Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/438008-338d-4c31-97c5-4cb97076cff2/1/QwPxM011rEMsDKp404mnDAnBLKY.mft
File: QwPxM011rEMsDKp404mnDAnBLKY.mft (raw, json)
Hash identifier: hqWKQ6zoHKmmlk5gabSAL1Wa4x+pS91iYfUrZfMePVA=
Subject key identifier: E2:25:0F:D7:2C:96:8A:03:F7:1B:A4:1D:E1:36:6A:BD:55:65:ED:C9
Authority key identifier: 43:03:F1:33:4D:75:AC:43:2C:0C:AA:78:D3:89:A7:0C:09:C1:2C:A6
Certificate issuer: /CN=4303f1334d75ac432c0caa78d389a70c09c12ca6
Certificate serial: 019A7113516DC1C0B103B0B8459C908EED6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwPxM011rEMsDKp404mnDAnBLKY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/438008-338d-4c31-97c5-4cb97076cff2/1/QwPxM011rEMsDKp404mnDAnBLKY.mft
Manifest number: 0274
Signing time: Tue 11 Nov 2025 04:01:22 +0000
Manifest this update: Tue 11 Nov 2025 04:01:22 +0000
Manifest next update: Wed 12 Nov 2025 04:01:22 +0000
Files and hashes: 1: QwPxM011rEMsDKp404mnDAnBLKY.crl (hash: VlJ2tNB6FVsJfxJreJflUNt8CAGeALYCeRHvvZIXjn0=)
2: etqHJp94mEXyM-mZRNVFRO7Kziw.roa (hash: Y6iOU/XBP66s91SGzXjQj2BEKS4QjWa/buoOF4uhFqg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/438008-338d-4c31-97c5-4cb97076cff2/1/QwPxM011rEMsDKp404mnDAnBLKY.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/438008-338d-4c31-97c5-4cb97076cff2/1/QwPxM011rEMsDKp404mnDAnBLKY.mft
rsync://rpki.ripe.net/repository/DEFAULT/QwPxM011rEMsDKp404mnDAnBLKY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 04:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:13:51:6d:c1:c0:b1:03:b0:b8:45:9c:90:8e:ed:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4303f1334d75ac432c0caa78d389a70c09c12ca6
Validity
Not Before: Nov 11 04:01:22 2025 GMT
Not After : Nov 12 04:01:22 2025 GMT
Subject: CN=e2250fd72c968a03f71ba41de1366abd5565edc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:24:ad:2f:65:8b:80:66:d2:91:b9:e5:c9:6f:
c8:05:02:cf:fc:66:b9:b9:92:a0:62:7d:68:b7:1d:
2b:20:87:a8:0c:03:24:c2:67:3b:2c:51:22:17:a0:
72:6b:24:dd:01:7b:08:6f:06:97:3c:b8:a6:79:ac:
88:7d:ae:f3:c0:7a:2f:0c:f0:96:74:b4:5a:b2:24:
09:2e:26:3e:94:56:52:93:1c:33:02:8b:27:86:ad:
ee:74:84:bf:85:0c:1b:6f:4f:c3:87:75:5c:7a:fa:
94:c7:b2:ed:dc:20:9a:73:5c:4e:de:06:a5:6c:d5:
5e:99:a8:cc:57:8a:87:4e:3b:40:70:17:44:e0:d3:
c8:12:21:26:7a:4b:70:40:93:6b:76:57:2e:c9:b2:
fb:30:ce:fc:24:68:c8:de:d7:7b:79:dd:91:24:af:
52:18:2f:be:65:d1:76:db:9d:2b:fb:cd:46:c7:4b:
91:8c:4a:09:73:a0:0a:f2:2c:6c:6e:26:79:13:ce:
ef:2b:5d:35:ee:8b:33:a2:0f:cc:ff:f2:30:e1:db:
14:19:34:99:28:82:60:49:42:2e:84:00:ee:b8:84:
72:33:ba:74:22:9c:9e:b7:25:bb:10:45:a8:cb:81:
fd:52:6d:bb:43:80:3b:04:71:46:8b:b4:90:f4:c0:
d2:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:25:0F:D7:2C:96:8A:03:F7:1B:A4:1D:E1:36:6A:BD:55:65:ED:C9
X509v3 Authority Key Identifier:
keyid:43:03:F1:33:4D:75:AC:43:2C:0C:AA:78:D3:89:A7:0C:09:C1:2C:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwPxM011rEMsDKp404mnDAnBLKY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/438008-338d-4c31-97c5-4cb97076cff2/1/QwPxM011rEMsDKp404mnDAnBLKY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/438008-338d-4c31-97c5-4cb97076cff2/1/QwPxM011rEMsDKp404mnDAnBLKY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0b:05:c0:82:ad:67:9c:99:1c:8b:40:39:6c:d5:89:0c:4f:99:
a5:97:c6:9d:dd:09:6f:e6:81:6b:e2:06:40:b3:80:36:74:87:
36:f0:12:fe:5a:49:37:0c:19:67:34:fc:35:5b:13:7e:bc:e6:
16:54:0c:0d:f8:67:c5:20:09:e4:f6:cc:83:5d:4d:94:11:ed:
df:d3:9a:e8:60:11:fe:e2:cf:1e:18:fb:dd:97:c8:3b:12:15:
35:18:ad:34:ec:a3:82:4d:dc:1f:f0:ac:4b:5d:57:cd:a3:f4:
b3:87:d7:0a:6e:b2:75:f4:6a:e9:a9:27:16:09:b5:f3:51:a4:
ff:a5:66:97:11:e0:e0:ac:c1:d6:c8:52:7e:61:c9:50:45:c2:
65:29:3e:7b:af:91:9f:19:32:80:6e:57:ca:1c:39:53:7e:c2:
ef:89:12:5f:f1:50:76:c2:59:b3:85:4e:4a:c1:05:c1:33:19:
d0:99:70:f7:9e:23:21:58:1c:82:79:e3:ad:ea:69:db:c9:9e:
58:75:53:90:cc:72:a6:86:a4:0f:af:73:63:e9:f3:d8:88:5a:
2c:79:b1:d9:bd:b1:a1:f6:09:86:06:92:c8:22:89:31:af:f4:
0e:e2:c0:74:6b:80:f8:b2:87:fd:32:c6:9c:03:5a:2c:6c:57:
40:cb:5d:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxE1FtwcCxA7C4RZyQju1tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDNmMTMzNGQ3NWFjNDMyYzBjYWE3OGQzODlhNzBjMDlj
MTJjYTYwHhcNMjUxMTExMDQwMTIyWhcNMjUxMTEyMDQwMTIyWjAzMTEwLwYDVQQD
EyhlMjI1MGZkNzJjOTY4YTAzZjcxYmE0MWRlMTM2NmFiZDU1NjVlZGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyStL2WLgGbSkbnlyW/IBQLP/Ga5
uZKgYn1otx0rIIeoDAMkwmc7LFEiF6ByayTdAXsIbwaXPLimeayIfa7zwHovDPCW
dLRasiQJLiY+lFZSkxwzAosnhq3udIS/hQwbb0/Dh3VcevqUx7Lt3CCac1xO3gal
bNVemajMV4qHTjtAcBdE4NPIEiEmektwQJNrdlcuybL7MM78JGjI3td7ed2RJK9S
GC++ZdF2250r+81Gx0uRjEoJc6AK8ixsbiZ5E87vK1017oszog/M//Iw4dsUGTSZ
KIJgSUIuhADuuIRyM7p0IpyetyW7EEWoy4H9Um27Q4A7BHFGi7SQ9MDSEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOIlD9cslooD9xukHeE2ar1VZe3JMB8GA1UdIwQY
MBaAFEMD8TNNdaxDLAyqeNOJpwwJwSymMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdQeE0wMTFyRU1zREtwNDA0bW5EQW5CTEtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS80MzgwMDgtMzM4ZC00YzMxLTk3YzUt
NGNiOTcwNzZjZmYyLzEvUXdQeE0wMTFyRU1zREtwNDA0bW5EQW5CTEtZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS80MzgwMDgtMzM4ZC00YzMxLTk3YzUtNGNiOTcwNzZjZmYy
LzEvUXdQeE0wMTFyRU1zREtwNDA0bW5EQW5CTEtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACwXAgq1n
nJkci0A5bNWJDE+ZpZfGnd0Jb+aBa+IGQLOANnSHNvAS/lpJNwwZZzT8NVsTfrzm
FlQMDfhnxSAJ5PbMg11NlBHt39Oa6GAR/uLPHhj73ZfIOxIVNRitNOyjgk3cH/Cs
S11XzaP0s4fXCm6ydfRq6aknFgm181Gk/6VmlxHg4KzB1shSfmHJUEXCZSk+e6+R
nxkygG5Xyhw5U37C74kSX/FQdsJZs4VOSsEFwTMZ0Jlw954jIVgcgnnjrepp28me
WHVTkMxypoakD69zY+nz2IhaLHmx2b2xofYJhgaSyCKJMa/0DuLAdGuA+LKH/TLG
nANaLGxXQMtdsg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:06:40 2025 by rpki-client