Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/f26514-aef5-4a46-8851-b66300a7f9f1/1/q3kW82CYNO1AFNqMaVs0CnsKWA4.mft
File: q3kW82CYNO1AFNqMaVs0CnsKWA4.mft (raw, json)
Hash identifier: oU+wDH7zra15FzswEaSn61ul7NyMrj5Hptbk49rusFs=
Subject key identifier: 38:0C:17:4C:05:31:F5:E0:8D:54:97:AC:F9:44:5B:04:FC:53:41:F8
Authority key identifier: AB:79:16:F3:60:98:34:ED:40:14:DA:8C:69:5B:34:0A:7B:0A:58:0E
Certificate issuer: /CN=ab7916f3609834ed4014da8c695b340a7b0a580e
Certificate serial: 019A725CBF77537DEC726C28C158E0EE98AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3kW82CYNO1AFNqMaVs0CnsKWA4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/f26514-aef5-4a46-8851-b66300a7f9f1/1/q3kW82CYNO1AFNqMaVs0CnsKWA4.mft
Manifest number: CA
Signing time: Tue 11 Nov 2025 10:01:11 +0000
Manifest this update: Tue 11 Nov 2025 10:01:11 +0000
Manifest next update: Wed 12 Nov 2025 10:01:11 +0000
Files and hashes: 1: BrmKnel9vz9ZJoRYmUMmfv_fkdA.roa (hash: iTZbysj75EFXeStqkEh3kRfDOJLprFh8UOBLsS70Pok=)
2: q3kW82CYNO1AFNqMaVs0CnsKWA4.crl (hash: oW+6JVmCgEzXBSC/+v9T7HaMtIZJLCzZy1ErW0cOIU0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/f26514-aef5-4a46-8851-b66300a7f9f1/1/q3kW82CYNO1AFNqMaVs0CnsKWA4.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/f26514-aef5-4a46-8851-b66300a7f9f1/1/q3kW82CYNO1AFNqMaVs0CnsKWA4.mft
rsync://rpki.ripe.net/repository/DEFAULT/q3kW82CYNO1AFNqMaVs0CnsKWA4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:bf:77:53:7d:ec:72:6c:28:c1:58:e0:ee:98:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab7916f3609834ed4014da8c695b340a7b0a580e
Validity
Not Before: Nov 11 10:01:11 2025 GMT
Not After : Nov 12 10:01:11 2025 GMT
Subject: CN=380c174c0531f5e08d5497acf9445b04fc5341f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:bb:57:fc:08:01:c0:3b:6e:2d:bf:5b:8e:ce:
cf:75:e8:c7:3a:6c:8d:26:1d:ed:ae:14:16:0e:4a:
b3:e8:f3:7d:f1:95:8c:b0:e2:6a:b1:37:a9:30:87:
42:9d:56:5e:31:71:ac:87:e1:8e:21:37:94:75:ba:
71:96:dc:a2:03:f5:9f:84:6d:19:6b:78:b8:5d:8b:
3e:cb:ad:0d:4d:83:12:72:6c:a7:c4:fa:e2:db:9e:
31:a4:8b:dc:93:43:8d:18:ba:6a:0a:2a:d2:bc:91:
15:3b:64:10:33:a1:42:32:ef:d8:f2:d1:41:10:9d:
8c:41:3b:31:69:35:7a:a1:f1:07:1b:95:0d:77:1c:
97:ea:97:9d:e7:3b:17:b7:fe:59:d3:c9:ae:6d:ed:
8e:64:3e:48:e0:08:21:9f:a6:b6:13:9c:1e:94:9b:
1e:d8:ff:43:cc:41:59:0b:c0:96:1a:23:8f:1d:ff:
f2:2f:6c:f3:4b:77:4e:1f:5e:25:c5:cb:b9:eb:cc:
56:df:3d:e4:db:b1:76:62:5d:03:5b:5e:e5:06:10:
d3:ff:74:30:10:c1:66:9a:0c:d6:19:2a:0d:50:4e:
8f:41:9b:d1:54:20:48:12:1c:21:c5:cd:26:f3:45:
ba:b2:50:41:9f:22:4a:a4:59:da:c6:eb:c5:7d:f2:
53:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:0C:17:4C:05:31:F5:E0:8D:54:97:AC:F9:44:5B:04:FC:53:41:F8
X509v3 Authority Key Identifier:
keyid:AB:79:16:F3:60:98:34:ED:40:14:DA:8C:69:5B:34:0A:7B:0A:58:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3kW82CYNO1AFNqMaVs0CnsKWA4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/f26514-aef5-4a46-8851-b66300a7f9f1/1/q3kW82CYNO1AFNqMaVs0CnsKWA4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/f26514-aef5-4a46-8851-b66300a7f9f1/1/q3kW82CYNO1AFNqMaVs0CnsKWA4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
72:13:7d:c0:0c:37:23:3a:9a:ee:26:df:25:a9:f6:97:aa:2a:
66:f6:6b:5c:b7:02:58:63:76:c7:18:ba:3b:49:5d:bd:64:ae:
cf:4a:25:06:0a:e9:6b:ac:84:96:56:80:96:57:90:a7:dc:ce:
7b:df:be:22:77:17:eb:88:f2:bf:48:cf:08:57:45:c4:1f:8b:
a5:e7:2a:bd:e4:ef:54:ab:85:ec:6a:84:8c:2d:95:aa:19:fb:
b7:f4:f3:93:1d:81:3b:08:2c:0d:80:dc:da:4b:67:a1:75:24:
d5:04:72:98:bd:be:b3:67:f1:d0:31:c5:b7:3d:63:aa:14:ff:
8b:66:92:ca:ac:12:1f:dd:9f:23:51:0b:91:31:b9:1f:d7:00:
63:d6:26:7e:0f:5f:37:a5:a2:3c:df:a5:47:a4:5a:e6:6d:4e:
75:35:9c:3a:cc:22:9a:94:04:76:d1:af:6a:79:94:98:6d:c6:
2c:fa:1b:ef:a3:00:6e:a3:e6:e3:4c:8e:15:1a:ac:03:a9:a7:
fd:fc:e6:e7:17:44:05:9f:a3:d5:41:de:30:55:2e:1f:a6:af:
a5:2e:b1:dc:a5:b6:c9:70:52:65:a5:34:d9:72:54:58:48:08:
ce:e4:75:85:03:9b:a5:13:7a:6a:79:f9:7a:19:47:43:66:04:
5a:0e:cf:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXL93U33scmwowVjg7pivMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNzkxNmYzNjA5ODM0ZWQ0MDE0ZGE4YzY5NWIzNDBhN2Iw
YTU4MGUwHhcNMjUxMTExMTAwMTExWhcNMjUxMTEyMTAwMTExWjAzMTEwLwYDVQQD
EygzODBjMTc0YzA1MzFmNWUwOGQ1NDk3YWNmOTQ0NWIwNGZjNTM0MWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLtX/AgBwDtuLb9bjs7PdejHOmyN
Jh3trhQWDkqz6PN98ZWMsOJqsTepMIdCnVZeMXGsh+GOITeUdbpxltyiA/WfhG0Z
a3i4XYs+y60NTYMScmynxPri254xpIvck0ONGLpqCirSvJEVO2QQM6FCMu/Y8tFB
EJ2MQTsxaTV6ofEHG5UNdxyX6ped5zsXt/5Z08mube2OZD5I4Aghn6a2E5welJse
2P9DzEFZC8CWGiOPHf/yL2zzS3dOH14lxcu568xW3z3k27F2Yl0DW17lBhDT/3Qw
EMFmmgzWGSoNUE6PQZvRVCBIEhwhxc0m80W6slBBnyJKpFnaxuvFffJTLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDgMF0wFMfXgjVSXrPlEWwT8U0H4MB8GA1UdIwQY
MBaAFKt5FvNgmDTtQBTajGlbNAp7ClgOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNrVzgyQ1lOTzFBRk5xTWFWczBDbnNLV0E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9mMjY1MTQtYWVmNS00YTQ2LTg4NTEt
YjY2MzAwYTdmOWYxLzEvcTNrVzgyQ1lOTzFBRk5xTWFWczBDbnNLV0E0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9mMjY1MTQtYWVmNS00YTQ2LTg4NTEtYjY2MzAwYTdmOWYx
LzEvcTNrVzgyQ1lOTzFBRk5xTWFWczBDbnNLV0E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAchN9wAw3
Izqa7ibfJan2l6oqZvZrXLcCWGN2xxi6O0ldvWSuz0olBgrpa6yEllaAlleQp9zO
e9++IncX64jyv0jPCFdFxB+LpecqveTvVKuF7GqEjC2Vqhn7t/Tzkx2BOwgsDYDc
2ktnoXUk1QRymL2+s2fx0DHFtz1jqhT/i2aSyqwSH92fI1ELkTG5H9cAY9Ymfg9f
N6WiPN+lR6Ra5m1OdTWcOswimpQEdtGvanmUmG3GLPob76MAbqPm40yOFRqsA6mn
/fzm5xdEBZ+j1UHeMFUuH6avpS6x3KW2yXBSZaU02XJUWEgIzuR1hQObpRN6ann5
ehlHQ2YEWg7PKg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:11:18 2025 by rpki-client