Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft
File: KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft (raw, json)
Hash identifier: lPr9cejcgGuP+0q5hQrVx6u6p/gu3ifBh4gE5gMnLRk=
Subject key identifier: B2:CD:33:10:14:DF:38:7A:A1:04:4D:1D:A3:7F:25:39:4F:28:DB:E1
Authority key identifier: 29:01:F5:01:9A:97:0B:A5:BE:0C:75:4D:20:F7:86:71:81:8F:4A:2E
Certificate issuer: /CN=2901f5019a970ba5be0c754d20f78671818f4a2e
Certificate serial: 019A714A2387767B3558F697F7110EAE940D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQH1AZqXC6W-DHVNIPeGcYGPSi4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft
Manifest number: 1721
Signing time: Tue 11 Nov 2025 05:01:15 +0000
Manifest this update: Tue 11 Nov 2025 05:01:15 +0000
Manifest next update: Wed 12 Nov 2025 05:01:15 +0000
Files and hashes: 1: KQH1AZqXC6W-DHVNIPeGcYGPSi4.crl (hash: VZgfADs0EU+HOPgDSzQ4agvIe1CCksNegLQcDJGCoUU=)
2: Ra0sgLWf3JdJbcM4jauXm0fPx4g.roa (hash: ymRkXWhwSlWVwmfkCY22bMBdImNrCEWfsZ+bTko6SjM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft
rsync://rpki.ripe.net/repository/DEFAULT/KQH1AZqXC6W-DHVNIPeGcYGPSi4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:4a:23:87:76:7b:35:58:f6:97:f7:11:0e:ae:94:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2901f5019a970ba5be0c754d20f78671818f4a2e
Validity
Not Before: Nov 11 05:01:15 2025 GMT
Not After : Nov 12 05:01:15 2025 GMT
Subject: CN=b2cd331014df387aa1044d1da37f25394f28dbe1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f1:82:4b:00:80:e1:d7:e5:ce:1d:44:db:51:
9f:81:2e:5a:ab:6b:6c:6d:f3:0e:91:f0:07:fd:23:
11:72:75:cd:e6:20:2c:be:3b:e4:08:ae:2e:f9:ad:
29:03:3f:dd:c4:3c:a6:5e:7d:17:ae:1e:6b:b0:04:
00:6b:52:c4:da:3f:01:f5:79:16:f4:bd:79:c2:97:
e1:97:18:78:84:8c:60:15:d3:05:0b:a6:47:17:39:
66:b5:79:f5:3f:10:df:af:49:5b:52:aa:12:73:cb:
99:1c:17:d3:c1:01:f4:94:81:09:2d:13:51:62:8c:
0b:65:98:80:79:d1:a4:aa:09:95:dd:b6:38:4b:2d:
f8:cc:8b:3c:df:fc:1c:cc:9d:5c:55:0a:7d:d4:0d:
65:1d:c7:1a:48:d8:24:b7:5c:72:fa:65:a7:34:65:
57:f5:5e:9c:e7:6c:1e:d8:e5:c9:14:f5:70:53:a6:
c5:0a:09:f2:46:5f:b3:62:0f:ce:e5:ae:f1:b2:e1:
af:29:8d:83:aa:a0:3f:2d:8f:43:99:8a:db:c0:72:
8c:94:40:9e:7c:8b:0c:ae:f7:95:b2:0e:08:48:5d:
fc:d2:03:9c:8a:f1:06:5e:26:08:45:87:a9:a9:ca:
71:ff:15:3b:ec:55:41:73:a4:d0:dc:90:ff:d7:d9:
49:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:CD:33:10:14:DF:38:7A:A1:04:4D:1D:A3:7F:25:39:4F:28:DB:E1
X509v3 Authority Key Identifier:
keyid:29:01:F5:01:9A:97:0B:A5:BE:0C:75:4D:20:F7:86:71:81:8F:4A:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQH1AZqXC6W-DHVNIPeGcYGPSi4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
87:e9:bb:f3:b3:6d:1d:b0:ce:34:eb:37:ca:3d:da:83:b1:81:
a1:ee:30:31:61:52:5a:20:bd:dc:c9:6a:39:3f:55:99:db:93:
f3:1d:40:60:80:ca:df:46:32:a3:53:e2:df:f1:85:2d:cf:25:
c8:27:3a:1c:9d:36:68:6e:a6:5f:e8:f1:aa:56:8d:85:a2:b2:
55:d8:5e:ff:e2:b4:46:8d:fe:ac:a1:be:49:d0:e9:2b:dd:d7:
b5:38:f5:e7:53:25:63:a6:b8:7e:96:98:14:87:92:87:22:b4:
df:66:9f:4f:e1:f9:4a:03:2d:29:a1:9a:36:6a:e5:46:33:5b:
ea:2b:4b:4b:95:a8:71:92:be:e6:20:db:83:b4:8f:58:92:2f:
2b:7c:e0:b3:27:8c:7d:d4:57:74:a9:69:a8:74:9f:80:d9:c2:
2d:8d:25:90:42:ab:48:2d:c6:8e:b0:50:0e:c6:2f:ba:42:ee:
f5:23:4b:43:50:aa:2e:3d:2d:dd:59:8f:c4:43:cd:aa:ee:a8:
1f:63:7f:f0:f2:1d:df:33:35:b7:5f:43:0f:65:58:79:75:d5:
e6:cc:8e:66:08:a9:eb:bc:0f:d3:ab:a1:73:fc:0e:2e:66:7b:
42:1a:af:23:da:78:62:e9:7b:98:43:9a:e7:ff:24:0c:24:c1:
51:88:ae:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSiOHdns1WPaX9xEOrpQNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDFmNTAxOWE5NzBiYTViZTBjNzU0ZDIwZjc4NjcxODE4
ZjRhMmUwHhcNMjUxMTExMDUwMTE1WhcNMjUxMTEyMDUwMTE1WjAzMTEwLwYDVQQD
EyhiMmNkMzMxMDE0ZGYzODdhYTEwNDRkMWRhMzdmMjUzOTRmMjhkYmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfGCSwCA4dflzh1E21GfgS5aq2ts
bfMOkfAH/SMRcnXN5iAsvjvkCK4u+a0pAz/dxDymXn0Xrh5rsAQAa1LE2j8B9XkW
9L15wpfhlxh4hIxgFdMFC6ZHFzlmtXn1PxDfr0lbUqoSc8uZHBfTwQH0lIEJLRNR
YowLZZiAedGkqgmV3bY4Sy34zIs83/wczJ1cVQp91A1lHccaSNgkt1xy+mWnNGVX
9V6c52we2OXJFPVwU6bFCgnyRl+zYg/O5a7xsuGvKY2DqqA/LY9DmYrbwHKMlECe
fIsMrveVsg4ISF380gOcivEGXiYIRYepqcpx/xU77FVBc6TQ3JD/19lJkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLLNMxAU3zh6oQRNHaN/JTlPKNvhMB8GA1UdIwQY
MBaAFCkB9QGalwulvgx1TSD3hnGBj0ouMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FIMUFacVhDNlctREhWTklQZUdjWUdQU2k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8yN2I2MmUtMzYzOS00ZTc0LWFmZmUt
MmIyZjJiODkwOGNjLzEvS1FIMUFacVhDNlctREhWTklQZUdjWUdQU2k0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8yN2I2MmUtMzYzOS00ZTc0LWFmZmUtMmIyZjJiODkwOGNj
LzEvS1FIMUFacVhDNlctREhWTklQZUdjWUdQU2k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh+m787Nt
HbDONOs3yj3ag7GBoe4wMWFSWiC93MlqOT9VmduT8x1AYIDK30Yyo1Pi3/GFLc8l
yCc6HJ02aG6mX+jxqlaNhaKyVdhe/+K0Ro3+rKG+SdDpK93XtTj151MlY6a4fpaY
FIeShyK032afT+H5SgMtKaGaNmrlRjNb6itLS5WocZK+5iDbg7SPWJIvK3zgsyeM
fdRXdKlpqHSfgNnCLY0lkEKrSC3GjrBQDsYvukLu9SNLQ1CqLj0t3VmPxEPNqu6o
H2N/8PId3zM1t19DD2VYeXXV5syOZgip67wP06uhc/wOLmZ7QhqvI9p4Yul7mEOa
5/8kDCTBUYiuew==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:14:06 2025 by rpki-client