Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/157f1e-7cf8-4d98-a924-97c332f7239d/1/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.mft
File: rqhNfmS6PoW1cDbHMY-TzD2U0Yc.mft (raw, json)
Hash identifier: GWBhjiTz/IzM5yAnmjTDMs6hOBsEDmx4h/rP0SRtCNc=
Subject key identifier: AA:BE:7D:84:16:74:74:32:9B:56:72:42:F0:0B:F9:FB:6B:32:F3:CE
Authority key identifier: AE:A8:4D:7E:64:BA:3E:85:B5:70:36:C7:31:8F:93:CC:3D:94:D1:87
Certificate issuer: /CN=aea84d7e64ba3e85b57036c7318f93cc3d94d187
Certificate serial: 019D389BE697E2C4190ADE3523777BD9D1B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/157f1e-7cf8-4d98-a924-97c332f7239d/1/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.mft
Manifest number: 128A
Signing time: Sun 29 Mar 2026 08:00:34 +0000
Manifest this update: Sun 29 Mar 2026 08:00:34 +0000
Manifest next update: Mon 30 Mar 2026 08:00:34 +0000
Files and hashes: 1: O1uFtg6wuLhrdqUneGoI-viUEDA.roa (hash: 4WLi2bkwD7hhzZv3R/usE+9JZdJI8FhP2vDUzbQmMeM=)
2: rqhNfmS6PoW1cDbHMY-TzD2U0Yc.crl (hash: HgrfH5XJ+zThoEXwwAhiXvzzuIdnwBeiMRRSabTgPJY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/157f1e-7cf8-4d98-a924-97c332f7239d/1/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/157f1e-7cf8-4d98-a924-97c332f7239d/1/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.mft
rsync://rpki.ripe.net/repository/DEFAULT/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9b:e6:97:e2:c4:19:0a:de:35:23:77:7b:d9:d1:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aea84d7e64ba3e85b57036c7318f93cc3d94d187
Validity
Not Before: Mar 29 08:00:34 2026 GMT
Not After : Mar 30 08:00:34 2026 GMT
Subject: CN=aabe7d84167474329b567242f00bf9fb6b32f3ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:8a:4e:81:16:dc:b1:3a:6d:28:f9:ed:ea:b3:
d0:eb:f8:c5:d2:fd:02:b7:6f:05:92:53:68:47:b9:
39:17:16:a9:4c:42:61:ea:38:49:d8:29:d8:a4:0e:
b9:3b:90:09:36:d8:67:fe:2d:5b:e3:07:fc:a3:25:
22:3e:57:e4:73:57:e5:66:77:20:1d:13:59:9e:ff:
5a:9b:c9:db:1b:84:25:fb:ee:81:dd:2a:d7:f1:35:
29:4e:d4:43:b4:f0:93:5e:e1:e2:8f:65:1e:33:42:
fb:ad:df:5a:e6:55:48:29:3f:dd:58:9f:49:e6:ce:
56:9c:8b:be:50:00:4b:d9:45:d4:9c:87:18:51:ea:
76:c4:a1:12:91:de:98:ee:63:d2:0e:a9:06:bc:ac:
ba:84:11:3d:2a:53:38:ac:45:c7:4d:81:e6:33:d2:
47:a2:cc:a5:32:43:43:61:73:1c:97:e3:95:32:51:
5e:3e:6f:41:19:96:a2:33:1a:74:c5:e6:56:83:39:
f4:2f:44:08:a1:0e:da:26:9c:c1:a2:4c:72:98:62:
4b:1c:97:17:06:d6:c0:d8:db:33:7c:a8:d7:2e:08:
2a:4b:f4:44:a1:23:af:fd:8c:92:d3:36:80:a6:33:
c2:4b:e6:c8:8d:89:f0:d9:37:ef:c6:3b:3b:20:3f:
d8:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:BE:7D:84:16:74:74:32:9B:56:72:42:F0:0B:F9:FB:6B:32:F3:CE
X509v3 Authority Key Identifier:
keyid:AE:A8:4D:7E:64:BA:3E:85:B5:70:36:C7:31:8F:93:CC:3D:94:D1:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/157f1e-7cf8-4d98-a924-97c332f7239d/1/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/157f1e-7cf8-4d98-a924-97c332f7239d/1/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
44:11:b3:23:fa:6b:79:a9:f3:32:8e:16:b0:82:37:5f:ba:95:
0e:d2:c3:3f:9f:5a:ab:5e:83:b3:0b:35:40:1e:46:8e:e7:db:
64:13:69:48:65:1b:dc:ff:87:e5:02:c3:4b:92:27:7e:63:eb:
6c:d2:b4:34:9c:bf:50:b1:ae:36:d1:f5:01:d1:e4:2c:c9:e8:
c7:91:ee:03:8d:36:03:1b:be:5b:e7:23:58:d7:43:b6:48:5e:
85:8f:01:1e:1e:41:4c:df:70:ba:e8:7d:75:14:2f:01:fa:7c:
c4:0a:ec:0c:2a:83:f1:4c:64:35:6e:cd:c0:56:55:bf:08:f4:
84:9d:2e:37:7e:f6:3a:d0:60:f7:1f:ad:a0:cf:df:5e:21:a8:
1b:bd:fc:9b:b0:41:9c:c2:62:15:54:e9:52:0a:e8:8c:aa:83:
36:6e:9d:b6:d6:3b:cb:a6:73:b3:32:20:e9:cf:db:13:6a:ac:
d4:50:e2:a4:53:0e:a5:bb:8b:2b:88:74:1a:16:a1:96:25:51:
4e:33:31:0f:76:00:9e:d2:28:1c:ee:32:fa:4d:e6:3d:2f:e2:
0f:75:b3:fe:a0:88:35:48:83:98:6e:cb:3f:de:d3:33:62:20:
dc:83:2e:21:04:1b:b4:57:f6:67:33:83:f4:48:69:6f:d2:a6:
f5:34:8b:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04m+aX4sQZCt41I3d72dG5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYTg0ZDdlNjRiYTNlODViNTcwMzZjNzMxOGY5M2NjM2Q5
NGQxODcwHhcNMjYwMzI5MDgwMDM0WhcNMjYwMzMwMDgwMDM0WjAzMTEwLwYDVQQD
EyhhYWJlN2Q4NDE2NzQ3NDMyOWI1NjcyNDJmMDBiZjlmYjZiMzJmM2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4pOgRbcsTptKPnt6rPQ6/jF0v0C
t28FklNoR7k5FxapTEJh6jhJ2CnYpA65O5AJNthn/i1b4wf8oyUiPlfkc1flZncg
HRNZnv9am8nbG4Ql++6B3SrX8TUpTtRDtPCTXuHij2UeM0L7rd9a5lVIKT/dWJ9J
5s5WnIu+UABL2UXUnIcYUep2xKESkd6Y7mPSDqkGvKy6hBE9KlM4rEXHTYHmM9JH
osylMkNDYXMcl+OVMlFePm9BGZaiMxp0xeZWgzn0L0QIoQ7aJpzBokxymGJLHJcX
BtbA2NszfKjXLggqS/REoSOv/YyS0zaApjPCS+bIjYnw2Tfvxjs7ID/YLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKq+fYQWdHQym1ZyQvAL+ftrMvPOMB8GA1UdIwQY
MBaAFK6oTX5kuj6FtXA2xzGPk8w9lNGHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnFoTmZtUzZQb1cxY0RiSE1ZLVR6RDJVMFljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xNTdmMWUtN2NmOC00ZDk4LWE5MjQt
OTdjMzMyZjcyMzlkLzEvcnFoTmZtUzZQb1cxY0RiSE1ZLVR6RDJVMFljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xNTdmMWUtN2NmOC00ZDk4LWE5MjQtOTdjMzMyZjcyMzlk
LzEvcnFoTmZtUzZQb1cxY0RiSE1ZLVR6RDJVMFljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARBGzI/pr
eanzMo4WsII3X7qVDtLDP59aq16Dsws1QB5GjufbZBNpSGUb3P+H5QLDS5InfmPr
bNK0NJy/ULGuNtH1AdHkLMnox5HuA402Axu+W+cjWNdDtkhehY8BHh5BTN9wuuh9
dRQvAfp8xArsDCqD8UxkNW7NwFZVvwj0hJ0uN372OtBg9x+toM/fXiGoG738m7BB
nMJiFVTpUgrojKqDNm6dttY7y6ZzszIg6c/bE2qs1FDipFMOpbuLK4h0GhahliVR
TjMxD3YAntIoHO4y+k3mPS/iD3Wz/qCINUiDmG7LP97TM2Ig3IMuIQQbtFf2ZzOD
9Ehpb9Km9TSL3Q==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:39:05 2026 by rpki-client