Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.mft
File: qvNQYhzAHooe03KB3zKwlxy95Vc.mft (raw, json)
Hash identifier: oItdL+he+1HNcgsoVyuyf80JctF1lCm36b4U/f/rra4=
Subject key identifier: E0:1B:24:BD:6E:DA:FE:A5:90:1B:BA:5B:6E:4A:E7:40:B0:8B:F5:D4
Authority key identifier: AA:F3:50:62:1C:C0:1E:8A:1E:D3:72:81:DF:32:B0:97:1C:BD:E5:57
Certificate issuer: /CN=aaf350621cc01e8a1ed37281df32b0971cbde557
Certificate serial: 019A7225E10A3AC00B6BE4843CE2B195A653
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qvNQYhzAHooe03KB3zKwlxy95Vc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.mft
Manifest number: 171C
Signing time: Tue 11 Nov 2025 09:01:16 +0000
Manifest this update: Tue 11 Nov 2025 09:01:16 +0000
Manifest next update: Wed 12 Nov 2025 09:01:16 +0000
Files and hashes: 1: qvNQYhzAHooe03KB3zKwlxy95Vc.crl (hash: RQ3MoSZc25DHH/SDwdJpJh2tbNNAua3xINh38bsORwY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.mft
rsync://rpki.ripe.net/repository/DEFAULT/qvNQYhzAHooe03KB3zKwlxy95Vc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:e1:0a:3a:c0:0b:6b:e4:84:3c:e2:b1:95:a6:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aaf350621cc01e8a1ed37281df32b0971cbde557
Validity
Not Before: Nov 11 09:01:16 2025 GMT
Not After : Nov 12 09:01:16 2025 GMT
Subject: CN=e01b24bd6edafea5901bba5b6e4ae740b08bf5d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:14:e6:ae:98:94:89:c8:1a:68:96:91:5f:93:
9a:40:51:7c:b0:c8:83:b1:f1:4d:bb:30:7d:25:c7:
11:33:50:3c:f2:d2:d4:b1:b2:7e:98:a7:a0:e7:0d:
fd:7c:17:e3:d8:b5:0f:fe:4d:18:3e:85:90:8e:1d:
1d:bd:23:1d:db:90:5d:e8:c9:fe:b5:7e:32:8c:76:
06:0b:b2:19:83:d8:f8:8b:1e:12:26:55:f8:23:c0:
af:de:9a:b3:92:a1:e5:c5:7a:6b:1a:19:24:cc:0e:
b4:bb:79:48:3e:f3:d3:e3:03:9a:04:71:0a:8a:cf:
05:55:f6:0f:33:60:d6:63:82:eb:1d:15:ee:0b:a7:
b5:bb:12:15:4b:ae:15:39:c0:2c:2a:61:09:3f:f3:
8d:f6:a2:c9:a0:3b:02:39:6d:b5:4a:01:14:c3:38:
c7:98:93:e8:13:59:53:0a:90:f5:53:39:4e:85:6a:
ae:a1:10:78:49:49:12:26:47:b3:1e:69:13:9b:43:
79:7a:1c:80:93:4b:e8:d1:19:92:05:1f:24:47:0c:
19:42:45:8b:e7:f0:2b:34:1f:50:1b:dc:ce:2d:6c:
ab:d4:55:22:94:df:e3:c3:b7:c3:58:b4:21:7e:ef:
75:2d:3c:04:ca:0f:f6:7e:94:6f:2c:65:71:a6:81:
fe:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:1B:24:BD:6E:DA:FE:A5:90:1B:BA:5B:6E:4A:E7:40:B0:8B:F5:D4
X509v3 Authority Key Identifier:
keyid:AA:F3:50:62:1C:C0:1E:8A:1E:D3:72:81:DF:32:B0:97:1C:BD:E5:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qvNQYhzAHooe03KB3zKwlxy95Vc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
75:f0:1c:0a:a9:00:de:ab:9b:ca:9b:7a:3a:7f:de:4b:bf:35:
55:66:27:5c:b3:71:f5:70:0e:de:be:50:c3:b7:11:27:7a:4d:
fd:28:e3:d3:6f:52:5d:5f:5a:1e:07:af:d6:8c:41:89:ed:e8:
d5:b7:bd:50:f3:63:d0:be:a1:9a:4b:cd:21:41:91:e0:be:2c:
9d:eb:0f:39:ee:2c:6b:c3:f2:b2:f7:58:fe:0e:ac:be:59:bf:
61:5d:07:57:72:41:1c:80:e1:7d:9a:ea:53:42:c4:4d:d1:2b:
91:3d:df:80:b9:9a:46:cf:c2:85:aa:69:c9:8e:3a:1d:99:6e:
f6:f7:30:dd:2c:7c:64:4b:c9:6d:c8:da:5d:1a:b1:4b:27:f4:
33:33:5e:56:1e:7c:e8:c7:82:25:6b:60:1a:94:fd:fb:0d:59:
eb:ce:e1:53:bd:ad:32:c6:af:51:25:17:aa:d8:2c:9c:b9:73:
70:37:bf:47:65:b5:2a:fc:c6:4a:cb:be:46:0b:1b:35:d0:f9:
6e:58:80:cd:bc:20:12:e3:c5:00:6d:f5:79:8d:10:41:28:e4:
48:e3:14:80:15:e2:5e:f2:68:d3:4e:eb:87:07:bd:c8:c4:2b:
e7:96:72:aa:96:18:7d:86:18:f6:82:b7:7a:2c:00:8f:c4:a6:
7d:7d:59:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJeEKOsALa+SEPOKxlaZTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhZjM1MDYyMWNjMDFlOGExZWQzNzI4MWRmMzJiMDk3MWNi
ZGU1NTcwHhcNMjUxMTExMDkwMTE2WhcNMjUxMTEyMDkwMTE2WjAzMTEwLwYDVQQD
EyhlMDFiMjRiZDZlZGFmZWE1OTAxYmJhNWI2ZTRhZTc0MGIwOGJmNWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzBTmrpiUicgaaJaRX5OaQFF8sMiD
sfFNuzB9JccRM1A88tLUsbJ+mKeg5w39fBfj2LUP/k0YPoWQjh0dvSMd25Bd6Mn+
tX4yjHYGC7IZg9j4ix4SJlX4I8Cv3pqzkqHlxXprGhkkzA60u3lIPvPT4wOaBHEK
is8FVfYPM2DWY4LrHRXuC6e1uxIVS64VOcAsKmEJP/ON9qLJoDsCOW21SgEUwzjH
mJPoE1lTCpD1UzlOhWquoRB4SUkSJkezHmkTm0N5ehyAk0vo0RmSBR8kRwwZQkWL
5/ArNB9QG9zOLWyr1FUilN/jw7fDWLQhfu91LTwEyg/2fpRvLGVxpoH+lwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOAbJL1u2v6lkBu6W25K50Cwi/XUMB8GA1UdIwQY
MBaAFKrzUGIcwB6KHtNygd8ysJccveVXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXZOUVloekFIb29lMDNLQjN6S3dseHk5NVZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9mODEyYzctYTg1ZC00MDQwLThiOTkt
NzVhOGIwOTc0ZTIwLzEvcXZOUVloekFIb29lMDNLQjN6S3dseHk5NVZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9mODEyYzctYTg1ZC00MDQwLThiOTktNzVhOGIwOTc0ZTIw
LzEvcXZOUVloekFIb29lMDNLQjN6S3dseHk5NVZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdfAcCqkA
3qubypt6On/eS781VWYnXLNx9XAO3r5Qw7cRJ3pN/Sjj029SXV9aHgev1oxBie3o
1be9UPNj0L6hmkvNIUGR4L4snesPOe4sa8PysvdY/g6svlm/YV0HV3JBHIDhfZrq
U0LETdErkT3fgLmaRs/ChappyY46HZlu9vcw3Sx8ZEvJbcjaXRqxSyf0MzNeVh58
6MeCJWtgGpT9+w1Z687hU72tMsavUSUXqtgsnLlzcDe/R2W1KvzGSsu+RgsbNdD5
bliAzbwgEuPFAG31eY0QQSjkSOMUgBXiXvJo007rhwe9yMQr55ZyqpYYfYYY9oK3
eiwAj8SmfX1ZmQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:14:07 2025 by rpki-client