Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/ce21b3-c4de-456d-b538-97975d34fc6c/1/QUjLrRdIIFtPQzS7pjjGTCsh_A4.mft
File: QUjLrRdIIFtPQzS7pjjGTCsh_A4.mft (raw, json)
Hash identifier: zHxDSRy+LsIK0Z5tUXpDAfGJ6wo49ry8pqXKboV4CRg=
Subject key identifier: B9:AD:43:FE:46:D4:6A:B3:5F:56:2B:44:70:F2:2C:5B:71:16:96:75
Authority key identifier: 41:48:CB:AD:17:48:20:5B:4F:43:34:BB:A6:38:C6:4C:2B:21:FC:0E
Certificate issuer: /CN=4148cbad1748205b4f4334bba638c64c2b21fc0e
Certificate serial: 019A71EEEA05558DDA0DF50B6D1501B8FB9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QUjLrRdIIFtPQzS7pjjGTCsh_A4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/ce21b3-c4de-456d-b538-97975d34fc6c/1/QUjLrRdIIFtPQzS7pjjGTCsh_A4.mft
Manifest number: 114D
Signing time: Tue 11 Nov 2025 08:01:14 +0000
Manifest this update: Tue 11 Nov 2025 08:01:14 +0000
Manifest next update: Wed 12 Nov 2025 08:01:14 +0000
Files and hashes: 1: 4ylLEVDeXKrfF8Se5wkM9llLd1w.roa (hash: 4hQQfVDyFUxXBSnxIrSQDsLfslrlkzzZ+2tzn4mkErM=)
2: QUjLrRdIIFtPQzS7pjjGTCsh_A4.crl (hash: NEQK1PU6PF9FB9l+tvXF3XxLkHHQ2O01ei5nSR528Tk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/ce21b3-c4de-456d-b538-97975d34fc6c/1/QUjLrRdIIFtPQzS7pjjGTCsh_A4.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/ce21b3-c4de-456d-b538-97975d34fc6c/1/QUjLrRdIIFtPQzS7pjjGTCsh_A4.mft
rsync://rpki.ripe.net/repository/DEFAULT/QUjLrRdIIFtPQzS7pjjGTCsh_A4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:ea:05:55:8d:da:0d:f5:0b:6d:15:01:b8:fb:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4148cbad1748205b4f4334bba638c64c2b21fc0e
Validity
Not Before: Nov 11 08:01:14 2025 GMT
Not After : Nov 12 08:01:14 2025 GMT
Subject: CN=b9ad43fe46d46ab35f562b4470f22c5b71169675
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:37:e6:9a:62:b0:f0:0c:54:1b:65:0f:fb:2b:
6c:b0:f9:57:34:fe:c4:af:c0:c5:e1:4a:f1:45:31:
7f:50:8a:16:20:d6:9b:5c:43:db:af:76:71:42:c4:
77:75:9d:8f:c6:5b:ad:4d:3c:b5:3d:4f:e9:47:5b:
0f:c0:c4:6e:3d:bf:22:b7:95:ae:fa:53:95:ef:f3:
72:2c:98:0a:85:45:f3:b6:ad:2d:bb:87:82:e3:9a:
24:5a:7e:89:b4:71:15:ef:6e:f8:31:b9:6e:1c:77:
b4:f0:48:c4:93:a0:f7:c6:8a:e0:b9:27:fc:cb:11:
4a:d8:45:81:76:5b:e4:e4:c5:50:b8:da:d7:79:32:
36:ae:56:9f:cd:bd:80:96:71:16:a5:96:db:92:d8:
63:36:bc:1e:04:b4:e5:df:e7:45:ec:2c:4b:3b:fa:
01:6e:33:f6:c4:73:9f:0a:bc:21:1e:5e:29:92:90:
96:ad:83:5a:bc:41:3c:cc:93:a0:40:6b:d2:8a:af:
9e:88:7a:bf:47:25:b3:54:55:0c:88:ce:97:0a:14:
ca:0c:e4:60:c3:10:86:8b:5b:ae:31:9b:4d:0b:ee:
5b:02:fe:af:0e:6a:5d:11:21:30:47:32:df:bc:3d:
e8:5a:44:1f:7e:49:ea:02:0f:aa:ba:03:d3:c5:e5:
06:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:AD:43:FE:46:D4:6A:B3:5F:56:2B:44:70:F2:2C:5B:71:16:96:75
X509v3 Authority Key Identifier:
keyid:41:48:CB:AD:17:48:20:5B:4F:43:34:BB:A6:38:C6:4C:2B:21:FC:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QUjLrRdIIFtPQzS7pjjGTCsh_A4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/ce21b3-c4de-456d-b538-97975d34fc6c/1/QUjLrRdIIFtPQzS7pjjGTCsh_A4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/ce21b3-c4de-456d-b538-97975d34fc6c/1/QUjLrRdIIFtPQzS7pjjGTCsh_A4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8e:53:d8:34:9e:24:fe:2a:8c:f8:29:d1:75:50:2d:df:7e:8f:
ff:d5:19:d2:28:9c:65:ce:2f:91:d6:77:52:6d:db:b0:19:b1:
51:23:b0:05:1e:1b:5c:b5:9c:d5:48:91:18:ce:23:3c:3f:dc:
00:02:d3:63:63:ba:d3:6b:2f:81:cb:7a:f0:08:aa:85:2b:64:
cd:9d:47:1a:1f:f1:27:a3:06:14:28:38:8a:45:fe:d1:d0:87:
76:e5:da:d3:26:24:9f:83:5c:fa:07:ca:a3:c2:cf:24:c2:04:
50:12:26:be:aa:db:9c:f9:2d:3c:5f:a7:b4:bc:81:28:0c:db:
8c:45:b1:53:be:19:2b:fb:f7:e7:fd:88:5b:61:eb:8f:87:eb:
89:bf:81:dc:04:f4:8a:1e:39:73:3d:d9:36:b5:53:bc:ef:0f:
d2:61:ac:1b:b0:05:0c:97:ca:c4:5e:06:c9:99:18:e7:81:a9:
c5:cd:dd:f8:52:cb:1d:22:f6:3b:cf:8e:61:bd:ab:8d:18:c6:
c2:cc:94:66:1d:4b:d3:4e:96:aa:a2:53:a0:a3:c2:92:c1:6e:
3c:8f:a6:4e:cd:0d:57:5e:36:2a:59:4d:16:15:b5:73:83:40:
9d:f2:0b:18:55:f6:66:ce:08:65:ff:39:a0:25:cb:55:f0:69:
d5:8c:fd:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7uoFVY3aDfULbRUBuPuaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNDhjYmFkMTc0ODIwNWI0ZjQzMzRiYmE2MzhjNjRjMmIy
MWZjMGUwHhcNMjUxMTExMDgwMTE0WhcNMjUxMTEyMDgwMTE0WjAzMTEwLwYDVQQD
EyhiOWFkNDNmZTQ2ZDQ2YWIzNWY1NjJiNDQ3MGYyMmM1YjcxMTY5Njc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4zfmmmKw8AxUG2UP+ytssPlXNP7E
r8DF4UrxRTF/UIoWINabXEPbr3ZxQsR3dZ2PxlutTTy1PU/pR1sPwMRuPb8it5Wu
+lOV7/NyLJgKhUXztq0tu4eC45okWn6JtHEV7274MbluHHe08EjEk6D3xorguSf8
yxFK2EWBdlvk5MVQuNrXeTI2rlafzb2AlnEWpZbbkthjNrweBLTl3+dF7CxLO/oB
bjP2xHOfCrwhHl4pkpCWrYNavEE8zJOgQGvSiq+eiHq/RyWzVFUMiM6XChTKDORg
wxCGi1uuMZtNC+5bAv6vDmpdESEwRzLfvD3oWkQffknqAg+qugPTxeUG3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLmtQ/5G1GqzX1YrRHDyLFtxFpZ1MB8GA1UdIwQY
MBaAFEFIy60XSCBbT0M0u6Y4xkwrIfwOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVVqTHJSZElJRnRQUXpTN3BqakdUQ3NoX0E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9jZTIxYjMtYzRkZS00NTZkLWI1Mzgt
OTc5NzVkMzRmYzZjLzEvUVVqTHJSZElJRnRQUXpTN3BqakdUQ3NoX0E0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9jZTIxYjMtYzRkZS00NTZkLWI1MzgtOTc5NzVkMzRmYzZj
LzEvUVVqTHJSZElJRnRQUXpTN3BqakdUQ3NoX0E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjlPYNJ4k
/iqM+CnRdVAt336P/9UZ0iicZc4vkdZ3Um3bsBmxUSOwBR4bXLWc1UiRGM4jPD/c
AALTY2O602svgct68AiqhStkzZ1HGh/xJ6MGFCg4ikX+0dCHduXa0yYkn4Nc+gfK
o8LPJMIEUBImvqrbnPktPF+ntLyBKAzbjEWxU74ZK/v35/2IW2Hrj4frib+B3AT0
ih45cz3ZNrVTvO8P0mGsG7AFDJfKxF4GyZkY54Gpxc3d+FLLHSL2O8+OYb2rjRjG
wsyUZh1L006WqqJToKPCksFuPI+mTs0NV142KllNFhW1c4NAnfILGFX2Zs4IZf85
oCXLVfBp1Yz9Fg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 17:19:19 2025 by rpki-client