Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/d910d1-94c6-4412-8506-9cb51e51ff77/1/QGYnM7yHPRPh-fZujf91yCDV0vc.mft
File: QGYnM7yHPRPh-fZujf91yCDV0vc.mft (raw, json)
Hash identifier: /v2SxGyfVVf3Fb0zYl/kLOheOhJN+iXCHl8VmgWL+nI=
Subject key identifier: 8E:A1:69:4D:71:1A:F4:49:39:7E:DB:26:B5:35:AE:4F:6F:F9:B6:85
Authority key identifier: 40:66:27:33:BC:87:3D:13:E1:F9:F6:6E:8D:FF:75:C8:20:D5:D2:F7
Certificate issuer: /CN=40662733bc873d13e1f9f66e8dff75c820d5d2f7
Certificate serial: 019A7293DE56E1C18742609C01D585B4D883
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QGYnM7yHPRPh-fZujf91yCDV0vc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/d910d1-94c6-4412-8506-9cb51e51ff77/1/QGYnM7yHPRPh-fZujf91yCDV0vc.mft
Manifest number: 0F22
Signing time: Tue 11 Nov 2025 11:01:24 +0000
Manifest this update: Tue 11 Nov 2025 11:01:24 +0000
Manifest next update: Wed 12 Nov 2025 11:01:24 +0000
Files and hashes: 1: NiWsr1aAeWW2oN08xcS5Irqnn3Q.roa (hash: 2xUbIvKWWmEdUess43urc5rTq8I0ZstZadOhJMax4HI=)
2: QGYnM7yHPRPh-fZujf91yCDV0vc.crl (hash: TmyQL7undQ1H3unfAY3Y+LfkNPfHdrwVIGG/ZWQLTvg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/d910d1-94c6-4412-8506-9cb51e51ff77/1/QGYnM7yHPRPh-fZujf91yCDV0vc.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/d910d1-94c6-4412-8506-9cb51e51ff77/1/QGYnM7yHPRPh-fZujf91yCDV0vc.mft
rsync://rpki.ripe.net/repository/DEFAULT/QGYnM7yHPRPh-fZujf91yCDV0vc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:de:56:e1:c1:87:42:60:9c:01:d5:85:b4:d8:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40662733bc873d13e1f9f66e8dff75c820d5d2f7
Validity
Not Before: Nov 11 11:01:24 2025 GMT
Not After : Nov 12 11:01:24 2025 GMT
Subject: CN=8ea1694d711af449397edb26b535ae4f6ff9b685
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:52:ef:18:93:9f:4f:f3:53:c2:50:f2:8a:ec:
d8:bc:50:37:74:9a:6d:3a:ac:16:ba:7f:bc:02:13:
5e:80:7f:f3:1c:f4:7d:02:e7:21:0d:37:4c:14:bb:
e3:67:93:63:bb:f7:fe:85:2f:9b:07:41:38:b2:7d:
e8:5a:d5:65:7a:d4:84:38:ec:fa:b8:a8:b1:06:ff:
47:ef:5b:14:17:96:0d:c9:1f:42:16:8a:9b:70:67:
5c:4f:4d:2b:f3:16:35:fd:b6:ae:80:09:09:41:aa:
39:36:b9:e8:ab:83:c2:8f:59:22:55:0a:53:ba:a8:
48:bc:e4:2f:ab:80:e0:7d:1c:0f:b9:5d:92:9b:7c:
06:2f:90:0a:70:0b:fa:84:23:04:35:25:a9:8b:b9:
fb:fd:b0:20:28:fe:88:39:13:e0:62:77:db:e9:5f:
77:05:b2:0c:48:0d:da:06:8e:b7:20:e4:6b:3f:fc:
f9:26:cb:fd:4f:60:ba:9d:94:b7:d4:92:e1:5f:fb:
d2:f1:cb:c9:16:d6:44:12:78:d8:42:31:43:d2:a2:
01:ad:30:ee:a0:99:95:10:2a:e2:94:38:fb:12:a1:
b7:73:d2:0f:80:23:9c:e9:6c:f4:73:44:de:c2:98:
1f:70:5d:56:ea:9b:58:21:ec:17:47:b5:86:ab:e8:
da:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:A1:69:4D:71:1A:F4:49:39:7E:DB:26:B5:35:AE:4F:6F:F9:B6:85
X509v3 Authority Key Identifier:
keyid:40:66:27:33:BC:87:3D:13:E1:F9:F6:6E:8D:FF:75:C8:20:D5:D2:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QGYnM7yHPRPh-fZujf91yCDV0vc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/d910d1-94c6-4412-8506-9cb51e51ff77/1/QGYnM7yHPRPh-fZujf91yCDV0vc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/d910d1-94c6-4412-8506-9cb51e51ff77/1/QGYnM7yHPRPh-fZujf91yCDV0vc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
76:c5:ad:c1:ef:89:c8:47:aa:ea:65:da:24:56:b2:32:18:c0:
14:c7:4c:c3:7b:f1:e8:b2:35:06:64:39:49:59:97:3c:d8:17:
81:3b:b3:09:31:64:80:c4:84:d8:e2:ba:b7:a2:d4:cf:d3:d7:
aa:19:ee:44:19:a7:a7:5f:ed:43:77:70:68:88:12:96:f1:4b:
a4:1e:74:83:01:26:22:82:aa:74:2d:ee:d6:e4:68:c9:78:93:
f9:65:46:5e:bd:a7:80:d5:71:f4:8d:0f:1b:b6:b0:0c:43:9b:
5b:37:9d:7f:05:78:94:cc:63:1b:05:46:b6:12:05:27:d0:bb:
3c:5e:e1:96:8d:ed:38:6c:4d:74:9a:d9:0f:ec:86:bd:95:a1:
7c:a2:31:8d:b4:19:71:88:fd:96:c0:c1:69:8a:33:7c:c5:bd:
5b:74:0f:9a:42:57:53:d9:86:ee:30:54:77:ab:9f:46:36:8a:
3f:03:a4:63:74:4c:fc:50:95:e6:c0:57:e3:9c:fe:fe:19:af:
1e:59:72:83:49:42:d7:6e:43:db:85:8b:48:53:09:8e:fa:54:
6a:8d:79:af:52:37:73:ca:94:98:fd:12:e7:35:96:87:d4:63:
0c:cb:19:9b:a9:30:ea:5b:f7:f0:e7:f3:4d:cf:28:07:cf:5c:
2c:ad:2a:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk95W4cGHQmCcAdWFtNiDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNjYyNzMzYmM4NzNkMTNlMWY5ZjY2ZThkZmY3NWM4MjBk
NWQyZjcwHhcNMjUxMTExMTEwMTI0WhcNMjUxMTEyMTEwMTI0WjAzMTEwLwYDVQQD
Eyg4ZWExNjk0ZDcxMWFmNDQ5Mzk3ZWRiMjZiNTM1YWU0ZjZmZjliNjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlLvGJOfT/NTwlDyiuzYvFA3dJpt
OqwWun+8AhNegH/zHPR9AuchDTdMFLvjZ5Nju/f+hS+bB0E4sn3oWtVletSEOOz6
uKixBv9H71sUF5YNyR9CFoqbcGdcT00r8xY1/baugAkJQao5Nrnoq4PCj1kiVQpT
uqhIvOQvq4DgfRwPuV2Sm3wGL5AKcAv6hCMENSWpi7n7/bAgKP6IORPgYnfb6V93
BbIMSA3aBo63IORrP/z5Jsv9T2C6nZS31JLhX/vS8cvJFtZEEnjYQjFD0qIBrTDu
oJmVECrilDj7EqG3c9IPgCOc6Wz0c0TewpgfcF1W6ptYIewXR7WGq+jaVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI6haU1xGvRJOX7bJrU1rk9v+baFMB8GA1UdIwQY
MBaAFEBmJzO8hz0T4fn2bo3/dcgg1dL3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUdZbk03eUhQUlBoLWZadWpmOTF5Q0RWMHZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9kOTEwZDEtOTRjNi00NDEyLTg1MDYt
OWNiNTFlNTFmZjc3LzEvUUdZbk03eUhQUlBoLWZadWpmOTF5Q0RWMHZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9kOTEwZDEtOTRjNi00NDEyLTg1MDYtOWNiNTFlNTFmZjc3
LzEvUUdZbk03eUhQUlBoLWZadWpmOTF5Q0RWMHZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdsWtwe+J
yEeq6mXaJFayMhjAFMdMw3vx6LI1BmQ5SVmXPNgXgTuzCTFkgMSE2OK6t6LUz9PX
qhnuRBmnp1/tQ3dwaIgSlvFLpB50gwEmIoKqdC3u1uRoyXiT+WVGXr2ngNVx9I0P
G7awDEObWzedfwV4lMxjGwVGthIFJ9C7PF7hlo3tOGxNdJrZD+yGvZWhfKIxjbQZ
cYj9lsDBaYozfMW9W3QPmkJXU9mG7jBUd6ufRjaKPwOkY3RM/FCV5sBX45z+/hmv
Hllyg0lC125D24WLSFMJjvpUao15r1I3c8qUmP0S5zWWh9RjDMsZm6kw6lv38Ofz
Tc8oB89cLK0q5A==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:58:33 2025 by rpki-client