Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft
File: q53IX5TKZH3g22TXTTE5lHzESbo.mft (raw, json)
Hash identifier: wfbKOSzalAJ3IBUWUqkObZeKeOkYR7kesFSWnAN1kZE=
Subject key identifier: BE:2F:3F:69:C8:DF:B8:CA:2C:DC:3A:CE:1F:EF:BB:24:4C:18:A3:DA
Authority key identifier: AB:9D:C8:5F:94:CA:64:7D:E0:DB:64:D7:4D:31:39:94:7C:C4:49:BA
Certificate issuer: /CN=ab9dc85f94ca647de0db64d74d3139947cc449ba
Certificate serial: 019A722668E9FEC33D73921A6D6C5CE434B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q53IX5TKZH3g22TXTTE5lHzESbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft
Manifest number: 140C
Signing time: Tue 11 Nov 2025 09:01:51 +0000
Manifest this update: Tue 11 Nov 2025 09:01:51 +0000
Manifest next update: Wed 12 Nov 2025 09:01:51 +0000
Files and hashes: 1: 3U4MivbAgZFFTzpri9v9qzr-9Dg.roa (hash: OpxoqQJPTPV/7nPesTeS09o0jfmFmQcqEJLqODzVTIM=)
2: q53IX5TKZH3g22TXTTE5lHzESbo.crl (hash: ePrRDTlm9SCfyv9901+cB3H+85L7TJtrKjgGXedFgbY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft
rsync://rpki.ripe.net/repository/DEFAULT/q53IX5TKZH3g22TXTTE5lHzESbo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:68:e9:fe:c3:3d:73:92:1a:6d:6c:5c:e4:34:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab9dc85f94ca647de0db64d74d3139947cc449ba
Validity
Not Before: Nov 11 09:01:51 2025 GMT
Not After : Nov 12 09:01:51 2025 GMT
Subject: CN=be2f3f69c8dfb8ca2cdc3ace1fefbb244c18a3da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:12:d1:02:ac:99:00:01:61:35:ce:10:ad:c2:
82:c1:4f:c1:18:e2:14:7f:f5:a9:00:85:2b:dd:62:
89:c3:41:ea:e5:fb:dd:73:1c:01:69:c5:63:eb:c0:
67:d9:02:28:83:79:32:f3:13:5f:4d:35:b0:0d:2a:
43:d8:b5:df:a8:f8:4f:3c:c2:3c:17:e3:22:7c:47:
5a:b6:6a:2d:95:8d:be:8a:d7:d1:c6:71:62:8c:00:
37:9e:ed:b0:7a:3e:45:46:fd:ef:14:2f:7a:f1:13:
54:37:2c:6c:ee:0a:af:fc:61:85:0a:7d:5e:f2:58:
e1:a9:27:09:f0:36:45:24:66:5a:86:7f:f8:ce:2e:
8d:6a:b3:68:07:19:00:89:ee:6b:1b:d9:c8:80:9b:
5a:8e:8b:17:0e:3c:91:59:40:25:6a:2b:36:6d:02:
2d:92:67:f1:09:c6:03:84:dd:e4:f0:38:fd:0a:11:
1c:99:f5:63:87:ae:c3:7a:a6:0a:f8:27:5a:df:10:
89:62:ae:b1:34:03:b9:13:05:1b:7f:a3:67:b8:7c:
5a:32:b9:bf:ed:1f:d4:30:b3:00:50:6c:c5:e1:b3:
0e:ab:d5:06:54:1c:63:63:a5:41:83:81:c2:64:04:
d5:ab:b9:78:07:29:96:bc:d2:2b:40:72:43:2c:0a:
b9:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:2F:3F:69:C8:DF:B8:CA:2C:DC:3A:CE:1F:EF:BB:24:4C:18:A3:DA
X509v3 Authority Key Identifier:
keyid:AB:9D:C8:5F:94:CA:64:7D:E0:DB:64:D7:4D:31:39:94:7C:C4:49:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q53IX5TKZH3g22TXTTE5lHzESbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
20:00:f8:5e:fe:2c:dc:6b:97:50:c4:85:94:0c:71:c3:ae:3f:
2e:8e:68:02:d0:5b:eb:da:48:5c:2b:02:b4:1e:b8:67:ad:5b:
94:74:ea:86:f8:48:11:f1:ad:57:90:c5:88:6d:51:ff:96:cb:
e6:fb:e9:64:d2:c9:f5:aa:7b:2c:9c:40:a4:de:a8:44:35:19:
1e:f5:47:5b:83:61:62:5b:10:e7:de:1f:3a:fd:dd:d4:4c:ae:
bb:0b:9f:d8:15:18:62:1f:37:ab:ee:76:55:16:78:52:be:ca:
94:5a:8f:2f:6b:6d:fb:f5:24:97:95:90:c8:15:23:49:3f:42:
e9:65:e3:16:d4:a3:f7:48:02:62:37:03:21:c7:e6:b6:70:22:
c0:a2:04:61:37:af:7b:d8:b3:92:04:db:76:bf:b9:46:1d:f8:
86:08:38:5d:fa:c7:49:fe:04:e8:e2:2d:4e:90:d1:97:8c:f7:
fa:15:15:20:21:35:2c:2e:bb:9d:d6:52:67:5e:0c:ad:e8:03:
77:43:c2:cd:42:6b:92:3c:72:c4:cd:84:fd:24:f4:c6:a9:b3:
a0:7a:cf:af:7e:6d:88:be:1f:8e:9b:cd:c8:5a:1b:d8:a5:13:
36:ad:34:e6:3c:13:7a:d4:26:ba:73:56:ba:74:5d:ce:e9:de:
4a:d5:82:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJmjp/sM9c5IabWxc5DSzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiOWRjODVmOTRjYTY0N2RlMGRiNjRkNzRkMzEzOTk0N2Nj
NDQ5YmEwHhcNMjUxMTExMDkwMTUxWhcNMjUxMTEyMDkwMTUxWjAzMTEwLwYDVQQD
EyhiZTJmM2Y2OWM4ZGZiOGNhMmNkYzNhY2UxZmVmYmIyNDRjMThhM2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBLRAqyZAAFhNc4QrcKCwU/BGOIU
f/WpAIUr3WKJw0Hq5fvdcxwBacVj68Bn2QIog3ky8xNfTTWwDSpD2LXfqPhPPMI8
F+MifEdatmotlY2+itfRxnFijAA3nu2wej5FRv3vFC968RNUNyxs7gqv/GGFCn1e
8ljhqScJ8DZFJGZahn/4zi6NarNoBxkAie5rG9nIgJtajosXDjyRWUAlais2bQIt
kmfxCcYDhN3k8Dj9ChEcmfVjh67DeqYK+Cda3xCJYq6xNAO5EwUbf6NnuHxaMrm/
7R/UMLMAUGzF4bMOq9UGVBxjY6VBg4HCZATVq7l4BymWvNIrQHJDLAq5UQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL4vP2nI37jKLNw6zh/vuyRMGKPaMB8GA1UdIwQY
MBaAFKudyF+UymR94Ntk100xOZR8xEm6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTUzSVg1VEtaSDNnMjJUWFRURTVsSHpFU2JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy85YzgzYTUtM2E5YS00NzE1LTliMTYt
NDA0NjMyNDk3MGFmLzEvcTUzSVg1VEtaSDNnMjJUWFRURTVsSHpFU2JvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy85YzgzYTUtM2E5YS00NzE1LTliMTYtNDA0NjMyNDk3MGFm
LzEvcTUzSVg1VEtaSDNnMjJUWFRURTVsSHpFU2JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIAD4Xv4s
3GuXUMSFlAxxw64/Lo5oAtBb69pIXCsCtB64Z61blHTqhvhIEfGtV5DFiG1R/5bL
5vvpZNLJ9ap7LJxApN6oRDUZHvVHW4NhYlsQ594fOv3d1Eyuuwuf2BUYYh83q+52
VRZ4Ur7KlFqPL2tt+/Ukl5WQyBUjST9C6WXjFtSj90gCYjcDIcfmtnAiwKIEYTev
e9izkgTbdr+5Rh34hgg4XfrHSf4E6OItTpDRl4z3+hUVICE1LC67ndZSZ14MregD
d0PCzUJrkjxyxM2E/ST0xqmzoHrPr35tiL4fjpvNyFob2KUTNq005jwTetQmunNW
unRdzuneStWCxQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:54:44 2025 by rpki-client