Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/a9a51a-e8e3-497a-aba2-e799c23aac20/1/Q2TnsO7yBINcffKon2DAK-HYmt0.mft
File: Q2TnsO7yBINcffKon2DAK-HYmt0.mft (raw, json)
Hash identifier: dFAJRopsuhmjZ5IkJjrsQ7Hk21443fpYZSfAPNomHZM=
Subject key identifier: 6B:29:8E:51:CD:33:7E:BA:E6:DD:1E:4B:59:5D:CB:23:07:D9:EB:E1
Authority key identifier: 43:64:E7:B0:EE:F2:04:83:5C:7D:F2:A8:9F:60:C0:2B:E1:D8:9A:DD
Certificate issuer: /CN=4364e7b0eef204835c7df2a89f60c02be1d89add
Certificate serial: 019A72CA3E494C5D6EF7191AF689D13E2FA4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q2TnsO7yBINcffKon2DAK-HYmt0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/a9a51a-e8e3-497a-aba2-e799c23aac20/1/Q2TnsO7yBINcffKon2DAK-HYmt0.mft
Manifest number: 015E
Signing time: Tue 11 Nov 2025 12:00:48 +0000
Manifest this update: Tue 11 Nov 2025 12:00:48 +0000
Manifest next update: Wed 12 Nov 2025 12:00:48 +0000
Files and hashes: 1: 4Lqe88CYtrJZ1_QwsLbbBZVtRAc.roa (hash: 4DmhBXf2oC0XIM1RLi3zAk7AYqn+M5oHIj926WSgGgs=)
2: Q2TnsO7yBINcffKon2DAK-HYmt0.crl (hash: z5QHGt3B9MlBTJznKEXm9IDJiAHFKv+4llr/KH+Rwts=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/a9a51a-e8e3-497a-aba2-e799c23aac20/1/Q2TnsO7yBINcffKon2DAK-HYmt0.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/a9a51a-e8e3-497a-aba2-e799c23aac20/1/Q2TnsO7yBINcffKon2DAK-HYmt0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q2TnsO7yBINcffKon2DAK-HYmt0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:ca:3e:49:4c:5d:6e:f7:19:1a:f6:89:d1:3e:2f:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4364e7b0eef204835c7df2a89f60c02be1d89add
Validity
Not Before: Nov 11 12:00:48 2025 GMT
Not After : Nov 12 12:00:48 2025 GMT
Subject: CN=6b298e51cd337ebae6dd1e4b595dcb2307d9ebe1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a8:b0:61:5b:6a:28:92:74:cc:5a:ed:eb:fb:
2a:1e:d0:32:f2:f2:fc:e7:2a:8a:2d:71:d7:22:b8:
df:9b:21:bb:93:1c:f4:d4:1a:39:0c:2d:ae:48:28:
82:8f:38:74:59:b5:9b:91:3a:fc:0b:24:c2:51:b8:
35:f9:50:25:2b:95:e0:8c:f9:46:df:b8:ff:c0:60:
d0:98:88:8a:55:a4:9f:0d:b7:a8:70:62:de:e1:84:
38:b5:2b:ee:e3:ba:d4:95:dc:af:bc:2e:a2:4a:2d:
01:08:5e:60:c5:5d:e5:0a:7a:89:32:b8:94:94:42:
5e:f7:c9:ae:34:fa:e9:62:51:0b:e2:e9:66:03:cb:
ad:5a:30:35:75:ae:72:be:d4:ca:7d:74:6a:3d:09:
b7:d8:89:3f:e5:79:eb:20:2f:e1:7b:c4:2e:18:51:
21:13:04:44:bb:d6:23:81:f6:9b:19:0d:80:01:6b:
45:76:ef:2f:e1:dc:99:89:fd:88:2b:d7:50:4d:47:
45:b8:96:90:83:ee:25:5c:3a:4d:b9:41:39:a9:ba:
46:f5:10:bb:7e:1c:1d:72:f5:7b:e1:8e:51:fd:53:
b9:6b:b6:de:cb:0d:d9:bc:55:ae:74:f1:84:af:ec:
26:94:e2:c7:9c:3c:ba:d2:92:b4:0c:a9:c1:cd:a8:
23:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:29:8E:51:CD:33:7E:BA:E6:DD:1E:4B:59:5D:CB:23:07:D9:EB:E1
X509v3 Authority Key Identifier:
keyid:43:64:E7:B0:EE:F2:04:83:5C:7D:F2:A8:9F:60:C0:2B:E1:D8:9A:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q2TnsO7yBINcffKon2DAK-HYmt0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/a9a51a-e8e3-497a-aba2-e799c23aac20/1/Q2TnsO7yBINcffKon2DAK-HYmt0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/a9a51a-e8e3-497a-aba2-e799c23aac20/1/Q2TnsO7yBINcffKon2DAK-HYmt0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
35:32:6a:91:06:70:56:55:39:48:32:f7:0c:8b:60:67:40:b2:
33:f9:cb:76:d1:49:a5:00:37:43:d9:42:ab:ef:54:77:82:9d:
11:00:17:fc:c6:e6:14:fb:8f:c8:5c:4f:fb:c7:77:6f:70:18:
60:ae:c3:45:49:6f:2b:78:79:68:5e:11:d3:e6:49:aa:fe:77:
a2:1d:f3:cd:d6:1e:f8:b6:b5:fa:91:24:9b:38:aa:24:b9:46:
8b:7a:b2:b3:b7:5f:00:6e:85:5a:8b:9d:e8:ba:e0:ea:38:21:
54:fd:16:c0:b5:d0:75:ed:66:38:a6:78:3e:17:39:d4:fa:d4:
60:16:67:65:5a:09:94:7e:97:4f:9b:8b:12:16:ef:68:25:ed:
c8:4c:05:21:79:a0:49:03:46:59:b0:3d:6b:16:65:10:23:ba:
ff:d9:21:f9:c3:0d:58:46:0b:b8:3f:66:3f:8c:e1:a4:16:13:
e8:df:3c:23:d3:17:fd:9a:aa:7c:18:b7:82:73:e6:a3:8b:ce:
5b:db:0b:1e:22:e1:1a:a0:29:68:da:3d:f1:8b:c4:44:a7:19:
11:83:fd:4d:9b:15:f4:88:90:58:8c:dd:3c:46:4c:ad:a4:19:
a5:46:38:ba:a5:b9:55:1b:51:1b:64:00:83:a5:03:10:f3:04:
ad:e3:f2:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyyj5JTF1u9xka9onRPi+kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNjRlN2IwZWVmMjA0ODM1YzdkZjJhODlmNjBjMDJiZTFk
ODlhZGQwHhcNMjUxMTExMTIwMDQ4WhcNMjUxMTEyMTIwMDQ4WjAzMTEwLwYDVQQD
Eyg2YjI5OGU1MWNkMzM3ZWJhZTZkZDFlNGI1OTVkY2IyMzA3ZDllYmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaiwYVtqKJJ0zFrt6/sqHtAy8vL8
5yqKLXHXIrjfmyG7kxz01Bo5DC2uSCiCjzh0WbWbkTr8CyTCUbg1+VAlK5XgjPlG
37j/wGDQmIiKVaSfDbeocGLe4YQ4tSvu47rUldyvvC6iSi0BCF5gxV3lCnqJMriU
lEJe98muNPrpYlEL4ulmA8utWjA1da5yvtTKfXRqPQm32Ik/5XnrIC/he8QuGFEh
EwREu9YjgfabGQ2AAWtFdu8v4dyZif2IK9dQTUdFuJaQg+4lXDpNuUE5qbpG9RC7
fhwdcvV74Y5R/VO5a7beyw3ZvFWudPGEr+wmlOLHnDy60pK0DKnBzagj1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGspjlHNM3665t0eS1ldyyMH2evhMB8GA1UdIwQY
MBaAFENk57Du8gSDXH3yqJ9gwCvh2JrdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTJUbnNPN3lCSU5jZmZLb24yREFLLUhZbXQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9hOWE1MWEtZThlMy00OTdhLWFiYTIt
ZTc5OWMyM2FhYzIwLzEvUTJUbnNPN3lCSU5jZmZLb24yREFLLUhZbXQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9hOWE1MWEtZThlMy00OTdhLWFiYTItZTc5OWMyM2FhYzIw
LzEvUTJUbnNPN3lCSU5jZmZLb24yREFLLUhZbXQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANTJqkQZw
VlU5SDL3DItgZ0CyM/nLdtFJpQA3Q9lCq+9Ud4KdEQAX/MbmFPuPyFxP+8d3b3AY
YK7DRUlvK3h5aF4R0+ZJqv53oh3zzdYe+La1+pEkmziqJLlGi3qys7dfAG6FWoud
6Lrg6jghVP0WwLXQde1mOKZ4Phc51PrUYBZnZVoJlH6XT5uLEhbvaCXtyEwFIXmg
SQNGWbA9axZlECO6/9kh+cMNWEYLuD9mP4zhpBYT6N88I9MX/ZqqfBi3gnPmo4vO
W9sLHiLhGqApaNo98YvERKcZEYP9TZsV9IiQWIzdPEZMraQZpUY4uqW5VRtRG2QA
g6UDEPMErePyqg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:19:04 2025 by rpki-client