Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/QBY91EFO8-eS4AUB80786UQKnE4.mft
File: QBY91EFO8-eS4AUB80786UQKnE4.mft (raw, json)
Hash identifier: kGtFk2Dmw7Sp/W+UwS9KOWwsVBuwfdK01HWsuZorMXk=
Subject key identifier: 92:8C:8B:AF:AA:1F:F3:4C:D7:A2:5E:71:EA:23:8B:60:37:3F:23:74
Authority key identifier: 40:16:3D:D4:41:4E:F3:E7:92:E0:05:01:F3:4E:FC:E9:44:0A:9C:4E
Certificate issuer: /CN=40163dd4414ef3e792e00501f34efce9440a9c4e
Certificate serial: 019D39E5C34FABB3C550AF20A85972D0A818
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QBY91EFO8-eS4AUB80786UQKnE4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/QBY91EFO8-eS4AUB80786UQKnE4.mft
Manifest number: 1892
Signing time: Sun 29 Mar 2026 14:00:52 +0000
Manifest this update: Sun 29 Mar 2026 14:00:52 +0000
Manifest next update: Mon 30 Mar 2026 14:00:52 +0000
Files and hashes: 1: QBY91EFO8-eS4AUB80786UQKnE4.crl (hash: QOll/yZrDvBxR9A7diVtBcdGxqYHTuvAiP29yRK6CNA=)
2: XVQmZyZgIfyuS-i9_dYYU_5CGT0.roa (hash: BPYDVshqMOmc9U1pef4+DfyaziPWsnfi+uZonkxHf4c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/QBY91EFO8-eS4AUB80786UQKnE4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/QBY91EFO8-eS4AUB80786UQKnE4.mft
rsync://rpki.ripe.net/repository/DEFAULT/QBY91EFO8-eS4AUB80786UQKnE4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:e5:c3:4f:ab:b3:c5:50:af:20:a8:59:72:d0:a8:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40163dd4414ef3e792e00501f34efce9440a9c4e
Validity
Not Before: Mar 29 14:00:52 2026 GMT
Not After : Mar 30 14:00:52 2026 GMT
Subject: CN=928c8bafaa1ff34cd7a25e71ea238b60373f2374
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ce:8a:e7:0c:f5:5a:22:33:60:03:28:8e:32:
23:62:44:53:2a:ed:25:32:26:90:b2:47:16:97:4c:
1c:b7:fd:32:da:e2:bb:95:fe:b3:cd:da:29:55:01:
f9:07:15:28:0a:e6:c2:70:64:45:9a:8e:e7:c9:f0:
45:fe:a9:ad:a8:2d:49:5b:b5:50:7a:aa:b7:ac:9d:
7a:cd:1c:5f:5f:97:88:0d:fe:fc:b9:f3:9d:99:47:
41:e2:cf:91:89:28:b1:a6:21:60:01:81:de:b5:36:
39:3b:f4:14:4c:8e:ab:6d:9f:15:14:60:57:54:a3:
49:c0:e4:24:ff:7b:4b:76:55:7e:20:a5:26:da:62:
c8:60:a4:f7:4f:91:92:08:1c:28:ec:69:18:42:ac:
1f:89:dc:37:3c:d9:fb:20:c1:be:97:18:c7:8f:45:
49:0d:38:73:79:fb:05:09:ff:23:c0:04:78:aa:75:
12:3e:72:d4:12:3c:97:83:15:e5:32:f0:88:f8:4c:
63:98:a3:e2:8e:b0:92:a6:0a:6e:7d:b8:4f:d9:10:
b3:ba:da:35:d2:67:32:b3:18:4b:f4:6a:80:97:ba:
9f:20:19:e9:a2:33:ec:18:98:2c:bf:c8:5a:a5:58:
98:ef:e9:74:fb:e6:2e:dd:7d:d7:73:3a:af:6a:ba:
7a:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:8C:8B:AF:AA:1F:F3:4C:D7:A2:5E:71:EA:23:8B:60:37:3F:23:74
X509v3 Authority Key Identifier:
keyid:40:16:3D:D4:41:4E:F3:E7:92:E0:05:01:F3:4E:FC:E9:44:0A:9C:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QBY91EFO8-eS4AUB80786UQKnE4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/QBY91EFO8-eS4AUB80786UQKnE4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/QBY91EFO8-eS4AUB80786UQKnE4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
06:ca:58:39:1a:b8:ae:35:15:88:64:cc:66:27:6e:4c:71:2d:
1a:ea:12:3b:cd:f6:4e:20:b5:40:76:e1:ea:63:d4:a2:f7:9c:
be:53:f1:73:ef:5a:90:bd:4c:91:9a:7d:f3:d9:c2:8f:43:a6:
df:44:03:2a:06:3f:42:b3:c8:34:07:52:cf:5d:4f:53:4b:b1:
5d:ed:a5:78:a0:c8:9d:5d:57:54:a0:e3:13:26:96:e3:f7:1a:
b5:7c:e6:60:30:a5:5d:3c:49:bf:d9:a3:b6:7c:fe:28:bb:98:
36:4a:9f:18:f8:29:16:6d:24:69:5f:06:17:aa:f9:bc:70:a6:
ad:da:2d:91:7b:5f:f9:2e:54:7d:24:9c:79:6c:02:51:e7:f1:
bf:32:9f:b9:29:8e:ce:ec:88:e7:46:56:8b:1e:dc:db:9f:a8:
d0:56:43:f0:4a:03:ad:b7:2b:04:e2:2c:1b:38:dc:1d:53:46:
a6:26:50:2d:3a:a0:16:64:77:73:16:9d:73:7e:cd:66:b9:62:
aa:c9:96:37:14:b3:4a:bf:08:45:c2:d3:ee:3e:f5:86:13:ce:
a1:33:d7:80:51:5f:98:97:75:c8:ed:dd:52:6d:09:79:58:21:
62:61:75:6a:44:0b:21:8c:98:c0:7e:88:29:46:a5:f0:3f:b9:
a2:15:7a:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ055cNPq7PFUK8gqFly0KgYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMTYzZGQ0NDE0ZWYzZTc5MmUwMDUwMWYzNGVmY2U5NDQw
YTljNGUwHhcNMjYwMzI5MTQwMDUyWhcNMjYwMzMwMTQwMDUyWjAzMTEwLwYDVQQD
Eyg5MjhjOGJhZmFhMWZmMzRjZDdhMjVlNzFlYTIzOGI2MDM3M2YyMzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu86K5wz1WiIzYAMojjIjYkRTKu0l
MiaQskcWl0wct/0y2uK7lf6zzdopVQH5BxUoCubCcGRFmo7nyfBF/qmtqC1JW7VQ
eqq3rJ16zRxfX5eIDf78ufOdmUdB4s+RiSixpiFgAYHetTY5O/QUTI6rbZ8VFGBX
VKNJwOQk/3tLdlV+IKUm2mLIYKT3T5GSCBwo7GkYQqwfidw3PNn7IMG+lxjHj0VJ
DThzefsFCf8jwAR4qnUSPnLUEjyXgxXlMvCI+ExjmKPijrCSpgpufbhP2RCzuto1
0mcysxhL9GqAl7qfIBnpojPsGJgsv8hapViY7+l0++Yu3X3Xczqvarp6AQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJKMi6+qH/NM16Jeceoji2A3PyN0MB8GA1UdIwQY
MBaAFEAWPdRBTvPnkuAFAfNO/OlECpxOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUJZOTFFRk84LWVTNEFVQjgwNzg2VVFLbkU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy81MjE0MzgtM2UwNC00ZDcyLTg4ZGUt
MzYyMmFjN2Q2NWNjLzEvUUJZOTFFRk84LWVTNEFVQjgwNzg2VVFLbkU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy81MjE0MzgtM2UwNC00ZDcyLTg4ZGUtMzYyMmFjN2Q2NWNj
LzEvUUJZOTFFRk84LWVTNEFVQjgwNzg2VVFLbkU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABspYORq4
rjUViGTMZiduTHEtGuoSO832TiC1QHbh6mPUovecvlPxc+9akL1MkZp989nCj0Om
30QDKgY/QrPINAdSz11PU0uxXe2leKDInV1XVKDjEyaW4/catXzmYDClXTxJv9mj
tnz+KLuYNkqfGPgpFm0kaV8GF6r5vHCmrdotkXtf+S5UfSSceWwCUefxvzKfuSmO
zuyI50ZWix7c25+o0FZD8EoDrbcrBOIsGzjcHVNGpiZQLTqgFmR3cxadc37NZrli
qsmWNxSzSr8IRcLT7j71hhPOoTPXgFFfmJd1yO3dUm0JeVghYmF1akQLIYyYwH6I
KUal8D+5ohV6Nw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:49:22 2026 by rpki-client