Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/d8e184-e79b-47fe-96dc-5ba4235ce619/1/qnD7s9sihDfWBXmaxPRZjSLhPhs.mft
File: qnD7s9sihDfWBXmaxPRZjSLhPhs.mft (raw, json)
Hash identifier: ja/vOs0TiqtRG4YOZNbIY0QsbynkIATVmCGTIw8OMX4=
Subject key identifier: 3B:DD:CF:E5:B7:02:95:BF:9D:41:D5:03:B2:CB:12:09:ED:B9:D8:F1
Authority key identifier: AA:70:FB:B3:DB:22:84:37:D6:05:79:9A:C4:F4:59:8D:22:E1:3E:1B
Certificate issuer: /CN=aa70fbb3db228437d605799ac4f4598d22e13e1b
Certificate serial: 019A71B849C2131949707139A35CAA1876D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qnD7s9sihDfWBXmaxPRZjSLhPhs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/d8e184-e79b-47fe-96dc-5ba4235ce619/1/qnD7s9sihDfWBXmaxPRZjSLhPhs.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 07:01:34 +0000
Manifest this update: Tue 11 Nov 2025 07:01:34 +0000
Manifest next update: Wed 12 Nov 2025 07:01:34 +0000
Files and hashes: 1: JDPCHXAUbfBXZ-JAE6cFE-tGXMI.roa (hash: bOxTgT+7J9XF4HocPumdm4M3ak6meIWnJq5cg5Hpmfs=)
2: qnD7s9sihDfWBXmaxPRZjSLhPhs.crl (hash: rOxEkIRWc9kANAgAWyJsTU+L+NR49hXzn3eJqTLJS4w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/d8e184-e79b-47fe-96dc-5ba4235ce619/1/qnD7s9sihDfWBXmaxPRZjSLhPhs.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/d8e184-e79b-47fe-96dc-5ba4235ce619/1/qnD7s9sihDfWBXmaxPRZjSLhPhs.mft
rsync://rpki.ripe.net/repository/DEFAULT/qnD7s9sihDfWBXmaxPRZjSLhPhs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:49:c2:13:19:49:70:71:39:a3:5c:aa:18:76:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa70fbb3db228437d605799ac4f4598d22e13e1b
Validity
Not Before: Nov 11 07:01:34 2025 GMT
Not After : Nov 12 07:01:34 2025 GMT
Subject: CN=3bddcfe5b70295bf9d41d503b2cb1209edb9d8f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:32:fc:5f:1b:08:5b:85:dc:ac:3d:80:77:68:
d8:b0:85:b2:13:61:d6:94:58:9e:ce:57:eb:46:7b:
fc:34:df:ec:c9:54:ca:0b:29:65:aa:11:00:dd:ec:
95:3d:8c:bc:85:eb:93:69:84:72:76:0f:aa:84:0b:
69:2d:f5:6f:a2:82:23:4c:a3:ab:06:d8:7f:21:37:
cc:88:5b:61:51:be:f1:c9:fd:cf:d2:a4:04:26:03:
7d:24:b9:78:09:b6:f5:f5:34:1a:a0:b2:54:bf:7f:
2a:13:7b:eb:26:9d:ec:58:07:d5:f6:c4:45:56:46:
14:aa:d6:5e:5a:ec:67:d5:cd:f2:00:26:b2:65:b8:
85:18:fa:3b:56:88:5d:b0:d2:11:a3:0f:8a:be:55:
57:d8:09:92:60:3b:bd:85:ba:a0:18:19:2d:0c:25:
c1:35:aa:da:ee:25:79:96:e0:1e:05:a7:74:2d:94:
43:d6:26:1e:6e:67:10:48:02:05:a7:3b:80:dd:a6:
2f:a2:6c:c6:42:09:91:13:b9:ab:1f:74:7a:bc:95:
65:80:cb:09:59:5c:e4:94:60:22:38:ef:8a:d1:c5:
90:b1:90:26:75:9d:b1:47:98:ed:8c:b4:a7:a0:de:
39:cb:67:e9:a0:da:70:ab:f3:d5:a2:af:5a:30:4e:
1d:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:DD:CF:E5:B7:02:95:BF:9D:41:D5:03:B2:CB:12:09:ED:B9:D8:F1
X509v3 Authority Key Identifier:
keyid:AA:70:FB:B3:DB:22:84:37:D6:05:79:9A:C4:F4:59:8D:22:E1:3E:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qnD7s9sihDfWBXmaxPRZjSLhPhs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/d8e184-e79b-47fe-96dc-5ba4235ce619/1/qnD7s9sihDfWBXmaxPRZjSLhPhs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/d8e184-e79b-47fe-96dc-5ba4235ce619/1/qnD7s9sihDfWBXmaxPRZjSLhPhs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
51:ae:98:13:e1:9c:9a:4d:c7:3d:63:f0:cf:1f:9b:75:2c:e6:
4f:26:22:13:c3:41:bd:27:91:20:84:e1:25:a1:7e:34:71:f8:
89:02:34:4d:3a:a1:41:c5:7a:7d:15:a6:e6:5f:f0:34:2b:b5:
a3:52:5c:da:42:c7:a6:c9:da:85:0d:d6:fb:df:1e:5f:be:20:
ae:7e:95:87:70:aa:aa:f8:6e:f3:cc:d2:82:b2:60:02:7f:a6:
63:63:0f:b6:45:a6:2a:bc:30:c5:76:60:cb:18:b9:e9:1b:5a:
35:7e:02:23:d5:b0:83:8d:ed:dc:a0:aa:25:5e:72:16:8e:9f:
96:8b:6f:1c:e4:75:58:12:c4:47:dc:d9:9b:25:ab:bb:57:dc:
00:ed:cd:a1:31:5a:5c:60:74:c8:76:32:54:56:7b:6d:a4:57:
38:a8:13:29:99:3d:4c:e5:9e:c7:b6:9d:88:1d:53:72:23:6f:
49:66:16:0d:34:36:ea:3c:64:13:df:7f:ca:a7:ea:9d:8f:e6:
ab:85:0f:27:75:26:b5:75:fc:f5:8a:36:49:e9:9d:d1:83:83:
31:1e:d5:05:be:67:74:69:d4:d2:2d:90:eb:4e:a6:8a:c1:49:
14:4b:db:b9:76:ac:d1:74:0c:1d:f9:c1:9c:8d:f3:1c:b1:0a:
82:5b:d3:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuEnCExlJcHE5o1yqGHbQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNzBmYmIzZGIyMjg0MzdkNjA1Nzk5YWM0ZjQ1OThkMjJl
MTNlMWIwHhcNMjUxMTExMDcwMTM0WhcNMjUxMTEyMDcwMTM0WjAzMTEwLwYDVQQD
EygzYmRkY2ZlNWI3MDI5NWJmOWQ0MWQ1MDNiMmNiMTIwOWVkYjlkOGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDL8XxsIW4XcrD2Ad2jYsIWyE2HW
lFiezlfrRnv8NN/syVTKCyllqhEA3eyVPYy8heuTaYRydg+qhAtpLfVvooIjTKOr
Bth/ITfMiFthUb7xyf3P0qQEJgN9JLl4Cbb19TQaoLJUv38qE3vrJp3sWAfV9sRF
VkYUqtZeWuxn1c3yACayZbiFGPo7VohdsNIRow+KvlVX2AmSYDu9hbqgGBktDCXB
Nara7iV5luAeBad0LZRD1iYebmcQSAIFpzuA3aYvomzGQgmRE7mrH3R6vJVlgMsJ
WVzklGAiOO+K0cWQsZAmdZ2xR5jtjLSnoN45y2fpoNpwq/PVoq9aME4d0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDvdz+W3ApW/nUHVA7LLEgntudjxMB8GA1UdIwQY
MBaAFKpw+7PbIoQ31gV5msT0WY0i4T4bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW5EN3M5c2loRGZXQlhtYXhQUlpqU0xoUGhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9kOGUxODQtZTc5Yi00N2ZlLTk2ZGMt
NWJhNDIzNWNlNjE5LzEvcW5EN3M5c2loRGZXQlhtYXhQUlpqU0xoUGhzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9kOGUxODQtZTc5Yi00N2ZlLTk2ZGMtNWJhNDIzNWNlNjE5
LzEvcW5EN3M5c2loRGZXQlhtYXhQUlpqU0xoUGhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUa6YE+Gc
mk3HPWPwzx+bdSzmTyYiE8NBvSeRIIThJaF+NHH4iQI0TTqhQcV6fRWm5l/wNCu1
o1Jc2kLHpsnahQ3W+98eX74grn6Vh3Cqqvhu88zSgrJgAn+mY2MPtkWmKrwwxXZg
yxi56RtaNX4CI9Wwg43t3KCqJV5yFo6flotvHOR1WBLER9zZmyWru1fcAO3NoTFa
XGB0yHYyVFZ7baRXOKgTKZk9TOWex7adiB1TciNvSWYWDTQ26jxkE99/yqfqnY/m
q4UPJ3UmtXX89Yo2Semd0YODMR7VBb5ndGnU0i2Q606misFJFEvbuXas0XQMHfnB
nI3zHLEKglvTNg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:20:19 2025 by rpki-client