Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ba12cd-2e7e-40dc-ae88-248b59c3696b/1/QsCVkBFifd0NBX1zHo-lpRApZZI.mft
File: QsCVkBFifd0NBX1zHo-lpRApZZI.mft (raw, json)
Hash identifier: qpKek8eWrvQIayqKkPbsF9rTMbYy+kSAZa3FwKjrzcQ=
Subject key identifier: 01:B2:35:10:19:DA:36:2F:CE:DA:E5:B6:6C:04:39:33:F3:84:7C:E3
Authority key identifier: 42:C0:95:90:11:62:7D:DD:0D:05:7D:73:1E:8F:A5:A5:10:29:65:92
Certificate issuer: /CN=42c0959011627ddd0d057d731e8fa5a510296592
Certificate serial: 019A71B93C710D5434E60AC5A55C1FF494E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QsCVkBFifd0NBX1zHo-lpRApZZI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ba12cd-2e7e-40dc-ae88-248b59c3696b/1/QsCVkBFifd0NBX1zHo-lpRApZZI.mft
Manifest number: 171F
Signing time: Tue 11 Nov 2025 07:02:35 +0000
Manifest this update: Tue 11 Nov 2025 07:02:35 +0000
Manifest next update: Wed 12 Nov 2025 07:02:35 +0000
Files and hashes: 1: QsCVkBFifd0NBX1zHo-lpRApZZI.crl (hash: 7pmn0hzs1qNFxLJHMMllx4kKLKBht/gHSz9hvXN6xrs=)
2: nqDbjTD7-4bF8APAmv3q39AmNtk.roa (hash: zWbRV6cXuufmhpJUA1tayT8JP8s9Ez0NcmTuvgMXFF8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/ba12cd-2e7e-40dc-ae88-248b59c3696b/1/QsCVkBFifd0NBX1zHo-lpRApZZI.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/ba12cd-2e7e-40dc-ae88-248b59c3696b/1/QsCVkBFifd0NBX1zHo-lpRApZZI.mft
rsync://rpki.ripe.net/repository/DEFAULT/QsCVkBFifd0NBX1zHo-lpRApZZI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b9:3c:71:0d:54:34:e6:0a:c5:a5:5c:1f:f4:94:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42c0959011627ddd0d057d731e8fa5a510296592
Validity
Not Before: Nov 11 07:02:35 2025 GMT
Not After : Nov 12 07:02:35 2025 GMT
Subject: CN=01b2351019da362fcedae5b66c043933f3847ce3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:5b:f5:b7:be:90:f9:15:1a:8e:e7:b5:6d:21:
65:e3:29:c5:98:0b:f0:ce:d5:62:15:15:a5:49:47:
ee:72:aa:32:a4:8f:b3:10:71:66:54:d7:7c:85:b5:
eb:1b:fe:70:3c:3a:28:31:a2:db:23:d5:89:d9:91:
48:20:1d:b6:4b:27:a5:8f:2a:c8:70:bf:ce:97:41:
f4:b3:bf:c1:db:9a:71:97:80:c0:63:55:d1:69:e4:
eb:52:14:d4:46:63:fb:d2:c1:27:a7:04:b8:26:32:
b8:cb:27:9c:e5:e5:9d:c1:49:81:19:f1:09:57:da:
13:9e:fb:aa:eb:e4:55:0c:70:6f:a0:3d:39:34:3f:
ed:69:bf:51:33:fe:78:1e:f5:09:55:44:a3:8e:6c:
0e:1f:b9:f0:82:34:cb:8c:a5:de:e1:fc:77:cb:50:
f6:5a:25:d4:27:da:6c:2f:7d:05:2f:29:01:62:9d:
38:f5:68:0e:e6:8b:e2:68:74:87:ed:d5:3c:82:f6:
fa:31:13:79:87:33:27:6d:f0:b1:3c:1d:88:8a:39:
79:1b:ba:08:68:e1:f9:cb:7d:95:a2:2a:71:cc:84:
e9:4b:41:97:2e:2b:a8:02:b8:bf:a7:c5:0f:21:97:
ba:bb:d7:c0:0b:8c:3a:d0:40:49:ce:76:2f:ce:d2:
6d:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:B2:35:10:19:DA:36:2F:CE:DA:E5:B6:6C:04:39:33:F3:84:7C:E3
X509v3 Authority Key Identifier:
keyid:42:C0:95:90:11:62:7D:DD:0D:05:7D:73:1E:8F:A5:A5:10:29:65:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QsCVkBFifd0NBX1zHo-lpRApZZI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ba12cd-2e7e-40dc-ae88-248b59c3696b/1/QsCVkBFifd0NBX1zHo-lpRApZZI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ba12cd-2e7e-40dc-ae88-248b59c3696b/1/QsCVkBFifd0NBX1zHo-lpRApZZI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
03:8e:ce:e4:4e:78:af:3b:47:de:18:d8:2e:20:0a:94:4c:e1:
e2:52:25:68:5b:7d:00:2b:ae:3c:6e:01:9a:b6:38:8f:87:1a:
19:a0:56:88:d7:0a:bc:1d:75:30:e1:90:f4:4f:11:f0:cb:5d:
42:eb:4e:3a:c5:65:e1:d1:57:04:d4:a4:fb:68:ee:d2:a7:bb:
e8:9f:3b:80:0f:9b:6e:14:bb:28:04:94:91:3c:23:b1:b0:02:
31:68:53:c7:49:1e:af:c2:27:ff:c1:4b:ee:5e:b3:2b:89:90:
e5:f2:3a:e2:03:c4:34:af:47:21:0f:9a:0a:35:4b:9d:27:32:
45:eb:c3:1d:fe:19:4d:c4:6f:a4:ae:a0:07:6b:64:b4:bd:ce:
d4:5d:cd:4b:1a:d0:0d:84:5d:c4:61:15:cb:8c:20:98:80:d4:
af:9f:86:12:e6:a7:46:74:b5:00:f9:c1:0a:d5:24:57:41:b8:
ce:7f:85:ec:79:04:c9:93:6e:27:8a:0c:84:6b:6c:25:c5:06:
30:88:33:da:75:8e:ea:77:4e:45:ac:02:e6:04:67:42:eb:24:
c1:a7:a5:17:02:88:d1:cb:bd:57:6f:0a:e8:be:99:ce:70:ac:
c6:b7:2c:78:ac:c3:01:3c:18:1c:b5:57:30:a5:d6:d3:21:cf:
d4:c1:d7:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuTxxDVQ05grFpVwf9JTjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyYzA5NTkwMTE2MjdkZGQwZDA1N2Q3MzFlOGZhNWE1MTAy
OTY1OTIwHhcNMjUxMTExMDcwMjM1WhcNMjUxMTEyMDcwMjM1WjAzMTEwLwYDVQQD
EygwMWIyMzUxMDE5ZGEzNjJmY2VkYWU1YjY2YzA0MzkzM2YzODQ3Y2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Fv1t76Q+RUajue1bSFl4ynFmAvw
ztViFRWlSUfucqoypI+zEHFmVNd8hbXrG/5wPDooMaLbI9WJ2ZFIIB22SyeljyrI
cL/Ol0H0s7/B25pxl4DAY1XRaeTrUhTURmP70sEnpwS4JjK4yyec5eWdwUmBGfEJ
V9oTnvuq6+RVDHBvoD05ND/tab9RM/54HvUJVUSjjmwOH7nwgjTLjKXe4fx3y1D2
WiXUJ9psL30FLykBYp049WgO5oviaHSH7dU8gvb6MRN5hzMnbfCxPB2Iijl5G7oI
aOH5y32VoipxzITpS0GXLiuoAri/p8UPIZe6u9fAC4w60EBJznYvztJtMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAGyNRAZ2jYvztrltmwEOTPzhHzjMB8GA1UdIwQY
MBaAFELAlZARYn3dDQV9cx6PpaUQKWWSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXNDVmtCRmlmZDBOQlgxekhvLWxwUkFwWlpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9iYTEyY2QtMmU3ZS00MGRjLWFlODgt
MjQ4YjU5YzM2OTZiLzEvUXNDVmtCRmlmZDBOQlgxekhvLWxwUkFwWlpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9iYTEyY2QtMmU3ZS00MGRjLWFlODgtMjQ4YjU5YzM2OTZi
LzEvUXNDVmtCRmlmZDBOQlgxekhvLWxwUkFwWlpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA47O5E54
rztH3hjYLiAKlEzh4lIlaFt9ACuuPG4BmrY4j4caGaBWiNcKvB11MOGQ9E8R8Mtd
QutOOsVl4dFXBNSk+2ju0qe76J87gA+bbhS7KASUkTwjsbACMWhTx0ker8In/8FL
7l6zK4mQ5fI64gPENK9HIQ+aCjVLnScyRevDHf4ZTcRvpK6gB2tktL3O1F3NSxrQ
DYRdxGEVy4wgmIDUr5+GEuanRnS1APnBCtUkV0G4zn+F7HkEyZNuJ4oMhGtsJcUG
MIgz2nWO6ndORawC5gRnQuskwaelFwKI0cu9V28K6L6ZznCsxrcseKzDATwYHLVX
MKXW0yHP1MHXaw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:46:22 2025 by rpki-client