Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/452dd5-d0e4-4d4b-8ae6-1951345cea33/1/qajkTlc8U8cZIxL8xyFQ0t43fW0.mft
File: qajkTlc8U8cZIxL8xyFQ0t43fW0.mft (raw, json)
Hash identifier: JMw1rD6fC5YDFdDJ2P2zmcfvtfoKQEr/lMVYgwQBrbY=
Subject key identifier: F9:9B:96:26:59:55:F5:63:AA:AE:FC:19:FA:0E:B0:59:D2:C1:5E:CC
Authority key identifier: A9:A8:E4:4E:57:3C:53:C7:19:23:12:FC:C7:21:50:D2:DE:37:7D:6D
Certificate issuer: /CN=a9a8e44e573c53c7192312fcc72150d2de377d6d
Certificate serial: 019D3909E8D39C766C07744DD365AC4C67DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qajkTlc8U8cZIxL8xyFQ0t43fW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/452dd5-d0e4-4d4b-8ae6-1951345cea33/1/qajkTlc8U8cZIxL8xyFQ0t43fW0.mft
Manifest number: 1896
Signing time: Sun 29 Mar 2026 10:00:43 +0000
Manifest this update: Sun 29 Mar 2026 10:00:43 +0000
Manifest next update: Mon 30 Mar 2026 10:00:43 +0000
Files and hashes: 1: hLY2--5SKTnZ1QC36Cf-E8Iq5ho.roa (hash: lfg0kzyvgHw2ZfZ5eS4nTJ7bYAVmeebrxL6dhvaG0Ms=)
2: qajkTlc8U8cZIxL8xyFQ0t43fW0.crl (hash: uBVQkFC9huh1Sm7dOaLY1KuKqVGDUcMril3OUlgqiAM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/452dd5-d0e4-4d4b-8ae6-1951345cea33/1/qajkTlc8U8cZIxL8xyFQ0t43fW0.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/452dd5-d0e4-4d4b-8ae6-1951345cea33/1/qajkTlc8U8cZIxL8xyFQ0t43fW0.mft
rsync://rpki.ripe.net/repository/DEFAULT/qajkTlc8U8cZIxL8xyFQ0t43fW0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:09:e8:d3:9c:76:6c:07:74:4d:d3:65:ac:4c:67:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9a8e44e573c53c7192312fcc72150d2de377d6d
Validity
Not Before: Mar 29 10:00:43 2026 GMT
Not After : Mar 30 10:00:43 2026 GMT
Subject: CN=f99b96265955f563aaaefc19fa0eb059d2c15ecc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:fa:80:c1:68:7c:9a:44:bb:69:1f:f0:41:d6:
bd:16:3e:ef:f3:09:3a:fe:54:b3:78:f9:1e:9c:ce:
02:ce:82:04:33:c2:fe:18:ea:eb:2d:c1:79:a4:87:
0e:dd:3c:71:2b:a2:61:7c:0c:57:46:a7:66:09:ce:
a7:44:8e:8b:11:46:84:ee:f6:4b:2c:ac:2a:ce:66:
01:4e:14:be:44:41:83:3a:9c:13:03:6f:a5:58:c1:
bf:72:54:02:4a:d9:06:24:34:42:55:b6:08:d9:e8:
fc:05:f6:85:b1:5c:c3:aa:60:5b:ee:09:57:d9:68:
3c:23:ee:ca:fd:23:af:ab:f5:76:d5:04:85:52:45:
af:c4:06:61:e7:07:f8:60:66:e3:3e:a3:a4:1a:ec:
4e:df:8e:52:0b:24:ed:4d:f0:40:23:60:22:71:dc:
b3:2f:43:5a:90:5b:c2:d9:1b:4f:4b:44:39:a4:be:
54:70:35:6c:ef:f0:77:b0:50:4d:2e:07:b1:5d:f5:
07:b6:cc:47:ca:9f:c6:aa:70:da:28:7c:9a:0d:75:
b7:23:dc:ed:a4:3c:e1:7a:97:47:cf:d6:10:d8:53:
77:3f:dc:48:22:2c:87:a6:cc:31:39:db:7e:71:7e:
0b:d8:fa:66:5b:12:3e:a2:99:d3:82:1f:38:c9:bf:
df:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:9B:96:26:59:55:F5:63:AA:AE:FC:19:FA:0E:B0:59:D2:C1:5E:CC
X509v3 Authority Key Identifier:
keyid:A9:A8:E4:4E:57:3C:53:C7:19:23:12:FC:C7:21:50:D2:DE:37:7D:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qajkTlc8U8cZIxL8xyFQ0t43fW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/452dd5-d0e4-4d4b-8ae6-1951345cea33/1/qajkTlc8U8cZIxL8xyFQ0t43fW0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/452dd5-d0e4-4d4b-8ae6-1951345cea33/1/qajkTlc8U8cZIxL8xyFQ0t43fW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2f:bb:cd:01:64:5f:ca:7d:f2:16:80:7f:4c:ce:36:01:c0:74:
8b:57:c2:c7:c2:f9:40:43:cd:f6:72:ab:ef:ed:54:8a:ef:61:
60:2c:ae:65:dc:0e:68:e9:18:11:2e:17:ee:d7:20:16:f9:9e:
00:7a:1b:01:99:a7:cd:12:df:00:41:e3:aa:97:99:e2:2f:24:
09:f3:8f:a9:c2:b5:7a:2a:4f:a9:c9:48:65:3a:cc:b8:e6:00:
60:03:6b:20:37:a7:69:95:82:7c:3f:07:b1:c9:22:23:e6:36:
0f:40:8a:b5:be:37:fd:1f:9d:59:e0:7d:ca:68:a4:68:11:60:
3b:79:34:34:7b:a0:dd:39:bb:1f:4a:31:0b:94:86:1e:b0:ed:
4f:a7:62:32:39:c0:ee:71:da:20:d9:cf:ee:05:15:c8:6f:6c:
f2:a6:54:93:53:c7:cb:c6:0a:b9:c1:24:39:0d:25:50:be:3f:
62:72:ff:76:cc:33:2c:47:30:c2:62:f7:22:de:88:f0:25:82:
65:2d:4e:f1:1f:ce:78:10:0b:91:9c:6c:8d:cb:db:08:47:2f:
d1:5f:3d:10:01:ff:1c:19:e6:2d:f0:c5:9a:9e:06:5b:b0:23:
85:73:03:41:7f:bb:1c:18:a3:ab:d2:b3:58:b8:eb:18:56:97:
0d:10:65:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CejTnHZsB3RN02WsTGfeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5YThlNDRlNTczYzUzYzcxOTIzMTJmY2M3MjE1MGQyZGUz
NzdkNmQwHhcNMjYwMzI5MTAwMDQzWhcNMjYwMzMwMTAwMDQzWjAzMTEwLwYDVQQD
EyhmOTliOTYyNjU5NTVmNTYzYWFhZWZjMTlmYTBlYjA1OWQyYzE1ZWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvvqAwWh8mkS7aR/wQda9Fj7v8wk6
/lSzePkenM4CzoIEM8L+GOrrLcF5pIcO3TxxK6JhfAxXRqdmCc6nRI6LEUaE7vZL
LKwqzmYBThS+REGDOpwTA2+lWMG/clQCStkGJDRCVbYI2ej8BfaFsVzDqmBb7glX
2Wg8I+7K/SOvq/V21QSFUkWvxAZh5wf4YGbjPqOkGuxO345SCyTtTfBAI2Aicdyz
L0NakFvC2RtPS0Q5pL5UcDVs7/B3sFBNLgexXfUHtsxHyp/GqnDaKHyaDXW3I9zt
pDzhepdHz9YQ2FN3P9xIIiyHpswxOdt+cX4L2PpmWxI+opnTgh84yb/fNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPmbliZZVfVjqq78GfoOsFnSwV7MMB8GA1UdIwQY
MBaAFKmo5E5XPFPHGSMS/MchUNLeN31tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWFqa1RsYzhVOGNaSXhMOHh5RlEwdDQzZlcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy80NTJkZDUtZDBlNC00ZDRiLThhZTYt
MTk1MTM0NWNlYTMzLzEvcWFqa1RsYzhVOGNaSXhMOHh5RlEwdDQzZlcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy80NTJkZDUtZDBlNC00ZDRiLThhZTYtMTk1MTM0NWNlYTMz
LzEvcWFqa1RsYzhVOGNaSXhMOHh5RlEwdDQzZlcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL7vNAWRf
yn3yFoB/TM42AcB0i1fCx8L5QEPN9nKr7+1Uiu9hYCyuZdwOaOkYES4X7tcgFvme
AHobAZmnzRLfAEHjqpeZ4i8kCfOPqcK1eipPqclIZTrMuOYAYANrIDenaZWCfD8H
sckiI+Y2D0CKtb43/R+dWeB9ymikaBFgO3k0NHug3Tm7H0oxC5SGHrDtT6diMjnA
7nHaINnP7gUVyG9s8qZUk1PHy8YKucEkOQ0lUL4/YnL/dswzLEcwwmL3It6I8CWC
ZS1O8R/OeBALkZxsjcvbCEcv0V89EAH/HBnmLfDFmp4GW7AjhXMDQX+7HBijq9Kz
WLjrGFaXDRBlGw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 15:27:57 2026 by rpki-client