Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.mft
File: QhO1RxlmwlYQ2VpaL6XMBvyT_1c.mft (raw, json)
Hash identifier: fYD9UXCvnNjKhES+0CGzNTvZ25ZPiq8KB/7aXgoF/A4=
Subject key identifier: CD:51:E1:DD:F2:2D:C4:04:5D:0B:0B:4F:09:C6:6F:EF:C2:A7:FB:49
Authority key identifier: 42:13:B5:47:19:66:C2:56:10:D9:5A:5A:2F:A5:CC:06:FC:93:FF:57
Certificate issuer: /CN=4213b5471966c25610d95a5a2fa5cc06fc93ff57
Certificate serial: 019A725CE0DEF03E6C50BBC3CBFA585CB62A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.mft
Manifest number: 0643
Signing time: Tue 11 Nov 2025 10:01:20 +0000
Manifest this update: Tue 11 Nov 2025 10:01:20 +0000
Manifest next update: Wed 12 Nov 2025 10:01:20 +0000
Files and hashes: 1: QhO1RxlmwlYQ2VpaL6XMBvyT_1c.crl (hash: 1QJZg0RIa9fjz4LSLe7hCEF5WazlH8c4SvmbgqLb/yc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.mft
rsync://rpki.ripe.net/repository/DEFAULT/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:e0:de:f0:3e:6c:50:bb:c3:cb:fa:58:5c:b6:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4213b5471966c25610d95a5a2fa5cc06fc93ff57
Validity
Not Before: Nov 11 10:01:20 2025 GMT
Not After : Nov 12 10:01:20 2025 GMT
Subject: CN=cd51e1ddf22dc4045d0b0b4f09c66fefc2a7fb49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:cd:82:5d:9c:f1:29:a4:bb:78:2f:68:85:be:
78:75:22:e5:65:7b:36:f1:b7:25:79:c1:67:7b:97:
4f:74:ff:e1:17:3e:dc:8c:84:3f:f5:24:8d:a7:69:
69:61:30:f0:d3:75:5a:ab:52:63:93:92:24:a7:3b:
57:8e:05:cd:c1:c6:fc:a7:05:db:92:86:99:ec:83:
0f:bf:5a:00:b0:0d:f2:f9:41:ee:ff:9d:c9:d8:2e:
3d:2d:94:f7:d3:a4:6b:3b:ac:b8:0b:be:13:c5:c9:
be:55:a0:a4:95:f8:f1:1d:2e:a2:46:d6:90:75:60:
0a:da:8c:03:e0:db:83:96:c4:bf:13:48:aa:e6:08:
09:c0:d4:03:c8:e1:a4:5d:26:93:6b:16:58:c8:e1:
18:6b:49:eb:9f:e5:40:1c:5d:71:8f:d1:24:ef:32:
30:0f:9b:6c:1a:03:6f:e8:12:e1:75:bf:ee:f2:00:
31:fb:43:6a:a9:dd:c7:88:a1:35:37:3d:60:d7:ab:
35:8c:ef:af:fb:0d:64:62:5a:20:0c:26:1b:c6:b6:
27:6d:c8:f2:92:ba:b1:80:e9:fe:c7:b1:63:cf:3d:
3d:36:40:e3:fe:07:2c:bf:2c:99:55:77:e6:67:04:
4f:2f:cc:b9:36:1e:a4:1f:b3:19:12:11:b9:5e:fa:
15:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:51:E1:DD:F2:2D:C4:04:5D:0B:0B:4F:09:C6:6F:EF:C2:A7:FB:49
X509v3 Authority Key Identifier:
keyid:42:13:B5:47:19:66:C2:56:10:D9:5A:5A:2F:A5:CC:06:FC:93:FF:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
96:23:37:f0:91:4e:6e:a7:ce:d8:5b:1b:d4:89:8d:1d:6a:21:
fb:93:43:a2:5a:fd:2d:7a:8a:5e:6d:5a:69:3d:7c:02:5f:6d:
3b:a6:d2:5d:2d:35:fa:3a:54:46:c3:9c:45:cd:69:f8:d0:6b:
f2:92:85:e1:75:97:60:1f:72:fb:77:87:b3:aa:62:be:e6:6a:
5b:f6:b7:f0:b7:eb:56:d8:73:ec:b8:c9:75:a0:67:55:e7:62:
aa:93:f2:46:5a:11:7c:15:23:1e:53:8b:dd:31:c8:04:20:bd:
0d:32:f4:75:a6:a5:02:35:22:41:0c:33:f7:cc:57:e6:06:09:
e8:1f:4a:39:3b:bd:ee:2c:d2:09:17:c6:5e:d9:c4:c1:46:1f:
c1:4d:59:3d:73:62:e2:9b:4b:26:7f:4c:f9:38:6a:14:aa:fb:
c4:b0:eb:0f:43:1d:92:f7:e1:ed:35:03:85:a9:b7:9f:fd:93:
d6:7d:fd:49:4c:c3:5f:59:d7:96:5e:a6:1a:ae:3b:2e:12:b6:
01:5f:c2:51:c3:f6:bb:bf:c7:e8:43:af:c6:07:d9:48:1b:0f:
c1:27:62:0a:2c:5c:d0:7e:23:8a:d8:45:db:9e:cb:97:35:90:
7a:eb:63:4b:cc:d2:ba:86:c7:8f:bb:9a:9e:4a:de:75:58:af:
06:8e:bf:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXODe8D5sULvDy/pYXLYqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMTNiNTQ3MTk2NmMyNTYxMGQ5NWE1YTJmYTVjYzA2ZmM5
M2ZmNTcwHhcNMjUxMTExMTAwMTIwWhcNMjUxMTEyMTAwMTIwWjAzMTEwLwYDVQQD
EyhjZDUxZTFkZGYyMmRjNDA0NWQwYjBiNGYwOWM2NmZlZmMyYTdmYjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmc2CXZzxKaS7eC9ohb54dSLlZXs2
8bclecFne5dPdP/hFz7cjIQ/9SSNp2lpYTDw03Vaq1Jjk5IkpztXjgXNwcb8pwXb
koaZ7IMPv1oAsA3y+UHu/53J2C49LZT306RrO6y4C74Txcm+VaCklfjxHS6iRtaQ
dWAK2owD4NuDlsS/E0iq5ggJwNQDyOGkXSaTaxZYyOEYa0nrn+VAHF1xj9Ek7zIw
D5tsGgNv6BLhdb/u8gAx+0Nqqd3HiKE1Nz1g16s1jO+v+w1kYlogDCYbxrYnbcjy
krqxgOn+x7Fjzz09NkDj/gcsvyyZVXfmZwRPL8y5Nh6kH7MZEhG5XvoVwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM1R4d3yLcQEXQsLTwnGb+/Cp/tJMB8GA1UdIwQY
MBaAFEITtUcZZsJWENlaWi+lzAb8k/9XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWhPMVJ4bG13bFlRMlZwYUw2WE1CdnlUXzFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy8wMDA0ODUtNzIxZi00ZDk3LWEwZjIt
NWJkYjJjNjAxMDJkLzEvUWhPMVJ4bG13bFlRMlZwYUw2WE1CdnlUXzFjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy8wMDA0ODUtNzIxZi00ZDk3LWEwZjItNWJkYjJjNjAxMDJk
LzEvUWhPMVJ4bG13bFlRMlZwYUw2WE1CdnlUXzFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAliM38JFO
bqfO2Fsb1ImNHWoh+5NDolr9LXqKXm1aaT18Al9tO6bSXS01+jpURsOcRc1p+NBr
8pKF4XWXYB9y+3eHs6pivuZqW/a38LfrVthz7LjJdaBnVediqpPyRloRfBUjHlOL
3THIBCC9DTL0daalAjUiQQwz98xX5gYJ6B9KOTu97izSCRfGXtnEwUYfwU1ZPXNi
4ptLJn9M+ThqFKr7xLDrD0Mdkvfh7TUDham3n/2T1n39SUzDX1nXll6mGq47LhK2
AV/CUcP2u7/H6EOvxgfZSBsPwSdiCixc0H4jithF257LlzWQeutjS8zSuobHj7ua
nkredVivBo6/Aw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 16:52:31 2025 by rpki-client