Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ba12cd-2e7e-40dc-ae88-248b59c3696b/1/QsCVkBFifd0NBX1zHo-lpRApZZI.mft
File: QsCVkBFifd0NBX1zHo-lpRApZZI.mft (raw, json)
Hash identifier: WLFscPZfdLX3NPo5IuV4xcJWDrJseg3Eg9NQwzQ5R7E=
Subject key identifier: F8:5E:0A:D1:8A:C0:91:EA:AE:41:72:E1:06:33:86:70:EB:E2:00:52
Authority key identifier: 42:C0:95:90:11:62:7D:DD:0D:05:7D:73:1E:8F:A5:A5:10:29:65:92
Certificate issuer: /CN=42c0959011627ddd0d057d731e8fa5a510296592
Certificate serial: 019D3865BCF58B351AEBF818945638F700F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QsCVkBFifd0NBX1zHo-lpRApZZI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ba12cd-2e7e-40dc-ae88-248b59c3696b/1/QsCVkBFifd0NBX1zHo-lpRApZZI.mft
Manifest number: 1890
Signing time: Sun 29 Mar 2026 07:01:24 +0000
Manifest this update: Sun 29 Mar 2026 07:01:24 +0000
Manifest next update: Mon 30 Mar 2026 07:01:24 +0000
Files and hashes: 1: QsCVkBFifd0NBX1zHo-lpRApZZI.crl (hash: HH0XamU07mokxuhrD7ayk37/xXvdOi4b1EFdGXr45rU=)
2: RMmBnfd1TCGUmEC2O6JokpnQVQ8.roa (hash: wPMgtMcsG/KMNrN9/altEtQua2Hm0vaKQpeGiiY5B3Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/ba12cd-2e7e-40dc-ae88-248b59c3696b/1/QsCVkBFifd0NBX1zHo-lpRApZZI.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/ba12cd-2e7e-40dc-ae88-248b59c3696b/1/QsCVkBFifd0NBX1zHo-lpRApZZI.mft
rsync://rpki.ripe.net/repository/DEFAULT/QsCVkBFifd0NBX1zHo-lpRApZZI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:65:bc:f5:8b:35:1a:eb:f8:18:94:56:38:f7:00:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42c0959011627ddd0d057d731e8fa5a510296592
Validity
Not Before: Mar 29 07:01:24 2026 GMT
Not After : Mar 30 07:01:24 2026 GMT
Subject: CN=f85e0ad18ac091eaae4172e106338670ebe20052
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c0:73:81:84:9a:49:ab:e6:0c:ca:42:a4:79:
c3:6d:e0:7e:63:2e:a2:88:3c:cc:e8:84:e4:2d:88:
d6:fc:a9:9b:3c:a1:21:20:22:a8:bd:02:ae:d1:cd:
67:33:d1:56:96:28:43:5f:4a:9e:3c:56:e2:83:6e:
36:9f:f2:aa:6b:68:ca:9c:b8:a7:07:21:fd:c6:0a:
1d:fc:a7:98:44:4e:5a:59:27:d4:46:c0:fc:67:64:
e2:0a:85:6d:e8:32:93:17:a1:50:7a:a5:ba:ce:37:
5d:c1:3a:6e:3b:95:73:d8:dd:98:26:ea:fc:a2:fd:
d3:7d:bb:46:1b:37:d1:95:26:5f:51:68:a5:ff:22:
ba:ab:86:e7:ad:11:1e:6d:7a:8d:11:75:90:a7:5c:
ec:da:73:41:e7:a7:16:2d:27:98:a0:f1:74:75:b4:
cd:a9:c9:fa:0d:75:c4:5a:82:e5:34:6a:04:c4:5c:
66:19:10:ea:a4:59:8d:5e:1c:8f:05:7c:b3:18:c7:
7f:f7:51:88:ad:9b:e3:2e:ad:8e:04:cb:86:ab:0c:
5d:b6:e7:fd:19:6c:f3:d2:e6:88:2b:88:33:44:d1:
0c:9b:54:8e:ee:30:25:50:a1:79:d1:c9:0b:d3:bb:
ef:a4:c5:69:58:24:f3:26:0c:48:fa:08:75:de:90:
69:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:5E:0A:D1:8A:C0:91:EA:AE:41:72:E1:06:33:86:70:EB:E2:00:52
X509v3 Authority Key Identifier:
keyid:42:C0:95:90:11:62:7D:DD:0D:05:7D:73:1E:8F:A5:A5:10:29:65:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QsCVkBFifd0NBX1zHo-lpRApZZI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ba12cd-2e7e-40dc-ae88-248b59c3696b/1/QsCVkBFifd0NBX1zHo-lpRApZZI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ba12cd-2e7e-40dc-ae88-248b59c3696b/1/QsCVkBFifd0NBX1zHo-lpRApZZI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5a:5a:d7:4d:04:17:2d:0c:7e:9e:ce:9b:62:d7:3d:58:7b:b7:
d8:5e:39:14:73:d5:3a:79:8c:a9:e3:a0:7c:98:57:3d:cf:03:
90:b2:d9:d7:36:d3:a3:71:18:4f:49:21:fa:07:b9:c6:5f:f5:
45:08:ff:7a:cd:8f:4b:4d:ba:48:1d:c4:09:bf:56:2e:56:f2:
7f:1f:1a:0e:6d:a3:6f:fe:79:a3:da:e9:5f:6f:24:f4:12:08:
ff:9c:b9:87:ed:9c:a6:f5:0f:bb:50:bd:e0:60:8e:f7:2b:b9:
7f:47:f0:2f:c8:bb:8d:f5:1b:29:44:9b:5d:01:2f:d9:84:0a:
d5:5c:4a:8e:f2:f9:23:72:40:dd:42:c1:02:6e:a7:f8:d4:a6:
ab:c5:d5:9e:96:73:8f:cc:0f:a7:bf:37:3b:05:68:07:9a:96:
76:e6:3a:98:de:b2:79:af:86:e8:55:f4:3f:ff:86:82:52:a1:
60:4a:4a:15:25:db:8c:0b:33:a7:06:d4:9e:3e:9d:2a:34:a9:
42:10:d0:c3:f5:63:08:cb:9b:91:b4:42:79:4a:ac:4e:ac:dc:
0c:09:a1:d2:1f:50:b9:12:88:47:95:46:3c:1f:2b:c1:fd:77:
99:b4:f9:1f:4d:28:6c:7f:15:af:f9:fa:16:3f:a6:e3:4c:13:
67:92:2a:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zbz1izUa6/gYlFY49wD2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyYzA5NTkwMTE2MjdkZGQwZDA1N2Q3MzFlOGZhNWE1MTAy
OTY1OTIwHhcNMjYwMzI5MDcwMTI0WhcNMjYwMzMwMDcwMTI0WjAzMTEwLwYDVQQD
EyhmODVlMGFkMThhYzA5MWVhYWU0MTcyZTEwNjMzODY3MGViZTIwMDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMBzgYSaSavmDMpCpHnDbeB+Yy6i
iDzM6ITkLYjW/KmbPKEhICKovQKu0c1nM9FWlihDX0qePFbig242n/Kqa2jKnLin
ByH9xgod/KeYRE5aWSfURsD8Z2TiCoVt6DKTF6FQeqW6zjddwTpuO5Vz2N2YJur8
ov3TfbtGGzfRlSZfUWil/yK6q4bnrREebXqNEXWQp1zs2nNB56cWLSeYoPF0dbTN
qcn6DXXEWoLlNGoExFxmGRDqpFmNXhyPBXyzGMd/91GIrZvjLq2OBMuGqwxdtuf9
GWzz0uaIK4gzRNEMm1SO7jAlUKF50ckL07vvpMVpWCTzJgxI+gh13pBpAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPheCtGKwJHqrkFy4QYzhnDr4gBSMB8GA1UdIwQY
MBaAFELAlZARYn3dDQV9cx6PpaUQKWWSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXNDVmtCRmlmZDBOQlgxekhvLWxwUkFwWlpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9iYTEyY2QtMmU3ZS00MGRjLWFlODgt
MjQ4YjU5YzM2OTZiLzEvUXNDVmtCRmlmZDBOQlgxekhvLWxwUkFwWlpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9iYTEyY2QtMmU3ZS00MGRjLWFlODgtMjQ4YjU5YzM2OTZi
LzEvUXNDVmtCRmlmZDBOQlgxekhvLWxwUkFwWlpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWlrXTQQX
LQx+ns6bYtc9WHu32F45FHPVOnmMqeOgfJhXPc8DkLLZ1zbTo3EYT0kh+ge5xl/1
RQj/es2PS026SB3ECb9WLlbyfx8aDm2jb/55o9rpX28k9BII/5y5h+2cpvUPu1C9
4GCO9yu5f0fwL8i7jfUbKUSbXQEv2YQK1VxKjvL5I3JA3ULBAm6n+NSmq8XVnpZz
j8wPp783OwVoB5qWduY6mN6yea+G6FX0P/+GglKhYEpKFSXbjAszpwbUnj6dKjSp
QhDQw/VjCMubkbRCeUqsTqzcDAmh0h9QuRKIR5VGPB8rwf13mbT5H00obH8Vr/n6
Fj+m40wTZ5Iqog==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:06:26 2026 by rpki-client