Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/f26514-aef5-4a46-8851-b66300a7f9f1/1/q3kW82CYNO1AFNqMaVs0CnsKWA4.mft
File: q3kW82CYNO1AFNqMaVs0CnsKWA4.mft (raw, json)
Hash identifier: 5hM8L0fBumFDWs1xI5W4trq4/6km/r6nKAUkEZxQy/0=
Subject key identifier: 9F:33:8F:B1:06:8A:33:6F:09:1E:CF:A1:99:11:B8:F8:7B:59:88:92
Authority key identifier: AB:79:16:F3:60:98:34:ED:40:14:DA:8C:69:5B:34:0A:7B:0A:58:0E
Certificate issuer: /CN=ab7916f3609834ed4014da8c695b340a7b0a580e
Certificate serial: 01992255E68B3C763345E38B865B104F95A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3kW82CYNO1AFNqMaVs0CnsKWA4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/f26514-aef5-4a46-8851-b66300a7f9f1/1/q3kW82CYNO1AFNqMaVs0CnsKWA4.mft
Manifest number: 1C
Signing time: Sun 07 Sep 2025 04:01:18 +0000
Manifest this update: Sun 07 Sep 2025 04:01:18 +0000
Manifest next update: Mon 08 Sep 2025 04:01:18 +0000
Files and hashes: 1: BrmKnel9vz9ZJoRYmUMmfv_fkdA.roa (hash: iTZbysj75EFXeStqkEh3kRfDOJLprFh8UOBLsS70Pok=)
2: q3kW82CYNO1AFNqMaVs0CnsKWA4.crl (hash: A6qsce/nksey7kfB4EX8NWZZ6f7KJlkJwHDDZ61FwgY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/f26514-aef5-4a46-8851-b66300a7f9f1/1/q3kW82CYNO1AFNqMaVs0CnsKWA4.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/f26514-aef5-4a46-8851-b66300a7f9f1/1/q3kW82CYNO1AFNqMaVs0CnsKWA4.mft
rsync://rpki.ripe.net/repository/DEFAULT/q3kW82CYNO1AFNqMaVs0CnsKWA4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 04:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:55:e6:8b:3c:76:33:45:e3:8b:86:5b:10:4f:95:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab7916f3609834ed4014da8c695b340a7b0a580e
Validity
Not Before: Sep 7 04:01:18 2025 GMT
Not After : Sep 8 04:01:18 2025 GMT
Subject: CN=9f338fb1068a336f091ecfa19911b8f87b598892
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:55:35:fa:a9:aa:20:1f:d3:09:86:e6:53:03:
d8:4e:f0:cb:9c:7b:e7:02:ee:69:8a:f2:4e:05:20:
ae:ef:cb:a2:5d:b3:e8:dc:5b:a5:74:c3:64:34:b1:
6a:c5:d3:c6:41:4f:ca:df:b1:44:b8:dc:54:31:8f:
cc:c4:d7:90:69:ca:d4:9c:0b:ac:03:b5:43:6a:0d:
ee:ce:fe:3a:fb:85:c5:7b:c6:f2:0a:0d:dc:bc:c2:
f6:e5:2a:36:86:40:1f:07:1e:52:c1:38:8c:ce:e2:
6f:88:de:20:67:9e:fa:01:3a:2d:2d:8a:6b:16:1b:
22:ac:ac:91:48:a3:41:05:d8:2a:e5:b9:ff:0d:f7:
4b:69:43:d2:cd:5b:89:a1:93:aa:11:1e:4a:7b:03:
bb:2f:fd:3f:a9:3b:51:4a:2c:52:8c:ca:b7:33:5b:
83:e1:c5:4d:d8:89:72:ae:2f:8f:20:b9:b5:55:29:
00:3e:2a:3f:a2:ea:b6:df:d6:63:e1:84:9e:da:94:
b4:e8:bb:05:95:ee:c0:72:88:5b:81:f4:1b:d4:0b:
4c:95:93:cf:51:be:ea:3a:12:a8:17:b0:70:b8:4d:
89:31:32:20:34:bb:99:7b:92:8f:ef:f0:ac:73:90:
89:9a:36:62:9d:a1:d0:d5:80:e2:bb:dd:20:65:28:
9a:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:33:8F:B1:06:8A:33:6F:09:1E:CF:A1:99:11:B8:F8:7B:59:88:92
X509v3 Authority Key Identifier:
keyid:AB:79:16:F3:60:98:34:ED:40:14:DA:8C:69:5B:34:0A:7B:0A:58:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3kW82CYNO1AFNqMaVs0CnsKWA4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/f26514-aef5-4a46-8851-b66300a7f9f1/1/q3kW82CYNO1AFNqMaVs0CnsKWA4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/f26514-aef5-4a46-8851-b66300a7f9f1/1/q3kW82CYNO1AFNqMaVs0CnsKWA4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
d4:71:f7:d0:87:db:f6:3f:b7:e9:f8:df:9b:de:62:4f:a8:0f:
2d:c4:0e:ba:47:6e:c6:8e:e7:a7:20:56:c1:9e:f7:3a:3e:f1:
72:c0:fe:87:fd:d1:9e:75:35:80:70:a8:c3:13:a5:c4:16:ff:
cd:8d:36:cd:92:f8:4e:2c:3c:ad:dd:31:1e:8a:a0:1e:6e:59:
af:e7:3a:b0:be:dd:4b:6c:f0:fb:b1:5b:aa:0c:46:9c:c0:99:
1c:d8:c3:99:56:38:4c:53:66:7c:57:d5:3e:53:60:a9:22:4b:
69:3a:7b:84:58:f4:3b:6f:0e:5e:99:95:09:9f:d5:af:30:c9:
3b:e1:88:10:05:dc:85:a7:f1:3b:17:4c:cc:65:37:ff:a4:4d:
1d:77:6c:a4:bc:18:71:07:52:9e:62:46:0e:07:6c:ff:92:7e:
0f:8d:fe:ed:23:cb:69:51:a1:c2:39:b7:fd:dd:27:c5:c4:2a:
2b:5b:c5:98:e7:50:88:8e:e5:25:66:8f:04:f5:4c:72:ba:ba:
8c:b8:c5:ec:3a:79:82:5c:f6:aa:1b:6d:4c:2d:7f:9b:2a:0a:
78:f7:66:b6:92:63:82:80:fb:85:82:7a:31:01:30:ec:b0:40:
92:b5:5a:6a:c8:f7:0f:e3:86:24:96:10:e7:93:d3:d3:8f:da:
1e:c4:17:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVeaLPHYzReOLhlsQT5WiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNzkxNmYzNjA5ODM0ZWQ0MDE0ZGE4YzY5NWIzNDBhN2Iw
YTU4MGUwHhcNMjUwOTA3MDQwMTE4WhcNMjUwOTA4MDQwMTE4WjAzMTEwLwYDVQQD
Eyg5ZjMzOGZiMTA2OGEzMzZmMDkxZWNmYTE5OTExYjhmODdiNTk4ODkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0FU1+qmqIB/TCYbmUwPYTvDLnHvn
Au5pivJOBSCu78uiXbPo3FuldMNkNLFqxdPGQU/K37FEuNxUMY/MxNeQacrUnAus
A7VDag3uzv46+4XFe8byCg3cvML25So2hkAfBx5SwTiMzuJviN4gZ576ATotLYpr
FhsirKyRSKNBBdgq5bn/DfdLaUPSzVuJoZOqER5KewO7L/0/qTtRSixSjMq3M1uD
4cVN2Ilyri+PILm1VSkAPio/ouq239Zj4YSe2pS06LsFle7AcohbgfQb1AtMlZPP
Ub7qOhKoF7BwuE2JMTIgNLuZe5KP7/Csc5CJmjZinaHQ1YDiu90gZSia4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ8zj7EGijNvCR7PoZkRuPh7WYiSMB8GA1UdIwQY
MBaAFKt5FvNgmDTtQBTajGlbNAp7ClgOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNrVzgyQ1lOTzFBRk5xTWFWczBDbnNLV0E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9mMjY1MTQtYWVmNS00YTQ2LTg4NTEt
YjY2MzAwYTdmOWYxLzEvcTNrVzgyQ1lOTzFBRk5xTWFWczBDbnNLV0E0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9mMjY1MTQtYWVmNS00YTQ2LTg4NTEtYjY2MzAwYTdmOWYx
LzEvcTNrVzgyQ1lOTzFBRk5xTWFWczBDbnNLV0E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1HH30Ifb
9j+36fjfm95iT6gPLcQOukduxo7npyBWwZ73Oj7xcsD+h/3RnnU1gHCowxOlxBb/
zY02zZL4Tiw8rd0xHoqgHm5Zr+c6sL7dS2zw+7FbqgxGnMCZHNjDmVY4TFNmfFfV
PlNgqSJLaTp7hFj0O28OXpmVCZ/VrzDJO+GIEAXchafxOxdMzGU3/6RNHXdspLwY
cQdSnmJGDgds/5J+D43+7SPLaVGhwjm3/d0nxcQqK1vFmOdQiI7lJWaPBPVMcrq6
jLjF7Dp5glz2qhttTC1/myoKePdmtpJjgoD7hYJ6MQEw7LBAkrVaasj3D+OGJJYQ
55PT04/aHsQXLQ==
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:25:18 2025 by rpki-client