Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/106b3f-55a3-4558-8013-4bee3274c698/1/MQmo1w-kR4k1sFwGIfaIlVJAXa8.mft
File: MQmo1w-kR4k1sFwGIfaIlVJAXa8.mft (raw, json)
Hash identifier: b4xO1HAT3OZO5XCqXZMrsDxfZJ6GhKMRHlvJRSznl4c=
Subject key identifier: A3:AF:D7:32:A2:64:82:CA:9C:72:B0:95:7F:A9:5B:47:5A:D2:18:B4
Authority key identifier: 31:09:A8:D7:0F:A4:47:89:35:B0:5C:06:21:F6:88:95:52:40:5D:AF
Certificate issuer: /CN=3109a8d70fa4478935b05c0621f6889552405daf
Certificate serial: 019D382E7199855B0E0713B3638F7A9A1BC2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MQmo1w-kR4k1sFwGIfaIlVJAXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/106b3f-55a3-4558-8013-4bee3274c698/1/MQmo1w-kR4k1sFwGIfaIlVJAXa8.mft
Manifest number: 0305
Signing time: Sun 29 Mar 2026 06:01:00 +0000
Manifest this update: Sun 29 Mar 2026 06:01:00 +0000
Manifest next update: Mon 30 Mar 2026 06:01:00 +0000
Files and hashes: 1: 97DX5I3DXmozptw-sWqlR4foXXU.roa (hash: 77zsOfhaIU3CSg4BUbhV2AIiKXyzFLkrgnOWV3Vu7Tg=)
2: MQmo1w-kR4k1sFwGIfaIlVJAXa8.crl (hash: kxmQwUFbXnVT8gnXZr5AhvfkijrSCqbxD6V9eLbXGqs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/106b3f-55a3-4558-8013-4bee3274c698/1/MQmo1w-kR4k1sFwGIfaIlVJAXa8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/106b3f-55a3-4558-8013-4bee3274c698/1/MQmo1w-kR4k1sFwGIfaIlVJAXa8.mft
rsync://rpki.ripe.net/repository/DEFAULT/MQmo1w-kR4k1sFwGIfaIlVJAXa8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 06:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:2e:71:99:85:5b:0e:07:13:b3:63:8f:7a:9a:1b:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3109a8d70fa4478935b05c0621f6889552405daf
Validity
Not Before: Mar 29 06:01:00 2026 GMT
Not After : Mar 30 06:01:00 2026 GMT
Subject: CN=a3afd732a26482ca9c72b0957fa95b475ad218b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:5e:8c:a1:a2:1a:0d:76:6b:cc:61:49:d7:3f:
4b:fe:d7:4d:9c:af:e6:a4:f1:27:66:e3:79:a4:9d:
e3:c3:cf:42:b5:d0:a1:0a:f3:95:25:6f:8d:50:7c:
93:51:50:4c:69:c7:85:94:e6:cb:18:43:ed:37:3d:
80:6a:84:52:3a:5b:be:5d:6b:c4:69:8b:4d:f9:f7:
0a:95:b6:33:6e:b4:5a:15:1d:06:2b:e8:34:b3:e2:
cd:03:bb:bc:76:8b:bb:26:fa:d1:dd:1e:93:46:1d:
68:52:48:80:98:25:1a:ae:0e:f1:37:7b:49:fb:98:
d9:a0:13:a3:44:82:f1:43:7e:a2:e8:56:31:7d:7b:
42:8f:d6:be:3b:19:9e:9d:ff:db:75:50:7d:8d:10:
dd:0b:4d:94:c2:83:93:68:b8:6c:f6:39:f4:4e:45:
02:6c:b9:d3:a9:33:67:c6:1c:a0:06:d5:47:39:0c:
d6:c8:3b:3b:39:c4:d9:63:13:30:b6:ed:9f:6e:39:
a8:5b:a1:6b:10:e2:0f:0d:cc:04:e3:13:21:3c:db:
3d:dc:67:46:4b:39:9b:ad:bc:72:86:bd:88:d1:d0:
1c:6b:57:fa:6e:67:c4:7d:7f:ea:41:93:63:ed:55:
b9:f7:10:76:3f:a6:88:a6:f1:cd:4f:1c:d6:8e:10:
b3:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:AF:D7:32:A2:64:82:CA:9C:72:B0:95:7F:A9:5B:47:5A:D2:18:B4
X509v3 Authority Key Identifier:
keyid:31:09:A8:D7:0F:A4:47:89:35:B0:5C:06:21:F6:88:95:52:40:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MQmo1w-kR4k1sFwGIfaIlVJAXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/106b3f-55a3-4558-8013-4bee3274c698/1/MQmo1w-kR4k1sFwGIfaIlVJAXa8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/106b3f-55a3-4558-8013-4bee3274c698/1/MQmo1w-kR4k1sFwGIfaIlVJAXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5b:7d:60:ce:8c:17:4d:87:35:50:08:2a:ae:da:f4:22:fa:22:
1a:96:f8:ec:ee:0d:b1:a1:b7:0b:f9:34:d8:4f:08:61:c6:fe:
ef:3c:9f:c6:c8:c9:4f:bf:d6:98:04:82:b8:00:19:3f:5a:3a:
c2:64:34:b3:32:3a:f8:66:b8:df:b8:76:35:ce:bc:c5:64:b0:
f8:75:5a:0a:71:4c:f9:f3:49:5a:b7:79:b9:0c:e2:a5:f8:bc:
72:1c:46:5b:b8:40:5d:86:f9:fd:ce:28:64:f8:44:9b:a5:b5:
7b:e8:e9:1a:e8:4b:de:a2:25:90:d0:79:95:07:e9:d4:79:30:
eb:29:1d:cc:58:bc:81:91:35:ca:50:4d:38:32:70:83:98:2d:
a9:42:1e:3b:e3:41:aa:d3:05:4a:f7:2a:ae:82:18:74:01:a7:
3f:27:5d:b6:e7:e0:82:44:51:ac:10:e4:62:86:b2:98:e5:87:
b4:76:3b:c1:15:ee:31:ce:54:5f:fa:21:7a:76:fe:51:1a:7e:
70:8f:51:7b:4a:1f:1e:48:77:7d:27:3a:29:c5:bb:ef:0d:f0:
21:d0:89:a4:ac:3b:98:be:ff:4f:6c:76:80:81:e7:ef:b8:97:
de:ef:44:34:10:12:85:16:73:d5:52:b3:12:4c:5d:9e:2b:31:
28:e0:01:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04LnGZhVsOBxOzY496mhvCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxMDlhOGQ3MGZhNDQ3ODkzNWIwNWMwNjIxZjY4ODk1NTI0
MDVkYWYwHhcNMjYwMzI5MDYwMTAwWhcNMjYwMzMwMDYwMTAwWjAzMTEwLwYDVQQD
EyhhM2FmZDczMmEyNjQ4MmNhOWM3MmIwOTU3ZmE5NWI0NzVhZDIxOGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqV6MoaIaDXZrzGFJ1z9L/tdNnK/m
pPEnZuN5pJ3jw89CtdChCvOVJW+NUHyTUVBMaceFlObLGEPtNz2AaoRSOlu+XWvE
aYtN+fcKlbYzbrRaFR0GK+g0s+LNA7u8dou7JvrR3R6TRh1oUkiAmCUarg7xN3tJ
+5jZoBOjRILxQ36i6FYxfXtCj9a+Oxmenf/bdVB9jRDdC02UwoOTaLhs9jn0TkUC
bLnTqTNnxhygBtVHOQzWyDs7OcTZYxMwtu2fbjmoW6FrEOIPDcwE4xMhPNs93GdG
Szmbrbxyhr2I0dAca1f6bmfEfX/qQZNj7VW59xB2P6aIpvHNTxzWjhCzgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKOv1zKiZILKnHKwlX+pW0da0hi0MB8GA1UdIwQY
MBaAFDEJqNcPpEeJNbBcBiH2iJVSQF2vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVFtbzF3LWtSNGsxc0Z3R0lmYUlsVkpBWGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8xMDZiM2YtNTVhMy00NTU4LTgwMTMt
NGJlZTMyNzRjNjk4LzEvTVFtbzF3LWtSNGsxc0Z3R0lmYUlsVkpBWGE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8xMDZiM2YtNTVhMy00NTU4LTgwMTMtNGJlZTMyNzRjNjk4
LzEvTVFtbzF3LWtSNGsxc0Z3R0lmYUlsVkpBWGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW31gzowX
TYc1UAgqrtr0IvoiGpb47O4NsaG3C/k02E8IYcb+7zyfxsjJT7/WmASCuAAZP1o6
wmQ0szI6+Ga437h2Nc68xWSw+HVaCnFM+fNJWrd5uQzipfi8chxGW7hAXYb5/c4o
ZPhEm6W1e+jpGuhL3qIlkNB5lQfp1Hkw6ykdzFi8gZE1ylBNODJwg5gtqUIeO+NB
qtMFSvcqroIYdAGnPyddtufggkRRrBDkYoaymOWHtHY7wRXuMc5UX/ohenb+URp+
cI9Re0ofHkh3fSc6KcW77w3wIdCJpKw7mL7/T2x2gIHn77iX3u9ENBAShRZz1VKz
EkxdnisxKOABKw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 16:26:12 2026 by rpki-client