Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft
File: CQKHJW4l-jQNOvungOrGDVVq3sA.mft (raw, json)
Hash identifier: rrwDBmDeMYeJBVZcRRvlwMNoF/guKAe91CbI+9TZjsI=
Subject key identifier: 0B:19:F2:7E:21:20:71:8F:9E:38:FC:EB:9F:85:84:5F:E2:A9:8F:7F
Authority key identifier: 09:02:87:25:6E:25:FA:34:0D:3A:FB:A7:80:EA:C6:0D:55:6A:DE:C0
Certificate issuer: /CN=090287256e25fa340d3afba780eac60d556adec0
Certificate serial: 01994E1C143DB21A9564CAAB087998855BCB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CQKHJW4l-jQNOvungOrGDVVq3sA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft
Manifest number: 09A5
Signing time: Mon 15 Sep 2025 16:01:27 +0000
Manifest this update: Mon 15 Sep 2025 16:01:27 +0000
Manifest next update: Tue 16 Sep 2025 16:01:27 +0000
Files and hashes: 1: CQKHJW4l-jQNOvungOrGDVVq3sA.crl (hash: rUk9pUhpyQZg8ISwi3fuMa6LU9p94FAlV53aPvmAH24=)
2: EOgnkpCGO25TfSV28ABNiElbHMI.roa (hash: xamMOb/MG2jklBJl6shRJRNZ2UW4izFBKtZBvXEcSVg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft
rsync://rpki.ripe.net/repository/DEFAULT/CQKHJW4l-jQNOvungOrGDVVq3sA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Sep 2025 13:46:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:4e:1c:14:3d:b2:1a:95:64:ca:ab:08:79:98:85:5b:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=090287256e25fa340d3afba780eac60d556adec0
Validity
Not Before: Sep 15 16:01:27 2025 GMT
Not After : Sep 16 16:01:27 2025 GMT
Subject: CN=0b19f27e2120718f9e38fceb9f85845fe2a98f7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b6:cc:7e:2b:a4:75:11:87:8e:13:b3:31:6b:
45:ac:84:85:24:1b:4a:0e:d0:de:91:f8:c3:7c:a7:
27:2a:ca:7e:cd:6a:8b:08:5f:23:27:ad:90:dd:af:
51:7e:00:12:7b:9d:96:f5:6b:a3:e5:9a:83:51:17:
b5:70:07:f4:4e:a4:6a:0b:17:39:f2:ef:84:60:08:
6e:b7:fa:02:c2:56:b8:f4:83:96:8d:90:01:fa:4b:
b6:00:6f:df:4d:67:72:64:40:f4:3a:57:d1:cf:a8:
4f:2b:c3:36:e1:7c:2a:91:e7:63:6d:3f:fb:d4:9a:
c6:ca:40:b8:13:73:ed:61:88:be:90:8e:22:66:cc:
d4:a9:27:b9:ea:c9:47:a5:9d:03:0c:aa:e9:d0:47:
c8:3b:83:92:8a:05:e9:be:28:c2:3e:e8:ae:76:69:
33:a0:5f:74:7f:60:00:67:dd:90:74:1d:61:f5:ce:
e0:99:cc:ca:31:50:19:e5:46:78:4d:de:3d:e2:6c:
42:00:09:95:04:a8:0c:a3:a9:06:39:69:6b:38:da:
3e:fe:30:b9:e3:0f:39:3c:d3:90:13:09:48:70:cb:
a1:91:86:15:e7:bc:f9:91:54:7d:dc:3a:64:5a:e3:
08:21:a8:fb:fe:85:06:a2:84:0e:a2:09:7b:eb:be:
ae:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:19:F2:7E:21:20:71:8F:9E:38:FC:EB:9F:85:84:5F:E2:A9:8F:7F
X509v3 Authority Key Identifier:
keyid:09:02:87:25:6E:25:FA:34:0D:3A:FB:A7:80:EA:C6:0D:55:6A:DE:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CQKHJW4l-jQNOvungOrGDVVq3sA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2f:70:5e:7c:b5:58:b3:57:b1:b4:fb:a1:5d:8c:25:27:b2:53:
ff:7f:d7:63:b0:03:8f:c9:cb:5f:ed:01:87:67:c3:61:11:0c:
4d:f6:47:3d:fe:6c:5e:ea:b0:18:c1:e8:11:87:0e:34:83:f8:
a4:cf:c0:3b:b7:d9:04:e3:88:b7:fd:a8:aa:31:1f:00:b8:50:
72:ab:87:b0:97:49:2e:28:8b:4a:d0:c4:66:c1:e2:c1:6c:13:
65:03:79:34:4e:44:78:2e:f2:4c:8a:ad:49:3a:29:5f:ed:7f:
30:14:35:68:33:fa:4c:91:ee:34:d5:bd:a7:de:bb:de:f1:e0:
a8:01:eb:47:89:5d:3c:00:9d:db:e1:6a:80:fd:5d:0a:e3:82:
5f:af:b8:e4:6e:7b:95:51:32:e9:9f:f9:6d:e9:87:8e:14:da:
5e:03:de:02:6e:91:3c:8c:7e:30:42:bb:c8:38:31:78:5c:d5:
2a:d9:67:6a:dc:60:d9:5c:47:46:58:6b:9f:23:c3:03:35:a5:
f6:aa:53:4f:c2:a8:f3:ca:fc:bc:c5:6b:e9:3a:59:a7:b2:e0:
12:2a:54:de:e4:d6:3b:1b:2c:a2:78:16:5c:bd:6b:69:c5:06:
72:5f:4d:38:df:19:ab:b7:e7:6b:3d:19:18:68:fd:3e:e5:0e:
81:73:76:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZlOHBQ9shqVZMqrCHmYhVvLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MDI4NzI1NmUyNWZhMzQwZDNhZmJhNzgwZWFjNjBkNTU2
YWRlYzAwHhcNMjUwOTE1MTYwMTI3WhcNMjUwOTE2MTYwMTI3WjAzMTEwLwYDVQQD
EygwYjE5ZjI3ZTIxMjA3MThmOWUzOGZjZWI5Zjg1ODQ1ZmUyYTk4ZjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbbMfiukdRGHjhOzMWtFrISFJBtK
DtDekfjDfKcnKsp+zWqLCF8jJ62Q3a9RfgASe52W9Wuj5ZqDURe1cAf0TqRqCxc5
8u+EYAhut/oCwla49IOWjZAB+ku2AG/fTWdyZED0OlfRz6hPK8M24XwqkedjbT/7
1JrGykC4E3PtYYi+kI4iZszUqSe56slHpZ0DDKrp0EfIO4OSigXpvijCPuiudmkz
oF90f2AAZ92QdB1h9c7gmczKMVAZ5UZ4Td494mxCAAmVBKgMo6kGOWlrONo+/jC5
4w85PNOQEwlIcMuhkYYV57z5kVR93DpkWuMIIaj7/oUGooQOogl7676uhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAsZ8n4hIHGPnjj865+FhF/iqY9/MB8GA1UdIwQY
MBaAFAkChyVuJfo0DTr7p4Dqxg1Vat7AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1FLSEpXNGwtalFOT3Z1bmdPckdEVlZxM3NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC81YjBmZjUtODRjMy00OWJiLTlmYWIt
NzdiMjFjMDRiYzdkLzEvQ1FLSEpXNGwtalFOT3Z1bmdPckdEVlZxM3NBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC81YjBmZjUtODRjMy00OWJiLTlmYWItNzdiMjFjMDRiYzdk
LzEvQ1FLSEpXNGwtalFOT3Z1bmdPckdEVlZxM3NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL3BefLVY
s1extPuhXYwlJ7JT/3/XY7ADj8nLX+0Bh2fDYREMTfZHPf5sXuqwGMHoEYcONIP4
pM/AO7fZBOOIt/2oqjEfALhQcquHsJdJLiiLStDEZsHiwWwTZQN5NE5EeC7yTIqt
STopX+1/MBQ1aDP6TJHuNNW9p9673vHgqAHrR4ldPACd2+FqgP1dCuOCX6+45G57
lVEy6Z/5bemHjhTaXgPeAm6RPIx+MEK7yDgxeFzVKtlnatxg2VxHRlhrnyPDAzWl
9qpTT8Ko88r8vMVr6TpZp7LgEipU3uTWOxssongWXL1racUGcl9NON8Zq7fnaz0Z
GGj9PuUOgXN28g==
-----END CERTIFICATE-----
Generated at Mon Sep 15 22:47:48 2025 by rpki-client