Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/a074e2-66ea-43cc-94a7-b380453267f9/1/QdFPKPmNO9zEXhkibx9WFw4xKr8.mft
File: QdFPKPmNO9zEXhkibx9WFw4xKr8.mft (raw, json)
Hash identifier: blXiaGBWXrA+2a68o7L8xHsU66a6fMJmtcPM6pOn4G0=
Subject key identifier: 9B:F8:8E:05:8A:51:ED:7E:14:D7:BA:95:7E:9A:DC:A9:1D:9A:DB:06
Authority key identifier: 41:D1:4F:28:F9:8D:3B:DC:C4:5E:19:22:6F:1F:56:17:0E:31:2A:BF
Certificate issuer: /CN=41d14f28f98d3bdcc45e19226f1f56170e312abf
Certificate serial: 019A711326EE0CD2F94DBBEF5E2F72E7DC77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QdFPKPmNO9zEXhkibx9WFw4xKr8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/a074e2-66ea-43cc-94a7-b380453267f9/1/QdFPKPmNO9zEXhkibx9WFw4xKr8.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 04:01:11 +0000
Manifest this update: Tue 11 Nov 2025 04:01:11 +0000
Manifest next update: Wed 12 Nov 2025 04:01:11 +0000
Files and hashes: 1: QdFPKPmNO9zEXhkibx9WFw4xKr8.crl (hash: J6WCMJFZLDL6rtcJqNPy4jD9sheOtawWdbstCiQYBKw=)
2: TfT6AZyh9UGWuKPzLXDw4XK7Cjc.roa (hash: 4OX2vbS8uyBAPoRn5NlTz3A25sxN9Wre4w3pzzWneG0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/a074e2-66ea-43cc-94a7-b380453267f9/1/QdFPKPmNO9zEXhkibx9WFw4xKr8.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/a074e2-66ea-43cc-94a7-b380453267f9/1/QdFPKPmNO9zEXhkibx9WFw4xKr8.mft
rsync://rpki.ripe.net/repository/DEFAULT/QdFPKPmNO9zEXhkibx9WFw4xKr8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 04:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:13:26:ee:0c:d2:f9:4d:bb:ef:5e:2f:72:e7:dc:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41d14f28f98d3bdcc45e19226f1f56170e312abf
Validity
Not Before: Nov 11 04:01:11 2025 GMT
Not After : Nov 12 04:01:11 2025 GMT
Subject: CN=9bf88e058a51ed7e14d7ba957e9adca91d9adb06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d9:5c:0e:10:e9:fe:4a:5e:5f:82:d9:0e:51:
67:27:55:72:af:64:c3:93:b4:fd:1b:57:df:99:7d:
5b:4a:1a:62:93:fc:da:e0:7b:8a:0e:0e:d4:b6:29:
61:cf:c3:5d:07:24:de:ac:03:4f:e4:5f:17:11:64:
15:61:38:c8:f1:ef:06:3c:32:dc:60:16:64:15:22:
49:a9:ac:c3:d8:73:aa:46:3a:3f:c6:96:d9:68:95:
15:9d:f0:f1:e8:65:bd:65:06:a7:55:85:68:03:4b:
e3:6b:23:2a:98:63:33:bc:c0:dd:c3:b1:84:94:8a:
c8:a6:65:95:f1:05:c0:ed:19:ba:3b:97:a3:c0:d9:
3a:85:d3:a4:b8:09:c2:71:0e:05:7f:3c:62:cb:21:
93:56:ec:11:3a:be:38:d0:15:b7:19:6b:fa:6b:fe:
c5:df:f4:00:85:bf:e0:51:c2:fa:8b:4a:4e:42:5e:
0a:e4:71:80:61:86:15:f6:c8:f0:74:30:ec:4f:be:
f3:ac:e9:c8:8a:c1:63:2d:2c:c9:ec:73:0f:60:af:
e6:dd:2d:70:57:26:b4:ad:9f:9a:d9:29:bd:e1:2d:
22:20:b1:76:c5:8f:42:02:ad:c0:56:30:9e:ec:eb:
1b:a7:67:12:29:05:11:88:d3:7a:6c:0c:2b:26:81:
e2:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:F8:8E:05:8A:51:ED:7E:14:D7:BA:95:7E:9A:DC:A9:1D:9A:DB:06
X509v3 Authority Key Identifier:
keyid:41:D1:4F:28:F9:8D:3B:DC:C4:5E:19:22:6F:1F:56:17:0E:31:2A:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QdFPKPmNO9zEXhkibx9WFw4xKr8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/a074e2-66ea-43cc-94a7-b380453267f9/1/QdFPKPmNO9zEXhkibx9WFw4xKr8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/a074e2-66ea-43cc-94a7-b380453267f9/1/QdFPKPmNO9zEXhkibx9WFw4xKr8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
74:60:e2:be:7e:92:ef:41:48:80:19:6a:63:73:38:c2:da:2b:
be:b8:cc:7b:a4:da:b4:ee:7c:5a:81:a0:74:49:14:1b:8e:67:
ad:a2:c3:fd:32:52:34:57:4d:b3:1a:78:4a:e5:9c:e0:32:c2:
c8:a1:7f:f4:d8:70:7f:bd:5e:ee:4b:14:28:4b:37:02:08:88:
2d:b0:fa:6d:77:92:2b:9f:a7:c5:eb:2d:b3:bb:b4:a6:03:46:
d8:fa:7c:73:6b:f1:9d:6f:c5:15:5c:bc:61:96:00:97:39:51:
6b:d6:77:9b:04:2e:5c:e0:e9:70:6c:64:f0:dc:4b:cf:a3:51:
96:71:81:a7:1e:a0:a7:80:b1:59:ee:ca:0b:23:f5:2f:21:18:
f6:f4:be:85:d1:61:51:a3:47:96:69:18:7e:db:74:85:ec:5b:
41:fc:02:66:54:bc:11:d1:73:db:72:f0:e5:f4:d8:ea:94:e1:
0d:00:93:ec:56:89:fa:7f:ae:30:f5:32:a3:43:92:9a:ad:25:
82:c9:3c:a1:e0:fd:b9:a5:ac:3c:fe:91:f6:fe:de:3a:0a:44:
f4:b1:b3:b1:6c:9a:e2:22:2c:02:7d:b7:d9:7d:89:07:52:48:
19:17:92:5f:08:f9:10:96:66:67:c4:34:cb:57:d9:b3:70:ca:
fa:1d:bd:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEybuDNL5TbvvXi9y59x3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZDE0ZjI4Zjk4ZDNiZGNjNDVlMTkyMjZmMWY1NjE3MGUz
MTJhYmYwHhcNMjUxMTExMDQwMTExWhcNMjUxMTEyMDQwMTExWjAzMTEwLwYDVQQD
Eyg5YmY4OGUwNThhNTFlZDdlMTRkN2JhOTU3ZTlhZGNhOTFkOWFkYjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9lcDhDp/kpeX4LZDlFnJ1Vyr2TD
k7T9G1ffmX1bShpik/za4HuKDg7Utilhz8NdByTerANP5F8XEWQVYTjI8e8GPDLc
YBZkFSJJqazD2HOqRjo/xpbZaJUVnfDx6GW9ZQanVYVoA0vjayMqmGMzvMDdw7GE
lIrIpmWV8QXA7Rm6O5ejwNk6hdOkuAnCcQ4FfzxiyyGTVuwROr440BW3GWv6a/7F
3/QAhb/gUcL6i0pOQl4K5HGAYYYV9sjwdDDsT77zrOnIisFjLSzJ7HMPYK/m3S1w
Vya0rZ+a2Sm94S0iILF2xY9CAq3AVjCe7Osbp2cSKQURiNN6bAwrJoHiRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJv4jgWKUe1+FNe6lX6a3KkdmtsGMB8GA1UdIwQY
MBaAFEHRTyj5jTvcxF4ZIm8fVhcOMSq/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWRGUEtQbU5POXpFWGhraWJ4OVdGdzR4S3I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9hMDc0ZTItNjZlYS00M2NjLTk0YTct
YjM4MDQ1MzI2N2Y5LzEvUWRGUEtQbU5POXpFWGhraWJ4OVdGdzR4S3I4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9hMDc0ZTItNjZlYS00M2NjLTk0YTctYjM4MDQ1MzI2N2Y5
LzEvUWRGUEtQbU5POXpFWGhraWJ4OVdGdzR4S3I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdGDivn6S
70FIgBlqY3M4wtorvrjMe6TatO58WoGgdEkUG45nraLD/TJSNFdNsxp4SuWc4DLC
yKF/9Nhwf71e7ksUKEs3AgiILbD6bXeSK5+nxests7u0pgNG2Pp8c2vxnW/FFVy8
YZYAlzlRa9Z3mwQuXODpcGxk8NxLz6NRlnGBpx6gp4CxWe7KCyP1LyEY9vS+hdFh
UaNHlmkYftt0hexbQfwCZlS8EdFz23Lw5fTY6pThDQCT7FaJ+n+uMPUyo0OSmq0l
gsk8oeD9uaWsPP6R9v7eOgpE9LGzsWya4iIsAn232X2JB1JIGReSXwj5EJZmZ8Q0
y1fZs3DK+h29bQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:45:11 2025 by rpki-client