Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/709e07-47d5-4720-b777-c6bca01b2ff8/1/qMbzkzUMd1mMEhrNPJL3BIV274k.mft
File: qMbzkzUMd1mMEhrNPJL3BIV274k.mft (raw, json)
Hash identifier: OQrGEbXiAnGgpUvo1zhBhGZWJV9LdpqI3RnEI02D1TM=
Subject key identifier: 74:4D:D6:D6:65:68:35:97:5C:FD:70:81:CD:FF:91:00:E8:5F:26:91
Authority key identifier: A8:C6:F3:93:35:0C:77:59:8C:12:1A:CD:3C:92:F7:04:85:76:EF:89
Certificate issuer: /CN=a8c6f393350c77598c121acd3c92f7048576ef89
Certificate serial: 019A71B7C9FDCA7BE84528CCE416B004BD6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qMbzkzUMd1mMEhrNPJL3BIV274k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/709e07-47d5-4720-b777-c6bca01b2ff8/1/qMbzkzUMd1mMEhrNPJL3BIV274k.mft
Manifest number: 0E55
Signing time: Tue 11 Nov 2025 07:01:01 +0000
Manifest this update: Tue 11 Nov 2025 07:01:01 +0000
Manifest next update: Wed 12 Nov 2025 07:01:01 +0000
Files and hashes: 1: eOh7otVHHrYHGXBG7XugLjFkG3I.roa (hash: jBij6Zpdi8PdzGdFEr+QptijCvWCfUOl+3jki1c2vMs=)
2: lCDqNprGOb5vTF01oJ8hwQqZCRE.roa (hash: mFZkrlVA4mVLiefirb6z2hXCAJmumM9YtxbYwU/yy10=)
3: qMbzkzUMd1mMEhrNPJL3BIV274k.crl (hash: x6fJsccHtjVTn1Ev6nd59KactaNEsoMgoJtX+qNOjBg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/709e07-47d5-4720-b777-c6bca01b2ff8/1/qMbzkzUMd1mMEhrNPJL3BIV274k.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/709e07-47d5-4720-b777-c6bca01b2ff8/1/qMbzkzUMd1mMEhrNPJL3BIV274k.mft
rsync://rpki.ripe.net/repository/DEFAULT/qMbzkzUMd1mMEhrNPJL3BIV274k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:c9:fd:ca:7b:e8:45:28:cc:e4:16:b0:04:bd:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8c6f393350c77598c121acd3c92f7048576ef89
Validity
Not Before: Nov 11 07:01:01 2025 GMT
Not After : Nov 12 07:01:01 2025 GMT
Subject: CN=744dd6d6656835975cfd7081cdff9100e85f2691
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:3a:98:5e:d3:76:65:b1:5e:81:4c:5b:02:89:
38:c2:8d:e6:d8:0a:5d:9a:8f:43:21:50:f3:63:4b:
bf:89:48:d9:d2:3d:fa:83:58:d4:d0:b5:75:b6:b9:
fe:ab:b0:8b:4b:dc:96:b8:c8:d8:4a:55:06:83:a5:
7a:4e:aa:ba:b8:07:e4:5d:5c:d1:76:73:0d:e7:ed:
f3:d7:35:f4:76:15:77:37:43:70:0a:9b:bf:e8:11:
84:b9:59:24:26:58:e8:ca:7b:18:a9:67:66:f7:de:
1d:07:27:19:2b:00:40:d3:9d:92:64:a1:a9:c5:d9:
c4:fd:70:19:f3:cd:34:ce:5d:b4:d0:39:4e:27:b1:
d1:aa:2f:9f:f3:49:22:00:c3:32:00:32:51:08:ad:
11:b3:7a:04:08:4f:75:45:99:eb:89:04:86:16:31:
06:78:2b:21:95:95:60:71:cb:a3:cc:84:2c:59:38:
32:e6:92:79:d6:c4:4c:3f:6c:25:fd:61:06:af:12:
32:d4:c7:3b:09:61:72:29:1b:f7:bb:70:f9:04:5b:
07:04:08:60:4a:91:d3:15:d0:af:73:83:93:52:c4:
8b:ac:c1:91:81:5f:4b:52:fa:fe:04:28:50:d2:e3:
28:80:fc:8c:c5:6f:72:c9:3d:33:31:e2:d8:fe:72:
e5:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:4D:D6:D6:65:68:35:97:5C:FD:70:81:CD:FF:91:00:E8:5F:26:91
X509v3 Authority Key Identifier:
keyid:A8:C6:F3:93:35:0C:77:59:8C:12:1A:CD:3C:92:F7:04:85:76:EF:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qMbzkzUMd1mMEhrNPJL3BIV274k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/709e07-47d5-4720-b777-c6bca01b2ff8/1/qMbzkzUMd1mMEhrNPJL3BIV274k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/709e07-47d5-4720-b777-c6bca01b2ff8/1/qMbzkzUMd1mMEhrNPJL3BIV274k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
17:76:76:d5:17:18:7b:34:28:37:8f:cc:cc:06:f2:61:d3:70:
2a:19:b5:69:14:d9:a9:9c:1d:05:e2:99:3d:1c:29:e4:df:39:
d9:29:8f:73:f2:0b:40:b2:b4:73:77:69:5a:fe:0d:28:8b:dc:
cd:6b:87:d1:0e:85:95:cb:e5:d1:43:7e:c8:ae:60:31:dd:0d:
08:7b:28:14:06:f8:34:2a:7f:68:1b:d4:17:9f:5d:e6:3c:c2:
b3:15:eb:8e:ea:a0:6a:9c:94:82:3d:9f:60:ed:3c:95:a7:4e:
a5:45:0e:9b:3e:b4:91:88:c5:55:c4:14:5e:3d:7a:2f:75:35:
b7:40:6b:54:01:25:4e:3b:ac:fd:2a:7d:2a:a6:a4:02:52:b0:
3c:90:f9:44:ed:13:55:ea:75:f6:cf:c5:59:fe:cf:ff:1b:cc:
89:4b:a2:bd:8e:38:89:b6:a0:27:01:02:9c:35:d9:73:08:97:
e5:75:c6:40:8c:41:ec:cb:5f:cd:c7:20:77:e7:09:52:3e:23:
06:74:68:c3:a6:65:9e:e8:c4:4b:95:7e:f8:be:3c:f9:68:22:
87:a9:c7:f7:db:9e:5e:19:c5:2c:dd:a8:90:a4:5f:a0:c7:42:
c4:b7:c4:19:ac:4d:1f:f5:91:cc:03:f1:b7:26:39:9d:c7:46:
e8:b8:16:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt8n9ynvoRSjM5BawBL1rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4YzZmMzkzMzUwYzc3NTk4YzEyMWFjZDNjOTJmNzA0ODU3
NmVmODkwHhcNMjUxMTExMDcwMTAxWhcNMjUxMTEyMDcwMTAxWjAzMTEwLwYDVQQD
Eyg3NDRkZDZkNjY1NjgzNTk3NWNmZDcwODFjZGZmOTEwMGU4NWYyNjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDqYXtN2ZbFegUxbAok4wo3m2Apd
mo9DIVDzY0u/iUjZ0j36g1jU0LV1trn+q7CLS9yWuMjYSlUGg6V6Tqq6uAfkXVzR
dnMN5+3z1zX0dhV3N0NwCpu/6BGEuVkkJljoynsYqWdm994dBycZKwBA052SZKGp
xdnE/XAZ8800zl200DlOJ7HRqi+f80kiAMMyADJRCK0Rs3oECE91RZnriQSGFjEG
eCshlZVgccujzIQsWTgy5pJ51sRMP2wl/WEGrxIy1Mc7CWFyKRv3u3D5BFsHBAhg
SpHTFdCvc4OTUsSLrMGRgV9LUvr+BChQ0uMogPyMxW9yyT0zMeLY/nLl8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHRN1tZlaDWXXP1wgc3/kQDoXyaRMB8GA1UdIwQY
MBaAFKjG85M1DHdZjBIazTyS9wSFdu+JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcU1iemt6VU1kMW1NRWhyTlBKTDNCSVYyNzRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS83MDllMDctNDdkNS00NzIwLWI3Nzct
YzZiY2EwMWIyZmY4LzEvcU1iemt6VU1kMW1NRWhyTlBKTDNCSVYyNzRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS83MDllMDctNDdkNS00NzIwLWI3NzctYzZiY2EwMWIyZmY4
LzEvcU1iemt6VU1kMW1NRWhyTlBKTDNCSVYyNzRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF3Z21RcY
ezQoN4/MzAbyYdNwKhm1aRTZqZwdBeKZPRwp5N852SmPc/ILQLK0c3dpWv4NKIvc
zWuH0Q6Flcvl0UN+yK5gMd0NCHsoFAb4NCp/aBvUF59d5jzCsxXrjuqgapyUgj2f
YO08ladOpUUOmz60kYjFVcQUXj16L3U1t0BrVAElTjus/Sp9KqakAlKwPJD5RO0T
Vep19s/FWf7P/xvMiUuivY44ibagJwECnDXZcwiX5XXGQIxB7Mtfzccgd+cJUj4j
BnRow6ZlnujES5V++L48+Wgih6nH99ueXhnFLN2okKRfoMdCxLfEGaxNH/WRzAPx
tyY5ncdG6LgWYQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:11:23 2025 by rpki-client