Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/bb9947-172c-48b1-be8e-4c905adbf076/1/Q0XQdzx63gjUSBnjthG9KXo5idM.mft
File: Q0XQdzx63gjUSBnjthG9KXo5idM.mft (raw, json)
Hash identifier: pCmkezPojxj6pMiw6MsU5iy5jhsstDSkqnJmVNJivz4=
Subject key identifier: 7F:5D:45:23:BC:9E:1F:17:5D:E5:F4:5C:47:21:08:15:7E:89:0F:EA
Authority key identifier: 43:45:D0:77:3C:7A:DE:08:D4:48:19:E3:B6:11:BD:29:7A:39:89:D3
Certificate issuer: /CN=4345d0773c7ade08d44819e3b611bd297a3989d3
Certificate serial: 019A71EED45953A9A4C11A196C16223D245B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q0XQdzx63gjUSBnjthG9KXo5idM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/bb9947-172c-48b1-be8e-4c905adbf076/1/Q0XQdzx63gjUSBnjthG9KXo5idM.mft
Manifest number: 1438
Signing time: Tue 11 Nov 2025 08:01:08 +0000
Manifest this update: Tue 11 Nov 2025 08:01:08 +0000
Manifest next update: Wed 12 Nov 2025 08:01:08 +0000
Files and hashes: 1: D7IbZMa3P-hRRIAm78DqK4wNZ34.roa (hash: 3Rvd3MmyWPzVOpIFhMlT5LNPsKGSgahML9FUxKiCMwI=)
2: O7r63uTdFaICg1i90uf5cyEl-h4.roa (hash: Efs34tr8Lub/IHxUGCrqJn6lA9J8HyHyjcZJAIyTZbQ=)
3: Q0XQdzx63gjUSBnjthG9KXo5idM.crl (hash: rp/NZwJkQnC2pqF0bsfeROMUfZQ9MY3eGXlyC+q6pMI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/bb9947-172c-48b1-be8e-4c905adbf076/1/Q0XQdzx63gjUSBnjthG9KXo5idM.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/bb9947-172c-48b1-be8e-4c905adbf076/1/Q0XQdzx63gjUSBnjthG9KXo5idM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q0XQdzx63gjUSBnjthG9KXo5idM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:d4:59:53:a9:a4:c1:1a:19:6c:16:22:3d:24:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4345d0773c7ade08d44819e3b611bd297a3989d3
Validity
Not Before: Nov 11 08:01:08 2025 GMT
Not After : Nov 12 08:01:08 2025 GMT
Subject: CN=7f5d4523bc9e1f175de5f45c472108157e890fea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:81:29:b7:ea:78:19:57:ad:00:19:d8:4d:3a:
7b:07:72:a4:a7:c0:15:07:30:78:3e:a4:b5:77:01:
df:5b:ba:41:c4:f1:74:7d:7e:58:25:03:3d:d9:58:
bd:9e:c6:e4:e5:c9:49:44:07:21:0f:ff:68:97:e7:
9f:fe:37:de:54:1c:65:25:d5:62:21:ea:50:f2:de:
18:17:08:e3:f1:cf:0c:4a:16:6a:8e:a4:44:48:3e:
0f:51:e1:a8:6e:9b:8c:30:db:2e:33:87:98:ae:1c:
cd:50:be:1d:6a:0e:2a:48:7b:c5:39:d9:e6:27:5d:
a4:f5:69:82:83:87:49:be:77:4d:4a:32:ab:46:62:
93:52:df:61:b0:85:a1:2a:22:4f:7c:43:78:45:d9:
60:fd:87:42:3a:d3:f1:61:b5:c9:47:7e:d4:ae:cc:
c0:8b:fd:f3:62:e1:2d:a4:db:92:8c:03:69:f4:88:
79:17:08:7a:89:7b:ca:9e:73:7a:d1:f9:7f:47:29:
57:34:dc:6d:a0:bc:c9:1d:30:08:26:1b:34:d2:66:
8a:76:a3:0d:99:85:d4:cb:4c:e2:5e:9a:5a:c3:5b:
4e:da:fa:50:d9:f6:6e:71:0a:1c:2b:b9:a1:0f:0f:
ed:93:a6:fc:22:3a:89:ca:6c:36:f5:d4:aa:b5:49:
29:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:5D:45:23:BC:9E:1F:17:5D:E5:F4:5C:47:21:08:15:7E:89:0F:EA
X509v3 Authority Key Identifier:
keyid:43:45:D0:77:3C:7A:DE:08:D4:48:19:E3:B6:11:BD:29:7A:39:89:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q0XQdzx63gjUSBnjthG9KXo5idM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/bb9947-172c-48b1-be8e-4c905adbf076/1/Q0XQdzx63gjUSBnjthG9KXo5idM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/bb9947-172c-48b1-be8e-4c905adbf076/1/Q0XQdzx63gjUSBnjthG9KXo5idM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9d:37:1f:38:b1:bb:39:3d:fc:9e:26:04:67:83:59:90:06:6e:
e4:44:d0:66:02:a0:6e:33:33:2c:ca:e4:a4:cf:a5:f6:ab:ab:
f3:c0:04:56:92:eb:2a:73:0b:d5:f9:09:85:53:b0:5d:45:70:
cb:35:19:fe:c2:82:5e:4f:71:fc:2f:00:30:af:5d:63:ff:62:
36:ab:e2:06:b5:6a:28:c7:e9:7b:82:38:2f:dd:a5:f2:02:4f:
ba:84:b6:e4:6c:32:db:24:5b:b1:a4:7b:81:a4:4d:3d:02:5a:
9f:4e:42:b7:3f:3c:d7:51:61:7e:a9:71:e9:74:01:8b:4c:c5:
3c:ed:0f:47:a9:c5:93:ec:29:1a:94:ff:83:45:54:69:9c:69:
61:92:80:3d:0f:4d:e2:60:91:61:61:6a:b3:09:86:53:84:88:
fb:3e:81:69:e0:37:e0:0c:b8:70:50:c0:dd:58:c5:c5:ff:35:
16:c2:f3:1d:6b:b5:63:6c:cb:fa:c9:25:6a:10:81:94:41:06:
83:28:6b:ec:68:db:3b:36:5c:08:90:29:88:2a:7e:a9:89:09:
31:a1:54:65:de:52:fe:7b:54:1b:5a:a3:4f:ba:f0:4e:07:b1:
92:1c:8c:9a:a5:95:a5:a1:f5:d4:68:c2:08:3f:a7:71:93:4e:
68:a1:5b:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7tRZU6mkwRoZbBYiPSRbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNDVkMDc3M2M3YWRlMDhkNDQ4MTllM2I2MTFiZDI5N2Ez
OTg5ZDMwHhcNMjUxMTExMDgwMTA4WhcNMjUxMTEyMDgwMTA4WjAzMTEwLwYDVQQD
Eyg3ZjVkNDUyM2JjOWUxZjE3NWRlNWY0NWM0NzIxMDgxNTdlODkwZmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyIEpt+p4GVetABnYTTp7B3Kkp8AV
BzB4PqS1dwHfW7pBxPF0fX5YJQM92Vi9nsbk5clJRAchD/9ol+ef/jfeVBxlJdVi
IepQ8t4YFwjj8c8MShZqjqRESD4PUeGobpuMMNsuM4eYrhzNUL4dag4qSHvFOdnm
J12k9WmCg4dJvndNSjKrRmKTUt9hsIWhKiJPfEN4Rdlg/YdCOtPxYbXJR37UrszA
i/3zYuEtpNuSjANp9Ih5Fwh6iXvKnnN60fl/RylXNNxtoLzJHTAIJhs00maKdqMN
mYXUy0ziXppaw1tO2vpQ2fZucQocK7mhDw/tk6b8IjqJymw29dSqtUkpGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH9dRSO8nh8XXeX0XEchCBV+iQ/qMB8GA1UdIwQY
MBaAFENF0Hc8et4I1EgZ47YRvSl6OYnTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTBYUWR6eDYzZ2pVU0JuanRoRzlLWG81aWRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9iYjk5NDctMTcyYy00OGIxLWJlOGUt
NGM5MDVhZGJmMDc2LzEvUTBYUWR6eDYzZ2pVU0JuanRoRzlLWG81aWRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9iYjk5NDctMTcyYy00OGIxLWJlOGUtNGM5MDVhZGJmMDc2
LzEvUTBYUWR6eDYzZ2pVU0JuanRoRzlLWG81aWRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnTcfOLG7
OT38niYEZ4NZkAZu5ETQZgKgbjMzLMrkpM+l9qur88AEVpLrKnML1fkJhVOwXUVw
yzUZ/sKCXk9x/C8AMK9dY/9iNqviBrVqKMfpe4I4L92l8gJPuoS25Gwy2yRbsaR7
gaRNPQJan05Ctz8811Fhfqlx6XQBi0zFPO0PR6nFk+wpGpT/g0VUaZxpYZKAPQ9N
4mCRYWFqswmGU4SI+z6BaeA34Ay4cFDA3VjFxf81FsLzHWu1Y2zL+sklahCBlEEG
gyhr7GjbOzZcCJApiCp+qYkJMaFUZd5S/ntUG1qjT7rwTgexkhyMmqWVpaH11GjC
CD+ncZNOaKFbiA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:33:45 2025 by rpki-client