Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/409752-9d8c-40f5-9125-9c06737979d1/1/DQMTeXANNd0Akr0GHGA-bLJWGnU.mft
File: DQMTeXANNd0Akr0GHGA-bLJWGnU.mft (raw, json)
Hash identifier: pKvFHV7y25Muc+I/DJ3BJ6tkaJAqLNW4vpfDinbnW/o=
Subject key identifier: 97:CB:68:70:94:CA:E1:B1:17:61:48:BB:92:B4:04:C6:D1:61:36:A8
Authority key identifier: 0D:03:13:79:70:0D:35:DD:00:92:BD:06:1C:60:3E:6C:B2:56:1A:75
Certificate issuer: /CN=0d031379700d35dd0092bd061c603e6cb2561a75
Certificate serial: 019A71B8701FF7C863A2CEAF28C9685DB9B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQMTeXANNd0Akr0GHGA-bLJWGnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/409752-9d8c-40f5-9125-9c06737979d1/1/DQMTeXANNd0Akr0GHGA-bLJWGnU.mft
Manifest number: 01AD
Signing time: Tue 11 Nov 2025 07:01:43 +0000
Manifest this update: Tue 11 Nov 2025 07:01:43 +0000
Manifest next update: Wed 12 Nov 2025 07:01:43 +0000
Files and hashes: 1: DQMTeXANNd0Akr0GHGA-bLJWGnU.crl (hash: M9P/fTKnz1Eykg6hgsv14YqvpsuF/ceXugZ/4jpvb6M=)
2: iuZqfYD0hiTIvYqwWHAL_dTt-d8.roa (hash: TADQbHhC3NVuwnA1AHCcNT5GSSVPXnhWpWfVu/iqF94=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/409752-9d8c-40f5-9125-9c06737979d1/1/DQMTeXANNd0Akr0GHGA-bLJWGnU.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/409752-9d8c-40f5-9125-9c06737979d1/1/DQMTeXANNd0Akr0GHGA-bLJWGnU.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQMTeXANNd0Akr0GHGA-bLJWGnU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:70:1f:f7:c8:63:a2:ce:af:28:c9:68:5d:b9:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d031379700d35dd0092bd061c603e6cb2561a75
Validity
Not Before: Nov 11 07:01:43 2025 GMT
Not After : Nov 12 07:01:43 2025 GMT
Subject: CN=97cb687094cae1b1176148bb92b404c6d16136a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:65:b3:22:97:7d:c0:1d:c9:ce:e9:c5:7f:32:
0e:40:07:3e:b1:9f:58:98:f2:ef:c7:c9:a4:0f:6c:
ff:8f:f3:6f:6d:2d:3f:c0:0c:99:d1:bb:2e:47:75:
6f:e7:f9:f2:e2:75:ca:e4:05:11:c2:01:0b:d3:a6:
b9:68:e9:0a:eb:6e:01:ad:db:60:ff:3f:98:82:60:
c9:ca:96:ea:10:4c:69:19:1f:be:8f:61:bf:38:c6:
99:31:e2:3d:97:1b:74:24:67:34:0e:cc:c0:14:84:
4d:a2:65:09:45:60:79:ff:9f:a3:2e:24:b4:ed:53:
61:fe:25:22:61:c4:32:68:7d:fd:45:57:12:97:16:
35:72:ed:1e:5f:bc:14:1c:e1:de:05:8d:9c:c3:2d:
f2:15:3c:e0:da:bc:64:f3:f2:d3:b7:63:aa:e5:ba:
c9:9b:a0:69:4c:f3:5a:3b:f7:3b:24:0e:20:0b:cb:
8a:ac:07:53:2d:8a:6c:9f:45:85:8e:bf:d2:63:45:
dd:48:de:d6:83:15:d6:ac:54:64:96:7e:76:e4:ce:
78:31:04:4f:cd:f7:63:3b:3f:6d:a4:ac:b2:53:ca:
3e:9e:d7:a2:bb:59:ce:fe:c8:9c:b0:92:aa:ff:ec:
61:b1:6a:dd:d7:08:5e:48:7e:1b:f4:b1:15:29:6c:
d7:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:CB:68:70:94:CA:E1:B1:17:61:48:BB:92:B4:04:C6:D1:61:36:A8
X509v3 Authority Key Identifier:
keyid:0D:03:13:79:70:0D:35:DD:00:92:BD:06:1C:60:3E:6C:B2:56:1A:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQMTeXANNd0Akr0GHGA-bLJWGnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/409752-9d8c-40f5-9125-9c06737979d1/1/DQMTeXANNd0Akr0GHGA-bLJWGnU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/409752-9d8c-40f5-9125-9c06737979d1/1/DQMTeXANNd0Akr0GHGA-bLJWGnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
11:a7:a9:70:5d:f9:9c:cf:43:d9:f2:11:4c:d1:56:ea:a5:c2:
5b:73:fb:91:15:58:9a:51:4b:bc:dc:b8:29:2d:84:c9:70:06:
a7:31:dc:df:08:05:14:78:a2:65:f7:7b:f2:fa:f0:6b:0c:41:
11:93:f4:31:26:5a:6f:d3:01:d5:cc:52:a8:47:dd:c1:3d:0b:
fd:7f:f8:b0:7c:df:fb:2b:2e:75:17:a9:24:d2:bc:3c:3a:02:
a1:f0:8f:d0:2a:33:84:0e:2c:76:75:f4:7b:8a:45:d7:11:e1:
cc:e4:a4:ea:b6:da:db:a5:59:33:85:63:67:c2:43:37:6a:ff:
94:49:4d:c2:dd:08:59:8c:21:56:02:49:35:61:63:0c:cc:04:
ea:e1:92:1f:bd:49:e0:f5:d2:0e:34:f0:2f:db:af:96:53:f5:
be:39:04:55:d4:ba:d9:bf:7c:e9:27:dd:04:01:e0:6c:da:4a:
71:63:3f:ce:f5:70:6a:a2:ca:db:23:87:47:d0:64:ec:d9:12:
df:bf:71:56:05:9e:fb:22:1d:58:98:69:ff:16:3a:97:d2:1b:
59:a3:e7:80:7a:55:5c:a6:b3:67:dc:d6:ea:8e:5e:6a:fc:41:
84:e7:a1:79:28:ab:33:ba:f2:89:b8:02:5b:7b:73:5c:19:a3:
cb:e3:39:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuHAf98hjos6vKMloXbm5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMDMxMzc5NzAwZDM1ZGQwMDkyYmQwNjFjNjAzZTZjYjI1
NjFhNzUwHhcNMjUxMTExMDcwMTQzWhcNMjUxMTEyMDcwMTQzWjAzMTEwLwYDVQQD
Eyg5N2NiNjg3MDk0Y2FlMWIxMTc2MTQ4YmI5MmI0MDRjNmQxNjEzNmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGWzIpd9wB3JzunFfzIOQAc+sZ9Y
mPLvx8mkD2z/j/NvbS0/wAyZ0bsuR3Vv5/ny4nXK5AURwgEL06a5aOkK624Brdtg
/z+YgmDJypbqEExpGR++j2G/OMaZMeI9lxt0JGc0DszAFIRNomUJRWB5/5+jLiS0
7VNh/iUiYcQyaH39RVcSlxY1cu0eX7wUHOHeBY2cwy3yFTzg2rxk8/LTt2Oq5brJ
m6BpTPNaO/c7JA4gC8uKrAdTLYpsn0WFjr/SY0XdSN7WgxXWrFRkln525M54MQRP
zfdjOz9tpKyyU8o+nteiu1nO/sicsJKq/+xhsWrd1wheSH4b9LEVKWzX5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJfLaHCUyuGxF2FIu5K0BMbRYTaoMB8GA1UdIwQY
MBaAFA0DE3lwDTXdAJK9BhxgPmyyVhp1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFFNVGVYQU5OZDBBa3IwR0hHQS1iTEpXR25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS80MDk3NTItOWQ4Yy00MGY1LTkxMjUt
OWMwNjczNzk3OWQxLzEvRFFNVGVYQU5OZDBBa3IwR0hHQS1iTEpXR25VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS80MDk3NTItOWQ4Yy00MGY1LTkxMjUtOWMwNjczNzk3OWQx
LzEvRFFNVGVYQU5OZDBBa3IwR0hHQS1iTEpXR25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEaepcF35
nM9D2fIRTNFW6qXCW3P7kRVYmlFLvNy4KS2EyXAGpzHc3wgFFHiiZfd78vrwawxB
EZP0MSZab9MB1cxSqEfdwT0L/X/4sHzf+ysudRepJNK8PDoCofCP0CozhA4sdnX0
e4pF1xHhzOSk6rba26VZM4VjZ8JDN2r/lElNwt0IWYwhVgJJNWFjDMwE6uGSH71J
4PXSDjTwL9uvllP1vjkEVdS62b986SfdBAHgbNpKcWM/zvVwaqLK2yOHR9Bk7NkS
379xVgWe+yIdWJhp/xY6l9IbWaPngHpVXKazZ9zW6o5eavxBhOeheSirM7ryibgC
W3tzXBmjy+M5nA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:42:55 2025 by rpki-client