Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/e797f2-f272-4663-b145-bc6a1b21fd5e/1/QA3igTHHO19TIPUdrmwb1Hq4L5I.mft
File: QA3igTHHO19TIPUdrmwb1Hq4L5I.mft (raw, json)
Hash identifier: vkp/5rqEw4gGuiLMMvPvGxD7vP+V0LmnJJt6yh39Nyc=
Subject key identifier: 6F:70:C4:6C:FA:91:05:75:D2:12:85:53:01:5F:70:87:BF:4E:27:9C
Authority key identifier: 40:0D:E2:81:31:C7:3B:5F:53:20:F5:1D:AE:6C:1B:D4:7A:B8:2F:92
Certificate issuer: /CN=400de28131c73b5f5320f51dae6c1bd47ab82f92
Certificate serial: 019A70DBFAD1FAC6506FFD5C4CDC4084244B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QA3igTHHO19TIPUdrmwb1Hq4L5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/e797f2-f272-4663-b145-bc6a1b21fd5e/1/QA3igTHHO19TIPUdrmwb1Hq4L5I.mft
Manifest number: 0424
Signing time: Tue 11 Nov 2025 03:00:56 +0000
Manifest this update: Tue 11 Nov 2025 03:00:56 +0000
Manifest next update: Wed 12 Nov 2025 03:00:56 +0000
Files and hashes: 1: QA3igTHHO19TIPUdrmwb1Hq4L5I.crl (hash: KjIOK9qzrxGtRInybY+16bw8XgyAmMew1Yj3L0QWaoI=)
2: YPXVOgtlv47MULpqvQ2eiJqw0s0.roa (hash: 1U3YQJEvDPze+SY3FCaghiXBlRWFSFhPdqgWDRzyuw0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/e797f2-f272-4663-b145-bc6a1b21fd5e/1/QA3igTHHO19TIPUdrmwb1Hq4L5I.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/e797f2-f272-4663-b145-bc6a1b21fd5e/1/QA3igTHHO19TIPUdrmwb1Hq4L5I.mft
rsync://rpki.ripe.net/repository/DEFAULT/QA3igTHHO19TIPUdrmwb1Hq4L5I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:db:fa:d1:fa:c6:50:6f:fd:5c:4c:dc:40:84:24:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=400de28131c73b5f5320f51dae6c1bd47ab82f92
Validity
Not Before: Nov 11 03:00:56 2025 GMT
Not After : Nov 12 03:00:56 2025 GMT
Subject: CN=6f70c46cfa910575d2128553015f7087bf4e279c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:cc:19:31:30:e5:69:c2:75:48:51:26:5c:83:
7c:0b:6b:f3:aa:f3:61:56:a6:aa:67:a5:20:dc:0a:
52:d5:77:85:ab:e0:9a:d3:45:cf:9f:20:f0:c8:a8:
e1:4e:2a:87:3a:e1:31:77:7e:3b:2c:cc:b8:9b:0d:
f2:5d:1f:15:75:1b:d6:70:c5:bb:88:60:14:e4:7e:
5f:e2:cd:39:49:c4:e0:00:07:fd:28:88:05:4f:d0:
0f:51:0a:b9:2c:2b:4d:82:dd:b5:47:bc:90:bc:85:
27:5b:5c:20:9c:96:59:ed:b4:65:df:3e:03:1a:2e:
60:bb:eb:48:3b:5f:ed:df:82:43:ce:ce:58:7c:fb:
42:c6:26:e5:2c:da:c1:b6:f6:e4:c0:0b:cc:44:fa:
36:bb:7a:be:c6:31:45:d7:84:41:1c:2e:2f:ae:06:
ae:fe:bf:f7:50:5a:8d:d1:4d:1d:50:d1:be:45:f9:
51:98:65:4c:51:60:c9:a9:36:9a:4c:56:66:22:5a:
db:d8:15:75:63:7b:73:7c:9d:38:75:c9:6d:1d:f5:
ea:48:ef:a4:a8:d6:74:37:21:03:45:48:77:26:d6:
26:73:1a:90:c6:e5:42:a2:cf:de:cb:a8:7a:6d:32:
23:3c:c0:7f:7b:18:f9:66:45:8f:9d:25:34:4f:59:
99:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:70:C4:6C:FA:91:05:75:D2:12:85:53:01:5F:70:87:BF:4E:27:9C
X509v3 Authority Key Identifier:
keyid:40:0D:E2:81:31:C7:3B:5F:53:20:F5:1D:AE:6C:1B:D4:7A:B8:2F:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QA3igTHHO19TIPUdrmwb1Hq4L5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/e797f2-f272-4663-b145-bc6a1b21fd5e/1/QA3igTHHO19TIPUdrmwb1Hq4L5I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/e797f2-f272-4663-b145-bc6a1b21fd5e/1/QA3igTHHO19TIPUdrmwb1Hq4L5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0a:e5:6e:b3:d1:19:e3:d1:53:d8:3a:0b:5d:2e:4a:4b:06:a8:
0c:5c:ea:7e:00:f4:00:c9:a8:72:85:48:91:ef:f1:66:cb:f2:
cc:e1:4c:b9:c0:bf:5c:80:a5:18:eb:25:9f:88:be:aa:cf:19:
85:3c:c7:a0:81:7c:a9:d3:80:38:96:cc:0d:9c:da:98:e1:08:
e5:8c:ce:b2:a9:a7:2e:8a:0a:a7:5d:55:82:c3:28:b3:e7:a3:
16:bc:97:92:f3:44:0b:b3:96:a9:ed:7f:eb:1d:99:00:82:63:
57:5d:14:f9:52:82:6f:22:b5:9c:30:0b:7b:0c:45:30:cc:74:
6e:6d:82:0e:d7:94:3c:5a:93:43:b1:5b:21:07:8d:25:4a:fd:
77:a9:26:31:75:f5:1c:45:ba:98:cb:50:71:be:8d:87:3c:bb:
61:fc:c0:1e:89:2a:48:fd:91:75:7c:4f:fe:3d:d5:71:a8:a0:
ed:8d:e4:c8:3d:5a:d3:69:ff:3e:5b:98:aa:67:e2:3d:42:c5:
0e:20:88:ca:90:80:d8:6d:87:84:f7:1b:56:16:71:f3:60:02:
8e:f5:a9:92:04:a1:4a:19:78:06:6d:14:46:a7:ad:10:83:23:
08:0d:b8:b2:4b:16:e5:61:c7:75:c6:8f:dc:5b:d6:6d:fd:1b:
51:1b:b0:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw2/rR+sZQb/1cTNxAhCRLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMGRlMjgxMzFjNzNiNWY1MzIwZjUxZGFlNmMxYmQ0N2Fi
ODJmOTIwHhcNMjUxMTExMDMwMDU2WhcNMjUxMTEyMDMwMDU2WjAzMTEwLwYDVQQD
Eyg2ZjcwYzQ2Y2ZhOTEwNTc1ZDIxMjg1NTMwMTVmNzA4N2JmNGUyNzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsswZMTDlacJ1SFEmXIN8C2vzqvNh
VqaqZ6Ug3ApS1XeFq+Ca00XPnyDwyKjhTiqHOuExd347LMy4mw3yXR8VdRvWcMW7
iGAU5H5f4s05ScTgAAf9KIgFT9APUQq5LCtNgt21R7yQvIUnW1wgnJZZ7bRl3z4D
Gi5gu+tIO1/t34JDzs5YfPtCxiblLNrBtvbkwAvMRPo2u3q+xjFF14RBHC4vrgau
/r/3UFqN0U0dUNG+RflRmGVMUWDJqTaaTFZmIlrb2BV1Y3tzfJ04dcltHfXqSO+k
qNZ0NyEDRUh3JtYmcxqQxuVCos/ey6h6bTIjPMB/exj5ZkWPnSU0T1mZDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG9wxGz6kQV10hKFUwFfcIe/TiecMB8GA1UdIwQY
MBaAFEAN4oExxztfUyD1Ha5sG9R6uC+SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUEzaWdUSEhPMTlUSVBVZHJtd2IxSHE0TDVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9lNzk3ZjItZjI3Mi00NjYzLWIxNDUt
YmM2YTFiMjFmZDVlLzEvUUEzaWdUSEhPMTlUSVBVZHJtd2IxSHE0TDVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9lNzk3ZjItZjI3Mi00NjYzLWIxNDUtYmM2YTFiMjFmZDVl
LzEvUUEzaWdUSEhPMTlUSVBVZHJtd2IxSHE0TDVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACuVus9EZ
49FT2DoLXS5KSwaoDFzqfgD0AMmocoVIke/xZsvyzOFMucC/XIClGOsln4i+qs8Z
hTzHoIF8qdOAOJbMDZzamOEI5YzOsqmnLooKp11VgsMos+ejFryXkvNEC7OWqe1/
6x2ZAIJjV10U+VKCbyK1nDALewxFMMx0bm2CDteUPFqTQ7FbIQeNJUr9d6kmMXX1
HEW6mMtQcb6Nhzy7YfzAHokqSP2RdXxP/j3Vcaig7Y3kyD1a02n/PluYqmfiPULF
DiCIypCA2G2HhPcbVhZx82ACjvWpkgShShl4Bm0URqetEIMjCA24sksW5WHHdcaP
3FvWbf0bURuwZA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:46:23 2025 by rpki-client