Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.mft
File: QH0twQwC9ewk9pD59mBVVIZWLlk.mft (raw, json)
Hash identifier: wyBNhcGVC6vLs08DguMQGvWF+Rs9X9GzBLiZ/RY4DHM=
Subject key identifier: 23:24:99:64:3D:56:3C:5A:57:B3:91:B1:76:22:84:77:EF:64:FD:93
Authority key identifier: 40:7D:2D:C1:0C:02:F5:EC:24:F6:90:F9:F6:60:55:54:86:56:2E:59
Certificate issuer: /CN=407d2dc10c02f5ec24f690f9f660555486562e59
Certificate serial: 019D38D3D3F283C41C006D49FD006ADEFF7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QH0twQwC9ewk9pD59mBVVIZWLlk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.mft
Manifest number: 158E
Signing time: Sun 29 Mar 2026 09:01:39 +0000
Manifest this update: Sun 29 Mar 2026 09:01:39 +0000
Manifest next update: Mon 30 Mar 2026 09:01:39 +0000
Files and hashes: 1: FtvcAFkah5MC2Z1_PcfWmzKSll8.roa (hash: lAzH9ctEUVZ0nWk96qJfvTNhA1rNNyQ5u0vfPKjJ5TI=)
2: QH0twQwC9ewk9pD59mBVVIZWLlk.crl (hash: Z3/A6Xr/U8/OMraVuCMxGW7sdXMjVZPQyXG0JPeT620=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.mft
rsync://rpki.ripe.net/repository/DEFAULT/QH0twQwC9ewk9pD59mBVVIZWLlk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:d3:f2:83:c4:1c:00:6d:49:fd:00:6a:de:ff:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=407d2dc10c02f5ec24f690f9f660555486562e59
Validity
Not Before: Mar 29 09:01:39 2026 GMT
Not After : Mar 30 09:01:39 2026 GMT
Subject: CN=232499643d563c5a57b391b176228477ef64fd93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:c1:e5:2c:bb:60:e1:82:ce:33:41:7c:33:72:
c4:8f:b4:29:d3:30:d7:7f:e7:ae:1f:1f:de:a7:a8:
7d:0b:3f:5b:d0:57:a8:c9:a3:6d:53:3d:b5:a6:4a:
61:2a:89:cb:05:4d:b5:1d:35:b2:f5:51:a7:33:ec:
5c:30:44:8a:b6:f7:15:cf:b5:ef:89:b5:64:88:0e:
4c:ee:20:a5:63:dd:2d:49:c9:9c:5d:38:3e:57:1c:
ed:d2:91:26:b0:1b:d0:e0:c6:15:bd:37:5b:0d:9b:
c8:6a:fe:8b:f0:47:a5:f6:cb:2b:c1:64:f8:2a:ca:
c7:e5:1c:2a:22:59:07:09:f7:49:e9:2d:92:c9:a5:
ca:4f:6e:12:0b:ea:5d:e1:96:4a:af:ce:9e:93:0b:
3f:16:e8:c5:4f:a8:47:cb:6c:26:d0:62:08:11:52:
5d:bd:55:bf:33:e5:4e:06:f2:28:a8:43:91:72:d5:
e4:97:e7:6e:31:3b:aa:76:30:69:bc:44:d9:36:12:
b7:2c:30:ed:28:3d:8e:ec:97:a0:08:95:78:ee:37:
c9:a5:0d:9d:71:68:89:c7:ae:32:3c:ab:6f:44:b1:
45:4d:82:40:02:0b:a4:00:8a:02:c1:52:8f:a8:bc:
4d:44:7d:79:84:a5:62:f3:9a:df:9c:d6:16:bd:1d:
63:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:24:99:64:3D:56:3C:5A:57:B3:91:B1:76:22:84:77:EF:64:FD:93
X509v3 Authority Key Identifier:
keyid:40:7D:2D:C1:0C:02:F5:EC:24:F6:90:F9:F6:60:55:54:86:56:2E:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QH0twQwC9ewk9pD59mBVVIZWLlk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
40:47:2d:f6:2d:64:37:87:29:ee:0c:ed:f2:ca:59:38:f6:a9:
14:a4:fa:44:38:4a:ca:e9:d5:25:e1:ba:b4:16:24:86:dd:00:
06:b8:89:3f:c1:ba:c1:28:1d:52:5a:29:99:30:c2:42:27:cd:
87:f1:83:86:63:35:bc:dd:8e:82:b4:08:d7:64:f1:9e:96:74:
6b:ef:e0:4e:bf:22:41:f8:9f:09:d6:85:e7:86:b9:84:31:39:
68:e1:e6:62:21:3f:8b:8c:d1:37:6b:7f:ef:a7:a8:e4:4b:15:
bd:c3:44:51:8e:7a:f8:f9:f5:f0:31:7b:c9:77:a7:76:f8:5a:
6c:a5:13:c2:58:d3:3b:9d:54:27:d4:29:21:0c:f1:5e:b3:96:
9f:4b:e8:63:e6:9b:c8:36:14:2d:3d:17:55:09:18:98:92:0a:
93:8c:c6:2e:bd:f7:f5:ad:2f:89:8a:60:fd:7b:1f:e6:c0:87:
70:03:d7:24:6d:cd:af:b5:90:2c:df:87:49:2b:0f:63:97:8a:
6d:13:47:c1:5f:d3:12:dd:8b:53:b8:52:8b:35:fc:b8:0a:5a:
95:4c:67:04:8e:42:96:48:08:c3:f9:1c:9f:22:a0:eb:c4:69:
65:5b:9e:1b:ae:88:9b:a6:a2:77:42:9b:dc:d4:d8:fb:c4:48:
9f:c7:5a:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0409Pyg8QcAG1J/QBq3v96MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwN2QyZGMxMGMwMmY1ZWMyNGY2OTBmOWY2NjA1NTU0ODY1
NjJlNTkwHhcNMjYwMzI5MDkwMTM5WhcNMjYwMzMwMDkwMTM5WjAzMTEwLwYDVQQD
EygyMzI0OTk2NDNkNTYzYzVhNTdiMzkxYjE3NjIyODQ3N2VmNjRmZDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2sHlLLtg4YLOM0F8M3LEj7Qp0zDX
f+euHx/ep6h9Cz9b0FeoyaNtUz21pkphKonLBU21HTWy9VGnM+xcMESKtvcVz7Xv
ibVkiA5M7iClY90tScmcXTg+Vxzt0pEmsBvQ4MYVvTdbDZvIav6L8Eel9ssrwWT4
KsrH5RwqIlkHCfdJ6S2SyaXKT24SC+pd4ZZKr86ekws/FujFT6hHy2wm0GIIEVJd
vVW/M+VOBvIoqEORctXkl+duMTuqdjBpvETZNhK3LDDtKD2O7JegCJV47jfJpQ2d
cWiJx64yPKtvRLFFTYJAAgukAIoCwVKPqLxNRH15hKVi85rfnNYWvR1jAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCMkmWQ9VjxaV7ORsXYihHfvZP2TMB8GA1UdIwQY
MBaAFEB9LcEMAvXsJPaQ+fZgVVSGVi5ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUgwdHdRd0M5ZXdrOXBENTltQlZWSVpXTGxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9hNmZjYzktZDI1MS00MmRjLWFkMDIt
OTY3YzIyODVlYTYyLzEvUUgwdHdRd0M5ZXdrOXBENTltQlZWSVpXTGxrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9hNmZjYzktZDI1MS00MmRjLWFkMDItOTY3YzIyODVlYTYy
LzEvUUgwdHdRd0M5ZXdrOXBENTltQlZWSVpXTGxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQEct9i1k
N4cp7gzt8spZOPapFKT6RDhKyunVJeG6tBYkht0ABriJP8G6wSgdUlopmTDCQifN
h/GDhmM1vN2OgrQI12TxnpZ0a+/gTr8iQfifCdaF54a5hDE5aOHmYiE/i4zRN2t/
76eo5EsVvcNEUY56+Pn18DF7yXendvhabKUTwljTO51UJ9QpIQzxXrOWn0voY+ab
yDYULT0XVQkYmJIKk4zGLr339a0viYpg/Xsf5sCHcAPXJG3Nr7WQLN+HSSsPY5eK
bRNHwV/TEt2LU7hSizX8uApalUxnBI5ClkgIw/kcnyKg68RpZVueG66Im6aid0Kb
3NTY+8RIn8dang==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:26:46 2026 by rpki-client