Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/QBY91EFO8-eS4AUB80786UQKnE4.mft
File: QBY91EFO8-eS4AUB80786UQKnE4.mft (raw, json)
Hash identifier: PVX702UVHOT7zViJNaZRhDaExYKm02GlvwMJjXUkeuA=
Subject key identifier: BC:06:A1:E2:A1:AA:BE:AD:29:49:93:DF:0C:8A:71:0F:D8:0F:BF:0F
Authority key identifier: 40:16:3D:D4:41:4E:F3:E7:92:E0:05:01:F3:4E:FC:E9:44:0A:9C:4E
Certificate issuer: /CN=40163dd4414ef3e792e00501f34efce9440a9c4e
Certificate serial: 019D26961B56F692D902A6154C22069C64FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QBY91EFO8-eS4AUB80786UQKnE4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/QBY91EFO8-eS4AUB80786UQKnE4.mft
Manifest number: 1888
Signing time: Wed 25 Mar 2026 20:01:04 +0000
Manifest this update: Wed 25 Mar 2026 20:01:04 +0000
Manifest next update: Thu 26 Mar 2026 20:01:04 +0000
Files and hashes: 1: QBY91EFO8-eS4AUB80786UQKnE4.crl (hash: CUFjUDsrPC5lWTX8gC8pCTzh0wewFNTT62qsbIFTl14=)
2: XVQmZyZgIfyuS-i9_dYYU_5CGT0.roa (hash: BPYDVshqMOmc9U1pef4+DfyaziPWsnfi+uZonkxHf4c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/QBY91EFO8-eS4AUB80786UQKnE4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/QBY91EFO8-eS4AUB80786UQKnE4.mft
rsync://rpki.ripe.net/repository/DEFAULT/QBY91EFO8-eS4AUB80786UQKnE4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:96:1b:56:f6:92:d9:02:a6:15:4c:22:06:9c:64:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40163dd4414ef3e792e00501f34efce9440a9c4e
Validity
Not Before: Mar 25 20:01:04 2026 GMT
Not After : Mar 26 20:01:04 2026 GMT
Subject: CN=bc06a1e2a1aabead294993df0c8a710fd80fbf0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:75:fe:dc:9b:51:74:35:ee:82:e3:20:08:84:
d4:1f:4d:39:46:a0:12:bc:5d:1d:3f:ac:c9:6b:04:
b3:87:d1:29:14:cc:a6:49:91:d3:ab:a6:87:2f:0b:
ff:e1:e7:17:9b:76:47:75:69:e2:c9:9e:75:1d:c5:
44:2a:dd:5e:a7:eb:9a:51:c1:9d:b0:7a:17:80:41:
32:77:ed:26:6f:85:a0:7e:3a:48:14:e3:f7:24:b7:
50:b1:30:5e:fd:a4:2f:56:dd:fd:8b:58:cc:0a:e2:
64:cf:ce:30:6b:03:4f:c5:93:57:34:ce:14:a8:c6:
b8:49:51:2f:7c:79:9b:6e:8f:51:6e:dd:8e:6a:b5:
2c:1b:cf:56:c8:96:e6:da:7a:0a:c1:9e:67:bd:72:
df:fc:c8:1a:3e:24:66:68:84:d5:3e:ae:64:26:71:
0f:e3:f6:75:9b:f7:a2:83:3c:fd:29:27:bc:ac:b3:
47:72:5b:4d:15:d5:58:a4:ed:6c:52:5c:3f:3a:69:
cd:62:c7:1b:25:14:ef:8c:20:27:90:10:a8:08:c2:
1b:ac:7f:b3:ad:e5:6b:a0:2f:8e:08:ef:ea:52:33:
67:bd:d1:24:75:c2:c9:85:6a:17:58:cd:4f:c1:40:
b0:ef:13:7c:ca:f3:58:32:00:f6:a1:ad:2d:79:48:
33:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:06:A1:E2:A1:AA:BE:AD:29:49:93:DF:0C:8A:71:0F:D8:0F:BF:0F
X509v3 Authority Key Identifier:
keyid:40:16:3D:D4:41:4E:F3:E7:92:E0:05:01:F3:4E:FC:E9:44:0A:9C:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QBY91EFO8-eS4AUB80786UQKnE4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/QBY91EFO8-eS4AUB80786UQKnE4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/QBY91EFO8-eS4AUB80786UQKnE4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2e:70:94:31:5f:99:95:63:62:c7:2b:ec:72:dd:bd:e4:f2:26:
35:57:30:42:21:bd:95:52:cc:13:6a:06:55:cc:d9:cf:86:39:
93:f4:df:29:d1:d0:74:39:9f:ef:92:0d:a4:ff:02:7b:22:4b:
13:7e:8d:a6:2f:0d:8c:24:e5:6a:24:dc:5a:10:f9:92:3f:7d:
01:14:4d:64:2d:9e:bc:03:57:d3:ed:e5:78:5b:f2:3b:80:cd:
f3:18:ee:96:9c:10:34:42:88:f2:3f:57:21:50:3e:23:62:9f:
5e:8b:03:63:3b:8f:74:ae:0c:03:db:c9:46:66:3d:d2:94:36:
b4:ee:49:bf:40:cd:61:6d:17:55:2e:f0:32:4d:8a:72:86:9c:
82:45:eb:89:b7:cb:e7:af:44:8b:79:3b:e5:20:25:2b:d5:a9:
fc:11:18:54:c1:a2:93:45:f0:ec:89:4c:4d:29:92:1b:30:af:
ca:11:c4:70:7e:80:f5:54:3b:ce:88:e8:61:b7:7c:b5:22:99:
45:fc:34:58:8d:09:cb:75:ba:a6:47:9a:e0:8d:a7:b9:16:cf:
31:de:0e:26:84:05:8e:ed:71:a5:0e:da:71:76:a6:d4:c0:87:
62:01:88:96:e1:ff:d4:df:41:0a:22:59:bf:35:49:d8:50:d5:
ae:cb:59:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mlhtW9pLZAqYVTCIGnGT6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMTYzZGQ0NDE0ZWYzZTc5MmUwMDUwMWYzNGVmY2U5NDQw
YTljNGUwHhcNMjYwMzI1MjAwMTA0WhcNMjYwMzI2MjAwMTA0WjAzMTEwLwYDVQQD
EyhiYzA2YTFlMmExYWFiZWFkMjk0OTkzZGYwYzhhNzEwZmQ4MGZiZjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHX+3JtRdDXuguMgCITUH005RqAS
vF0dP6zJawSzh9EpFMymSZHTq6aHLwv/4ecXm3ZHdWniyZ51HcVEKt1ep+uaUcGd
sHoXgEEyd+0mb4WgfjpIFOP3JLdQsTBe/aQvVt39i1jMCuJkz84wawNPxZNXNM4U
qMa4SVEvfHmbbo9Rbt2OarUsG89WyJbm2noKwZ5nvXLf/MgaPiRmaITVPq5kJnEP
4/Z1m/eigzz9KSe8rLNHcltNFdVYpO1sUlw/OmnNYscbJRTvjCAnkBCoCMIbrH+z
reVroC+OCO/qUjNnvdEkdcLJhWoXWM1PwUCw7xN8yvNYMgD2oa0teUgzhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLwGoeKhqr6tKUmT3wyKcQ/YD78PMB8GA1UdIwQY
MBaAFEAWPdRBTvPnkuAFAfNO/OlECpxOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUJZOTFFRk84LWVTNEFVQjgwNzg2VVFLbkU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy81MjE0MzgtM2UwNC00ZDcyLTg4ZGUt
MzYyMmFjN2Q2NWNjLzEvUUJZOTFFRk84LWVTNEFVQjgwNzg2VVFLbkU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy81MjE0MzgtM2UwNC00ZDcyLTg4ZGUtMzYyMmFjN2Q2NWNj
LzEvUUJZOTFFRk84LWVTNEFVQjgwNzg2VVFLbkU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALnCUMV+Z
lWNixyvsct295PImNVcwQiG9lVLME2oGVczZz4Y5k/TfKdHQdDmf75INpP8CeyJL
E36Npi8NjCTlaiTcWhD5kj99ARRNZC2evANX0+3leFvyO4DN8xjulpwQNEKI8j9X
IVA+I2KfXosDYzuPdK4MA9vJRmY90pQ2tO5Jv0DNYW0XVS7wMk2KcoacgkXribfL
569Ei3k75SAlK9Wp/BEYVMGik0Xw7IlMTSmSGzCvyhHEcH6A9VQ7zojoYbd8tSKZ
Rfw0WI0Jy3W6pkea4I2nuRbPMd4OJoQFju1xpQ7acXam1MCHYgGIluH/1N9BCiJZ
vzVJ2FDVrstZcw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:06:11 2026 by rpki-client