Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.mft
File: QB0ZYVrOK7vPoJFpCAgIdipksX4.mft (raw, json)
Hash identifier: tNjt+3HBt884FadURyhSmQdpdioRJB/u1nnJz3paoJ8=
Subject key identifier: 9F:CE:6B:37:38:6E:24:DF:E8:37:AB:40:E8:51:1F:6E:CD:D3:96:B4
Authority key identifier: 40:1D:19:61:5A:CE:2B:BB:CF:A0:91:69:08:08:08:76:2A:64:B1:7E
Certificate issuer: /CN=401d19615ace2bbbcfa09169080808762a64b17e
Certificate serial: 019922C3A414143B9FB043DAF77FB2A59BBC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QB0ZYVrOK7vPoJFpCAgIdipksX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.mft
Manifest number: 0540
Signing time: Sun 07 Sep 2025 06:01:10 +0000
Manifest this update: Sun 07 Sep 2025 06:01:10 +0000
Manifest next update: Mon 08 Sep 2025 06:01:10 +0000
Files and hashes: 1: KrtTh6gsfptfdAcGq3CmJjqfV2o.roa (hash: eRRAdGSdFwP7Zvo2rxHWeAe37W0cOjnKNlia+tVBb+M=)
2: QB0ZYVrOK7vPoJFpCAgIdipksX4.crl (hash: zu7MIVxLRXGd0K7W5Yzd2g7roD9j8tBEM/0AUJGWJyw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.mft
rsync://rpki.ripe.net/repository/DEFAULT/QB0ZYVrOK7vPoJFpCAgIdipksX4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:c3:a4:14:14:3b:9f:b0:43:da:f7:7f:b2:a5:9b:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=401d19615ace2bbbcfa09169080808762a64b17e
Validity
Not Before: Sep 7 06:01:10 2025 GMT
Not After : Sep 8 06:01:10 2025 GMT
Subject: CN=9fce6b37386e24dfe837ab40e8511f6ecdd396b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:60:31:51:83:5c:7c:78:3e:44:74:0e:b4:a8:
82:cb:ed:91:c9:2d:3e:0d:ee:a8:99:1d:ad:a9:cd:
66:7d:71:54:15:d6:eb:57:09:e1:0d:82:db:da:6f:
60:b8:f9:36:cf:64:8a:5e:a2:57:50:ff:06:52:56:
32:7e:63:3a:52:ce:6e:36:01:1a:84:ef:43:4f:44:
c0:79:c7:31:39:4a:ee:c1:c6:e6:58:6d:de:30:bd:
6a:c1:cd:6f:bd:8a:ce:3b:f6:10:32:ae:6c:ef:be:
4e:20:2b:9d:43:23:ac:20:bf:30:79:23:da:cd:a0:
09:53:69:63:5c:9b:01:0e:6c:9a:62:55:fa:02:23:
e1:3b:fe:17:80:fb:2b:a8:59:0a:3f:c9:85:d4:cf:
7d:8d:fd:da:b4:e3:ae:50:1c:24:7d:66:7f:24:2c:
59:22:3e:de:48:c4:6a:95:bb:52:b3:f8:47:69:1d:
a3:b7:0d:8f:7f:ce:b0:96:8a:0f:dc:9d:9a:85:c0:
3c:42:9c:2f:16:15:50:0f:55:f0:3b:15:da:12:96:
22:28:d9:ae:c2:ae:c6:c5:ca:23:be:3d:71:ad:dd:
1d:f4:3b:58:ba:77:a9:55:63:7d:6e:f0:83:b9:7f:
0a:eb:19:39:fa:69:dd:d5:b2:c3:d1:d6:ea:c4:ce:
b0:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:CE:6B:37:38:6E:24:DF:E8:37:AB:40:E8:51:1F:6E:CD:D3:96:B4
X509v3 Authority Key Identifier:
keyid:40:1D:19:61:5A:CE:2B:BB:CF:A0:91:69:08:08:08:76:2A:64:B1:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QB0ZYVrOK7vPoJFpCAgIdipksX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c4:36:01:11:31:26:9d:fe:ec:33:f5:84:cc:ae:82:a0:02:fc:
4b:3d:9f:58:13:6f:41:39:d9:2e:86:80:93:ea:51:57:23:e8:
5d:95:5d:18:f6:9e:d3:64:63:7d:b1:85:9e:7d:32:ba:23:29:
64:ad:55:62:d0:5b:68:10:96:f2:f9:78:2f:2f:dd:cd:ea:03:
1d:cb:2e:13:d0:e3:c8:a3:bd:1d:6d:41:8e:56:c6:15:e2:a9:
50:94:4f:a3:4a:ef:ae:68:73:5a:1d:9a:43:71:84:88:9e:e9:
9c:bf:23:a5:31:f2:24:ca:3b:87:2e:e2:4d:78:13:11:69:d8:
ac:eb:db:1c:03:a0:f3:2f:3f:e7:05:c8:36:33:fc:fe:da:c0:
e5:b8:d6:15:c3:0f:dd:4c:ad:9a:9b:6b:ed:10:b6:22:ee:94:
73:68:9f:72:3d:39:73:3f:84:16:3f:f6:57:75:33:de:2e:57:
72:c0:17:c9:b6:21:31:9d:f6:62:44:58:95:53:0f:44:1d:7f:
d8:14:4e:b6:57:ea:46:17:17:6c:c1:e0:57:b6:68:f1:a8:39:
5c:17:d1:8d:a2:e2:ae:62:e0:25:df:7f:50:3c:d6:5a:24:b3:
5b:ca:54:ee:68:66:cd:f9:4c:cb:49:0c:5f:6e:a1:b1:25:94:
cb:eb:e6:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiw6QUFDufsEPa93+ypZu8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMWQxOTYxNWFjZTJiYmJjZmEwOTE2OTA4MDgwODc2MmE2
NGIxN2UwHhcNMjUwOTA3MDYwMTEwWhcNMjUwOTA4MDYwMTEwWjAzMTEwLwYDVQQD
Eyg5ZmNlNmIzNzM4NmUyNGRmZTgzN2FiNDBlODUxMWY2ZWNkZDM5NmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWAxUYNcfHg+RHQOtKiCy+2RyS0+
De6omR2tqc1mfXFUFdbrVwnhDYLb2m9guPk2z2SKXqJXUP8GUlYyfmM6Us5uNgEa
hO9DT0TAeccxOUruwcbmWG3eML1qwc1vvYrOO/YQMq5s775OICudQyOsIL8weSPa
zaAJU2ljXJsBDmyaYlX6AiPhO/4XgPsrqFkKP8mF1M99jf3atOOuUBwkfWZ/JCxZ
Ij7eSMRqlbtSs/hHaR2jtw2Pf86wlooP3J2ahcA8QpwvFhVQD1XwOxXaEpYiKNmu
wq7Gxcojvj1xrd0d9DtYunepVWN9bvCDuX8K6xk5+mnd1bLD0dbqxM6wXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ/Oazc4biTf6DerQOhRH27N05a0MB8GA1UdIwQY
MBaAFEAdGWFaziu7z6CRaQgICHYqZLF+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUIwWllWck9LN3ZQb0pGcENBZ0lkaXBrc1g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9iNWRhNzAtNDIxMC00NjNlLTlkYzYt
OTc5OTcyYTAwMTRkLzEvUUIwWllWck9LN3ZQb0pGcENBZ0lkaXBrc1g0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9iNWRhNzAtNDIxMC00NjNlLTlkYzYtOTc5OTcyYTAwMTRk
LzEvUUIwWllWck9LN3ZQb0pGcENBZ0lkaXBrc1g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxDYBETEm
nf7sM/WEzK6CoAL8Sz2fWBNvQTnZLoaAk+pRVyPoXZVdGPae02RjfbGFnn0yuiMp
ZK1VYtBbaBCW8vl4Ly/dzeoDHcsuE9DjyKO9HW1BjlbGFeKpUJRPo0rvrmhzWh2a
Q3GEiJ7pnL8jpTHyJMo7hy7iTXgTEWnYrOvbHAOg8y8/5wXINjP8/trA5bjWFcMP
3Uytmptr7RC2Iu6Uc2ifcj05cz+EFj/2V3Uz3i5XcsAXybYhMZ32YkRYlVMPRB1/
2BROtlfqRhcXbMHgV7Zo8ag5XBfRjaLirmLgJd9/UDzWWiSzW8pU7mhmzflMy0kM
X26hsSWUy+vmnw==
-----END CERTIFICATE-----
Generated at Sun Sep 7 11:45:00 2025 by rpki-client