Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft
File: QL_eNYm0RMN59zNggxsd2OovhwM.mft (raw, json)
Hash identifier: ako+wkZ9DT2C4bxsTlalAE+ukmbEgmZ+jI2iVHxij9A=
Subject key identifier: DF:C2:C8:EB:F2:E6:7B:29:9C:39:81:FC:CC:E4:22:13:42:7D:E9:C1
Authority key identifier: 40:BF:DE:35:89:B4:44:C3:79:F7:33:60:83:1B:1D:D8:EA:2F:87:03
Certificate issuer: /CN=40bfde3589b444c379f73360831b1dd8ea2f8703
Certificate serial: 019D37C057415BA289E689501D3E43E0C836
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QL_eNYm0RMN59zNggxsd2OovhwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft
Manifest number: 0A9E
Signing time: Sun 29 Mar 2026 04:00:45 +0000
Manifest this update: Sun 29 Mar 2026 04:00:45 +0000
Manifest next update: Mon 30 Mar 2026 04:00:45 +0000
Files and hashes: 1: QL_eNYm0RMN59zNggxsd2OovhwM.crl (hash: CHECIXSXJb9sNTqhiTPfAow/vAI0E4ngW6w/TRgRdZI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft
rsync://rpki.ripe.net/repository/DEFAULT/QL_eNYm0RMN59zNggxsd2OovhwM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 04:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:c0:57:41:5b:a2:89:e6:89:50:1d:3e:43:e0:c8:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40bfde3589b444c379f73360831b1dd8ea2f8703
Validity
Not Before: Mar 29 04:00:45 2026 GMT
Not After : Mar 30 04:00:45 2026 GMT
Subject: CN=dfc2c8ebf2e67b299c3981fccce42213427de9c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:4e:2c:3e:5c:69:64:62:92:a4:97:17:5d:a1:
39:0a:ec:dd:f1:c9:6d:cc:55:ab:f4:1c:cd:da:70:
82:87:e1:75:5a:87:67:f4:90:bd:05:95:97:7a:14:
fb:56:16:22:44:32:12:5b:1b:97:27:e4:c8:a2:93:
44:d3:09:e2:fd:52:8b:1a:e6:87:3a:bb:e5:b4:a2:
40:cf:6a:dc:e2:17:17:11:4c:07:e8:57:f0:97:42:
a1:d2:a1:cc:ad:92:2a:88:7a:d2:84:c6:ec:e5:43:
04:3a:da:fd:5d:37:af:78:2a:e3:af:03:c8:84:da:
4f:5e:64:8c:ee:10:07:5d:9a:d1:7d:6a:88:55:d5:
db:9c:95:1d:e7:d6:ba:8e:24:dd:f4:44:66:36:30:
88:41:b0:7d:bd:6c:a4:3d:98:61:b1:5d:95:2e:60:
af:e5:2f:e5:8b:70:6e:49:17:16:0c:62:40:8a:c6:
2a:39:35:4f:8d:ee:52:f6:dc:67:f8:d4:ce:a7:3c:
f2:ae:70:0a:d2:8d:b4:a2:b3:a1:50:39:a3:e0:db:
e3:b2:5b:29:85:6b:aa:af:b9:a8:3c:20:20:d9:88:
22:c0:a3:69:b7:1f:8f:a5:97:fe:33:8f:c3:b7:2c:
b1:3a:6e:4d:ee:ae:a1:09:19:59:09:35:e4:9f:c1:
17:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:C2:C8:EB:F2:E6:7B:29:9C:39:81:FC:CC:E4:22:13:42:7D:E9:C1
X509v3 Authority Key Identifier:
keyid:40:BF:DE:35:89:B4:44:C3:79:F7:33:60:83:1B:1D:D8:EA:2F:87:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QL_eNYm0RMN59zNggxsd2OovhwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
48:e1:51:05:dd:74:0d:be:09:d6:6e:c2:33:48:2d:b2:cd:24:
4d:ab:52:b1:0f:d9:ce:36:c8:48:9d:19:5b:8a:81:c8:9e:54:
5f:b8:81:8b:c8:b3:56:1a:6f:d0:7f:d2:37:78:b6:8d:27:68:
4d:09:96:90:0b:16:99:38:7f:28:73:33:91:57:75:b8:4a:42:
5e:b7:87:85:21:a0:1e:26:82:c0:c2:eb:df:6e:30:a5:3a:7a:
fe:de:47:92:9e:10:31:94:e6:ae:26:e3:67:1e:17:86:fe:ad:
e3:11:ee:84:f5:3a:84:6e:81:55:49:89:af:14:c9:20:01:43:
31:71:f0:15:6c:08:c0:c0:61:ea:d7:91:99:84:8d:9e:1e:7b:
a1:b5:bc:ed:87:32:72:4e:cb:63:a0:40:c6:0b:9a:f7:f9:af:
fa:58:79:34:e4:a4:46:4e:3c:db:c2:e3:7b:6b:e8:88:3a:24:
a3:d0:28:f6:40:ae:cb:9e:99:60:70:fc:89:7f:c6:e7:84:cc:
33:b9:40:57:70:ac:92:64:3b:0e:35:b3:0c:fb:6d:f1:b0:72:
a0:5b:3d:7b:b9:16:34:f6:7c:65:1c:06:0f:28:ff:f4:0a:e0:
3a:39:04:ca:25:ed:f5:cf:6c:d9:be:55:a9:dc:b6:a5:44:7e:
bb:0f:fa:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wFdBW6KJ5olQHT5D4Mg2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYmZkZTM1ODliNDQ0YzM3OWY3MzM2MDgzMWIxZGQ4ZWEy
Zjg3MDMwHhcNMjYwMzI5MDQwMDQ1WhcNMjYwMzMwMDQwMDQ1WjAzMTEwLwYDVQQD
EyhkZmMyYzhlYmYyZTY3YjI5OWMzOTgxZmNjY2U0MjIxMzQyN2RlOWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA204sPlxpZGKSpJcXXaE5Cuzd8clt
zFWr9BzN2nCCh+F1Wodn9JC9BZWXehT7VhYiRDISWxuXJ+TIopNE0wni/VKLGuaH
OrvltKJAz2rc4hcXEUwH6Ffwl0Kh0qHMrZIqiHrShMbs5UMEOtr9XTeveCrjrwPI
hNpPXmSM7hAHXZrRfWqIVdXbnJUd59a6jiTd9ERmNjCIQbB9vWykPZhhsV2VLmCv
5S/li3BuSRcWDGJAisYqOTVPje5S9txn+NTOpzzyrnAK0o20orOhUDmj4Nvjslsp
hWuqr7moPCAg2YgiwKNptx+PpZf+M4/DtyyxOm5N7q6hCRlZCTXkn8EXAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN/CyOvy5nspnDmB/MzkIhNCfenBMB8GA1UdIwQY
MBaAFEC/3jWJtETDefczYIMbHdjqL4cDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxfZU5ZbTBSTU41OXpOZ2d4c2QyT292aHdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8zYmEwMTEtZGJlZi00NTc3LTllMDAt
NTg4MDE5YTZiNWNiLzEvUUxfZU5ZbTBSTU41OXpOZ2d4c2QyT292aHdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8zYmEwMTEtZGJlZi00NTc3LTllMDAtNTg4MDE5YTZiNWNi
LzEvUUxfZU5ZbTBSTU41OXpOZ2d4c2QyT292aHdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASOFRBd10
Db4J1m7CM0gtss0kTatSsQ/ZzjbISJ0ZW4qByJ5UX7iBi8izVhpv0H/SN3i2jSdo
TQmWkAsWmTh/KHMzkVd1uEpCXreHhSGgHiaCwMLr324wpTp6/t5Hkp4QMZTmribj
Zx4Xhv6t4xHuhPU6hG6BVUmJrxTJIAFDMXHwFWwIwMBh6teRmYSNnh57obW87Ycy
ck7LY6BAxgua9/mv+lh5NOSkRk4828Lje2voiDoko9Ao9kCuy56ZYHD8iX/G54TM
M7lAV3CskmQ7DjWzDPtt8bByoFs9e7kWNPZ8ZRwGDyj/9ArgOjkEyiXt9c9s2b5V
qdy2pUR+uw/6uw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:05:43 2026 by rpki-client