Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/ba73a2-f0e6-476f-8133-e99277037a43/1/qQ_wEQVOz-aKitx94mit5sCCdxE.mft
File: qQ_wEQVOz-aKitx94mit5sCCdxE.mft (raw, json)
Hash identifier: ANe/KQGqGa2IHBr/aAd08U+KK7SFscKO97uUQB4TY7Q=
Subject key identifier: 10:06:EC:DF:85:83:94:21:41:B2:99:6C:23:18:10:77:10:12:95:CC
Authority key identifier: A9:0F:F0:11:05:4E:CF:E6:8A:8A:DC:7D:E2:68:AD:E6:C0:82:77:11
Certificate issuer: /CN=a90ff011054ecfe68a8adc7de268ade6c0827711
Certificate serial: 019D3865F3C1C2437E9CF32C82CAF939DB54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qQ_wEQVOz-aKitx94mit5sCCdxE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/ba73a2-f0e6-476f-8133-e99277037a43/1/qQ_wEQVOz-aKitx94mit5sCCdxE.mft
Manifest number: 188B
Signing time: Sun 29 Mar 2026 07:01:38 +0000
Manifest this update: Sun 29 Mar 2026 07:01:38 +0000
Manifest next update: Mon 30 Mar 2026 07:01:38 +0000
Files and hashes: 1: qQ_wEQVOz-aKitx94mit5sCCdxE.crl (hash: PhhHHivW0ugKBtrL1w6zV3I99tPmAWsY/6jW9KjcmkE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/ba73a2-f0e6-476f-8133-e99277037a43/1/qQ_wEQVOz-aKitx94mit5sCCdxE.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/ba73a2-f0e6-476f-8133-e99277037a43/1/qQ_wEQVOz-aKitx94mit5sCCdxE.mft
rsync://rpki.ripe.net/repository/DEFAULT/qQ_wEQVOz-aKitx94mit5sCCdxE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:65:f3:c1:c2:43:7e:9c:f3:2c:82:ca:f9:39:db:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a90ff011054ecfe68a8adc7de268ade6c0827711
Validity
Not Before: Mar 29 07:01:38 2026 GMT
Not After : Mar 30 07:01:38 2026 GMT
Subject: CN=1006ecdf8583942141b2996c23181077101295cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:ac:d3:ac:20:6d:91:01:eb:9a:c3:8f:2f:45:
44:bc:55:1a:fb:97:65:f7:49:1c:7f:97:9f:32:b0:
37:b0:fe:9b:ee:c5:86:62:fa:a4:6e:87:7b:d9:54:
8b:a8:fa:30:69:0b:fa:14:ec:f9:d6:cd:a4:c6:3c:
0c:f3:cd:4d:1d:2e:2d:38:55:50:a5:b0:e0:46:57:
57:d2:8a:29:19:92:3c:aa:78:2d:3b:3c:b9:d2:20:
05:07:12:ca:7f:d7:3d:71:dd:44:c3:3c:c8:a6:47:
a4:57:02:58:22:36:25:ef:76:60:09:0e:0d:86:05:
2d:71:fd:55:7b:2a:65:eb:ba:f5:58:15:99:7e:dd:
b5:bc:7e:f3:6e:3c:13:b6:3c:35:9e:37:9d:fb:c9:
a8:99:43:4d:77:39:c4:00:09:dc:ee:c5:af:e3:7f:
b0:e5:6e:b8:9e:15:6d:9f:0d:2e:4d:5f:93:0f:ff:
2d:e2:ba:ca:19:dd:7f:99:14:65:39:d8:de:22:16:
47:bc:30:11:9e:dd:b9:ea:56:ff:03:8c:a4:e7:11:
44:17:7a:a3:05:b5:e7:ef:c1:42:38:2a:c3:cf:17:
79:99:94:5e:95:f0:5f:b1:04:bd:12:5f:7a:6f:f3:
84:92:35:fe:32:3a:5f:a0:02:33:a1:fc:f4:e2:08:
3c:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:06:EC:DF:85:83:94:21:41:B2:99:6C:23:18:10:77:10:12:95:CC
X509v3 Authority Key Identifier:
keyid:A9:0F:F0:11:05:4E:CF:E6:8A:8A:DC:7D:E2:68:AD:E6:C0:82:77:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qQ_wEQVOz-aKitx94mit5sCCdxE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/ba73a2-f0e6-476f-8133-e99277037a43/1/qQ_wEQVOz-aKitx94mit5sCCdxE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/ba73a2-f0e6-476f-8133-e99277037a43/1/qQ_wEQVOz-aKitx94mit5sCCdxE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9d:78:36:75:c1:f4:64:03:2f:54:91:34:c6:97:41:2b:ba:f0:
71:c3:d2:d2:ef:a5:a9:6c:ff:3a:b6:b4:07:f2:22:7f:aa:da:
d3:b4:29:32:ff:63:4c:a3:6c:e9:28:ad:de:7a:b1:cf:41:f8:
7f:14:f1:d1:58:f5:4e:7a:ee:c6:66:ef:28:2e:67:07:8a:4f:
3d:ea:0f:26:46:7f:2e:cf:38:12:bb:cc:32:99:4c:4d:9c:2d:
b7:4a:7d:9a:ef:8d:86:09:96:0d:46:6a:a6:09:e5:15:1f:13:
53:38:e6:e5:a2:2c:0b:65:95:a7:7d:b5:80:d2:07:3c:10:49:
97:ee:95:4f:00:de:af:86:d1:47:e2:b0:61:f0:4c:7a:08:de:
18:1a:f6:a8:28:4c:db:fc:05:7c:6b:f4:a2:41:f6:c9:ed:6a:
10:73:16:d1:00:93:e0:60:a4:96:ff:c0:b9:68:e6:f1:d0:b5:
af:18:21:4d:28:48:ae:8b:44:16:3b:e1:7c:eb:eb:e4:e5:80:
fe:15:d1:a6:4f:10:2b:14:52:90:9c:75:d7:01:4f:18:b6:4b:
4a:1e:99:64:31:5f:ff:3a:7c:52:9d:c1:c7:7d:6f:a5:8e:c4:
ed:08:48:2a:4f:cc:54:75:16:f9:50:10:8b:27:12:8a:10:6e:
56:57:d3:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZfPBwkN+nPMsgsr5OdtUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5MGZmMDExMDU0ZWNmZTY4YThhZGM3ZGUyNjhhZGU2YzA4
Mjc3MTEwHhcNMjYwMzI5MDcwMTM4WhcNMjYwMzMwMDcwMTM4WjAzMTEwLwYDVQQD
EygxMDA2ZWNkZjg1ODM5NDIxNDFiMjk5NmMyMzE4MTA3NzEwMTI5NWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA36zTrCBtkQHrmsOPL0VEvFUa+5dl
90kcf5efMrA3sP6b7sWGYvqkbod72VSLqPowaQv6FOz51s2kxjwM881NHS4tOFVQ
pbDgRldX0oopGZI8qngtOzy50iAFBxLKf9c9cd1EwzzIpkekVwJYIjYl73ZgCQ4N
hgUtcf1Veypl67r1WBWZft21vH7zbjwTtjw1njed+8momUNNdznEAAnc7sWv43+w
5W64nhVtnw0uTV+TD/8t4rrKGd1/mRRlOdjeIhZHvDARnt256lb/A4yk5xFEF3qj
BbXn78FCOCrDzxd5mZRelfBfsQS9El96b/OEkjX+MjpfoAIzofz04gg8vQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBAG7N+Fg5QhQbKZbCMYEHcQEpXMMB8GA1UdIwQY
MBaAFKkP8BEFTs/miorcfeJorebAgncRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVFfd0VRVk96LWFLaXR4OTRtaXQ1c0NDZHhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9iYTczYTItZjBlNi00NzZmLTgxMzMt
ZTk5Mjc3MDM3YTQzLzEvcVFfd0VRVk96LWFLaXR4OTRtaXQ1c0NDZHhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9iYTczYTItZjBlNi00NzZmLTgxMzMtZTk5Mjc3MDM3YTQz
LzEvcVFfd0VRVk96LWFLaXR4OTRtaXQ1c0NDZHhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnXg2dcH0
ZAMvVJE0xpdBK7rwccPS0u+lqWz/Ora0B/Iif6ra07QpMv9jTKNs6Sit3nqxz0H4
fxTx0Vj1TnruxmbvKC5nB4pPPeoPJkZ/Ls84ErvMMplMTZwtt0p9mu+NhgmWDUZq
pgnlFR8TUzjm5aIsC2WVp321gNIHPBBJl+6VTwDer4bRR+KwYfBMegjeGBr2qChM
2/wFfGv0okH2ye1qEHMW0QCT4GCklv/AuWjm8dC1rxghTShIrotEFjvhfOvr5OWA
/hXRpk8QKxRSkJx11wFPGLZLSh6ZZDFf/zp8Up3Bx31vpY7E7QhIKk/MVHUW+VAQ
iycSihBuVlfT/g==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:17:18 2026 by rpki-client