Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/5dc87a-f329-4c44-8235-77e3beab61eb/1/QPwHKZcRrfoiLiexKLdtHZdFBYI.mft
File: QPwHKZcRrfoiLiexKLdtHZdFBYI.mft (raw, json)
Hash identifier: O173KsJ8fsHsEeaOSIvKBCCNMIclGUoAnUodzgPKRSQ=
Subject key identifier: 9D:A2:6F:B8:D8:86:17:2E:58:A1:CB:16:D4:41:C0:4C:52:D8:1D:35
Authority key identifier: 40:FC:07:29:97:11:AD:FA:22:2E:27:B1:28:B7:6D:1D:97:45:05:82
Certificate issuer: /CN=40fc07299711adfa222e27b128b76d1d97450582
Certificate serial: 019A72CAB491E8F25B29205726DA3BE50817
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QPwHKZcRrfoiLiexKLdtHZdFBYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/5dc87a-f329-4c44-8235-77e3beab61eb/1/QPwHKZcRrfoiLiexKLdtHZdFBYI.mft
Manifest number: 13CD
Signing time: Tue 11 Nov 2025 12:01:18 +0000
Manifest this update: Tue 11 Nov 2025 12:01:18 +0000
Manifest next update: Wed 12 Nov 2025 12:01:18 +0000
Files and hashes: 1: 6KpfPRVUGyFsCkAEFBqf-wSXAyw.roa (hash: kWhiEuOzAfB/QvRqngqpda0Xfcej2KhLVFQbnAjy7tQ=)
2: QPwHKZcRrfoiLiexKLdtHZdFBYI.crl (hash: 1AK3H7qw/94wY/v4cdccpm1I00MbN6wbLeFTdYZaXMw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/5dc87a-f329-4c44-8235-77e3beab61eb/1/QPwHKZcRrfoiLiexKLdtHZdFBYI.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/5dc87a-f329-4c44-8235-77e3beab61eb/1/QPwHKZcRrfoiLiexKLdtHZdFBYI.mft
rsync://rpki.ripe.net/repository/DEFAULT/QPwHKZcRrfoiLiexKLdtHZdFBYI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:ca:b4:91:e8:f2:5b:29:20:57:26:da:3b:e5:08:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40fc07299711adfa222e27b128b76d1d97450582
Validity
Not Before: Nov 11 12:01:18 2025 GMT
Not After : Nov 12 12:01:18 2025 GMT
Subject: CN=9da26fb8d886172e58a1cb16d441c04c52d81d35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ca:2d:ce:d8:55:27:ea:77:1c:1e:95:8f:96:
fc:7c:04:2a:d5:76:59:6a:1c:6d:24:d7:17:67:2a:
8a:c8:f7:45:b9:cb:d6:f2:34:e8:76:4b:2d:0f:a3:
c8:97:7e:9c:c7:7d:47:ab:d1:78:f8:a5:1d:0a:d2:
f0:81:77:df:a4:b4:14:74:73:30:00:35:52:2b:73:
16:52:ca:f9:6f:10:2c:98:70:77:91:68:a8:05:e0:
5f:e7:2c:cd:ac:30:1d:3c:97:0e:28:1d:68:45:46:
05:f5:f6:f8:00:1a:32:a6:cb:7e:b4:47:8c:20:28:
9b:bb:fc:bf:31:48:2e:60:92:23:52:7a:02:64:45:
b0:cb:03:af:d2:f6:88:9a:9a:c1:1a:19:5e:f0:5b:
04:9d:0b:c0:ad:f2:ca:77:2b:54:fa:13:a9:82:1a:
f7:0a:ce:35:2a:c7:b4:ea:e1:44:b4:2e:a6:cb:8f:
85:58:d6:28:91:12:a8:77:15:7a:a2:e0:46:e1:57:
12:77:44:8b:61:e7:a9:06:46:33:02:2b:8f:87:5a:
a1:5e:e0:5a:cc:f3:f8:ff:dc:b7:e3:09:a6:5f:3a:
c7:aa:d3:ec:1a:e4:ee:5c:88:44:3f:81:b6:6d:02:
3e:37:5f:d4:b3:69:24:0d:c6:d9:e6:f5:75:27:fe:
4f:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:A2:6F:B8:D8:86:17:2E:58:A1:CB:16:D4:41:C0:4C:52:D8:1D:35
X509v3 Authority Key Identifier:
keyid:40:FC:07:29:97:11:AD:FA:22:2E:27:B1:28:B7:6D:1D:97:45:05:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QPwHKZcRrfoiLiexKLdtHZdFBYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/5dc87a-f329-4c44-8235-77e3beab61eb/1/QPwHKZcRrfoiLiexKLdtHZdFBYI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/5dc87a-f329-4c44-8235-77e3beab61eb/1/QPwHKZcRrfoiLiexKLdtHZdFBYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a4:d1:d1:5e:8d:01:a2:93:f4:4b:16:f4:ab:d2:0c:63:e7:32:
e3:2a:dd:9b:9d:3b:21:9e:57:06:fd:db:a1:3a:d2:89:88:95:
89:1f:c6:48:53:11:bb:3b:7d:6f:0f:56:b4:27:c5:c0:d4:b2:
25:ac:a5:11:90:7d:07:c6:52:58:32:1d:9b:56:ec:8f:4b:51:
4a:7f:86:a4:32:09:dd:2a:c4:b4:41:43:aa:93:00:a0:e7:c9:
d5:e4:4b:23:48:82:8c:be:13:e5:a1:ac:cf:d9:00:5c:d5:8f:
47:d0:31:8c:2d:c1:19:3d:88:5e:83:c7:d5:08:d4:59:a4:03:
16:c7:ac:96:04:32:31:6a:94:e8:f2:de:38:4b:a8:4d:1e:bd:
bc:73:e6:c1:4e:7c:01:88:16:63:d4:6c:d7:05:98:15:e8:8b:
75:c5:5f:89:e5:cb:07:cd:bb:30:4c:c3:7a:fb:37:8c:6c:67:
58:3d:2b:fe:fa:5c:83:85:eb:51:bf:5c:ed:7a:39:e7:f8:38:
a8:b7:f1:64:21:80:fc:10:14:77:d6:f9:1d:7c:18:08:75:82:
ad:f1:81:d7:b9:af:0b:7c:72:66:7b:ff:a4:58:cb:94:46:32:
9b:52:3b:90:22:9a:28:b4:5e:66:8c:27:fc:c6:a8:5b:45:55:
1f:c4:4c:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyyrSR6PJbKSBXJto75QgXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZmMwNzI5OTcxMWFkZmEyMjJlMjdiMTI4Yjc2ZDFkOTc0
NTA1ODIwHhcNMjUxMTExMTIwMTE4WhcNMjUxMTEyMTIwMTE4WjAzMTEwLwYDVQQD
Eyg5ZGEyNmZiOGQ4ODYxNzJlNThhMWNiMTZkNDQxYzA0YzUyZDgxZDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcotzthVJ+p3HB6Vj5b8fAQq1XZZ
ahxtJNcXZyqKyPdFucvW8jTodkstD6PIl36cx31Hq9F4+KUdCtLwgXffpLQUdHMw
ADVSK3MWUsr5bxAsmHB3kWioBeBf5yzNrDAdPJcOKB1oRUYF9fb4ABoypst+tEeM
ICibu/y/MUguYJIjUnoCZEWwywOv0vaImprBGhle8FsEnQvArfLKdytU+hOpghr3
Cs41Kse06uFEtC6my4+FWNYokRKodxV6ouBG4VcSd0SLYeepBkYzAiuPh1qhXuBa
zPP4/9y34wmmXzrHqtPsGuTuXIhEP4G2bQI+N1/Us2kkDcbZ5vV1J/5P6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ2ib7jYhhcuWKHLFtRBwExS2B01MB8GA1UdIwQY
MBaAFED8BymXEa36Ii4nsSi3bR2XRQWCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVB3SEtaY1JyZm9pTGlleEtMZHRIWmRGQllJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi81ZGM4N2EtZjMyOS00YzQ0LTgyMzUt
NzdlM2JlYWI2MWViLzEvUVB3SEtaY1JyZm9pTGlleEtMZHRIWmRGQllJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi81ZGM4N2EtZjMyOS00YzQ0LTgyMzUtNzdlM2JlYWI2MWVi
LzEvUVB3SEtaY1JyZm9pTGlleEtMZHRIWmRGQllJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApNHRXo0B
opP0Sxb0q9IMY+cy4yrdm507IZ5XBv3boTrSiYiViR/GSFMRuzt9bw9WtCfFwNSy
JaylEZB9B8ZSWDIdm1bsj0tRSn+GpDIJ3SrEtEFDqpMAoOfJ1eRLI0iCjL4T5aGs
z9kAXNWPR9AxjC3BGT2IXoPH1QjUWaQDFseslgQyMWqU6PLeOEuoTR69vHPmwU58
AYgWY9Rs1wWYFeiLdcVfieXLB827MEzDevs3jGxnWD0r/vpcg4XrUb9c7Xo55/g4
qLfxZCGA/BAUd9b5HXwYCHWCrfGB17mvC3xyZnv/pFjLlEYym1I7kCKaKLReZown
/MaoW0VVH8RMfw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:50:57 2025 by rpki-client