Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/d5e103-90b5-44f1-b864-14a1eb5512d6/1/pQHIn0SCnHLyqVPSorpK4Le1DYo.mft
File: pQHIn0SCnHLyqVPSorpK4Le1DYo.mft (raw, json)
Hash identifier: g1n1mpaWtKlnVpLr6/cqnp6mGhulvT7Xhbsf6kLNMxA=
Subject key identifier: 2C:EE:7E:DF:CA:66:EB:77:B3:82:44:35:C2:EE:0D:55:65:19:7E:7A
Authority key identifier: A5:01:C8:9F:44:82:9C:72:F2:A9:53:D2:A2:BA:4A:E0:B7:B5:0D:8A
Certificate issuer: /CN=a501c89f44829c72f2a953d2a2ba4ae0b7b50d8a
Certificate serial: 019A706E05ADFA7DC29597E20D56A48FF8A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pQHIn0SCnHLyqVPSorpK4Le1DYo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/d5e103-90b5-44f1-b864-14a1eb5512d6/1/pQHIn0SCnHLyqVPSorpK4Le1DYo.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 01:00:49 +0000
Manifest this update: Tue 11 Nov 2025 01:00:49 +0000
Manifest next update: Wed 12 Nov 2025 01:00:49 +0000
Files and hashes: 1: D5U1j0YPEDas8bxMtDOehRJb48U.roa (hash: AkMtfy33YmmtJG2wcdM/0Qvh01UPoaXKoDXm68LNuus=)
2: pQHIn0SCnHLyqVPSorpK4Le1DYo.crl (hash: qLGfMlSjaSfbiwxbyGbacTfRnfcubxVe2SQYsXhbbrc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/d5e103-90b5-44f1-b864-14a1eb5512d6/1/pQHIn0SCnHLyqVPSorpK4Le1DYo.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/d5e103-90b5-44f1-b864-14a1eb5512d6/1/pQHIn0SCnHLyqVPSorpK4Le1DYo.mft
rsync://rpki.ripe.net/repository/DEFAULT/pQHIn0SCnHLyqVPSorpK4Le1DYo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:6e:05:ad:fa:7d:c2:95:97:e2:0d:56:a4:8f:f8:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a501c89f44829c72f2a953d2a2ba4ae0b7b50d8a
Validity
Not Before: Nov 11 01:00:49 2025 GMT
Not After : Nov 12 01:00:49 2025 GMT
Subject: CN=2cee7edfca66eb77b3824435c2ee0d5565197e7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:bf:9b:86:1a:05:24:47:08:e7:5d:c6:90:60:
4b:98:60:17:c4:9e:03:4f:52:7c:cb:d0:86:d5:84:
4f:ad:76:ee:50:0e:b1:f1:76:13:95:c7:01:c7:aa:
d4:c5:51:45:5d:a0:df:dd:1d:14:b8:d8:bf:6d:54:
06:5d:1f:f3:a2:af:40:75:82:4f:0a:4a:22:0f:13:
62:05:ef:7d:ff:8b:84:cf:4c:34:e9:ca:e9:3a:93:
b7:fe:b4:ce:01:c9:4a:27:c5:35:dd:d2:35:01:e9:
6d:50:25:35:7c:fa:b6:da:d7:a0:5c:4e:9f:75:57:
d4:fa:0c:0a:26:ac:b7:55:f3:bd:aa:a3:ae:57:0d:
89:79:d9:4b:87:6c:88:42:69:b5:79:7a:9c:47:fc:
ca:f1:91:03:83:5c:a9:2d:19:8d:bb:24:a9:76:f9:
2d:71:e2:bd:eb:93:fe:5e:d0:b6:0b:05:79:a6:ff:
5b:c3:41:94:21:f2:6a:4b:86:06:51:86:31:4a:16:
4c:16:8f:cb:27:6b:3a:33:d8:53:8f:0e:69:17:4f:
98:53:47:5d:f5:b2:c1:aa:a9:b8:39:72:f2:9f:54:
0e:38:a3:a5:2b:04:15:8d:7f:d9:25:05:7d:e0:c9:
47:72:a6:52:fb:a9:0d:1f:97:93:a7:e9:f2:82:64:
7a:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:EE:7E:DF:CA:66:EB:77:B3:82:44:35:C2:EE:0D:55:65:19:7E:7A
X509v3 Authority Key Identifier:
keyid:A5:01:C8:9F:44:82:9C:72:F2:A9:53:D2:A2:BA:4A:E0:B7:B5:0D:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pQHIn0SCnHLyqVPSorpK4Le1DYo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/d5e103-90b5-44f1-b864-14a1eb5512d6/1/pQHIn0SCnHLyqVPSorpK4Le1DYo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/d5e103-90b5-44f1-b864-14a1eb5512d6/1/pQHIn0SCnHLyqVPSorpK4Le1DYo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
53:83:27:0b:f7:06:c2:95:1d:e2:07:c0:d3:83:b1:1f:39:72:
31:53:62:94:b2:dd:0a:2b:6e:7d:ec:d8:0c:81:cb:73:ee:b6:
96:8b:d6:2f:ff:9b:77:f2:fe:55:a4:f2:9c:d3:20:2d:73:bd:
9b:0b:4d:90:a2:b8:33:9e:65:26:70:f9:f6:61:e6:68:7a:98:
eb:73:68:a8:e6:1d:b1:15:cd:f6:41:0d:f0:39:c9:ed:3b:fb:
9d:4e:f3:5b:38:64:c1:e1:71:f6:71:30:77:e4:97:a6:97:65:
1f:bb:18:a7:70:47:94:f5:29:b2:46:ca:ed:60:42:1d:5e:48:
9c:7b:cb:37:a2:42:e0:f0:c9:21:1e:5e:32:7c:a6:ba:a0:23:
e1:22:31:86:eb:fb:b7:47:d9:97:27:74:f8:0e:32:6a:66:d8:
52:31:b9:2b:1a:de:53:23:e6:8a:c8:83:77:54:ef:d5:30:75:
1a:49:03:b9:24:dc:07:70:0e:1f:ab:22:02:59:2d:34:86:4a:
b8:7c:f5:e4:e7:f7:da:06:a5:60:6e:a8:21:39:59:73:bc:41:
36:12:c7:c7:66:8d:54:7e:7c:6b:ba:e6:f7:82:f1:28:45:a1:
1f:16:62:28:7d:d3:ca:1e:48:0b:a3:c7:18:d5:7b:e1:8b:d2:
68:1a:51:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwbgWt+n3ClZfiDVakj/igMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MDFjODlmNDQ4MjljNzJmMmE5NTNkMmEyYmE0YWUwYjdi
NTBkOGEwHhcNMjUxMTExMDEwMDQ5WhcNMjUxMTEyMDEwMDQ5WjAzMTEwLwYDVQQD
EygyY2VlN2VkZmNhNjZlYjc3YjM4MjQ0MzVjMmVlMGQ1NTY1MTk3ZTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsb+bhhoFJEcI513GkGBLmGAXxJ4D
T1J8y9CG1YRPrXbuUA6x8XYTlccBx6rUxVFFXaDf3R0UuNi/bVQGXR/zoq9AdYJP
CkoiDxNiBe99/4uEz0w06crpOpO3/rTOAclKJ8U13dI1AeltUCU1fPq22tegXE6f
dVfU+gwKJqy3VfO9qqOuVw2JedlLh2yIQmm1eXqcR/zK8ZEDg1ypLRmNuySpdvkt
ceK965P+XtC2CwV5pv9bw0GUIfJqS4YGUYYxShZMFo/LJ2s6M9hTjw5pF0+YU0dd
9bLBqqm4OXLyn1QOOKOlKwQVjX/ZJQV94MlHcqZS+6kNH5eTp+nygmR6cwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCzuft/KZut3s4JENcLuDVVlGX56MB8GA1UdIwQY
MBaAFKUByJ9Egpxy8qlT0qK6SuC3tQ2KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFFISW4wU0NuSEx5cVZQU29ycEs0TGUxRFlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9kNWUxMDMtOTBiNS00NGYxLWI4NjQt
MTRhMWViNTUxMmQ2LzEvcFFISW4wU0NuSEx5cVZQU29ycEs0TGUxRFlvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9kNWUxMDMtOTBiNS00NGYxLWI4NjQtMTRhMWViNTUxMmQ2
LzEvcFFISW4wU0NuSEx5cVZQU29ycEs0TGUxRFlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU4MnC/cG
wpUd4gfA04OxHzlyMVNilLLdCitufezYDIHLc+62lovWL/+bd/L+VaTynNMgLXO9
mwtNkKK4M55lJnD59mHmaHqY63NoqOYdsRXN9kEN8DnJ7Tv7nU7zWzhkweFx9nEw
d+SXppdlH7sYp3BHlPUpskbK7WBCHV5InHvLN6JC4PDJIR5eMnymuqAj4SIxhuv7
t0fZlyd0+A4yambYUjG5KxreUyPmisiDd1Tv1TB1GkkDuSTcB3AOH6siAlktNIZK
uHz15Of32galYG6oITlZc7xBNhLHx2aNVH58a7rm94LxKEWhHxZiKH3Tyh5IC6PH
GNV74YvSaBpRrw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:41:05 2025 by rpki-client