Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/de9401-56bb-4813-8f88-fd11bb1cc82d/1/QKqUnTHGaIjLR1jyPdXzEhQd7Eo.mft
File: QKqUnTHGaIjLR1jyPdXzEhQd7Eo.mft (raw, json)
Hash identifier: B2IWu6OBKenqNJ2NOK2Sj620hCApVaoAGc2KZgQFi1o=
Subject key identifier: 1F:13:DD:7D:5D:4D:82:96:7C:53:65:3E:2D:44:71:5A:C6:69:CE:E8
Authority key identifier: 40:AA:94:9D:31:C6:68:88:CB:47:58:F2:3D:D5:F3:12:14:1D:EC:4A
Certificate issuer: /CN=40aa949d31c66888cb4758f23dd5f312141dec4a
Certificate serial: 019A71B924126A9BA204293C9F29B87CC135
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QKqUnTHGaIjLR1jyPdXzEhQd7Eo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/de9401-56bb-4813-8f88-fd11bb1cc82d/1/QKqUnTHGaIjLR1jyPdXzEhQd7Eo.mft
Manifest number: 0E40
Signing time: Tue 11 Nov 2025 07:02:30 +0000
Manifest this update: Tue 11 Nov 2025 07:02:30 +0000
Manifest next update: Wed 12 Nov 2025 07:02:30 +0000
Files and hashes: 1: Ci2nxFCN2-JFxhCGu2Re4yZAOHs.roa (hash: +bhZNarT7FFMkSZsUhSIu2eb8t+79YYtheiLS/N1UY0=)
2: QKqUnTHGaIjLR1jyPdXzEhQd7Eo.crl (hash: p6Qo87uWXTEdWkkcHXhV5+YaKews6+topokV9ZsaMiQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/de9401-56bb-4813-8f88-fd11bb1cc82d/1/QKqUnTHGaIjLR1jyPdXzEhQd7Eo.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/de9401-56bb-4813-8f88-fd11bb1cc82d/1/QKqUnTHGaIjLR1jyPdXzEhQd7Eo.mft
rsync://rpki.ripe.net/repository/DEFAULT/QKqUnTHGaIjLR1jyPdXzEhQd7Eo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b9:24:12:6a:9b:a2:04:29:3c:9f:29:b8:7c:c1:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40aa949d31c66888cb4758f23dd5f312141dec4a
Validity
Not Before: Nov 11 07:02:30 2025 GMT
Not After : Nov 12 07:02:30 2025 GMT
Subject: CN=1f13dd7d5d4d82967c53653e2d44715ac669cee8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:fe:85:4c:3a:de:35:9e:49:69:65:02:79:9d:
c1:27:6e:e5:68:e5:56:c5:f9:3e:ee:82:bf:d4:e0:
6f:e5:1d:bc:8a:b3:bf:3a:75:4d:06:04:7d:8f:70:
cf:ef:f2:e1:fb:07:70:a2:a2:33:4c:fe:e9:a5:59:
57:42:1d:88:dd:05:00:24:76:ae:e6:06:05:47:d9:
83:c2:86:41:35:16:22:cd:1c:f6:4c:e1:03:04:cc:
63:56:1b:11:fc:49:e8:ee:3e:b5:6f:99:d3:a6:61:
2e:8e:e8:ca:a7:b6:1f:e6:3e:22:e6:e8:75:55:b9:
59:ab:51:60:01:62:63:ee:e6:0b:3e:1d:ee:ef:3b:
1e:f6:05:7f:a0:bd:75:83:90:2a:0b:68:f3:4c:06:
83:73:c0:02:c9:c9:e5:32:7c:9a:79:2e:8d:b8:ab:
31:9e:57:41:47:1f:2d:c4:e5:d8:1f:e0:9f:93:ba:
7c:ad:ac:f1:33:91:59:b4:7c:48:80:8a:36:c5:82:
b0:6f:8f:ba:41:c2:c3:45:45:1f:a1:9d:5b:4c:0d:
f7:4b:d6:e9:b7:af:7b:22:c9:db:75:b4:ba:13:2a:
13:6e:54:a5:69:5d:77:ca:9c:df:9c:c5:c9:2b:67:
73:cf:48:26:b8:0b:06:7b:cd:dc:fa:01:b2:1b:a4:
ae:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:13:DD:7D:5D:4D:82:96:7C:53:65:3E:2D:44:71:5A:C6:69:CE:E8
X509v3 Authority Key Identifier:
keyid:40:AA:94:9D:31:C6:68:88:CB:47:58:F2:3D:D5:F3:12:14:1D:EC:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QKqUnTHGaIjLR1jyPdXzEhQd7Eo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/de9401-56bb-4813-8f88-fd11bb1cc82d/1/QKqUnTHGaIjLR1jyPdXzEhQd7Eo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/de9401-56bb-4813-8f88-fd11bb1cc82d/1/QKqUnTHGaIjLR1jyPdXzEhQd7Eo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
77:f2:f4:9f:07:45:65:15:dc:1f:f7:1d:ce:f0:ea:ed:85:42:
14:01:07:df:0d:87:fe:a6:c9:f9:06:c7:41:5d:b1:d3:58:b8:
7e:2f:e6:71:c8:7a:fb:74:36:16:10:65:85:32:46:ae:23:93:
ea:25:45:f4:12:e5:73:b7:b3:a0:1a:17:13:06:a1:3b:09:36:
91:2e:3f:e1:30:cc:76:64:a8:6e:25:b8:4e:f8:9d:62:00:04:
4b:73:9c:79:a8:72:ad:5d:04:f5:9e:8b:5f:fc:db:7e:28:10:
53:b0:71:e9:c7:89:33:66:73:cc:99:18:fa:bf:8b:29:25:16:
94:a3:32:13:e5:e6:28:0c:39:d4:a0:58:d8:4c:3f:14:99:35:
da:e9:2e:db:a0:62:58:a2:30:df:4a:12:ad:b9:42:51:66:85:
04:8b:19:3d:24:f3:2e:46:81:ce:fb:ec:1d:c6:26:9b:bf:ba:
4f:d5:23:47:30:5d:7d:2c:c3:02:45:ce:36:b3:c7:32:06:71:
4f:d6:90:a5:72:4a:59:9a:7e:20:e3:3d:8f:9f:46:c0:e7:96:
fd:8b:7b:00:ae:6b:b8:af:1a:f1:7a:dd:d8:12:39:ff:d2:28:
0e:0d:da:1c:5e:b6:55:39:98:bc:71:3b:89:f4:15:6c:4e:62:
99:d5:a9:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuSQSapuiBCk8nym4fME1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYWE5NDlkMzFjNjY4ODhjYjQ3NThmMjNkZDVmMzEyMTQx
ZGVjNGEwHhcNMjUxMTExMDcwMjMwWhcNMjUxMTEyMDcwMjMwWjAzMTEwLwYDVQQD
EygxZjEzZGQ3ZDVkNGQ4Mjk2N2M1MzY1M2UyZDQ0NzE1YWM2NjljZWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5v6FTDreNZ5JaWUCeZ3BJ27laOVW
xfk+7oK/1OBv5R28irO/OnVNBgR9j3DP7/Lh+wdwoqIzTP7ppVlXQh2I3QUAJHau
5gYFR9mDwoZBNRYizRz2TOEDBMxjVhsR/Eno7j61b5nTpmEujujKp7Yf5j4i5uh1
VblZq1FgAWJj7uYLPh3u7zse9gV/oL11g5AqC2jzTAaDc8ACycnlMnyaeS6NuKsx
nldBRx8txOXYH+Cfk7p8razxM5FZtHxIgIo2xYKwb4+6QcLDRUUfoZ1bTA33S9bp
t697IsnbdbS6EyoTblSlaV13ypzfnMXJK2dzz0gmuAsGe83c+gGyG6SuTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB8T3X1dTYKWfFNlPi1EcVrGac7oMB8GA1UdIwQY
MBaAFECqlJ0xxmiIy0dY8j3V8xIUHexKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUtxVW5USEdhSWpMUjFqeVBkWHpFaFFkN0VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9kZTk0MDEtNTZiYi00ODEzLThmODgt
ZmQxMWJiMWNjODJkLzEvUUtxVW5USEdhSWpMUjFqeVBkWHpFaFFkN0VvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9kZTk0MDEtNTZiYi00ODEzLThmODgtZmQxMWJiMWNjODJk
LzEvUUtxVW5USEdhSWpMUjFqeVBkWHpFaFFkN0VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd/L0nwdF
ZRXcH/cdzvDq7YVCFAEH3w2H/qbJ+QbHQV2x01i4fi/mcch6+3Q2FhBlhTJGriOT
6iVF9BLlc7ezoBoXEwahOwk2kS4/4TDMdmSobiW4TvidYgAES3OceahyrV0E9Z6L
X/zbfigQU7Bx6ceJM2ZzzJkY+r+LKSUWlKMyE+XmKAw51KBY2Ew/FJk12uku26Bi
WKIw30oSrblCUWaFBIsZPSTzLkaBzvvsHcYmm7+6T9UjRzBdfSzDAkXONrPHMgZx
T9aQpXJKWZp+IOM9j59GwOeW/Yt7AK5ruK8a8Xrd2BI5/9IoDg3aHF62VTmYvHE7
ifQVbE5imdWpww==
-----END CERTIFICATE-----
Generated at Tue Nov 11 16:54:02 2025 by rpki-client