Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/7bb038-01bc-4d85-9f04-d22274bba713/1/qklDGDthG-Ogd1OCUJSQBIsK1zg.mft
File: qklDGDthG-Ogd1OCUJSQBIsK1zg.mft (raw, json)
Hash identifier: NxDIn3FrhZGnxoF2Owf86HtZmgdY0FjozT2x/zzlO9M=
Subject key identifier: 8B:3C:DC:A4:D8:E6:EE:80:FA:FC:01:9C:FE:7B:2C:43:EF:C2:78:94
Authority key identifier: AA:49:43:18:3B:61:1B:E3:A0:77:53:82:50:94:90:04:8B:0A:D7:38
Certificate issuer: /CN=aa4943183b611be3a0775382509490048b0ad738
Certificate serial: 019A70DBEE6B98EDCBA9C6C4E48E774F50BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qklDGDthG-Ogd1OCUJSQBIsK1zg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/7bb038-01bc-4d85-9f04-d22274bba713/1/qklDGDthG-Ogd1OCUJSQBIsK1zg.mft
Manifest number: 1721
Signing time: Tue 11 Nov 2025 03:00:52 +0000
Manifest this update: Tue 11 Nov 2025 03:00:52 +0000
Manifest next update: Wed 12 Nov 2025 03:00:52 +0000
Files and hashes: 1: _b9uzDBnaBhrr4RiKYd-HrjhIyY.roa (hash: zuVo5YCjE6oxIWEPlMV6dA4fTWapSfHiFlgPsUG/qhk=)
2: qklDGDthG-Ogd1OCUJSQBIsK1zg.crl (hash: igkzGCZNfSGxs62GQr4jUwCsL30uoLYL7IZN5EettYw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/7bb038-01bc-4d85-9f04-d22274bba713/1/qklDGDthG-Ogd1OCUJSQBIsK1zg.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/7bb038-01bc-4d85-9f04-d22274bba713/1/qklDGDthG-Ogd1OCUJSQBIsK1zg.mft
rsync://rpki.ripe.net/repository/DEFAULT/qklDGDthG-Ogd1OCUJSQBIsK1zg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:db:ee:6b:98:ed:cb:a9:c6:c4:e4:8e:77:4f:50:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa4943183b611be3a0775382509490048b0ad738
Validity
Not Before: Nov 11 03:00:52 2025 GMT
Not After : Nov 12 03:00:52 2025 GMT
Subject: CN=8b3cdca4d8e6ee80fafc019cfe7b2c43efc27894
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:af:3f:24:ad:68:97:18:60:07:51:45:23:b3:
2f:35:e4:44:78:91:08:a1:dd:75:84:8e:e6:f8:07:
04:f8:ba:71:31:59:2e:e8:f7:58:81:fe:f2:75:a9:
f7:44:81:55:3b:61:d6:6e:ca:be:07:ab:a7:38:16:
62:35:68:df:cb:21:02:b1:61:43:46:5f:04:9f:32:
4f:51:cf:59:e5:7e:ce:50:f4:d4:62:88:b4:db:52:
dc:74:38:72:6d:2e:dd:f7:45:a4:19:11:e3:30:07:
56:b5:9e:de:dd:4f:d4:78:77:78:c8:d5:92:75:81:
01:99:ca:da:26:96:59:82:ae:66:61:a5:6e:1e:74:
80:31:10:7d:b6:ba:04:03:83:00:92:e6:78:49:87:
76:e7:73:47:8a:7f:90:05:06:be:91:df:89:fd:5a:
1b:da:01:5c:25:3c:67:c1:78:af:ec:2a:78:04:91:
30:6e:aa:ba:aa:ea:c3:09:96:ac:55:6f:82:67:5a:
dc:9e:3b:3a:e4:ac:52:ce:40:91:73:d4:c8:f4:27:
3e:cc:7c:38:cf:48:d8:d4:62:13:ab:b9:0e:ef:b1:
c0:2a:67:c1:f1:40:02:2c:18:68:54:b6:59:52:b9:
12:de:60:aa:8a:5c:10:c1:67:58:9c:b9:e9:06:76:
06:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:3C:DC:A4:D8:E6:EE:80:FA:FC:01:9C:FE:7B:2C:43:EF:C2:78:94
X509v3 Authority Key Identifier:
keyid:AA:49:43:18:3B:61:1B:E3:A0:77:53:82:50:94:90:04:8B:0A:D7:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qklDGDthG-Ogd1OCUJSQBIsK1zg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/7bb038-01bc-4d85-9f04-d22274bba713/1/qklDGDthG-Ogd1OCUJSQBIsK1zg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/7bb038-01bc-4d85-9f04-d22274bba713/1/qklDGDthG-Ogd1OCUJSQBIsK1zg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4c:41:35:3d:3d:72:92:fe:49:04:b6:9d:0b:11:d2:e2:c2:ad:
dd:5c:b3:89:58:39:ca:cb:14:1a:b2:ee:ca:33:f8:ac:6a:7f:
38:e1:bf:7a:e8:8f:6c:77:5f:63:ea:d7:71:47:c9:53:39:4d:
d4:e7:c8:bf:09:d2:95:83:55:97:51:b5:4d:40:c4:c8:1f:23:
c7:9a:0d:5b:22:f8:19:76:af:aa:17:a3:5a:b1:62:e9:04:71:
f1:90:de:3e:68:72:91:56:4b:16:c1:bb:87:d9:dd:ec:c2:d8:
50:f7:11:6c:d3:53:7a:38:9c:86:72:ce:c4:82:0d:6a:0b:90:
8f:e1:44:e3:24:f5:e8:38:01:4b:b5:93:a1:d0:8f:7f:58:e3:
f2:15:33:b8:f4:18:61:f1:45:b0:25:1b:0e:6b:3f:8a:f8:92:
ed:95:ea:4d:69:c1:29:c3:e9:71:bf:e4:46:6f:61:14:4c:97:
fd:84:cd:3e:65:ac:9d:83:c4:f5:55:2d:11:0b:cc:13:4d:8f:
6c:a1:bd:2c:4d:98:ee:be:2c:43:46:2f:e2:a3:e9:83:aa:b2:
a6:c4:17:9f:da:b1:e9:2d:4b:6d:6b:60:1e:eb:e3:3a:d0:2c:
7f:b4:3b:fa:d2:8e:c6:56:f3:56:89:f8:c6:e9:11:c9:f3:fa:
c2:d8:5f:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw2+5rmO3LqcbE5I53T1C7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNDk0MzE4M2I2MTFiZTNhMDc3NTM4MjUwOTQ5MDA0OGIw
YWQ3MzgwHhcNMjUxMTExMDMwMDUyWhcNMjUxMTEyMDMwMDUyWjAzMTEwLwYDVQQD
Eyg4YjNjZGNhNGQ4ZTZlZTgwZmFmYzAxOWNmZTdiMmM0M2VmYzI3ODk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk68/JK1olxhgB1FFI7MvNeREeJEI
od11hI7m+AcE+LpxMVku6PdYgf7ydan3RIFVO2HWbsq+B6unOBZiNWjfyyECsWFD
Rl8EnzJPUc9Z5X7OUPTUYoi021LcdDhybS7d90WkGRHjMAdWtZ7e3U/UeHd4yNWS
dYEBmcraJpZZgq5mYaVuHnSAMRB9troEA4MAkuZ4SYd253NHin+QBQa+kd+J/Vob
2gFcJTxnwXiv7Cp4BJEwbqq6qurDCZasVW+CZ1rcnjs65KxSzkCRc9TI9Cc+zHw4
z0jY1GITq7kO77HAKmfB8UACLBhoVLZZUrkS3mCqilwQwWdYnLnpBnYGYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIs83KTY5u6A+vwBnP57LEPvwniUMB8GA1UdIwQY
MBaAFKpJQxg7YRvjoHdTglCUkASLCtc4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWtsREdEdGhHLU9nZDFPQ1VKU1FCSXNLMXpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS83YmIwMzgtMDFiYy00ZDg1LTlmMDQt
ZDIyMjc0YmJhNzEzLzEvcWtsREdEdGhHLU9nZDFPQ1VKU1FCSXNLMXpnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS83YmIwMzgtMDFiYy00ZDg1LTlmMDQtZDIyMjc0YmJhNzEz
LzEvcWtsREdEdGhHLU9nZDFPQ1VKU1FCSXNLMXpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATEE1PT1y
kv5JBLadCxHS4sKt3VyziVg5yssUGrLuyjP4rGp/OOG/euiPbHdfY+rXcUfJUzlN
1OfIvwnSlYNVl1G1TUDEyB8jx5oNWyL4GXavqhejWrFi6QRx8ZDePmhykVZLFsG7
h9nd7MLYUPcRbNNTejichnLOxIINaguQj+FE4yT16DgBS7WTodCPf1jj8hUzuPQY
YfFFsCUbDms/iviS7ZXqTWnBKcPpcb/kRm9hFEyX/YTNPmWsnYPE9VUtEQvME02P
bKG9LE2Y7r4sQ0Yv4qPpg6qypsQXn9qx6S1LbWtgHuvjOtAsf7Q7+tKOxlbzVon4
xukRyfP6wthfgg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:27:46 2025 by rpki-client