Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/04019c-ad17-428d-b3a2-1be13ba8d456/1/qmWvaX3x9s2vTLvWbePUO-2GnpA.mft
File: qmWvaX3x9s2vTLvWbePUO-2GnpA.mft (raw, json)
Hash identifier: glAox8M5dM4G3C8vSXrLwIAi90InPsRnKe5+LBOhbIk=
Subject key identifier: 52:83:4E:86:A2:6A:D9:78:F0:F6:BC:DF:A3:CD:B4:7B:CE:74:32:74
Authority key identifier: AA:65:AF:69:7D:F1:F6:CD:AF:4C:BB:D6:6D:E3:D4:3B:ED:86:9E:90
Certificate issuer: /CN=aa65af697df1f6cdaf4cbbd66de3d43bed869e90
Certificate serial: 019A730111B514EF48E2BA321DC665681CA1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qmWvaX3x9s2vTLvWbePUO-2GnpA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/04019c-ad17-428d-b3a2-1be13ba8d456/1/qmWvaX3x9s2vTLvWbePUO-2GnpA.mft
Manifest number: 0D3C
Signing time: Tue 11 Nov 2025 13:00:40 +0000
Manifest this update: Tue 11 Nov 2025 13:00:40 +0000
Manifest next update: Wed 12 Nov 2025 13:00:40 +0000
Files and hashes: 1: qmWvaX3x9s2vTLvWbePUO-2GnpA.crl (hash: /CthAZuop5onFHDrtZainHwKdvJmqR6XGcMliw8AI3A=)
2: u25_l7rqpA4jc9Mn9X_nn6jE1D8.roa (hash: XxkiW8kKfa52GpQHHiGBtUNZJLczRvJy5PTfiodYsrs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/04019c-ad17-428d-b3a2-1be13ba8d456/1/qmWvaX3x9s2vTLvWbePUO-2GnpA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/04019c-ad17-428d-b3a2-1be13ba8d456/1/qmWvaX3x9s2vTLvWbePUO-2GnpA.mft
rsync://rpki.ripe.net/repository/DEFAULT/qmWvaX3x9s2vTLvWbePUO-2GnpA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:01:11:b5:14:ef:48:e2:ba:32:1d:c6:65:68:1c:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa65af697df1f6cdaf4cbbd66de3d43bed869e90
Validity
Not Before: Nov 11 13:00:40 2025 GMT
Not After : Nov 12 13:00:40 2025 GMT
Subject: CN=52834e86a26ad978f0f6bcdfa3cdb47bce743274
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e7:fe:ba:c3:3c:c2:a3:19:02:3e:b1:de:d8:
ac:76:30:7a:44:69:40:14:b7:4f:3a:39:de:b9:b1:
ae:34:ac:2d:c2:44:0d:e9:62:7a:7b:fc:25:6e:d1:
78:f4:d4:d7:49:7c:bc:0e:57:ed:d0:7b:85:4f:cd:
5b:72:07:aa:bc:73:ca:0a:cb:84:b9:49:a2:93:9a:
12:8f:9b:33:ed:59:3a:71:0e:03:d8:54:36:7f:0b:
22:9e:e4:4d:af:d2:3c:58:bb:61:d5:73:6b:30:b9:
ff:e8:68:f1:eb:8a:bf:e6:db:d5:0c:e9:c2:1f:2a:
7d:80:16:fc:19:7c:3e:e6:a6:09:81:73:ac:d8:bb:
c6:5f:ce:bf:50:80:c9:0a:c4:78:18:69:ac:43:1a:
a1:b3:47:a7:6c:44:d1:f1:44:f5:b4:ff:92:0d:12:
e7:d1:78:4c:79:21:15:c7:27:95:5f:aa:7e:fe:14:
15:13:59:95:20:1c:99:b0:15:3f:ed:e3:55:dd:dd:
12:01:09:ee:c3:d3:fc:9a:99:7a:ab:d2:5b:13:00:
9d:4e:20:fb:57:b8:11:5f:df:5d:5a:f8:b8:24:24:
f7:66:78:18:15:c4:25:ba:de:8c:94:f0:27:20:6f:
cd:c4:42:58:1b:d2:da:93:7a:9a:a0:0b:82:2f:47:
a1:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:83:4E:86:A2:6A:D9:78:F0:F6:BC:DF:A3:CD:B4:7B:CE:74:32:74
X509v3 Authority Key Identifier:
keyid:AA:65:AF:69:7D:F1:F6:CD:AF:4C:BB:D6:6D:E3:D4:3B:ED:86:9E:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qmWvaX3x9s2vTLvWbePUO-2GnpA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/04019c-ad17-428d-b3a2-1be13ba8d456/1/qmWvaX3x9s2vTLvWbePUO-2GnpA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/04019c-ad17-428d-b3a2-1be13ba8d456/1/qmWvaX3x9s2vTLvWbePUO-2GnpA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a5:78:16:ed:09:ee:40:92:3e:e3:29:16:ae:58:6d:38:2b:4b:
51:64:57:64:cd:46:8c:97:06:70:8a:91:88:5a:64:24:bb:6a:
20:53:16:27:8b:60:7b:ba:8b:f5:46:b0:24:29:f4:2b:42:be:
e8:51:64:8b:80:bb:70:d9:8c:6a:ff:1c:82:4f:1c:da:4d:ca:
61:30:1f:09:7c:4a:03:9b:c5:26:3f:52:96:43:36:27:fe:f4:
3c:33:94:b0:74:fd:5c:1d:7e:47:b3:e1:6d:b1:fa:9b:d1:0e:
e4:c6:dd:34:de:7a:f9:7a:2c:77:3c:26:c6:57:2b:e7:22:de:
6d:ee:77:75:c5:95:83:e6:68:db:04:6d:a6:9c:cc:4d:46:61:
9d:57:16:ce:5b:51:60:73:de:df:6f:95:f0:6e:18:46:1b:c8:
c2:6a:fb:27:89:d4:8a:5e:41:84:4d:8d:d1:dc:80:83:04:63:
67:9a:73:bc:62:a4:1c:df:40:7b:cb:50:60:9c:93:00:64:15:
96:4c:38:f4:db:85:2a:47:48:f4:ae:89:f9:17:20:58:e5:9f:
56:25:6e:b4:17:e8:c9:38:d9:82:74:e3:1f:09:01:09:d9:1c:
7c:3c:0b:3b:df:46:eb:74:7a:b4:37:18:d6:9d:94:6b:bf:7a:
ce:0a:de:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzARG1FO9I4royHcZlaByhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNjVhZjY5N2RmMWY2Y2RhZjRjYmJkNjZkZTNkNDNiZWQ4
NjllOTAwHhcNMjUxMTExMTMwMDQwWhcNMjUxMTEyMTMwMDQwWjAzMTEwLwYDVQQD
Eyg1MjgzNGU4NmEyNmFkOTc4ZjBmNmJjZGZhM2NkYjQ3YmNlNzQzMjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwef+usM8wqMZAj6x3tisdjB6RGlA
FLdPOjneubGuNKwtwkQN6WJ6e/wlbtF49NTXSXy8Dlft0HuFT81bcgeqvHPKCsuE
uUmik5oSj5sz7Vk6cQ4D2FQ2fwsinuRNr9I8WLth1XNrMLn/6Gjx64q/5tvVDOnC
Hyp9gBb8GXw+5qYJgXOs2LvGX86/UIDJCsR4GGmsQxqhs0enbETR8UT1tP+SDRLn
0XhMeSEVxyeVX6p+/hQVE1mVIByZsBU/7eNV3d0SAQnuw9P8mpl6q9JbEwCdTiD7
V7gRX99dWvi4JCT3ZngYFcQlut6MlPAnIG/NxEJYG9Lak3qaoAuCL0ehAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFKDToaiatl48Pa836PNtHvOdDJ0MB8GA1UdIwQY
MBaAFKplr2l98fbNr0y71m3j1Dvthp6QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW1XdmFYM3g5czJ2VEx2V2JlUFVPLTJHbnBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8wNDAxOWMtYWQxNy00MjhkLWIzYTIt
MWJlMTNiYThkNDU2LzEvcW1XdmFYM3g5czJ2VEx2V2JlUFVPLTJHbnBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8wNDAxOWMtYWQxNy00MjhkLWIzYTItMWJlMTNiYThkNDU2
LzEvcW1XdmFYM3g5czJ2VEx2V2JlUFVPLTJHbnBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApXgW7Qnu
QJI+4ykWrlhtOCtLUWRXZM1GjJcGcIqRiFpkJLtqIFMWJ4tge7qL9UawJCn0K0K+
6FFki4C7cNmMav8cgk8c2k3KYTAfCXxKA5vFJj9SlkM2J/70PDOUsHT9XB1+R7Ph
bbH6m9EO5MbdNN56+Xosdzwmxlcr5yLebe53dcWVg+Zo2wRtppzMTUZhnVcWzltR
YHPe32+V8G4YRhvIwmr7J4nUil5BhE2N0dyAgwRjZ5pzvGKkHN9Ae8tQYJyTAGQV
lkw49NuFKkdI9K6J+RcgWOWfViVutBfoyTjZgnTjHwkBCdkcfDwLO99G63R6tDcY
1p2Ua796zgreIw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:56:42 2025 by rpki-client