Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/87ab16-b4de-4ccf-ac49-461a6eccfc47/1/q-KqqfiJDkQV40HAd9hnvuJaodE.mft
File: q-KqqfiJDkQV40HAd9hnvuJaodE.mft (raw, json)
Hash identifier: bTC53a1ZD6+7VBqH2YbAKzX65xfnFSl/+hm5oGHPf64=
Subject key identifier: 0F:1D:5D:F1:FF:00:EC:91:D7:35:E6:67:31:40:83:1B:85:5E:28:E7
Authority key identifier: AB:E2:AA:A9:F8:89:0E:44:15:E3:41:C0:77:D8:67:BE:E2:5A:A1:D1
Certificate issuer: /CN=abe2aaa9f8890e4415e341c077d867bee25aa1d1
Certificate serial: 019A706E4FC5B203360D2B5867FA275D3D80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q-KqqfiJDkQV40HAd9hnvuJaodE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/87ab16-b4de-4ccf-ac49-461a6eccfc47/1/q-KqqfiJDkQV40HAd9hnvuJaodE.mft
Manifest number: 0175
Signing time: Tue 11 Nov 2025 01:01:08 +0000
Manifest this update: Tue 11 Nov 2025 01:01:08 +0000
Manifest next update: Wed 12 Nov 2025 01:01:08 +0000
Files and hashes: 1: q-KqqfiJDkQV40HAd9hnvuJaodE.crl (hash: QgPMHLRY10bJPF61NZgrpyDEJdTTZdn+YcpFNdINTsg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/87ab16-b4de-4ccf-ac49-461a6eccfc47/1/q-KqqfiJDkQV40HAd9hnvuJaodE.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/87ab16-b4de-4ccf-ac49-461a6eccfc47/1/q-KqqfiJDkQV40HAd9hnvuJaodE.mft
rsync://rpki.ripe.net/repository/DEFAULT/q-KqqfiJDkQV40HAd9hnvuJaodE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 01:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:6e:4f:c5:b2:03:36:0d:2b:58:67:fa:27:5d:3d:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abe2aaa9f8890e4415e341c077d867bee25aa1d1
Validity
Not Before: Nov 11 01:01:08 2025 GMT
Not After : Nov 12 01:01:08 2025 GMT
Subject: CN=0f1d5df1ff00ec91d735e6673140831b855e28e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:73:bd:7a:2b:90:16:73:14:6f:47:54:09:78:
02:ad:38:b8:f3:7f:4b:92:55:85:17:60:cb:00:72:
14:6a:3a:cf:c3:db:a3:5b:3e:04:bf:06:15:5a:e0:
15:9a:46:ce:74:42:17:a5:48:b5:0f:62:87:cc:4b:
b9:f8:c3:58:4e:c7:d6:61:62:e2:ac:55:55:8b:87:
73:b0:3d:1c:13:29:96:29:d1:75:e3:a0:bd:cc:5e:
9b:34:69:c6:0c:ab:35:31:12:43:50:a1:92:33:fd:
f1:83:b6:23:60:29:91:f2:4a:1c:a1:4b:a9:3b:21:
41:f2:8c:eb:83:92:b3:3e:cf:75:9d:f9:16:b8:9f:
22:f8:54:7e:c1:6f:ac:93:df:c3:cf:df:83:47:e4:
6d:79:e0:8c:8f:b7:18:9e:33:ae:6d:32:67:d2:92:
99:52:50:66:95:55:04:d3:52:69:a9:c6:29:43:f3:
c4:1f:e2:59:e7:46:69:e1:79:68:45:8f:32:a7:d2:
bf:99:2c:91:37:8b:fa:ea:cf:fc:37:54:e3:ff:5e:
a3:a1:b4:4b:20:19:97:27:a0:f0:69:ec:e8:ee:76:
ae:d5:8f:df:11:e9:ac:d7:c4:cf:03:38:c7:ad:dd:
61:5b:7b:5d:b1:0d:ac:aa:f0:82:95:98:1a:f3:99:
ae:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:1D:5D:F1:FF:00:EC:91:D7:35:E6:67:31:40:83:1B:85:5E:28:E7
X509v3 Authority Key Identifier:
keyid:AB:E2:AA:A9:F8:89:0E:44:15:E3:41:C0:77:D8:67:BE:E2:5A:A1:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q-KqqfiJDkQV40HAd9hnvuJaodE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/87ab16-b4de-4ccf-ac49-461a6eccfc47/1/q-KqqfiJDkQV40HAd9hnvuJaodE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/87ab16-b4de-4ccf-ac49-461a6eccfc47/1/q-KqqfiJDkQV40HAd9hnvuJaodE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
28:fd:36:d0:90:03:53:69:dd:06:7f:8b:82:78:91:a5:fd:98:
c9:58:e9:b3:b6:31:75:4b:f5:9c:d3:e9:1a:04:d1:13:d2:54:
35:99:63:56:53:d3:62:b2:0a:d8:01:cd:4e:fe:97:ef:31:4a:
09:49:31:3b:d7:f7:d9:f0:cd:8a:92:57:51:87:03:98:45:52:
35:54:22:83:7e:cf:c0:eb:28:b1:8e:4f:ce:35:ea:7b:6e:f8:
d2:32:7e:77:71:71:1a:50:99:ae:2a:c2:79:3e:7f:79:99:96:
51:80:a8:94:52:2b:60:60:e3:25:64:b4:89:89:89:13:63:69:
18:b9:55:44:22:08:6f:a8:91:f7:21:80:2c:63:9f:c7:21:12:
c2:45:7e:74:70:87:58:24:84:81:ca:ce:41:f0:a1:45:03:f0:
ce:82:50:0e:fe:d7:d8:f7:6a:34:c5:c5:cb:3a:d4:10:90:ab:
ec:48:fc:3b:84:34:42:2c:41:6f:4a:83:2c:2c:09:c6:58:bb:
f1:21:2f:e5:28:ad:d5:da:8c:6a:87:9e:0e:13:72:05:33:b7:
59:93:c4:e5:76:4e:73:12:41:da:76:79:99:89:bf:cb:98:aa:
31:81:0a:e8:34:80:1f:d6:bc:a3:51:39:e7:2d:63:f9:80:76:
19:46:43:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwbk/FsgM2DStYZ/onXT2AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiZTJhYWE5Zjg4OTBlNDQxNWUzNDFjMDc3ZDg2N2JlZTI1
YWExZDEwHhcNMjUxMTExMDEwMTA4WhcNMjUxMTEyMDEwMTA4WjAzMTEwLwYDVQQD
EygwZjFkNWRmMWZmMDBlYzkxZDczNWU2NjczMTQwODMxYjg1NWUyOGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXO9eiuQFnMUb0dUCXgCrTi4839L
klWFF2DLAHIUajrPw9ujWz4EvwYVWuAVmkbOdEIXpUi1D2KHzEu5+MNYTsfWYWLi
rFVVi4dzsD0cEymWKdF146C9zF6bNGnGDKs1MRJDUKGSM/3xg7YjYCmR8kocoUup
OyFB8ozrg5KzPs91nfkWuJ8i+FR+wW+sk9/Dz9+DR+RteeCMj7cYnjOubTJn0pKZ
UlBmlVUE01JpqcYpQ/PEH+JZ50Zp4XloRY8yp9K/mSyRN4v66s/8N1Tj/16jobRL
IBmXJ6Dwaezo7nau1Y/fEems18TPAzjHrd1hW3tdsQ2sqvCClZga85mu8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA8dXfH/AOyR1zXmZzFAgxuFXijnMB8GA1UdIwQY
MBaAFKviqqn4iQ5EFeNBwHfYZ77iWqHRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcS1LcXFmaUpEa1FWNDBIQWQ5aG52dUphb2RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC84N2FiMTYtYjRkZS00Y2NmLWFjNDkt
NDYxYTZlY2NmYzQ3LzEvcS1LcXFmaUpEa1FWNDBIQWQ5aG52dUphb2RFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC84N2FiMTYtYjRkZS00Y2NmLWFjNDktNDYxYTZlY2NmYzQ3
LzEvcS1LcXFmaUpEa1FWNDBIQWQ5aG52dUphb2RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKP020JAD
U2ndBn+LgniRpf2YyVjps7YxdUv1nNPpGgTRE9JUNZljVlPTYrIK2AHNTv6X7zFK
CUkxO9f32fDNipJXUYcDmEVSNVQig37PwOsosY5PzjXqe2740jJ+d3FxGlCZrirC
eT5/eZmWUYColFIrYGDjJWS0iYmJE2NpGLlVRCIIb6iR9yGALGOfxyESwkV+dHCH
WCSEgcrOQfChRQPwzoJQDv7X2PdqNMXFyzrUEJCr7Ej8O4Q0QixBb0qDLCwJxli7
8SEv5Sit1dqMaoeeDhNyBTO3WZPE5XZOcxJB2nZ5mYm/y5iqMYEK6DSAH9a8o1E5
5y1j+YB2GUZDAA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:34:55 2025 by rpki-client