Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft
File: CQKHJW4l-jQNOvungOrGDVVq3sA.mft (raw, json)
Hash identifier: jCiZgGOYgVHUM/yWt/T5ACXsIrvbIZi36COVRZFY2HU=
Subject key identifier: 51:26:F8:E6:3C:FE:CF:F6:0F:2D:55:18:C2:0E:EA:EA:E4:7E:1F:37
Authority key identifier: 09:02:87:25:6E:25:FA:34:0D:3A:FB:A7:80:EA:C6:0D:55:6A:DE:C0
Certificate issuer: /CN=090287256e25fa340d3afba780eac60d556adec0
Certificate serial: 019D3A1CA085C520B04643B4AFE8AD988541
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CQKHJW4l-jQNOvungOrGDVVq3sA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft
Manifest number: 0BAD
Signing time: Sun 29 Mar 2026 15:00:47 +0000
Manifest this update: Sun 29 Mar 2026 15:00:47 +0000
Manifest next update: Mon 30 Mar 2026 15:00:47 +0000
Files and hashes: 1: 4TWnkEehYGPz8S3MxMCECSR21Hk.roa (hash: n3+/E4ft5KJ8lIw6jVs8x5Mt/ftJJPREMORWJ+SrYKM=)
2: CQKHJW4l-jQNOvungOrGDVVq3sA.crl (hash: vvh3iHP4bv3w9VO2XQlfUGV2gYAb/Qe9a+/imwlwTSE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft
rsync://rpki.ripe.net/repository/DEFAULT/CQKHJW4l-jQNOvungOrGDVVq3sA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 08:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3a:1c:a0:85:c5:20:b0:46:43:b4:af:e8:ad:98:85:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=090287256e25fa340d3afba780eac60d556adec0
Validity
Not Before: Mar 29 15:00:47 2026 GMT
Not After : Mar 30 15:00:47 2026 GMT
Subject: CN=5126f8e63cfecff60f2d5518c20eeaeae47e1f37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c1:4f:5b:c8:37:e0:d6:44:cb:3f:2e:41:23:
2b:d3:83:a9:e6:7f:d6:c4:f3:95:2a:bc:76:d6:8b:
2b:47:a7:59:f1:de:75:af:2e:55:47:75:64:89:a6:
b9:5b:88:c0:88:0f:58:62:20:89:73:e4:eb:53:68:
fe:d4:3c:86:1f:06:22:b0:8c:21:cd:22:fb:1e:e1:
b3:a6:be:53:c0:48:b2:05:c6:d6:85:70:ef:96:1e:
d8:47:a2:a7:f0:0f:19:77:b6:f6:ea:27:e8:a4:91:
62:14:0a:56:dc:c3:35:9a:a8:fb:35:8b:60:f5:8b:
c9:71:d9:5c:9c:82:69:91:11:64:7d:37:1e:4b:dd:
f0:db:9a:f7:36:9a:da:11:c7:3e:92:18:fd:13:96:
f6:e0:c1:18:f3:b5:4d:d4:7d:31:05:71:81:81:7c:
01:f5:06:51:79:6f:cb:5c:af:2e:b7:c1:ea:ff:c3:
31:e8:8a:51:76:95:97:db:61:d7:ce:0b:82:88:3d:
79:58:11:f4:d7:21:8c:0b:8e:da:0a:86:ce:93:92:
e9:77:7f:0f:b8:b7:03:4c:7b:af:a6:cf:dc:b3:f1:
2f:8c:40:65:c2:74:f0:22:52:76:58:e4:c4:0a:2b:
58:a8:c4:0e:ff:97:1e:47:4b:a2:77:16:c8:65:be:
0a:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:26:F8:E6:3C:FE:CF:F6:0F:2D:55:18:C2:0E:EA:EA:E4:7E:1F:37
X509v3 Authority Key Identifier:
keyid:09:02:87:25:6E:25:FA:34:0D:3A:FB:A7:80:EA:C6:0D:55:6A:DE:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CQKHJW4l-jQNOvungOrGDVVq3sA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
63:df:11:50:bb:4f:dd:5b:7d:56:c2:e9:66:e0:ba:dd:3f:5b:
e3:3a:68:dd:d7:f1:d6:4e:25:fb:b8:42:3b:ba:c2:d4:1c:b8:
07:c5:4d:04:f2:8c:91:90:2c:b5:44:f9:4f:cc:fc:69:7a:05:
73:97:6d:d4:26:be:ed:e0:46:c8:96:65:87:70:c4:8f:af:6d:
ff:b8:50:cd:b1:b9:f5:17:c2:bd:9f:eb:be:c0:ee:3d:6c:ac:
84:6b:74:9b:7b:13:f8:e6:90:dd:28:94:9f:2d:f0:f8:0c:31:
72:b6:e9:3e:31:c0:20:4d:61:ea:f7:cf:4e:bf:9b:4f:0b:89:
c9:e9:fa:3f:b0:c0:cf:3e:36:55:76:a6:fb:31:29:ff:be:8c:
63:7a:ed:8d:8f:e2:0e:2a:e1:35:d4:a7:68:1a:9b:78:1c:06:
8c:1b:1d:2b:e0:fe:96:c4:40:9a:d9:bd:72:18:e2:69:2c:e7:
05:49:f9:c8:a4:32:94:a0:0d:14:1a:5c:c4:af:e7:f3:55:39:
00:b3:5a:45:f4:04:23:04:bb:8f:0a:68:38:51:6d:3c:c3:48:
0d:9f:2b:74:8b:b5:7a:53:1f:fc:10:33:6d:cf:b8:da:00:08:
ae:19:1b:14:95:94:d8:ce:0f:d4:bd:3f:00:33:11:4f:1c:f9:
85:a1:62:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06HKCFxSCwRkO0r+itmIVBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MDI4NzI1NmUyNWZhMzQwZDNhZmJhNzgwZWFjNjBkNTU2
YWRlYzAwHhcNMjYwMzI5MTUwMDQ3WhcNMjYwMzMwMTUwMDQ3WjAzMTEwLwYDVQQD
Eyg1MTI2ZjhlNjNjZmVjZmY2MGYyZDU1MThjMjBlZWFlYWU0N2UxZjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusFPW8g34NZEyz8uQSMr04Op5n/W
xPOVKrx21osrR6dZ8d51ry5VR3Vkiaa5W4jAiA9YYiCJc+TrU2j+1DyGHwYisIwh
zSL7HuGzpr5TwEiyBcbWhXDvlh7YR6Kn8A8Zd7b26ifopJFiFApW3MM1mqj7NYtg
9YvJcdlcnIJpkRFkfTceS93w25r3NpraEcc+khj9E5b24MEY87VN1H0xBXGBgXwB
9QZReW/LXK8ut8Hq/8Mx6IpRdpWX22HXzguCiD15WBH01yGMC47aCobOk5Lpd38P
uLcDTHuvps/cs/EvjEBlwnTwIlJ2WOTECitYqMQO/5ceR0uidxbIZb4KYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFEm+OY8/s/2Dy1VGMIO6urkfh83MB8GA1UdIwQY
MBaAFAkChyVuJfo0DTr7p4Dqxg1Vat7AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1FLSEpXNGwtalFOT3Z1bmdPckdEVlZxM3NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC81YjBmZjUtODRjMy00OWJiLTlmYWIt
NzdiMjFjMDRiYzdkLzEvQ1FLSEpXNGwtalFOT3Z1bmdPckdEVlZxM3NBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC81YjBmZjUtODRjMy00OWJiLTlmYWItNzdiMjFjMDRiYzdk
LzEvQ1FLSEpXNGwtalFOT3Z1bmdPckdEVlZxM3NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY98RULtP
3Vt9VsLpZuC63T9b4zpo3dfx1k4l+7hCO7rC1By4B8VNBPKMkZAstUT5T8z8aXoF
c5dt1Ca+7eBGyJZlh3DEj69t/7hQzbG59RfCvZ/rvsDuPWyshGt0m3sT+OaQ3SiU
ny3w+AwxcrbpPjHAIE1h6vfPTr+bTwuJyen6P7DAzz42VXam+zEp/76MY3rtjY/i
DirhNdSnaBqbeBwGjBsdK+D+lsRAmtm9chjiaSznBUn5yKQylKANFBpcxK/n81U5
ALNaRfQEIwS7jwpoOFFtPMNIDZ8rdIu1elMf/BAzbc+42gAIrhkbFJWU2M4P1L0/
ADMRTxz5haFiRg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 18:34:52 2026 by rpki-client