Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.mft
File: QkMqMZ9UsFg3L9MlKOrlH8kMFbI.mft (raw, json)
Hash identifier: xeDUbkg7KAZloOnEI1naJvmQNwOWZ8KqGF4qKdcnHDk=
Subject key identifier: 43:EF:9A:DF:98:A0:E9:9C:97:72:97:5D:B3:E1:C9:9A:4E:13:20:27
Authority key identifier: 42:43:2A:31:9F:54:B0:58:37:2F:D3:25:28:EA:E5:1F:C9:0C:15:B2
Certificate issuer: /CN=42432a319f54b058372fd32528eae51fc90c15b2
Certificate serial: 019D3A1CA3D736374AFB7BBC156C182DFF10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.mft
Manifest number: 053E
Signing time: Sun 29 Mar 2026 15:00:48 +0000
Manifest this update: Sun 29 Mar 2026 15:00:48 +0000
Manifest next update: Mon 30 Mar 2026 15:00:48 +0000
Files and hashes: 1: BMVk-OA-2PhTMA5A-sORM1prfMQ.roa (hash: E5dCIP4UxhH+T0A81jHL6M9IWvcHzJuPi1U0SLcMSqE=)
2: MBMbLrsZWEsBNYoYuyLSlAPF2WE.roa (hash: BixX2lk4Zd4GgNurHhSn7REJ4Le+26ZBWj1SCXORrcE=)
3: QkMqMZ9UsFg3L9MlKOrlH8kMFbI.crl (hash: NL1FUX0N4/cFrrX8/fiBeRcrUkbPvsdQfCYPZJ0lVrM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.mft
rsync://rpki.ripe.net/repository/DEFAULT/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3a:1c:a3:d7:36:37:4a:fb:7b:bc:15:6c:18:2d:ff:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42432a319f54b058372fd32528eae51fc90c15b2
Validity
Not Before: Mar 29 15:00:48 2026 GMT
Not After : Mar 30 15:00:48 2026 GMT
Subject: CN=43ef9adf98a0e99c9772975db3e1c99a4e132027
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:a8:ce:f3:f0:f1:49:c6:fa:8d:04:cd:55:17:
06:e2:f7:28:eb:44:a3:b7:f7:f0:b2:7a:1f:85:f7:
5d:d9:f7:d0:1f:60:bf:f5:2c:ce:29:60:99:ba:b3:
7e:97:24:18:49:fd:58:fb:68:9b:76:1f:2d:24:2d:
d8:b6:19:4e:07:f7:c0:87:7b:b7:09:9b:b0:2a:ff:
6a:fb:18:97:3d:08:20:46:70:10:86:63:3a:80:74:
1f:4b:fb:a0:e8:42:91:86:ce:07:f5:7f:8b:70:77:
6d:b1:47:f0:54:bf:19:ab:cb:94:83:bc:37:43:45:
dc:88:1a:81:03:ac:3e:35:57:5a:35:9d:94:32:39:
62:ab:f9:57:1b:d0:78:87:3c:4f:f5:07:f7:e0:3d:
6d:00:8b:c7:1c:13:35:52:53:97:bc:ba:b8:08:56:
c9:58:a1:80:2b:f1:13:11:9d:83:5e:aa:ab:d8:fe:
38:98:22:2a:69:cf:33:30:fa:0e:1f:aa:4f:fe:0e:
96:f1:a0:dd:be:dd:32:e4:1c:bc:5e:a9:28:7a:79:
98:95:c6:47:a3:1b:6f:70:22:6c:21:14:95:d5:f6:
f2:03:b1:7b:0f:6a:0d:5f:7f:a7:4a:04:af:c4:32:
31:b7:97:78:03:c0:6c:32:31:3b:9b:0e:02:e5:c0:
eb:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:EF:9A:DF:98:A0:E9:9C:97:72:97:5D:B3:E1:C9:9A:4E:13:20:27
X509v3 Authority Key Identifier:
keyid:42:43:2A:31:9F:54:B0:58:37:2F:D3:25:28:EA:E5:1F:C9:0C:15:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
79:68:b7:09:86:86:9e:2a:06:e4:60:7b:0d:e9:90:a3:7a:a8:
50:c9:83:24:c9:bc:34:a3:9a:54:7c:90:b6:33:3d:d5:9f:ad:
aa:a0:ee:2c:3d:97:76:6c:ae:43:6b:f2:13:6a:48:8a:60:0b:
6b:eb:e0:2e:d0:f8:ce:ad:4e:ae:45:44:82:63:31:0e:4e:be:
21:6e:f1:d5:07:28:7b:10:ab:4b:e5:80:e3:b3:85:08:47:65:
94:ed:5c:03:c1:bb:14:4c:44:5b:12:20:aa:d1:f9:25:0f:30:
57:30:4d:f3:44:a0:6d:cf:75:d4:e8:52:2f:6f:48:3c:3b:16:
48:98:34:4c:c8:30:f0:4c:0b:15:27:4f:4b:ac:9f:b8:68:3d:
69:04:c7:f7:76:93:6f:30:b7:81:e5:1a:75:51:41:d6:16:74:
86:2f:25:cb:09:bc:4d:fa:86:dc:d9:6e:9a:2c:68:28:53:4f:
f4:19:bf:17:f4:5d:23:a8:0d:a0:4a:85:a7:31:fd:60:3f:15:
b3:31:d2:aa:f2:6e:73:b8:87:e2:8a:5e:7a:9a:ce:fb:10:ba:
20:84:d4:1b:07:5f:e9:8f:c7:bc:9b:18:52:b4:2e:1f:43:78:
9f:5b:b0:28:1c:e6:44:9f:12:f2:d3:9b:d1:38:aa:3a:72:7c:
ee:42:bd:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06HKPXNjdK+3u8FWwYLf8QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyNDMyYTMxOWY1NGIwNTgzNzJmZDMyNTI4ZWFlNTFmYzkw
YzE1YjIwHhcNMjYwMzI5MTUwMDQ4WhcNMjYwMzMwMTUwMDQ4WjAzMTEwLwYDVQQD
Eyg0M2VmOWFkZjk4YTBlOTljOTc3Mjk3NWRiM2UxYzk5YTRlMTMyMDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ajO8/DxScb6jQTNVRcG4vco60Sj
t/fwsnofhfdd2ffQH2C/9SzOKWCZurN+lyQYSf1Y+2ibdh8tJC3YthlOB/fAh3u3
CZuwKv9q+xiXPQggRnAQhmM6gHQfS/ug6EKRhs4H9X+LcHdtsUfwVL8Zq8uUg7w3
Q0XciBqBA6w+NVdaNZ2UMjliq/lXG9B4hzxP9Qf34D1tAIvHHBM1UlOXvLq4CFbJ
WKGAK/ETEZ2DXqqr2P44mCIqac8zMPoOH6pP/g6W8aDdvt0y5By8XqkoenmYlcZH
oxtvcCJsIRSV1fbyA7F7D2oNX3+nSgSvxDIxt5d4A8BsMjE7mw4C5cDrwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEPvmt+YoOmcl3KXXbPhyZpOEyAnMB8GA1UdIwQY
MBaAFEJDKjGfVLBYNy/TJSjq5R/JDBWyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWtNcU1aOVVzRmczTDlNbEtPcmxIOGtNRmJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS83YWI3OWMtOWRmZi00YTVkLWFlODMt
MTMxZGMyYmEyZWM4LzEvUWtNcU1aOVVzRmczTDlNbEtPcmxIOGtNRmJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS83YWI3OWMtOWRmZi00YTVkLWFlODMtMTMxZGMyYmEyZWM4
LzEvUWtNcU1aOVVzRmczTDlNbEtPcmxIOGtNRmJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeWi3CYaG
nioG5GB7DemQo3qoUMmDJMm8NKOaVHyQtjM91Z+tqqDuLD2XdmyuQ2vyE2pIimAL
a+vgLtD4zq1OrkVEgmMxDk6+IW7x1QcoexCrS+WA47OFCEdllO1cA8G7FExEWxIg
qtH5JQ8wVzBN80Sgbc911OhSL29IPDsWSJg0TMgw8EwLFSdPS6yfuGg9aQTH93aT
bzC3geUadVFB1hZ0hi8lywm8TfqG3NlumixoKFNP9Bm/F/RdI6gNoEqFpzH9YD8V
szHSqvJuc7iH4opeeprO+xC6IITUGwdf6Y/HvJsYUrQuH0N4n1uwKBzmRJ8S8tOb
0TiqOnJ87kK9Eg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 16:58:10 2026 by rpki-client