Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft
File: Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft (raw, json)
Hash identifier: odOwUPT3kSlDH1BelrhVCZiLpZ1U6SiwHRo10G9mf0Y=
Subject key identifier: 5F:9B:AA:41:7A:7C:75:9E:46:53:0E:CB:70:03:F5:D5:8A:61:A5:96
Authority key identifier: 42:7D:F9:5E:E1:0A:2A:D4:EA:F0:82:DF:AC:15:98:38:B3:7D:34:50
Certificate issuer: /CN=427df95ee10a2ad4eaf082dfac159838b37d3450
Certificate serial: 019A71B7A52834B371CC216FFBCD0D429B86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qn35XuEKKtTq8ILfrBWYOLN9NFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft
Manifest number: 0776
Signing time: Tue 11 Nov 2025 07:00:52 +0000
Manifest this update: Tue 11 Nov 2025 07:00:52 +0000
Manifest next update: Wed 12 Nov 2025 07:00:52 +0000
Files and hashes: 1: BR-wwst0Mwoj4cW4aMMLkST0T08.roa (hash: KhuoTa1EwW+NDwJopflLn+SOxpsU8qTU0jm6Bsplu/Y=)
2: Qn35XuEKKtTq8ILfrBWYOLN9NFA.crl (hash: 9HAoOL8vIZWXd4Mx8z4R629ICHnBghD0f7V4PUJjuLU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Qn35XuEKKtTq8ILfrBWYOLN9NFA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:a5:28:34:b3:71:cc:21:6f:fb:cd:0d:42:9b:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=427df95ee10a2ad4eaf082dfac159838b37d3450
Validity
Not Before: Nov 11 07:00:52 2025 GMT
Not After : Nov 12 07:00:52 2025 GMT
Subject: CN=5f9baa417a7c759e46530ecb7003f5d58a61a596
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ea:aa:b0:1c:e4:0c:1a:6a:3f:34:fd:17:dc:
7e:9b:5e:cb:0f:c7:27:d1:3c:80:b9:5b:23:20:65:
d6:58:d6:cd:94:99:91:51:84:03:91:7f:90:2c:67:
67:88:1f:21:ec:55:f1:31:5b:47:95:92:af:94:ce:
7f:6f:27:b5:d4:19:ea:11:0b:df:62:44:5f:ba:6f:
9d:2c:2c:f5:16:b9:26:cc:28:e2:86:51:76:5d:85:
99:45:bc:10:0b:15:df:ed:0d:b9:9f:f4:fa:cf:63:
aa:f2:e0:d8:29:1d:d8:bf:30:f1:8a:c8:a3:75:c2:
6f:4c:e0:8c:cc:92:24:4a:e6:b3:f4:39:8d:1f:ee:
b3:f2:b1:f0:93:06:3b:c3:4b:07:de:41:bd:4d:c6:
a3:32:b1:b5:3d:ca:64:c8:37:49:f4:c3:6e:64:24:
0c:7e:44:e1:c5:4b:f6:6a:12:25:07:c1:ad:26:09:
83:71:a3:be:ea:1a:73:7a:0c:3a:ae:b4:7d:29:fc:
bb:f0:a7:88:c9:e3:2c:13:aa:65:e6:2d:24:a6:27:
73:a6:1e:bf:c4:06:01:bf:4c:e7:45:2b:6c:4a:d8:
87:19:6c:98:8d:6e:34:ec:d1:e7:e8:99:21:81:65:
bf:b0:50:c7:b4:96:40:86:c6:a7:1a:cc:09:41:11:
d1:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:9B:AA:41:7A:7C:75:9E:46:53:0E:CB:70:03:F5:D5:8A:61:A5:96
X509v3 Authority Key Identifier:
keyid:42:7D:F9:5E:E1:0A:2A:D4:EA:F0:82:DF:AC:15:98:38:B3:7D:34:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qn35XuEKKtTq8ILfrBWYOLN9NFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
94:a5:01:92:30:11:11:2e:c7:ae:40:ac:fe:b3:c5:62:23:d3:
dd:db:71:73:fb:35:2e:53:f9:c4:61:0b:2c:e0:f3:8c:bd:b1:
cb:7d:4c:2b:5e:18:a8:c6:de:e8:ca:44:69:fd:8b:2a:7f:f5:
82:c2:76:c9:25:da:1c:08:d3:15:43:13:f6:5c:ce:65:40:b4:
f7:2f:c5:01:f4:6c:51:5d:f5:3f:d8:d6:87:34:76:52:2d:21:
dc:8e:68:17:32:36:56:d0:15:bc:01:44:36:77:63:aa:84:6d:
21:59:48:d2:40:b1:2f:cf:56:a0:f4:38:a4:4d:a1:3c:81:68:
e7:51:a8:d8:ef:a9:80:cd:2e:79:34:17:18:f8:04:5b:39:7f:
a1:3e:4d:b9:6c:9d:db:70:6a:a2:0d:4b:20:cd:c3:71:85:7b:
4c:0d:91:1f:ec:f1:cd:34:dc:40:67:75:bd:d9:62:84:43:db:
bc:dd:7f:55:a1:26:b7:d5:0a:4a:10:33:10:c8:fc:4f:84:d2:
72:e7:81:1b:f7:d0:20:96:47:ea:b4:89:96:35:89:b5:30:67:
d8:9c:1d:ca:9a:e1:9d:41:f1:93:28:b3:92:06:95:32:cd:a2:
e9:ec:22:53:93:4c:77:5e:24:6f:17:d8:2c:f0:be:f2:ff:1d:
39:43:9d:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt6UoNLNxzCFv+80NQpuGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyN2RmOTVlZTEwYTJhZDRlYWYwODJkZmFjMTU5ODM4YjM3
ZDM0NTAwHhcNMjUxMTExMDcwMDUyWhcNMjUxMTEyMDcwMDUyWjAzMTEwLwYDVQQD
Eyg1ZjliYWE0MTdhN2M3NTllNDY1MzBlY2I3MDAzZjVkNThhNjFhNTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOqqsBzkDBpqPzT9F9x+m17LD8cn
0TyAuVsjIGXWWNbNlJmRUYQDkX+QLGdniB8h7FXxMVtHlZKvlM5/bye11BnqEQvf
YkRfum+dLCz1FrkmzCjihlF2XYWZRbwQCxXf7Q25n/T6z2Oq8uDYKR3YvzDxisij
dcJvTOCMzJIkSuaz9DmNH+6z8rHwkwY7w0sH3kG9TcajMrG1PcpkyDdJ9MNuZCQM
fkThxUv2ahIlB8GtJgmDcaO+6hpzegw6rrR9Kfy78KeIyeMsE6pl5i0kpidzph6/
xAYBv0znRStsStiHGWyYjW407NHn6JkhgWW/sFDHtJZAhsanGswJQRHRBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF+bqkF6fHWeRlMOy3AD9dWKYaWWMB8GA1UdIwQY
MBaAFEJ9+V7hCirU6vCC36wVmDizfTRQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW4zNVh1RUtLdFRxOElMZnJCV1lPTE45TkZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC80YTMwNjgtZWE5ZC00OTY2LWJlNTUt
Nzk0M2Q5YTc5YmQyLzEvUW4zNVh1RUtLdFRxOElMZnJCV1lPTE45TkZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC80YTMwNjgtZWE5ZC00OTY2LWJlNTUtNzk0M2Q5YTc5YmQy
LzEvUW4zNVh1RUtLdFRxOElMZnJCV1lPTE45TkZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlKUBkjAR
ES7HrkCs/rPFYiPT3dtxc/s1LlP5xGELLODzjL2xy31MK14YqMbe6MpEaf2LKn/1
gsJ2ySXaHAjTFUMT9lzOZUC09y/FAfRsUV31P9jWhzR2Ui0h3I5oFzI2VtAVvAFE
NndjqoRtIVlI0kCxL89WoPQ4pE2hPIFo51Go2O+pgM0ueTQXGPgEWzl/oT5NuWyd
23Bqog1LIM3DcYV7TA2RH+zxzTTcQGd1vdlihEPbvN1/VaEmt9UKShAzEMj8T4TS
cueBG/fQIJZH6rSJljWJtTBn2JwdyprhnUHxkyizkgaVMs2i6ewiU5NMd14kbxfY
LPC+8v8dOUOdfA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:49:39 2025 by rpki-client