Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/0e1f91-c3ed-435d-a45f-23ac758048ec/1/q3ukNXZmdmStbymmZicOM1eDbxo.mft
File: q3ukNXZmdmStbymmZicOM1eDbxo.mft (raw, json)
Hash identifier: z/a5DgfrMkhR3BT2WzZzWlV28Fukb8qHxwqh8C4g9Ds=
Subject key identifier: 1D:BC:03:FC:59:DF:F7:91:27:01:17:79:F3:A3:92:B5:80:8E:F5:5B
Authority key identifier: AB:7B:A4:35:76:66:76:64:AD:6F:29:A6:66:27:0E:33:57:83:6F:1A
Certificate issuer: /CN=ab7ba43576667664ad6f29a666270e3357836f1a
Certificate serial: 019A72935AEEAED8B308F7014EB083101CFF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3ukNXZmdmStbymmZicOM1eDbxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/0e1f91-c3ed-435d-a45f-23ac758048ec/1/q3ukNXZmdmStbymmZicOM1eDbxo.mft
Manifest number: 1722
Signing time: Tue 11 Nov 2025 11:00:50 +0000
Manifest this update: Tue 11 Nov 2025 11:00:50 +0000
Manifest next update: Wed 12 Nov 2025 11:00:50 +0000
Files and hashes: 1: q3ukNXZmdmStbymmZicOM1eDbxo.crl (hash: V/SzBczvy1kjoSs8QlrhYjahg5tF0zOSczxNQHAMVI0=)
2: rFtQ52vnm-Gf2JN4L6yb0DTiUgw.roa (hash: U6PLdhl9fIkfcENijAv37MSFDTY2VRfS2bCNJb0dRIc=)
3: z4h6VOta7nlktuKCkK1-Zw-1S8Q.roa (hash: XA8aL+R7cIm6KIZ8pt2+mp6cPL138KkhjyZFmjM+7SU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/0e1f91-c3ed-435d-a45f-23ac758048ec/1/q3ukNXZmdmStbymmZicOM1eDbxo.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/0e1f91-c3ed-435d-a45f-23ac758048ec/1/q3ukNXZmdmStbymmZicOM1eDbxo.mft
rsync://rpki.ripe.net/repository/DEFAULT/q3ukNXZmdmStbymmZicOM1eDbxo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:5a:ee:ae:d8:b3:08:f7:01:4e:b0:83:10:1c:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab7ba43576667664ad6f29a666270e3357836f1a
Validity
Not Before: Nov 11 11:00:50 2025 GMT
Not After : Nov 12 11:00:50 2025 GMT
Subject: CN=1dbc03fc59dff79127011779f3a392b5808ef55b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:af:52:3f:1e:3a:a8:f1:f5:a6:01:8b:d0:07:
2c:55:d7:75:14:ce:4e:81:62:13:8d:10:1a:7e:64:
29:e4:5d:01:bb:79:4a:9a:c7:f0:5f:7c:8b:97:9f:
e8:58:b6:f8:f1:d9:c8:0f:ef:85:22:ca:7e:d8:6a:
19:e7:5a:aa:21:a5:98:6f:43:4d:d5:91:31:11:a5:
62:a9:38:f0:8d:87:0f:ca:24:19:33:cf:e6:ad:8b:
4f:a9:17:1f:88:c5:84:41:d1:c9:90:80:e9:90:85:
91:e9:f0:8f:0f:05:35:06:4e:db:49:45:1b:32:50:
8f:81:b9:48:1d:0a:0b:42:6a:20:d2:e8:af:a7:43:
a7:8e:3c:12:94:7b:8b:18:5b:6b:db:83:7e:2d:70:
7b:c5:2f:9b:51:e3:03:d0:48:a9:2a:7f:94:45:0c:
c0:47:91:ce:2b:0b:6f:3e:61:8d:ea:5a:70:51:a2:
3a:aa:1a:90:45:c2:ec:a9:1e:8b:46:6d:7d:8e:89:
cb:d6:d7:c0:41:0b:d5:d4:43:2c:76:d8:ec:a2:b0:
01:9c:91:3c:82:99:c0:ac:a8:09:6b:5b:7a:1c:43:
c2:6c:8c:21:08:01:3f:fc:4b:23:c2:52:aa:88:aa:
70:e9:66:b0:9b:cc:14:84:d2:eb:19:58:7e:84:7d:
fc:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:BC:03:FC:59:DF:F7:91:27:01:17:79:F3:A3:92:B5:80:8E:F5:5B
X509v3 Authority Key Identifier:
keyid:AB:7B:A4:35:76:66:76:64:AD:6F:29:A6:66:27:0E:33:57:83:6F:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3ukNXZmdmStbymmZicOM1eDbxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/0e1f91-c3ed-435d-a45f-23ac758048ec/1/q3ukNXZmdmStbymmZicOM1eDbxo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/0e1f91-c3ed-435d-a45f-23ac758048ec/1/q3ukNXZmdmStbymmZicOM1eDbxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5d:01:88:d6:fd:48:36:54:31:db:36:6f:c1:bf:94:80:fe:db:
19:7e:d8:ad:a2:15:53:73:f3:7e:c4:ee:42:c6:98:57:07:39:
c9:0f:42:71:99:26:b2:24:da:32:25:4a:84:61:4b:4b:7c:67:
6b:42:7c:94:46:8a:6f:9b:ab:8c:88:86:a8:03:47:54:42:7b:
8f:dc:25:83:36:51:84:54:e8:49:f3:83:83:99:5e:59:68:24:
bf:c7:5a:fd:0a:f5:df:ce:60:5c:0c:ca:ad:42:fb:e1:19:6f:
27:d7:16:38:ca:fe:87:a3:d4:90:20:9b:1f:ae:d6:c3:65:87:
67:e5:65:b9:8f:fb:ad:9a:c0:36:63:2f:5b:d6:26:de:67:63:
38:7d:48:88:38:c9:25:00:49:d6:f1:9b:e4:ae:27:47:1a:81:
69:bf:ad:f9:04:f8:ab:c9:51:fc:b7:7d:fa:23:55:67:e6:9b:
ed:5b:4d:ec:15:5d:a7:fb:ea:00:e9:14:64:08:ee:46:65:09:
95:fe:40:dc:0f:ab:3e:38:96:45:5e:aa:00:8e:dc:4f:c1:fb:
ba:fe:b7:8c:e0:2f:5f:97:da:1f:67:bf:5d:2c:76:3e:70:90:
ee:36:f2:10:92:3f:3d:f5:17:4b:42:47:29:c2:dd:93:61:fc:
f9:63:df:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk1rurtizCPcBTrCDEBz/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiN2JhNDM1NzY2Njc2NjRhZDZmMjlhNjY2MjcwZTMzNTc4
MzZmMWEwHhcNMjUxMTExMTEwMDUwWhcNMjUxMTEyMTEwMDUwWjAzMTEwLwYDVQQD
EygxZGJjMDNmYzU5ZGZmNzkxMjcwMTE3NzlmM2EzOTJiNTgwOGVmNTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsq9SPx46qPH1pgGL0AcsVdd1FM5O
gWITjRAafmQp5F0Bu3lKmsfwX3yLl5/oWLb48dnID++FIsp+2GoZ51qqIaWYb0NN
1ZExEaViqTjwjYcPyiQZM8/mrYtPqRcfiMWEQdHJkIDpkIWR6fCPDwU1Bk7bSUUb
MlCPgblIHQoLQmog0uivp0OnjjwSlHuLGFtr24N+LXB7xS+bUeMD0EipKn+URQzA
R5HOKwtvPmGN6lpwUaI6qhqQRcLsqR6LRm19jonL1tfAQQvV1EMsdtjsorABnJE8
gpnArKgJa1t6HEPCbIwhCAE//EsjwlKqiKpw6Wawm8wUhNLrGVh+hH38iwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB28A/xZ3/eRJwEXefOjkrWAjvVbMB8GA1UdIwQY
MBaAFKt7pDV2ZnZkrW8ppmYnDjNXg28aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTN1a05YWm1kbVN0YnltbVppY09NMWVEYnhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My8wZTFmOTEtYzNlZC00MzVkLWE0NWYt
MjNhYzc1ODA0OGVjLzEvcTN1a05YWm1kbVN0YnltbVppY09NMWVEYnhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My8wZTFmOTEtYzNlZC00MzVkLWE0NWYtMjNhYzc1ODA0OGVj
LzEvcTN1a05YWm1kbVN0YnltbVppY09NMWVEYnhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXQGI1v1I
NlQx2zZvwb+UgP7bGX7YraIVU3PzfsTuQsaYVwc5yQ9CcZkmsiTaMiVKhGFLS3xn
a0J8lEaKb5urjIiGqANHVEJ7j9wlgzZRhFToSfODg5leWWgkv8da/Qr1385gXAzK
rUL74RlvJ9cWOMr+h6PUkCCbH67Ww2WHZ+VluY/7rZrANmMvW9Ym3mdjOH1IiDjJ
JQBJ1vGb5K4nRxqBab+t+QT4q8lR/Ld9+iNVZ+ab7VtN7BVdp/vqAOkUZAjuRmUJ
lf5A3A+rPjiWRV6qAI7cT8H7uv63jOAvX5faH2e/XSx2PnCQ7jbyEJI/PfUXS0JH
KcLdk2H8+WPfpQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:22:50 2025 by rpki-client