MxGGzCCLEpXG/eQCT
gdE/HvLvBWiUpzUVeSgNzSosU2UyZHDN/zMyNm2LInMeGS2t3NNEXAo7jVxQNBrP
0xl2LNB6BxkWJw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 18:39:07 2026 by rpki-client