Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/05c3a1-c8fe-40ff-9c52-3e6f0324410a/1/KQHXZDHG6HPTxEcwVx4eUNYCBXw.mft
File: KQHXZDHG6HPTxEcwVx4eUNYCBXw.mft (raw, json)
Hash identifier: ePPTKPbAVlqRT0p+ZJD0j4+Q3wLazKtwSikpadMzIN0=
Subject key identifier: D9:31:10:28:8E:3A:DD:68:A2:E0:DE:91:B4:B7:92:7F:ED:82:AF:5D
Authority key identifier: 29:01:D7:64:31:C6:E8:73:D3:C4:47:30:57:1E:1E:50:D6:02:05:7C
Certificate issuer: /CN=2901d76431c6e873d3c44730571e1e50d602057c
Certificate serial: 019A714A149127503BFF651DEE033E2F8794
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQHXZDHG6HPTxEcwVx4eUNYCBXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/05c3a1-c8fe-40ff-9c52-3e6f0324410a/1/KQHXZDHG6HPTxEcwVx4eUNYCBXw.mft
Manifest number: 132E
Signing time: Tue 11 Nov 2025 05:01:11 +0000
Manifest this update: Tue 11 Nov 2025 05:01:11 +0000
Manifest next update: Wed 12 Nov 2025 05:01:11 +0000
Files and hashes: 1: JePrT9N5p_vpcuN2wLJvV6n4f0o.roa (hash: ec+cmY8FX0sUxq4KIX8YI3T2SVi2Yc81u8O7CEJnLdo=)
2: KQHXZDHG6HPTxEcwVx4eUNYCBXw.crl (hash: 0xiwIQD2IEvKvJ9zKYi2SFT3FDFBu10KnTJoFH4FgX8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/05c3a1-c8fe-40ff-9c52-3e6f0324410a/1/KQHXZDHG6HPTxEcwVx4eUNYCBXw.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/05c3a1-c8fe-40ff-9c52-3e6f0324410a/1/KQHXZDHG6HPTxEcwVx4eUNYCBXw.mft
rsync://rpki.ripe.net/repository/DEFAULT/KQHXZDHG6HPTxEcwVx4eUNYCBXw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:4a:14:91:27:50:3b:ff:65:1d:ee:03:3e:2f:87:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2901d76431c6e873d3c44730571e1e50d602057c
Validity
Not Before: Nov 11 05:01:11 2025 GMT
Not After : Nov 12 05:01:11 2025 GMT
Subject: CN=d93110288e3add68a2e0de91b4b7927fed82af5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:f8:de:d7:5b:21:66:15:0d:c0:b5:e8:5d:09:
3b:63:bc:09:3f:91:4c:dc:ea:47:07:0f:7c:82:a4:
8d:5a:53:59:62:64:48:ff:8c:8f:ca:6b:c4:74:3e:
ee:8d:b3:f4:dd:5a:5d:96:d8:9d:3e:1b:3c:61:fc:
bb:7c:ce:3e:a8:8b:1f:f3:fd:44:fc:b7:b5:cb:ee:
c0:b2:11:5c:e1:1a:5d:7e:82:60:94:57:a7:e0:bf:
b0:7c:f0:d2:2b:d3:2a:2a:4d:63:1d:e6:6e:ae:a3:
f1:62:63:f2:21:a0:49:1a:87:09:db:5d:5b:82:8b:
98:ba:33:23:88:7b:ae:1a:5b:4b:25:b6:7a:73:f0:
d3:16:53:54:2d:99:85:ad:4c:b7:c9:fd:fe:34:38:
da:10:19:6c:b9:3e:57:aa:a0:41:cd:e3:8f:70:f4:
2e:c2:e2:91:cc:a1:b3:cc:38:a4:1f:32:06:64:99:
04:4a:76:bb:54:09:74:99:5e:8a:13:a1:8a:ca:bf:
de:17:1e:19:5e:99:a7:41:4f:08:f0:ad:e9:82:06:
ed:02:b0:2a:a3:3e:f9:17:bc:ed:e7:73:c1:fe:8c:
aa:47:62:99:5e:18:69:ed:e7:cf:96:8e:3b:fe:11:
a8:73:7d:41:f6:70:60:3d:ce:57:de:23:fa:59:ae:
12:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:31:10:28:8E:3A:DD:68:A2:E0:DE:91:B4:B7:92:7F:ED:82:AF:5D
X509v3 Authority Key Identifier:
keyid:29:01:D7:64:31:C6:E8:73:D3:C4:47:30:57:1E:1E:50:D6:02:05:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQHXZDHG6HPTxEcwVx4eUNYCBXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/05c3a1-c8fe-40ff-9c52-3e6f0324410a/1/KQHXZDHG6HPTxEcwVx4eUNYCBXw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/05c3a1-c8fe-40ff-9c52-3e6f0324410a/1/KQHXZDHG6HPTxEcwVx4eUNYCBXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
cd:94:c7:3d:07:7e:e1:ee:5e:bc:32:42:c0:f1:e1:ba:8b:3e:
e8:4d:29:bd:ac:e4:12:80:00:f9:63:fb:b2:cb:50:ef:0c:72:
fd:5a:41:fd:63:b3:0b:1d:29:0a:b1:fc:95:96:e3:0a:11:9d:
4d:50:90:9f:56:9c:fd:40:ec:b0:f2:70:0a:7f:ef:4c:4f:8d:
30:df:fd:35:40:18:2e:05:b1:ff:e8:95:c6:04:04:6e:e7:d6:
d7:61:87:9a:2f:b4:a3:18:69:42:f4:84:39:b7:a5:d5:1f:a5:
37:2c:e2:e9:a5:b7:93:5c:5f:42:24:b7:5f:af:9b:42:48:be:
ec:d0:42:d8:7f:b3:77:66:a2:92:4d:ac:68:d0:75:a9:7d:28:
27:6c:1e:98:fb:a0:c7:95:a2:b8:6b:c6:1c:8f:65:0c:25:82:
ff:04:5c:bb:d5:c2:91:9c:6f:d9:29:96:93:59:d5:3b:e2:ff:
33:6c:de:92:a0:ff:0b:50:28:86:3d:9a:ee:fe:e5:0e:19:e0:
62:96:09:8a:30:6b:5c:c8:e5:de:45:54:f8:5f:a1:5b:02:8d:
a8:da:25:b1:79:79:6f:d5:46:29:ca:0f:6a:af:ce:ef:47:87:
93:01:d0:c6:a1:b2:65:63:e3:80:83:b6:77:81:0d:6d:0e:51:
27:f1:5d:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxShSRJ1A7/2Ud7gM+L4eUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDFkNzY0MzFjNmU4NzNkM2M0NDczMDU3MWUxZTUwZDYw
MjA1N2MwHhcNMjUxMTExMDUwMTExWhcNMjUxMTEyMDUwMTExWjAzMTEwLwYDVQQD
EyhkOTMxMTAyODhlM2FkZDY4YTJlMGRlOTFiNGI3OTI3ZmVkODJhZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyfje11shZhUNwLXoXQk7Y7wJP5FM
3OpHBw98gqSNWlNZYmRI/4yPymvEdD7ujbP03VpdltidPhs8Yfy7fM4+qIsf8/1E
/Le1y+7AshFc4RpdfoJglFen4L+wfPDSK9MqKk1jHeZurqPxYmPyIaBJGocJ211b
gouYujMjiHuuGltLJbZ6c/DTFlNULZmFrUy3yf3+NDjaEBlsuT5XqqBBzeOPcPQu
wuKRzKGzzDikHzIGZJkESna7VAl0mV6KE6GKyr/eFx4ZXpmnQU8I8K3pggbtArAq
oz75F7zt53PB/oyqR2KZXhhp7efPlo47/hGoc31B9nBgPc5X3iP6Wa4SUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNkxECiOOt1oouDekbS3kn/tgq9dMB8GA1UdIwQY
MBaAFCkB12Qxxuhz08RHMFceHlDWAgV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FIWFpESEc2SFBUeEVjd1Z4NGVVTllDQlh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8wNWMzYTEtYzhmZS00MGZmLTljNTIt
M2U2ZjAzMjQ0MTBhLzEvS1FIWFpESEc2SFBUeEVjd1Z4NGVVTllDQlh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8wNWMzYTEtYzhmZS00MGZmLTljNTItM2U2ZjAzMjQ0MTBh
LzEvS1FIWFpESEc2SFBUeEVjd1Z4NGVVTllDQlh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzZTHPQd+
4e5evDJCwPHhuos+6E0pvazkEoAA+WP7sstQ7wxy/VpB/WOzCx0pCrH8lZbjChGd
TVCQn1ac/UDssPJwCn/vTE+NMN/9NUAYLgWx/+iVxgQEbufW12GHmi+0oxhpQvSE
Obel1R+lNyzi6aW3k1xfQiS3X6+bQki+7NBC2H+zd2aikk2saNB1qX0oJ2wemPug
x5WiuGvGHI9lDCWC/wRcu9XCkZxv2SmWk1nVO+L/M2zekqD/C1Aohj2a7v7lDhng
YpYJijBrXMjl3kVU+F+hWwKNqNolsXl5b9VGKcoPaq/O70eHkwHQxqGyZWPjgIO2
d4ENbQ5RJ/FdlQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:13:56 2025 by rpki-client