Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/304aaa-4ce5-4065-b073-26c3365153af/1/QHShwDg61esPBYjkwzlLo0AQpiE.mft
File: QHShwDg61esPBYjkwzlLo0AQpiE.mft (raw, json)
Hash identifier: /goJYGeDjIYzNgqAzBRRB3Og3PJXSrnwWpOrlIs8fxg=
Subject key identifier: EC:72:A8:93:FE:AF:93:EE:30:6D:35:21:5F:33:55:29:16:50:88:DB
Authority key identifier: 40:74:A1:C0:38:3A:D5:EB:0F:05:88:E4:C3:39:4B:A3:40:10:A6:21
Certificate issuer: /CN=4074a1c0383ad5eb0f0588e4c3394ba34010a621
Certificate serial: 019A0B9386461B84BF239145A8674FA43047
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QHShwDg61esPBYjkwzlLo0AQpiE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/304aaa-4ce5-4065-b073-26c3365153af/1/QHShwDg61esPBYjkwzlLo0AQpiE.mft
Manifest number: 16EC
Signing time: Wed 22 Oct 2025 11:00:08 +0000
Manifest this update: Wed 22 Oct 2025 11:00:08 +0000
Manifest next update: Thu 23 Oct 2025 11:00:08 +0000
Files and hashes: 1: DrD2EGGK8WeukKhW_YJ8LCGTR78.roa (hash: b5xoiz2oFHur8HWu35m6ElddpxbfSrT/Y2/iqOY1S6Y=)
2: IcWYNvOBamTxu6amEYkiVctQe18.roa (hash: DVw0i9jC2LodVXO+VD00rdFIuWtsdo/jV9gSa2jJOsM=)
3: QHShwDg61esPBYjkwzlLo0AQpiE.crl (hash: UCJKDeXvmHSV0d4SPDjbBtIw9dJyUrxwoLOYanvi2Dc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/304aaa-4ce5-4065-b073-26c3365153af/1/QHShwDg61esPBYjkwzlLo0AQpiE.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/304aaa-4ce5-4065-b073-26c3365153af/1/QHShwDg61esPBYjkwzlLo0AQpiE.mft
rsync://rpki.ripe.net/repository/DEFAULT/QHShwDg61esPBYjkwzlLo0AQpiE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 Oct 2025 11:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:0b:93:86:46:1b:84:bf:23:91:45:a8:67:4f:a4:30:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4074a1c0383ad5eb0f0588e4c3394ba34010a621
Validity
Not Before: Oct 22 11:00:08 2025 GMT
Not After : Oct 23 11:00:08 2025 GMT
Subject: CN=ec72a893feaf93ee306d35215f335529165088db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:13:c6:30:c4:d6:81:d1:be:84:60:62:4c:16:
8f:fd:ea:ca:9b:63:73:1f:8d:e5:db:d4:45:55:fb:
96:1e:3a:9f:57:4b:f0:ff:0a:89:ff:00:26:7b:7a:
15:3b:f4:d2:5d:4e:16:ab:22:0c:a0:c1:c6:d6:81:
af:88:d4:73:5d:52:cc:b2:43:a2:bd:d1:91:2b:de:
73:d0:0f:ad:36:95:78:c0:3c:b0:72:16:13:36:d9:
7b:14:c9:16:e2:50:1c:2a:bf:72:bb:61:45:31:3b:
b7:2e:5c:a6:dc:6f:63:7f:d5:ec:7a:56:60:a5:b1:
84:43:44:9d:3d:91:8b:44:6f:4e:d8:6c:2b:d1:4a:
0b:f0:93:f0:fc:40:75:6e:6b:ab:50:fe:31:ef:10:
2a:78:9c:ff:b1:cc:7d:b0:9b:02:ba:37:cc:e1:c3:
bc:fc:b3:d9:c2:dc:86:38:74:7b:e3:3a:09:0b:0e:
a4:ce:c2:2b:93:d5:eb:cb:d5:b7:56:e3:44:1d:fb:
85:52:39:dd:9d:2a:10:4a:1b:81:a9:c6:0e:df:be:
61:cd:fe:01:f6:5e:15:15:c2:48:5a:0d:b9:a4:2b:
3e:6d:8b:73:4f:e8:17:01:2e:ad:66:e9:fb:4e:fc:
41:40:ef:20:d5:7c:3b:80:93:84:0a:98:d8:5b:94:
3f:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:72:A8:93:FE:AF:93:EE:30:6D:35:21:5F:33:55:29:16:50:88:DB
X509v3 Authority Key Identifier:
keyid:40:74:A1:C0:38:3A:D5:EB:0F:05:88:E4:C3:39:4B:A3:40:10:A6:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QHShwDg61esPBYjkwzlLo0AQpiE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/304aaa-4ce5-4065-b073-26c3365153af/1/QHShwDg61esPBYjkwzlLo0AQpiE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/304aaa-4ce5-4065-b073-26c3365153af/1/QHShwDg61esPBYjkwzlLo0AQpiE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
10:fa:d7:19:31:42:ff:f3:74:74:a5:e8:70:fe:bc:87:16:46:
ca:af:72:9f:2e:bc:a7:96:93:8e:09:f2:2a:8d:73:65:57:af:
7a:af:2d:8e:b1:a1:97:53:8e:fb:b2:80:1a:3a:bc:7d:e6:13:
08:e5:78:fe:9a:4b:79:71:3d:f1:cd:e0:f9:04:f9:c2:e7:22:
61:8e:a8:67:f3:45:1b:e6:91:9f:f3:a6:3d:bc:12:81:e5:f9:
3d:07:77:8b:d2:f5:10:f7:2d:7d:a7:d2:c6:34:5b:d2:f1:d6:
48:cd:1f:16:a8:77:86:82:39:e9:c6:52:e8:14:d8:6f:f2:9a:
a5:a3:48:5e:54:0f:0c:9b:6a:71:9b:17:5a:25:1c:62:3e:b8:
7a:e5:03:ff:b0:1e:03:c3:ea:7e:54:1c:88:b9:91:ca:50:9b:
17:e9:39:d4:54:e2:db:fc:06:61:05:ba:47:e0:98:2f:5a:a4:
a1:75:6d:d4:2a:0b:40:d7:4a:58:c9:bb:d7:67:d4:ff:f4:73:
c0:2a:c6:6b:f4:35:16:41:6a:bf:5c:1c:73:5b:66:86:7a:8b:
cd:29:01:fe:5d:04:76:7d:66:20:a6:0b:bc:c0:9e:9b:17:65:
9f:cb:71:d1:0b:bd:25:f0:a7:08:05:cf:ad:ad:f1:3d:fe:8e:
a2:eb:40:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoLk4ZGG4S/I5FFqGdPpDBHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNzRhMWMwMzgzYWQ1ZWIwZjA1ODhlNGMzMzk0YmEzNDAx
MGE2MjEwHhcNMjUxMDIyMTEwMDA4WhcNMjUxMDIzMTEwMDA4WjAzMTEwLwYDVQQD
EyhlYzcyYTg5M2ZlYWY5M2VlMzA2ZDM1MjE1ZjMzNTUyOTE2NTA4OGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBPGMMTWgdG+hGBiTBaP/erKm2Nz
H43l29RFVfuWHjqfV0vw/wqJ/wAme3oVO/TSXU4WqyIMoMHG1oGviNRzXVLMskOi
vdGRK95z0A+tNpV4wDywchYTNtl7FMkW4lAcKr9yu2FFMTu3Llym3G9jf9XselZg
pbGEQ0SdPZGLRG9O2Gwr0UoL8JPw/EB1bmurUP4x7xAqeJz/scx9sJsCujfM4cO8
/LPZwtyGOHR74zoJCw6kzsIrk9Xry9W3VuNEHfuFUjndnSoQShuBqcYO375hzf4B
9l4VFcJIWg25pCs+bYtzT+gXAS6tZun7TvxBQO8g1Xw7gJOECpjYW5Q/WwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOxyqJP+r5PuMG01IV8zVSkWUIjbMB8GA1UdIwQY
MBaAFEB0ocA4OtXrDwWI5MM5S6NAEKYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUhTaHdEZzYxZXNQQllqa3d6bExvMEFRcGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8zMDRhYWEtNGNlNS00MDY1LWIwNzMt
MjZjMzM2NTE1M2FmLzEvUUhTaHdEZzYxZXNQQllqa3d6bExvMEFRcGlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi8zMDRhYWEtNGNlNS00MDY1LWIwNzMtMjZjMzM2NTE1M2Fm
LzEvUUhTaHdEZzYxZXNQQllqa3d6bExvMEFRcGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEPrXGTFC
//N0dKXocP68hxZGyq9yny68p5aTjgnyKo1zZVeveq8tjrGhl1OO+7KAGjq8feYT
COV4/ppLeXE98c3g+QT5wuciYY6oZ/NFG+aRn/OmPbwSgeX5PQd3i9L1EPctfafS
xjRb0vHWSM0fFqh3hoI56cZS6BTYb/KapaNIXlQPDJtqcZsXWiUcYj64euUD/7Ae
A8PqflQciLmRylCbF+k51FTi2/wGYQW6R+CYL1qkoXVt1CoLQNdKWMm712fU//Rz
wCrGa/Q1FkFqv1wcc1tmhnqLzSkB/l0Edn1mIKYLvMCemxdln8tx0Qu9JfCnCAXP
ra3xPf6OoutAiQ==
-----END CERTIFICATE-----
Generated at Wed Oct 22 19:03:49 2025 by rpki-client