Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/QBY91EFO8-eS4AUB80786UQKnE4.mft
File: QBY91EFO8-eS4AUB80786UQKnE4.mft (raw, json)
Hash identifier: JO8gRCfS9nGLITiFPF3KElF8pJa22hGCthwx/KgDKSU=
Subject key identifier: 45:B1:14:6E:C8:35:03:AA:B3:35:00:6A:FC:D0:35:9A:E9:43:7F:1E
Authority key identifier: 40:16:3D:D4:41:4E:F3:E7:92:E0:05:01:F3:4E:FC:E9:44:0A:9C:4E
Certificate issuer: /CN=40163dd4414ef3e792e00501f34efce9440a9c4e
Certificate serial: 019CAED9EE9C8B35B245019789D818088386
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QBY91EFO8-eS4AUB80786UQKnE4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/QBY91EFO8-eS4AUB80786UQKnE4.mft
Manifest number: 184A
Signing time: Mon 02 Mar 2026 14:00:43 +0000
Manifest this update: Mon 02 Mar 2026 14:00:43 +0000
Manifest next update: Tue 03 Mar 2026 14:00:43 +0000
Files and hashes: 1: QBY91EFO8-eS4AUB80786UQKnE4.crl (hash: WSjx5HHnycdwoVHKCnnIpsvQav8unTQz4mPhKgct8As=)
2: XVQmZyZgIfyuS-i9_dYYU_5CGT0.roa (hash: BPYDVshqMOmc9U1pef4+DfyaziPWsnfi+uZonkxHf4c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/QBY91EFO8-eS4AUB80786UQKnE4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/QBY91EFO8-eS4AUB80786UQKnE4.mft
rsync://rpki.ripe.net/repository/DEFAULT/QBY91EFO8-eS4AUB80786UQKnE4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 14:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ae:d9:ee:9c:8b:35:b2:45:01:97:89:d8:18:08:83:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40163dd4414ef3e792e00501f34efce9440a9c4e
Validity
Not Before: Mar 2 14:00:43 2026 GMT
Not After : Mar 3 14:00:43 2026 GMT
Subject: CN=45b1146ec83503aab335006afcd0359ae9437f1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:50:94:7e:7e:e7:e7:32:23:d1:a1:fd:34:3f:
e0:48:31:bc:19:e4:48:7c:fe:54:a5:d4:0f:f3:0e:
d1:68:00:93:07:1b:e9:6e:95:ef:f1:c6:fd:72:cf:
b4:88:8d:f1:46:2c:fd:d6:f1:86:c5:31:99:51:37:
05:7b:b1:91:b4:9d:35:43:0e:cc:74:30:bc:7a:e9:
9b:4d:ef:78:cc:5e:20:ff:da:79:ad:90:17:d5:6d:
8d:b0:4a:81:05:3a:65:7f:73:a1:6d:2b:c8:c8:4e:
52:1c:ed:13:45:73:13:11:14:c3:d8:df:62:c5:3a:
cf:c1:26:fb:d2:78:c1:a8:c7:db:70:5c:38:81:95:
ba:ea:78:4b:1e:f2:98:08:01:24:a0:d7:df:13:8f:
1c:85:4a:01:eb:cb:85:73:91:35:13:8d:a5:53:a3:
d2:19:ed:6b:85:94:2f:dc:55:df:f3:40:a0:81:8b:
e3:18:18:f9:92:91:00:1d:98:3c:1a:f9:2b:47:b9:
f3:c4:73:d8:89:04:19:36:cb:03:99:39:92:5e:37:
32:1b:e8:f2:20:78:76:af:9c:38:97:31:cf:64:03:
96:af:3c:d6:86:b6:18:2e:4c:c8:69:48:e1:9d:78:
03:ae:50:8e:50:9a:ee:a6:08:8f:27:fe:e0:64:f4:
76:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:B1:14:6E:C8:35:03:AA:B3:35:00:6A:FC:D0:35:9A:E9:43:7F:1E
X509v3 Authority Key Identifier:
keyid:40:16:3D:D4:41:4E:F3:E7:92:E0:05:01:F3:4E:FC:E9:44:0A:9C:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QBY91EFO8-eS4AUB80786UQKnE4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/QBY91EFO8-eS4AUB80786UQKnE4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/QBY91EFO8-eS4AUB80786UQKnE4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
85:f9:b3:8d:43:96:f6:f1:67:36:f9:05:97:ca:b8:11:f4:b1:
9b:fa:43:6f:e1:2a:15:f9:cf:ad:67:55:01:ba:15:e7:4c:f5:
09:be:35:51:9f:b7:e4:c0:07:91:92:c2:c3:2c:56:90:4c:1e:
2e:78:fc:54:f1:98:79:2a:55:f4:44:16:94:7f:14:49:f9:31:
ad:91:db:24:a5:98:4d:a5:6d:de:d9:c3:40:1d:e8:89:04:10:
c2:49:be:1e:5c:c7:c7:b9:1a:7b:e6:07:17:cf:4b:55:0f:62:
03:03:7d:c9:f5:91:4a:54:ea:f1:ae:22:a1:ca:d5:82:61:20:
a5:08:50:2e:19:bc:1e:79:45:9e:c9:c8:99:2f:34:21:08:ad:
92:92:98:a1:79:0d:5e:49:ef:cd:b6:76:82:f1:2e:44:a2:a0:
e2:ed:52:79:32:b7:05:47:d9:21:2e:b8:3f:bb:bd:86:0d:09:
39:0b:2c:c3:cb:d5:c6:02:43:b8:67:51:10:f7:57:ee:cb:6a:
5d:05:cf:c4:01:e0:8b:79:1f:02:8d:e8:70:a9:74:92:77:32:
d4:d0:00:8c:39:d1:3e:52:53:02:f0:15:b7:ef:3e:0b:05:be:
fa:3e:19:1d:1f:4b:3b:3d:e8:3c:2c:81:ab:33:fd:d1:8c:8d:
57:ff:f6:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyu2e6cizWyRQGXidgYCIOGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMTYzZGQ0NDE0ZWYzZTc5MmUwMDUwMWYzNGVmY2U5NDQw
YTljNGUwHhcNMjYwMzAyMTQwMDQzWhcNMjYwMzAzMTQwMDQzWjAzMTEwLwYDVQQD
Eyg0NWIxMTQ2ZWM4MzUwM2FhYjMzNTAwNmFmY2QwMzU5YWU5NDM3ZjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyVCUfn7n5zIj0aH9ND/gSDG8GeRI
fP5UpdQP8w7RaACTBxvpbpXv8cb9cs+0iI3xRiz91vGGxTGZUTcFe7GRtJ01Qw7M
dDC8eumbTe94zF4g/9p5rZAX1W2NsEqBBTplf3OhbSvIyE5SHO0TRXMTERTD2N9i
xTrPwSb70njBqMfbcFw4gZW66nhLHvKYCAEkoNffE48chUoB68uFc5E1E42lU6PS
Ge1rhZQv3FXf80CggYvjGBj5kpEAHZg8GvkrR7nzxHPYiQQZNssDmTmSXjcyG+jy
IHh2r5w4lzHPZAOWrzzWhrYYLkzIaUjhnXgDrlCOUJrupgiPJ/7gZPR2lwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEWxFG7INQOqszUAavzQNZrpQ38eMB8GA1UdIwQY
MBaAFEAWPdRBTvPnkuAFAfNO/OlECpxOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUJZOTFFRk84LWVTNEFVQjgwNzg2VVFLbkU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy81MjE0MzgtM2UwNC00ZDcyLTg4ZGUt
MzYyMmFjN2Q2NWNjLzEvUUJZOTFFRk84LWVTNEFVQjgwNzg2VVFLbkU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy81MjE0MzgtM2UwNC00ZDcyLTg4ZGUtMzYyMmFjN2Q2NWNj
LzEvUUJZOTFFRk84LWVTNEFVQjgwNzg2VVFLbkU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhfmzjUOW
9vFnNvkFl8q4EfSxm/pDb+EqFfnPrWdVAboV50z1Cb41UZ+35MAHkZLCwyxWkEwe
Lnj8VPGYeSpV9EQWlH8USfkxrZHbJKWYTaVt3tnDQB3oiQQQwkm+HlzHx7kae+YH
F89LVQ9iAwN9yfWRSlTq8a4iocrVgmEgpQhQLhm8HnlFnsnImS80IQitkpKYoXkN
XknvzbZ2gvEuRKKg4u1SeTK3BUfZIS64P7u9hg0JOQssw8vVxgJDuGdREPdX7stq
XQXPxAHgi3kfAo3ocKl0kncy1NAAjDnRPlJTAvAVt+8+CwW++j4ZHR9LOz3oPCyB
qzP90YyNV//2sg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 18:06:36 2026 by rpki-client