Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.mft
File: QB0ZYVrOK7vPoJFpCAgIdipksX4.mft (raw, json)
Hash identifier: 93RCUrqNSOXZpvjbD6ALYyPIDFJysRFAZEV7Q+DPhiA=
Subject key identifier: 13:25:B9:D8:96:DD:3E:48:38:58:10:37:30:D0:9B:25:14:34:66:23
Authority key identifier: 40:1D:19:61:5A:CE:2B:BB:CF:A0:91:69:08:08:08:76:2A:64:B1:7E
Certificate issuer: /CN=401d19615ace2bbbcfa09169080808762a64b17e
Certificate serial: 019A70DC688002B21F7D70E44E9E17A93E02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QB0ZYVrOK7vPoJFpCAgIdipksX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.mft
Manifest number: 05ED
Signing time: Tue 11 Nov 2025 03:01:24 +0000
Manifest this update: Tue 11 Nov 2025 03:01:24 +0000
Manifest next update: Wed 12 Nov 2025 03:01:24 +0000
Files and hashes: 1: KrtTh6gsfptfdAcGq3CmJjqfV2o.roa (hash: eRRAdGSdFwP7Zvo2rxHWeAe37W0cOjnKNlia+tVBb+M=)
2: QB0ZYVrOK7vPoJFpCAgIdipksX4.crl (hash: tFkznX9RWB1JQX0OVIvpvaHSJAYXx0pc6BnswDZKJa0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.mft
rsync://rpki.ripe.net/repository/DEFAULT/QB0ZYVrOK7vPoJFpCAgIdipksX4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:dc:68:80:02:b2:1f:7d:70:e4:4e:9e:17:a9:3e:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=401d19615ace2bbbcfa09169080808762a64b17e
Validity
Not Before: Nov 11 03:01:24 2025 GMT
Not After : Nov 12 03:01:24 2025 GMT
Subject: CN=1325b9d896dd3e483858103730d09b2514346623
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:55:e2:ef:5c:11:ad:89:db:36:f5:f5:79:28:
f4:f6:c5:b2:65:e8:c2:79:f5:fa:42:79:cc:9a:e2:
e0:76:55:e6:40:eb:15:50:e9:53:4b:c8:3e:d2:94:
0f:3b:a2:f1:5c:fb:ca:3f:7e:1c:15:b6:02:e6:0a:
ed:2f:94:53:60:9c:c5:82:6c:7b:c2:44:ef:c6:9d:
d0:61:b9:6d:9a:f2:a6:e2:7a:30:ee:9c:ea:bd:20:
63:c2:ec:95:d5:b9:0c:5a:34:6d:99:df:a5:6c:83:
15:c0:98:ae:f7:6a:2d:c1:3c:37:41:cd:b9:e4:5c:
7f:14:e6:27:d5:1c:ed:0a:33:fb:4c:0f:4b:1d:97:
bb:b5:61:f7:3f:2c:cb:6a:b1:ad:58:4c:af:ef:dd:
86:f6:2d:1b:0b:5f:72:62:3f:0f:39:4e:bd:b9:89:
74:a1:f3:86:f2:b3:a4:44:34:2e:97:ba:b5:00:b7:
12:b1:0a:4e:79:04:f9:fa:a4:f3:70:f6:7d:d4:da:
04:0f:36:45:90:84:76:a5:bc:a2:a7:4a:6f:03:37:
48:0d:7b:70:e5:7e:6f:55:75:bd:3d:2f:05:de:a7:
14:7a:36:c2:ff:76:6a:d0:b9:95:89:32:61:40:16:
9a:40:9e:93:39:e7:01:4d:e8:b8:eb:d2:89:46:79:
61:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:25:B9:D8:96:DD:3E:48:38:58:10:37:30:D0:9B:25:14:34:66:23
X509v3 Authority Key Identifier:
keyid:40:1D:19:61:5A:CE:2B:BB:CF:A0:91:69:08:08:08:76:2A:64:B1:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QB0ZYVrOK7vPoJFpCAgIdipksX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0a:d0:0a:31:6d:be:5e:83:f7:6d:bc:4a:cc:50:6e:ea:ff:ca:
bf:ed:9e:83:f9:d3:8e:b4:82:15:bb:d1:a6:29:28:d3:33:d6:
3f:aa:f2:3a:48:84:3a:92:52:0d:c8:ea:d0:26:40:17:68:f7:
f7:6f:8b:0f:19:57:56:dd:c6:58:04:3a:cf:a1:6f:33:f1:d9:
3c:1c:0b:eb:46:75:4b:e5:3d:bc:a1:84:bf:8a:8f:1a:65:a8:
ef:96:dc:c9:60:32:a1:bb:bc:0d:4c:01:e0:d5:e9:54:b4:e7:
c2:a8:4d:05:3c:33:7b:b0:41:70:e3:71:a3:42:7b:a7:b1:1a:
df:49:7f:b6:69:e3:84:2b:da:b0:fc:29:c9:e5:7a:6a:7d:88:
86:82:0f:6f:ec:85:f4:4c:eb:35:85:9f:88:b7:ff:02:5f:38:
8a:7a:f6:58:f6:bf:35:5c:4f:b8:92:de:8a:74:46:d1:7c:5c:
f5:bb:95:f7:2c:16:72:4f:5b:cb:0f:c4:ad:ec:f3:39:75:db:
ad:f3:b9:31:56:16:18:20:ef:e5:0c:23:5c:a1:de:9d:db:19:
07:8d:8a:ea:c4:b8:1b:e8:aa:22:e1:da:27:f7:97:d1:4e:4c:
41:ab:69:b9:6c:d7:d1:66:71:c7:6c:e8:0a:5a:70:48:ab:f2:
96:12:38:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3GiAArIffXDkTp4XqT4CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMWQxOTYxNWFjZTJiYmJjZmEwOTE2OTA4MDgwODc2MmE2
NGIxN2UwHhcNMjUxMTExMDMwMTI0WhcNMjUxMTEyMDMwMTI0WjAzMTEwLwYDVQQD
EygxMzI1YjlkODk2ZGQzZTQ4Mzg1ODEwMzczMGQwOWIyNTE0MzQ2NjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2VXi71wRrYnbNvX1eSj09sWyZejC
efX6QnnMmuLgdlXmQOsVUOlTS8g+0pQPO6LxXPvKP34cFbYC5grtL5RTYJzFgmx7
wkTvxp3QYbltmvKm4now7pzqvSBjwuyV1bkMWjRtmd+lbIMVwJiu92otwTw3Qc25
5Fx/FOYn1RztCjP7TA9LHZe7tWH3PyzLarGtWEyv792G9i0bC19yYj8POU69uYl0
ofOG8rOkRDQul7q1ALcSsQpOeQT5+qTzcPZ91NoEDzZFkIR2pbyip0pvAzdIDXtw
5X5vVXW9PS8F3qcUejbC/3Zq0LmViTJhQBaaQJ6TOecBTei469KJRnlhkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBMludiW3T5IOFgQNzDQmyUUNGYjMB8GA1UdIwQY
MBaAFEAdGWFaziu7z6CRaQgICHYqZLF+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUIwWllWck9LN3ZQb0pGcENBZ0lkaXBrc1g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9iNWRhNzAtNDIxMC00NjNlLTlkYzYt
OTc5OTcyYTAwMTRkLzEvUUIwWllWck9LN3ZQb0pGcENBZ0lkaXBrc1g0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9iNWRhNzAtNDIxMC00NjNlLTlkYzYtOTc5OTcyYTAwMTRk
LzEvUUIwWllWck9LN3ZQb0pGcENBZ0lkaXBrc1g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACtAKMW2+
XoP3bbxKzFBu6v/Kv+2eg/nTjrSCFbvRpiko0zPWP6ryOkiEOpJSDcjq0CZAF2j3
92+LDxlXVt3GWAQ6z6FvM/HZPBwL60Z1S+U9vKGEv4qPGmWo75bcyWAyobu8DUwB
4NXpVLTnwqhNBTwze7BBcONxo0J7p7Ea30l/tmnjhCvasPwpyeV6an2IhoIPb+yF
9EzrNYWfiLf/Al84inr2WPa/NVxPuJLeinRG0Xxc9buV9ywWck9byw/ErezzOXXb
rfO5MVYWGCDv5QwjXKHendsZB42K6sS4G+iqIuHaJ/eX0U5MQatpuWzX0WZxx2zo
ClpwSKvylhI4aw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:14:02 2025 by rpki-client