Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.mft
File: QzFPMPOkU_9JIh2VStgCijBKAVA.mft (raw, json)
Hash identifier: 6HA1PsqW44U1FM6MVF8K11fTvTpEVNT2sB5holhp+F8=
Subject key identifier: 5B:E2:2A:48:4D:34:D5:2D:C8:BC:95:D0:15:29:51:7D:BF:54:93:6C
Authority key identifier: 43:31:4F:30:F3:A4:53:FF:49:22:1D:95:4A:D8:02:8A:30:4A:01:50
Certificate issuer: /CN=43314f30f3a453ff49221d954ad8028a304a0150
Certificate serial: 019A722594361795226EF941F98286A4F8C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QzFPMPOkU_9JIh2VStgCijBKAVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.mft
Manifest number: 171D
Signing time: Tue 11 Nov 2025 09:00:56 +0000
Manifest this update: Tue 11 Nov 2025 09:00:56 +0000
Manifest next update: Wed 12 Nov 2025 09:00:56 +0000
Files and hashes: 1: QzFPMPOkU_9JIh2VStgCijBKAVA.crl (hash: pWCXlfB2Itn+xo+3IL5kjcJFysh1wLoGkq6evOKH0RI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.mft
rsync://rpki.ripe.net/repository/DEFAULT/QzFPMPOkU_9JIh2VStgCijBKAVA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:94:36:17:95:22:6e:f9:41:f9:82:86:a4:f8:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43314f30f3a453ff49221d954ad8028a304a0150
Validity
Not Before: Nov 11 09:00:56 2025 GMT
Not After : Nov 12 09:00:56 2025 GMT
Subject: CN=5be22a484d34d52dc8bc95d01529517dbf54936c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ea:cf:9e:19:48:9c:30:f5:08:bb:c2:c9:fd:
11:a3:a5:24:77:6f:60:dc:54:7d:ce:1c:b5:37:9f:
d4:59:71:d6:8c:d7:96:7d:e9:c8:5b:66:4e:60:42:
43:f3:aa:15:33:0c:a3:ee:f4:87:d6:0c:79:21:32:
b4:6c:97:d1:31:7a:ba:c0:cf:8f:1c:71:1c:66:61:
0c:93:ce:9f:ed:dd:50:c3:47:75:3f:dd:e4:12:6a:
57:24:46:1a:7c:c1:58:3c:0e:fe:13:11:54:90:a7:
2a:b8:0e:5d:fc:19:d1:2c:6f:e4:03:fd:b5:37:7f:
8e:a8:a6:24:38:70:1a:85:f7:a4:84:23:99:a5:a4:
72:06:ff:b2:e0:89:ea:a6:f7:68:c4:6d:60:97:12:
04:85:4d:9d:d4:87:57:05:a0:50:39:c2:70:1a:6e:
11:15:cd:18:80:01:db:b6:28:ff:77:ec:f8:47:7b:
b8:aa:7c:bd:a4:9f:75:0a:11:0e:c0:62:87:bc:00:
51:e8:a4:48:97:bd:49:33:46:79:bf:3d:5c:1e:ee:
ab:d5:fc:15:e1:c0:0a:98:51:a5:62:43:9f:94:e4:
7f:2b:9b:fb:c4:b1:6b:d6:26:e9:ed:53:fb:9b:07:
45:ac:c7:16:39:b2:87:50:c6:d0:c6:09:f2:7b:f5:
26:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:E2:2A:48:4D:34:D5:2D:C8:BC:95:D0:15:29:51:7D:BF:54:93:6C
X509v3 Authority Key Identifier:
keyid:43:31:4F:30:F3:A4:53:FF:49:22:1D:95:4A:D8:02:8A:30:4A:01:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QzFPMPOkU_9JIh2VStgCijBKAVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
18:64:ca:dd:64:1f:75:7c:ce:68:47:33:87:f7:11:db:3c:0c:
6d:65:0f:25:27:28:e4:11:4f:cd:56:6a:9c:58:fd:4a:2b:ff:
6b:99:de:ad:5a:cd:a6:db:4a:88:31:41:77:1b:2d:2a:60:98:
18:e0:02:a2:c0:f9:98:fc:e4:9f:07:7c:39:71:5c:b4:2d:88:
ce:00:4d:e0:54:dc:67:20:f7:8f:11:47:55:78:80:06:94:10:
22:19:55:a0:a2:6a:89:cf:8b:ae:c9:3e:be:28:39:bb:45:ac:
35:ae:1a:94:b8:c8:06:21:91:5a:bd:b1:ff:5a:01:7f:d5:02:
49:37:1b:bc:62:b8:f6:19:e1:f9:2a:7c:d1:4f:00:61:b4:fa:
22:09:19:f0:3c:07:a0:99:23:0e:eb:67:45:16:fc:aa:9a:8c:
25:f6:e3:79:78:07:1b:0a:3c:87:52:f2:c0:f9:94:ca:5a:d0:
d5:16:9c:ed:e6:ac:f1:2f:13:6e:07:d8:c3:84:29:97:a2:d5:
ad:4c:99:7c:ef:68:e0:a5:45:8f:f2:74:6e:62:9e:72:04:e4:
44:af:ce:c3:f2:c0:2d:a2:04:bb:79:ae:a8:8b:67:21:8d:82:
c8:4a:a6:5c:0f:f1:21:d0:04:6b:f0:37:90:c3:c3:d9:44:9c:
aa:d1:4d:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJZQ2F5UibvlB+YKGpPjHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMzE0ZjMwZjNhNDUzZmY0OTIyMWQ5NTRhZDgwMjhhMzA0
YTAxNTAwHhcNMjUxMTExMDkwMDU2WhcNMjUxMTEyMDkwMDU2WjAzMTEwLwYDVQQD
Eyg1YmUyMmE0ODRkMzRkNTJkYzhiYzk1ZDAxNTI5NTE3ZGJmNTQ5MzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuurPnhlInDD1CLvCyf0Ro6Ukd29g
3FR9zhy1N5/UWXHWjNeWfenIW2ZOYEJD86oVMwyj7vSH1gx5ITK0bJfRMXq6wM+P
HHEcZmEMk86f7d1Qw0d1P93kEmpXJEYafMFYPA7+ExFUkKcquA5d/BnRLG/kA/21
N3+OqKYkOHAahfekhCOZpaRyBv+y4InqpvdoxG1glxIEhU2d1IdXBaBQOcJwGm4R
Fc0YgAHbtij/d+z4R3u4qny9pJ91ChEOwGKHvABR6KRIl71JM0Z5vz1cHu6r1fwV
4cAKmFGlYkOflOR/K5v7xLFr1ibp7VP7mwdFrMcWObKHUMbQxgnye/UmbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFviKkhNNNUtyLyV0BUpUX2/VJNsMB8GA1UdIwQY
MBaAFEMxTzDzpFP/SSIdlUrYAoowSgFQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXpGUE1QT2tVXzlKSWgyVlN0Z0NpakJLQVZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC82MzBlOTQtNmI3MS00MDYzLTkzMjgt
NTU4ZWVhMWY1OTAxLzEvUXpGUE1QT2tVXzlKSWgyVlN0Z0NpakJLQVZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC82MzBlOTQtNmI3MS00MDYzLTkzMjgtNTU4ZWVhMWY1OTAx
LzEvUXpGUE1QT2tVXzlKSWgyVlN0Z0NpakJLQVZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGGTK3WQf
dXzOaEczh/cR2zwMbWUPJSco5BFPzVZqnFj9Siv/a5nerVrNpttKiDFBdxstKmCY
GOACosD5mPzknwd8OXFctC2IzgBN4FTcZyD3jxFHVXiABpQQIhlVoKJqic+Lrsk+
vig5u0WsNa4alLjIBiGRWr2x/1oBf9UCSTcbvGK49hnh+Sp80U8AYbT6IgkZ8DwH
oJkjDutnRRb8qpqMJfbjeXgHGwo8h1LywPmUylrQ1Rac7eas8S8TbgfYw4Qpl6LV
rUyZfO9o4KVFj/J0bmKecgTkRK/Ow/LALaIEu3muqItnIY2CyEqmXA/xIdAEa/A3
kMPD2UScqtFNkA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:43:34 2025 by rpki-client