Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/8fc3b0-9704-4751-b149-5a37f6a1bca9/1/Q2gzC-ot_ogP-mL2e1Zq6uLSh_0.mft
File: Q2gzC-ot_ogP-mL2e1Zq6uLSh_0.mft (raw, json)
Hash identifier: PFaMStqSeOw4dpRBpRr75KFGvUUwwfE4KWoIsFVQVJ8=
Subject key identifier: FF:0F:C3:96:91:C5:A9:31:1C:60:BA:6F:96:22:B7:F7:89:0D:63:7A
Authority key identifier: 43:68:33:0B:EA:2D:FE:88:0F:FA:62:F6:7B:56:6A:EA:E2:D2:87:FD
Certificate issuer: /CN=4368330bea2dfe880ffa62f67b566aeae2d287fd
Certificate serial: 019A7301444FB807823E30B7FBC44C7A0D9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q2gzC-ot_ogP-mL2e1Zq6uLSh_0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/8fc3b0-9704-4751-b149-5a37f6a1bca9/1/Q2gzC-ot_ogP-mL2e1Zq6uLSh_0.mft
Manifest number: 144B
Signing time: Tue 11 Nov 2025 13:00:53 +0000
Manifest this update: Tue 11 Nov 2025 13:00:53 +0000
Manifest next update: Wed 12 Nov 2025 13:00:53 +0000
Files and hashes: 1: Q2gzC-ot_ogP-mL2e1Zq6uLSh_0.crl (hash: CDlKlpxb3W3ZajM/4eJAw5tJERkCR178tCoyXU4RCS8=)
2: rz-RdiM9IWT3IB5wGzMs1ZBSN0Y.roa (hash: o6qyEqxDzSGkgBN+te6/IqxauC6oKPYhjWorkJVF6Cw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/8fc3b0-9704-4751-b149-5a37f6a1bca9/1/Q2gzC-ot_ogP-mL2e1Zq6uLSh_0.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/8fc3b0-9704-4751-b149-5a37f6a1bca9/1/Q2gzC-ot_ogP-mL2e1Zq6uLSh_0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q2gzC-ot_ogP-mL2e1Zq6uLSh_0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:01:44:4f:b8:07:82:3e:30:b7:fb:c4:4c:7a:0d:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4368330bea2dfe880ffa62f67b566aeae2d287fd
Validity
Not Before: Nov 11 13:00:53 2025 GMT
Not After : Nov 12 13:00:53 2025 GMT
Subject: CN=ff0fc39691c5a9311c60ba6f9622b7f7890d637a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:4f:37:92:46:3b:cb:c7:b1:f7:51:34:87:50:
49:d9:56:58:b0:15:9d:8f:73:28:21:45:9e:84:33:
42:15:cd:20:8a:cb:43:9e:da:df:b8:72:fb:41:78:
cf:c9:07:36:a5:6e:13:bc:6e:ca:a6:4c:bc:b5:7b:
40:8b:13:5e:05:61:19:cb:77:18:e8:0d:f6:3b:fa:
c4:50:d1:ee:89:2c:9b:26:31:1e:cb:10:b7:d5:f5:
f3:63:8e:cb:60:a1:fd:03:e0:eb:b4:57:70:c3:b9:
ae:54:84:be:33:e9:01:18:a4:38:c7:8b:7a:5d:e2:
53:4a:c7:45:df:ee:2f:b4:46:a2:53:96:6c:be:b1:
9c:55:86:d2:37:b5:97:c5:f6:54:c6:10:7d:0d:41:
91:18:3a:c7:5f:10:8c:ab:5f:6f:60:2b:0e:2c:b5:
3f:72:5a:a2:2d:f5:2b:ff:3d:aa:76:49:b8:61:67:
61:f9:5d:31:8d:46:a7:9f:98:30:d5:c6:72:65:87:
06:db:58:f1:70:21:0d:cb:30:a9:55:33:08:dc:5c:
32:ba:2a:9f:e6:ea:b5:85:84:c3:fc:ee:aa:f4:45:
69:50:66:ff:e3:50:95:67:33:f9:a7:54:ff:b9:c5:
5b:6a:d4:30:7b:9e:68:dd:b5:85:e5:c1:88:ba:41:
93:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:0F:C3:96:91:C5:A9:31:1C:60:BA:6F:96:22:B7:F7:89:0D:63:7A
X509v3 Authority Key Identifier:
keyid:43:68:33:0B:EA:2D:FE:88:0F:FA:62:F6:7B:56:6A:EA:E2:D2:87:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q2gzC-ot_ogP-mL2e1Zq6uLSh_0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/8fc3b0-9704-4751-b149-5a37f6a1bca9/1/Q2gzC-ot_ogP-mL2e1Zq6uLSh_0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/8fc3b0-9704-4751-b149-5a37f6a1bca9/1/Q2gzC-ot_ogP-mL2e1Zq6uLSh_0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
30:d0:a6:92:87:b9:8c:37:ed:78:66:92:01:d2:90:f6:f2:a1:
18:21:df:96:41:63:ee:8d:ff:b6:02:1b:ec:f8:2d:7f:d0:3b:
1b:b0:c5:82:d6:2d:9a:95:ed:49:d5:8a:f7:a5:15:3a:b6:fa:
c5:83:5c:22:af:6d:f9:9b:ec:50:75:e8:c6:52:00:71:59:98:
0c:dd:93:f7:64:a5:59:75:02:63:72:e4:3d:cb:23:12:ed:b6:
40:f5:cf:83:07:07:4c:9f:97:03:18:34:4f:bc:0b:02:64:6e:
96:1b:3b:e3:d4:12:e4:41:93:89:c2:15:2d:5d:75:7e:04:d7:
7d:11:27:d1:cb:d3:a6:3d:11:08:6e:ab:ee:1d:87:f1:5e:c7:
1a:6b:ba:39:f9:5e:9c:a5:62:53:4c:76:81:69:67:d2:75:81:
5c:ac:d9:6d:82:66:40:74:fe:ad:b6:e2:7a:53:8a:3a:d7:52:
7d:b8:d4:f9:d3:7e:5d:47:d2:d3:47:94:4c:95:d0:e0:da:0e:
e9:9a:84:d1:cb:fd:2a:16:c6:81:ff:d8:bf:cd:fc:fe:71:3f:
1d:54:38:cd:28:7b:f3:5f:99:e6:32:fb:80:a4:cc:bd:a5:a1:
ae:fa:34:72:ee:61:a7:ca:9b:fe:ab:9b:d7:1d:28:99:93:2a:
23:c4:ab:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzAURPuAeCPjC3+8RMeg2fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNjgzMzBiZWEyZGZlODgwZmZhNjJmNjdiNTY2YWVhZTJk
Mjg3ZmQwHhcNMjUxMTExMTMwMDUzWhcNMjUxMTEyMTMwMDUzWjAzMTEwLwYDVQQD
EyhmZjBmYzM5NjkxYzVhOTMxMWM2MGJhNmY5NjIyYjdmNzg5MGQ2MzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuk83kkY7y8ex91E0h1BJ2VZYsBWd
j3MoIUWehDNCFc0gistDntrfuHL7QXjPyQc2pW4TvG7Kpky8tXtAixNeBWEZy3cY
6A32O/rEUNHuiSybJjEeyxC31fXzY47LYKH9A+DrtFdww7muVIS+M+kBGKQ4x4t6
XeJTSsdF3+4vtEaiU5ZsvrGcVYbSN7WXxfZUxhB9DUGRGDrHXxCMq19vYCsOLLU/
clqiLfUr/z2qdkm4YWdh+V0xjUann5gw1cZyZYcG21jxcCENyzCpVTMI3Fwyuiqf
5uq1hYTD/O6q9EVpUGb/41CVZzP5p1T/ucVbatQwe55o3bWF5cGIukGT6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP8Pw5aRxakxHGC6b5Yit/eJDWN6MB8GA1UdIwQY
MBaAFENoMwvqLf6ID/pi9ntWauri0of9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTJnekMtb3Rfb2dQLW1MMmUxWnE2dUxTaF8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS84ZmMzYjAtOTcwNC00NzUxLWIxNDkt
NWEzN2Y2YTFiY2E5LzEvUTJnekMtb3Rfb2dQLW1MMmUxWnE2dUxTaF8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS84ZmMzYjAtOTcwNC00NzUxLWIxNDktNWEzN2Y2YTFiY2E5
LzEvUTJnekMtb3Rfb2dQLW1MMmUxWnE2dUxTaF8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMNCmkoe5
jDfteGaSAdKQ9vKhGCHflkFj7o3/tgIb7Pgtf9A7G7DFgtYtmpXtSdWK96UVOrb6
xYNcIq9t+ZvsUHXoxlIAcVmYDN2T92SlWXUCY3LkPcsjEu22QPXPgwcHTJ+XAxg0
T7wLAmRulhs749QS5EGTicIVLV11fgTXfREn0cvTpj0RCG6r7h2H8V7HGmu6Ofle
nKViU0x2gWln0nWBXKzZbYJmQHT+rbbielOKOtdSfbjU+dN+XUfS00eUTJXQ4NoO
6ZqE0cv9KhbGgf/Yv838/nE/HVQ4zSh781+Z5jL7gKTMvaWhrvo0cu5hp8qb/qub
1x0omZMqI8SrqA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:26:45 2025 by rpki-client