Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2e2c8e-4c2b-48e9-afd5-235aba19d9f9/1/QKpxFX4g2YA2u9aTuOy7K5nw8Dw.mft
File: QKpxFX4g2YA2u9aTuOy7K5nw8Dw.mft (raw, json)
Hash identifier: 4OeYLTrcQogTCzts/EKSSW64RReANZLquJWles51k7Q=
Subject key identifier: C7:E5:28:75:21:6B:72:6B:99:98:9E:B9:2C:FB:A1:38:D5:63:F2:E7
Authority key identifier: 40:AA:71:15:7E:20:D9:80:36:BB:D6:93:B8:EC:BB:2B:99:F0:F0:3C
Certificate issuer: /CN=40aa71157e20d98036bbd693b8ecbb2b99f0f03c
Certificate serial: 019A70DBFC6B45C5629ED21DDB11ED38D147
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QKpxFX4g2YA2u9aTuOy7K5nw8Dw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2e2c8e-4c2b-48e9-afd5-235aba19d9f9/1/QKpxFX4g2YA2u9aTuOy7K5nw8Dw.mft
Manifest number: 171C
Signing time: Tue 11 Nov 2025 03:00:56 +0000
Manifest this update: Tue 11 Nov 2025 03:00:56 +0000
Manifest next update: Wed 12 Nov 2025 03:00:56 +0000
Files and hashes: 1: QKpxFX4g2YA2u9aTuOy7K5nw8Dw.crl (hash: Awuexe+36mn/mX0rLyMl4x/Gc67aV+JGzleDxt3lZho=)
2: zxt5ioQXS4YKJLP4ilCQM5v8g2Y.roa (hash: RY5SWWwhf3VR6uGt8AADVTrl85kwmlR4e1dP9tOTtrg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2e2c8e-4c2b-48e9-afd5-235aba19d9f9/1/QKpxFX4g2YA2u9aTuOy7K5nw8Dw.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2e2c8e-4c2b-48e9-afd5-235aba19d9f9/1/QKpxFX4g2YA2u9aTuOy7K5nw8Dw.mft
rsync://rpki.ripe.net/repository/DEFAULT/QKpxFX4g2YA2u9aTuOy7K5nw8Dw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:db:fc:6b:45:c5:62:9e:d2:1d:db:11:ed:38:d1:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40aa71157e20d98036bbd693b8ecbb2b99f0f03c
Validity
Not Before: Nov 11 03:00:56 2025 GMT
Not After : Nov 12 03:00:56 2025 GMT
Subject: CN=c7e52875216b726b99989eb92cfba138d563f2e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:63:cc:8f:b4:34:9d:53:8a:03:00:2a:01:a9:
3b:ae:f1:8e:ea:0c:1d:89:7f:99:a1:94:12:a0:3a:
15:47:36:df:63:4c:66:40:ff:a1:c2:f1:30:a1:45:
ce:2a:31:e1:bc:07:b5:63:15:4f:62:e1:22:ca:1d:
aa:ac:6d:b2:65:3e:76:31:4e:af:66:6a:56:ed:65:
8f:83:87:f0:ae:c4:ea:6c:11:15:5a:68:74:56:f6:
19:4b:83:20:f3:41:7c:f3:24:3c:a5:e8:1f:e3:4c:
31:20:5a:8f:bd:5a:04:c2:4d:e6:64:3f:58:64:ae:
c9:0f:6f:72:68:ec:76:25:40:a1:53:8d:6b:98:35:
53:7f:8d:10:c3:0b:76:a8:ca:ea:1a:2b:14:35:e2:
bc:f4:da:8c:df:59:f3:82:6e:25:bb:86:68:4b:2f:
2c:4c:85:a4:92:49:26:58:26:64:7b:e6:42:ed:c7:
04:43:7a:42:e4:d5:d0:3b:75:4d:b4:d3:ed:01:ee:
b3:d0:57:6c:61:15:87:1f:31:c2:bf:c0:e5:88:ea:
95:9f:8a:7a:c7:5e:96:66:36:96:6c:bc:e4:16:79:
c5:b7:0c:29:fc:ba:64:5f:b9:3c:09:d8:fc:3d:61:
d8:b2:bc:a7:e7:ea:a6:1a:2c:7e:6d:76:16:23:c2:
7b:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:E5:28:75:21:6B:72:6B:99:98:9E:B9:2C:FB:A1:38:D5:63:F2:E7
X509v3 Authority Key Identifier:
keyid:40:AA:71:15:7E:20:D9:80:36:BB:D6:93:B8:EC:BB:2B:99:F0:F0:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QKpxFX4g2YA2u9aTuOy7K5nw8Dw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2e2c8e-4c2b-48e9-afd5-235aba19d9f9/1/QKpxFX4g2YA2u9aTuOy7K5nw8Dw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2e2c8e-4c2b-48e9-afd5-235aba19d9f9/1/QKpxFX4g2YA2u9aTuOy7K5nw8Dw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
09:78:c3:c6:5d:82:5c:88:b3:75:37:f6:41:f9:1b:e9:34:40:
a3:d9:0c:b5:94:b5:15:47:4d:1a:78:81:8c:a9:39:b2:8e:44:
3b:d1:81:b3:a5:91:68:43:43:cc:42:a8:7e:1d:a1:19:d3:ef:
16:82:83:b2:3b:10:57:1b:10:79:ab:46:61:c4:49:47:c6:d4:
e9:42:0f:6f:f6:e9:6b:33:03:87:d3:d3:e5:c3:79:7e:80:7c:
4d:74:ed:69:ba:78:bf:0e:93:d2:de:cc:f2:16:4b:2e:cf:e1:
bb:8e:60:37:f8:c6:06:5d:64:b5:3e:af:b3:3d:3b:8a:94:87:
cd:e7:db:a0:07:3f:90:ad:78:9c:2e:41:56:f6:af:2d:85:02:
66:3c:7f:11:ed:db:ea:b6:d6:b6:89:bd:08:47:15:26:8b:a4:
d8:21:07:eb:82:7d:eb:b5:b9:d3:ae:91:53:cf:15:a4:a1:35:
02:f3:76:d3:af:13:41:92:1a:66:bc:be:77:64:6e:26:b7:65:
0c:75:75:b5:ea:08:51:b0:69:b0:8c:c7:cf:d0:69:6c:a9:45:
5d:5a:76:0f:79:5c:0f:2a:75:b4:6f:c1:14:b1:1d:07:1f:de:
14:e7:f1:53:a8:b0:2c:d3:ca:56:5f:f7:66:dc:15:eb:ea:9f:
0c:f6:ed:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw2/xrRcVintId2xHtONFHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYWE3MTE1N2UyMGQ5ODAzNmJiZDY5M2I4ZWNiYjJiOTlm
MGYwM2MwHhcNMjUxMTExMDMwMDU2WhcNMjUxMTEyMDMwMDU2WjAzMTEwLwYDVQQD
EyhjN2U1Mjg3NTIxNmI3MjZiOTk5ODllYjkyY2ZiYTEzOGQ1NjNmMmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyGPMj7Q0nVOKAwAqAak7rvGO6gwd
iX+ZoZQSoDoVRzbfY0xmQP+hwvEwoUXOKjHhvAe1YxVPYuEiyh2qrG2yZT52MU6v
ZmpW7WWPg4fwrsTqbBEVWmh0VvYZS4Mg80F88yQ8pegf40wxIFqPvVoEwk3mZD9Y
ZK7JD29yaOx2JUChU41rmDVTf40Qwwt2qMrqGisUNeK89NqM31nzgm4lu4ZoSy8s
TIWkkkkmWCZke+ZC7ccEQ3pC5NXQO3VNtNPtAe6z0FdsYRWHHzHCv8DliOqVn4p6
x16WZjaWbLzkFnnFtwwp/LpkX7k8Cdj8PWHYsryn5+qmGix+bXYWI8J7sQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMflKHUha3JrmZieuSz7oTjVY/LnMB8GA1UdIwQY
MBaAFECqcRV+INmANrvWk7jsuyuZ8PA8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUtweEZYNGcyWUEydTlhVHVPeTdLNW53OER3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yZTJjOGUtNGMyYi00OGU5LWFmZDUt
MjM1YWJhMTlkOWY5LzEvUUtweEZYNGcyWUEydTlhVHVPeTdLNW53OER3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yZTJjOGUtNGMyYi00OGU5LWFmZDUtMjM1YWJhMTlkOWY5
LzEvUUtweEZYNGcyWUEydTlhVHVPeTdLNW53OER3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACXjDxl2C
XIizdTf2Qfkb6TRAo9kMtZS1FUdNGniBjKk5so5EO9GBs6WRaENDzEKofh2hGdPv
FoKDsjsQVxsQeatGYcRJR8bU6UIPb/bpazMDh9PT5cN5foB8TXTtabp4vw6T0t7M
8hZLLs/hu45gN/jGBl1ktT6vsz07ipSHzefboAc/kK14nC5BVvavLYUCZjx/Ee3b
6rbWtom9CEcVJouk2CEH64J967W5066RU88VpKE1AvN2068TQZIaZry+d2RuJrdl
DHV1teoIUbBpsIzHz9BpbKlFXVp2D3lcDyp1tG/BFLEdBx/eFOfxU6iwLNPKVl/3
ZtwV6+qfDPbtQQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:44:24 2025 by rpki-client