Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/c33731-3c52-4c85-9789-bd27afad9c3d/1/QOY0vcMMDEtfeUXz0EHiNQW80Vk.mft
File: QOY0vcMMDEtfeUXz0EHiNQW80Vk.mft (raw, json)
Hash identifier: Y9kp9gvN8qeloL68Jy4LRAoDgH/BmppoNw00Z7f3q1g=
Subject key identifier: 72:D9:BE:7C:9F:0F:E1:B1:85:15:8D:FD:7A:DA:2C:2C:60:E8:B8:22
Authority key identifier: 40:E6:34:BD:C3:0C:0C:4B:5F:79:45:F3:D0:41:E2:35:05:BC:D1:59
Certificate issuer: /CN=40e634bdc30c0c4b5f7945f3d041e23505bcd159
Certificate serial: 019A7225C8D8B9960AC4D2A951EDB25CB19B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QOY0vcMMDEtfeUXz0EHiNQW80Vk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/c33731-3c52-4c85-9789-bd27afad9c3d/1/QOY0vcMMDEtfeUXz0EHiNQW80Vk.mft
Manifest number: 82
Signing time: Tue 11 Nov 2025 09:01:10 +0000
Manifest this update: Tue 11 Nov 2025 09:01:10 +0000
Manifest next update: Wed 12 Nov 2025 09:01:10 +0000
Files and hashes: 1: AIdhkvHghh0oY4Bo_26XXaHpKGs.roa (hash: 1OYUp8CdXRHv9dQxmnoj+je7+ykfhffiZAjyffapZ9I=)
2: QOY0vcMMDEtfeUXz0EHiNQW80Vk.crl (hash: Cn2r+1H7ropiIkgrmpUTxYyMpT8EKQ7SMtH7nEOFdyY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/c33731-3c52-4c85-9789-bd27afad9c3d/1/QOY0vcMMDEtfeUXz0EHiNQW80Vk.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/c33731-3c52-4c85-9789-bd27afad9c3d/1/QOY0vcMMDEtfeUXz0EHiNQW80Vk.mft
rsync://rpki.ripe.net/repository/DEFAULT/QOY0vcMMDEtfeUXz0EHiNQW80Vk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:c8:d8:b9:96:0a:c4:d2:a9:51:ed:b2:5c:b1:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40e634bdc30c0c4b5f7945f3d041e23505bcd159
Validity
Not Before: Nov 11 09:01:10 2025 GMT
Not After : Nov 12 09:01:10 2025 GMT
Subject: CN=72d9be7c9f0fe1b185158dfd7ada2c2c60e8b822
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:86:ad:f7:8e:38:f4:e2:e4:d6:ee:12:47:ec:
0d:36:90:4f:2f:da:7a:c8:6f:89:54:26:72:a9:e9:
38:5c:74:f4:df:7e:8f:45:65:0a:c5:47:48:17:4f:
19:9c:2c:62:90:1c:7d:6c:ac:bd:78:74:5c:dd:82:
ce:2a:14:26:45:77:76:be:e8:e7:ad:c3:ec:60:dd:
54:18:af:e0:96:e5:e4:bf:a9:c6:da:14:35:ec:96:
af:9f:c8:95:2a:4b:63:eb:15:5b:25:45:05:b4:f0:
4a:46:f4:f2:be:42:f9:57:be:d5:60:67:1e:3a:47:
51:ac:1e:0d:a3:4a:2c:57:b2:58:18:d3:48:55:f1:
18:2d:4a:1a:8c:9e:9b:05:3d:cc:a3:f2:42:de:4f:
36:40:85:59:d8:0a:11:76:ff:e0:ec:15:4f:f9:7f:
93:85:fc:3b:54:bc:5e:d6:84:bc:35:65:86:6f:6a:
d1:3a:3a:aa:0c:bc:e5:db:90:ac:60:11:06:91:ad:
bf:a9:95:09:de:57:ef:65:c2:d2:20:96:e0:f2:62:
f5:eb:28:00:cf:49:d1:db:1c:19:3f:4d:07:80:cf:
41:6d:a4:e8:c3:b1:b2:4e:8f:05:4e:c6:3f:76:56:
e6:15:91:bc:03:7a:38:e3:d7:49:5b:be:12:3a:25:
46:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:D9:BE:7C:9F:0F:E1:B1:85:15:8D:FD:7A:DA:2C:2C:60:E8:B8:22
X509v3 Authority Key Identifier:
keyid:40:E6:34:BD:C3:0C:0C:4B:5F:79:45:F3:D0:41:E2:35:05:BC:D1:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QOY0vcMMDEtfeUXz0EHiNQW80Vk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c33731-3c52-4c85-9789-bd27afad9c3d/1/QOY0vcMMDEtfeUXz0EHiNQW80Vk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c33731-3c52-4c85-9789-bd27afad9c3d/1/QOY0vcMMDEtfeUXz0EHiNQW80Vk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
40:29:bf:cf:e6:7b:4e:51:b2:43:db:37:a7:a2:9a:09:71:91:
7f:02:94:d6:ec:21:ba:58:57:44:37:aa:59:37:0c:bb:81:5d:
b2:bf:65:39:40:91:80:cb:40:18:6c:a6:b3:cc:45:0b:9c:55:
db:3c:d0:95:35:0c:22:6c:59:b5:89:62:c8:91:6b:04:0b:01:
a6:55:e7:3c:45:22:23:44:43:18:6c:6a:5d:54:fa:f9:a6:84:
3f:43:69:98:77:0e:e7:33:25:c9:8f:0e:ba:0c:7e:df:67:ff:
c8:1c:30:91:9d:82:4d:ec:fa:6a:08:51:e7:30:24:c3:08:48:
76:62:7d:54:1f:c4:f9:c1:d1:0e:5c:53:fe:16:66:8b:a8:7d:
6c:0f:a1:12:23:a0:92:24:5f:74:e7:2d:46:1e:1d:61:23:b4:
00:95:93:56:78:01:9c:72:95:b9:06:55:08:ce:fb:7e:45:9f:
2b:7d:18:68:bc:56:7c:f2:8c:4f:ad:ce:2f:45:2c:82:e3:3a:
c0:59:f7:ef:80:0a:07:89:a9:a4:42:ef:1d:9f:2f:2a:66:94:
05:5f:01:f1:f8:1b:e7:70:fb:38:71:b5:83:b7:1f:7d:90:05:
06:06:3f:f6:35:10:f3:6f:ec:b6:d4:46:73:53:66:26:b8:28:
f0:52:57:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJcjYuZYKxNKpUe2yXLGbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZTYzNGJkYzMwYzBjNGI1Zjc5NDVmM2QwNDFlMjM1MDVi
Y2QxNTkwHhcNMjUxMTExMDkwMTEwWhcNMjUxMTEyMDkwMTEwWjAzMTEwLwYDVQQD
Eyg3MmQ5YmU3YzlmMGZlMWIxODUxNThkZmQ3YWRhMmMyYzYwZThiODIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Yat94449OLk1u4SR+wNNpBPL9p6
yG+JVCZyqek4XHT0336PRWUKxUdIF08ZnCxikBx9bKy9eHRc3YLOKhQmRXd2vujn
rcPsYN1UGK/gluXkv6nG2hQ17Javn8iVKktj6xVbJUUFtPBKRvTyvkL5V77VYGce
OkdRrB4No0osV7JYGNNIVfEYLUoajJ6bBT3Mo/JC3k82QIVZ2AoRdv/g7BVP+X+T
hfw7VLxe1oS8NWWGb2rROjqqDLzl25CsYBEGka2/qZUJ3lfvZcLSIJbg8mL16ygA
z0nR2xwZP00HgM9BbaTow7GyTo8FTsY/dlbmFZG8A3o449dJW74SOiVGIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHLZvnyfD+GxhRWN/XraLCxg6LgiMB8GA1UdIwQY
MBaAFEDmNL3DDAxLX3lF89BB4jUFvNFZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU9ZMHZjTU1ERXRmZVVYejBFSGlOUVc4MFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9jMzM3MzEtM2M1Mi00Yzg1LTk3ODkt
YmQyN2FmYWQ5YzNkLzEvUU9ZMHZjTU1ERXRmZVVYejBFSGlOUVc4MFZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9jMzM3MzEtM2M1Mi00Yzg1LTk3ODktYmQyN2FmYWQ5YzNk
LzEvUU9ZMHZjTU1ERXRmZVVYejBFSGlOUVc4MFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQCm/z+Z7
TlGyQ9s3p6KaCXGRfwKU1uwhulhXRDeqWTcMu4Fdsr9lOUCRgMtAGGyms8xFC5xV
2zzQlTUMImxZtYliyJFrBAsBplXnPEUiI0RDGGxqXVT6+aaEP0NpmHcO5zMlyY8O
ugx+32f/yBwwkZ2CTez6aghR5zAkwwhIdmJ9VB/E+cHRDlxT/hZmi6h9bA+hEiOg
kiRfdOctRh4dYSO0AJWTVngBnHKVuQZVCM77fkWfK30YaLxWfPKMT63OL0UsguM6
wFn374AKB4mppELvHZ8vKmaUBV8B8fgb53D7OHG1g7cffZAFBgY/9jUQ82/sttRG
c1NmJrgo8FJXDw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:37:22 2025 by rpki-client