Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft
File: QL_eNYm0RMN59zNggxsd2OovhwM.mft (raw, json)
Hash identifier: H8o2Mvjeb9uH7t4NOnNmya6TvOjoNmv2f0d/NxMz7Gg=
Subject key identifier: 32:66:3F:5D:46:04:23:85:BC:3A:C6:7E:AF:A0:4C:2E:95:F8:DF:6C
Authority key identifier: 40:BF:DE:35:89:B4:44:C3:79:F7:33:60:83:1B:1D:D8:EA:2F:87:03
Certificate issuer: /CN=40bfde3589b444c379f73360831b1dd8ea2f8703
Certificate serial: 019D33E3CBFB663CBA86EC2D1A0AABD2E21A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QL_eNYm0RMN59zNggxsd2OovhwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft
Manifest number: 0A9C
Signing time: Sat 28 Mar 2026 10:00:59 +0000
Manifest this update: Sat 28 Mar 2026 10:00:59 +0000
Manifest next update: Sun 29 Mar 2026 10:00:59 +0000
Files and hashes: 1: QL_eNYm0RMN59zNggxsd2OovhwM.crl (hash: SEa0aTSnfo/BZ3aFVNDz80yc9j9XOXn2xBC26LWiBx8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft
rsync://rpki.ripe.net/repository/DEFAULT/QL_eNYm0RMN59zNggxsd2OovhwM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 10:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:33:e3:cb:fb:66:3c:ba:86:ec:2d:1a:0a:ab:d2:e2:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40bfde3589b444c379f73360831b1dd8ea2f8703
Validity
Not Before: Mar 28 10:00:59 2026 GMT
Not After : Mar 29 10:00:59 2026 GMT
Subject: CN=32663f5d46042385bc3ac67eafa04c2e95f8df6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:2c:ec:5c:8c:0b:ec:74:67:8a:1c:7e:2e:b5:
c1:4f:64:35:b0:f9:ca:04:a4:9e:be:22:d2:4a:cd:
da:2e:77:a1:ca:1a:62:29:75:05:c6:21:95:ae:33:
85:4a:d4:79:6c:af:fd:ee:0b:b1:ac:9a:8a:3e:96:
23:1f:e7:28:76:0b:f3:7c:51:19:fd:f4:c0:7e:48:
d5:da:24:21:7f:07:57:99:0a:04:e1:d3:fa:f8:d0:
2a:ef:6b:e4:40:ab:d6:96:99:fe:99:e2:b4:d4:82:
b9:2f:c2:54:02:0c:a8:f0:25:9a:49:47:68:a4:1e:
5e:ec:32:97:6c:fe:c7:e3:5a:ed:ed:dd:eb:5b:e8:
10:63:e2:f3:d3:79:02:ee:4d:78:1a:a9:9d:19:07:
db:c9:78:db:27:61:6a:60:10:ea:8e:94:e4:2b:59:
31:aa:f4:bb:39:a2:0e:76:01:be:54:30:eb:89:76:
03:93:a8:ab:64:be:f6:dd:7f:3c:a2:e7:a9:63:dd:
6d:52:15:f5:a8:3d:a9:c9:0e:7c:ac:d9:e3:4d:41:
a2:de:02:b7:39:64:0d:c2:4d:b5:59:4a:41:4d:8f:
39:f8:80:e5:1b:0a:85:64:b2:52:18:83:14:9b:3b:
4a:4a:2e:6f:a5:b7:fa:81:15:63:4e:be:ee:9b:96:
9e:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:66:3F:5D:46:04:23:85:BC:3A:C6:7E:AF:A0:4C:2E:95:F8:DF:6C
X509v3 Authority Key Identifier:
keyid:40:BF:DE:35:89:B4:44:C3:79:F7:33:60:83:1B:1D:D8:EA:2F:87:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QL_eNYm0RMN59zNggxsd2OovhwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
30:b3:18:7f:94:7d:db:ae:93:49:f1:ed:c7:d7:66:49:64:3b:
28:6a:c8:1c:95:67:e7:15:4c:16:07:79:68:2c:9b:27:be:ca:
6d:35:24:ee:68:da:fc:aa:52:0b:50:ee:62:ce:01:06:65:cb:
49:56:3a:cf:dc:7d:e1:48:3a:7b:14:09:aa:bc:96:dc:a3:d1:
95:7e:d7:e8:e5:8c:b4:b0:28:8c:89:04:04:50:c2:89:8f:16:
a5:75:bc:c7:22:3a:a7:7e:06:e0:69:3c:7c:4e:0d:64:39:a7:
59:db:06:94:45:ed:c6:d6:b6:19:0b:c3:53:be:8d:5f:c4:ba:
d9:bd:d7:f5:e0:bb:06:78:ee:1b:2a:70:cc:92:14:40:56:c3:
d0:e4:af:12:7a:8e:d7:d5:e8:3c:00:26:2e:82:d1:81:c9:77:
ee:9b:97:85:3b:00:c6:2e:30:39:94:ff:7f:56:cd:82:f9:80:
8a:e7:10:ed:0f:34:bc:17:7f:f9:72:56:b5:59:1d:c6:c7:32:
27:89:cd:7f:12:b4:d2:30:cb:f5:75:5f:99:42:2e:af:23:9a:
52:c7:b1:75:0c:90:bc:07:83:2a:75:c3:6c:39:d2:a2:e0:08:
cb:7a:6b:e9:80:f8:f8:7f:84:0e:56:45:54:bc:5e:8f:66:49:
d9:e0:98:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0z48v7Zjy6huwtGgqr0uIaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYmZkZTM1ODliNDQ0YzM3OWY3MzM2MDgzMWIxZGQ4ZWEy
Zjg3MDMwHhcNMjYwMzI4MTAwMDU5WhcNMjYwMzI5MTAwMDU5WjAzMTEwLwYDVQQD
EygzMjY2M2Y1ZDQ2MDQyMzg1YmMzYWM2N2VhZmEwNGMyZTk1ZjhkZjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSzsXIwL7HRnihx+LrXBT2Q1sPnK
BKSeviLSSs3aLnehyhpiKXUFxiGVrjOFStR5bK/97guxrJqKPpYjH+codgvzfFEZ
/fTAfkjV2iQhfwdXmQoE4dP6+NAq72vkQKvWlpn+meK01IK5L8JUAgyo8CWaSUdo
pB5e7DKXbP7H41rt7d3rW+gQY+Lz03kC7k14GqmdGQfbyXjbJ2FqYBDqjpTkK1kx
qvS7OaIOdgG+VDDriXYDk6irZL723X88ouepY91tUhX1qD2pyQ58rNnjTUGi3gK3
OWQNwk21WUpBTY85+IDlGwqFZLJSGIMUmztKSi5vpbf6gRVjTr7um5aeSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDJmP11GBCOFvDrGfq+gTC6V+N9sMB8GA1UdIwQY
MBaAFEC/3jWJtETDefczYIMbHdjqL4cDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxfZU5ZbTBSTU41OXpOZ2d4c2QyT292aHdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8zYmEwMTEtZGJlZi00NTc3LTllMDAt
NTg4MDE5YTZiNWNiLzEvUUxfZU5ZbTBSTU41OXpOZ2d4c2QyT292aHdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8zYmEwMTEtZGJlZi00NTc3LTllMDAtNTg4MDE5YTZiNWNi
LzEvUUxfZU5ZbTBSTU41OXpOZ2d4c2QyT292aHdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMLMYf5R9
266TSfHtx9dmSWQ7KGrIHJVn5xVMFgd5aCybJ77KbTUk7mja/KpSC1DuYs4BBmXL
SVY6z9x94Ug6exQJqryW3KPRlX7X6OWMtLAojIkEBFDCiY8WpXW8xyI6p34G4Gk8
fE4NZDmnWdsGlEXtxta2GQvDU76NX8S62b3X9eC7BnjuGypwzJIUQFbD0OSvEnqO
19XoPAAmLoLRgcl37puXhTsAxi4wOZT/f1bNgvmAiucQ7Q80vBd/+XJWtVkdxscy
J4nNfxK00jDL9XVfmUIuryOaUsexdQyQvAeDKnXDbDnSouAIy3pr6YD4+H+EDlZF
VLxej2ZJ2eCY2w==
-----END CERTIFICATE-----
Generated at Sat Mar 28 17:35:02 2026 by rpki-client