Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/5dc87a-f329-4c44-8235-77e3beab61eb/1/QPwHKZcRrfoiLiexKLdtHZdFBYI.mft
File: QPwHKZcRrfoiLiexKLdtHZdFBYI.mft (raw, json)
Hash identifier: jJWh5wHdeMZmZNk7ctoIWcCz0SFXRJOI64XRCAcu/gU=
Subject key identifier: 17:49:CF:25:14:6A:F9:55:32:A4:66:D9:73:1A:B6:E9:BE:0D:67:2C
Authority key identifier: 40:FC:07:29:97:11:AD:FA:22:2E:27:B1:28:B7:6D:1D:97:45:05:82
Certificate issuer: /CN=40fc07299711adfa222e27b128b76d1d97450582
Certificate serial: 019922C39A60384E0148BC19363E32C104DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QPwHKZcRrfoiLiexKLdtHZdFBYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/5dc87a-f329-4c44-8235-77e3beab61eb/1/QPwHKZcRrfoiLiexKLdtHZdFBYI.mft
Manifest number: 131F
Signing time: Sun 07 Sep 2025 06:01:07 +0000
Manifest this update: Sun 07 Sep 2025 06:01:07 +0000
Manifest next update: Mon 08 Sep 2025 06:01:07 +0000
Files and hashes: 1: 6KpfPRVUGyFsCkAEFBqf-wSXAyw.roa (hash: kWhiEuOzAfB/QvRqngqpda0Xfcej2KhLVFQbnAjy7tQ=)
2: QPwHKZcRrfoiLiexKLdtHZdFBYI.crl (hash: htqzlAR6BYXg6Yl1V8WcfzwQ9HQcc8SY4MFLkmsQ97Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/5dc87a-f329-4c44-8235-77e3beab61eb/1/QPwHKZcRrfoiLiexKLdtHZdFBYI.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/5dc87a-f329-4c44-8235-77e3beab61eb/1/QPwHKZcRrfoiLiexKLdtHZdFBYI.mft
rsync://rpki.ripe.net/repository/DEFAULT/QPwHKZcRrfoiLiexKLdtHZdFBYI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:c3:9a:60:38:4e:01:48:bc:19:36:3e:32:c1:04:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40fc07299711adfa222e27b128b76d1d97450582
Validity
Not Before: Sep 7 06:01:07 2025 GMT
Not After : Sep 8 06:01:07 2025 GMT
Subject: CN=1749cf25146af95532a466d9731ab6e9be0d672c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:87:7c:0a:a6:52:23:b5:2c:c4:bb:77:12:d0:
f4:16:b0:62:de:2c:09:e7:73:4a:c7:7a:59:cf:d0:
de:74:47:59:a9:3a:5d:84:5b:d0:0e:73:1a:4f:b9:
14:9b:2b:03:85:bb:f3:6e:0a:b5:10:ff:5f:1c:9f:
c0:62:c8:13:c8:7f:6f:c7:e7:b1:21:47:0c:4f:c6:
b9:07:64:a1:9b:ce:36:9b:bb:a4:72:8b:c3:07:51:
18:5a:56:87:0b:cf:9a:ab:21:e5:24:15:e4:32:7d:
3c:42:76:40:eb:ea:4b:62:3c:6c:7a:7a:83:e1:88:
89:ce:79:d7:39:29:09:eb:f6:f1:92:8f:50:ae:1f:
ff:d8:ef:a5:5e:f3:82:41:7a:bb:c5:47:7b:86:eb:
4c:3b:af:90:48:5d:15:8d:68:55:57:1a:99:63:17:
eb:c2:ed:cb:87:07:a2:c7:74:6c:05:d3:1f:fc:54:
f5:54:f5:01:3c:49:fd:d1:15:d8:88:72:fc:e6:64:
86:3d:4e:83:a1:f4:09:53:84:b9:17:d3:a5:88:22:
21:3b:41:52:e4:d4:c0:a7:71:71:12:88:30:95:9b:
91:0d:92:84:f2:6c:5c:f7:5f:1d:8f:98:a3:be:9e:
a2:ea:a3:25:d8:ab:fc:05:42:6e:ac:e6:fd:9d:4a:
93:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:49:CF:25:14:6A:F9:55:32:A4:66:D9:73:1A:B6:E9:BE:0D:67:2C
X509v3 Authority Key Identifier:
keyid:40:FC:07:29:97:11:AD:FA:22:2E:27:B1:28:B7:6D:1D:97:45:05:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QPwHKZcRrfoiLiexKLdtHZdFBYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/5dc87a-f329-4c44-8235-77e3beab61eb/1/QPwHKZcRrfoiLiexKLdtHZdFBYI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/5dc87a-f329-4c44-8235-77e3beab61eb/1/QPwHKZcRrfoiLiexKLdtHZdFBYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a3:17:e3:3f:1a:5a:eb:0c:a6:68:fa:74:9e:1a:de:96:41:10:
3c:e3:6d:da:b3:55:e7:70:e0:ef:f4:2f:bc:6d:fd:9e:5b:7e:
8e:42:52:55:8d:e4:5c:76:ca:73:23:e1:95:da:f0:da:05:78:
63:8d:01:bc:7a:2a:b8:82:f6:ae:e7:0d:32:ac:cf:46:a0:62:
73:c8:2b:17:c9:a6:b4:04:54:74:04:9b:61:40:61:1c:04:48:
c4:6b:a8:5e:2b:af:c4:d9:ee:bf:34:e3:5a:19:e2:2b:91:31:
8b:fc:38:8a:e3:01:45:39:23:fa:98:ce:d1:46:e3:a6:8a:72:
52:0a:24:5d:b4:4c:46:4c:e4:a9:78:10:4c:a0:c3:32:b0:57:
42:43:68:74:85:3d:50:bf:3a:79:f0:b9:1b:24:6d:b8:02:e6:
1c:0c:44:37:cd:ab:1b:72:54:6a:c6:20:8f:33:ec:8b:da:de:
de:17:59:4a:13:62:f1:f5:e4:3d:9a:65:e3:b2:b8:fe:e5:5a:
2b:7b:af:0b:19:a6:0f:cb:f3:47:4a:33:b8:f3:76:61:1b:4c:
a8:90:87:d5:0d:4e:5f:4a:9f:17:4d:2c:28:b4:aa:66:2d:b8:
62:f4:50:dd:f0:58:53:39:60:ba:3f:bd:06:85:69:dd:be:aa:
9d:30:49:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiw5pgOE4BSLwZNj4ywQTfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZmMwNzI5OTcxMWFkZmEyMjJlMjdiMTI4Yjc2ZDFkOTc0
NTA1ODIwHhcNMjUwOTA3MDYwMTA3WhcNMjUwOTA4MDYwMTA3WjAzMTEwLwYDVQQD
EygxNzQ5Y2YyNTE0NmFmOTU1MzJhNDY2ZDk3MzFhYjZlOWJlMGQ2NzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsId8CqZSI7UsxLt3EtD0FrBi3iwJ
53NKx3pZz9DedEdZqTpdhFvQDnMaT7kUmysDhbvzbgq1EP9fHJ/AYsgTyH9vx+ex
IUcMT8a5B2Shm842m7ukcovDB1EYWlaHC8+aqyHlJBXkMn08QnZA6+pLYjxsenqD
4YiJznnXOSkJ6/bxko9Qrh//2O+lXvOCQXq7xUd7hutMO6+QSF0VjWhVVxqZYxfr
wu3Lhweix3RsBdMf/FT1VPUBPEn90RXYiHL85mSGPU6DofQJU4S5F9OliCIhO0FS
5NTAp3FxEogwlZuRDZKE8mxc918dj5ijvp6i6qMl2Kv8BUJurOb9nUqTjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBdJzyUUavlVMqRm2XMatum+DWcsMB8GA1UdIwQY
MBaAFED8BymXEa36Ii4nsSi3bR2XRQWCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVB3SEtaY1JyZm9pTGlleEtMZHRIWmRGQllJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi81ZGM4N2EtZjMyOS00YzQ0LTgyMzUt
NzdlM2JlYWI2MWViLzEvUVB3SEtaY1JyZm9pTGlleEtMZHRIWmRGQllJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi81ZGM4N2EtZjMyOS00YzQ0LTgyMzUtNzdlM2JlYWI2MWVi
LzEvUVB3SEtaY1JyZm9pTGlleEtMZHRIWmRGQllJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoxfjPxpa
6wymaPp0nhrelkEQPONt2rNV53Dg7/QvvG39nlt+jkJSVY3kXHbKcyPhldrw2gV4
Y40BvHoquIL2rucNMqzPRqBic8grF8mmtARUdASbYUBhHARIxGuoXiuvxNnuvzTj
WhniK5Exi/w4iuMBRTkj+pjO0UbjpopyUgokXbRMRkzkqXgQTKDDMrBXQkNodIU9
UL86efC5GyRtuALmHAxEN82rG3JUasYgjzPsi9re3hdZShNi8fXkPZpl47K4/uVa
K3uvCxmmD8vzR0ozuPN2YRtMqJCH1Q1OX0qfF00sKLSqZi24YvRQ3fBYUzlguj+9
BoVp3b6qnTBJQg==
-----END CERTIFICATE-----
Generated at Sun Sep 7 10:13:30 2025 by rpki-client