Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft
File: CQKHJW4l-jQNOvungOrGDVVq3sA.mft (raw, json)
Hash identifier: 9jtHgcpT7I5fKHv62ZsK+NL2Ms1gfWiqVrWEDbvrpoM=
Subject key identifier: 53:13:DD:27:13:8C:E6:49:8C:B2:8A:D9:2B:95:70:75:D0:E4:1D:7D
Authority key identifier: 09:02:87:25:6E:25:FA:34:0D:3A:FB:A7:80:EA:C6:0D:55:6A:DE:C0
Certificate issuer: /CN=090287256e25fa340d3afba780eac60d556adec0
Certificate serial: 019A54C0C31BD08FA61FC4AF4CA1B1F85A8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CQKHJW4l-jQNOvungOrGDVVq3sA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft
Manifest number: 0A2D
Signing time: Wed 05 Nov 2025 16:01:50 +0000
Manifest this update: Wed 05 Nov 2025 16:01:50 +0000
Manifest next update: Thu 06 Nov 2025 16:01:50 +0000
Files and hashes: 1: CQKHJW4l-jQNOvungOrGDVVq3sA.crl (hash: Y4IrqCjKn/5ozcxzGHvVvhK3SwOrLMWR7Wb0rIW79oo=)
2: EOgnkpCGO25TfSV28ABNiElbHMI.roa (hash: xamMOb/MG2jklBJl6shRJRNZ2UW4izFBKtZBvXEcSVg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft
rsync://rpki.ripe.net/repository/DEFAULT/CQKHJW4l-jQNOvungOrGDVVq3sA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:54:c0:c3:1b:d0:8f:a6:1f:c4:af:4c:a1:b1:f8:5a:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=090287256e25fa340d3afba780eac60d556adec0
Validity
Not Before: Nov 5 16:01:50 2025 GMT
Not After : Nov 6 16:01:50 2025 GMT
Subject: CN=5313dd27138ce6498cb28ad92b957075d0e41d7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d0:da:95:af:50:97:17:5a:50:4a:97:6b:4c:
8c:c5:d4:10:9a:95:21:34:9c:6b:f7:75:b5:06:c8:
10:97:9f:fe:de:35:62:c6:ea:8d:9c:2e:7b:a7:39:
c2:3b:38:a8:09:2d:f1:b1:d1:7c:59:5d:1a:2e:b3:
dd:8d:0e:1c:90:52:b6:b8:c6:5d:ad:30:9f:2f:b3:
64:a8:43:94:f7:6f:66:4b:d4:a4:ac:41:90:71:21:
c2:d5:c6:d5:b6:27:3f:04:ef:36:cf:e7:44:40:a3:
a7:3a:97:10:6e:f4:19:03:d0:81:29:50:45:75:48:
c7:54:22:26:2f:15:99:99:bf:93:40:6f:17:d5:f5:
3d:41:18:bc:4c:84:a8:47:e5:aa:e1:f4:e2:1c:ba:
11:d8:dc:fc:ac:08:fb:75:64:fc:92:eb:fb:c2:ad:
5a:cc:44:20:8f:89:d2:e8:c2:ae:98:c8:13:e2:95:
5f:12:68:77:5c:8f:56:72:d0:4e:4e:97:5d:3d:53:
69:de:1f:26:72:09:02:be:8e:a1:20:25:8b:24:d3:
ef:3b:6c:b2:22:3e:fb:7e:33:cb:0e:30:81:a5:64:
90:e4:2b:2f:fa:35:10:be:8f:09:71:34:d0:b9:a4:
f6:2f:44:4b:e0:65:43:ff:bc:f2:26:6b:39:81:51:
10:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:13:DD:27:13:8C:E6:49:8C:B2:8A:D9:2B:95:70:75:D0:E4:1D:7D
X509v3 Authority Key Identifier:
keyid:09:02:87:25:6E:25:FA:34:0D:3A:FB:A7:80:EA:C6:0D:55:6A:DE:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CQKHJW4l-jQNOvungOrGDVVq3sA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6d:6b:4c:15:f4:f2:ec:5e:c3:4a:cf:cc:9f:20:b7:04:f4:ba:
97:97:bd:8c:bf:3b:91:ed:b9:21:e7:e1:1c:fb:a0:d6:3a:d3:
31:9c:1b:f3:0f:b1:0e:75:7f:2e:1d:db:52:56:ca:cb:e5:7a:
a5:f5:c0:ec:81:bb:0d:39:42:69:02:c9:8e:8e:cf:2d:b2:17:
8f:56:36:6d:16:f3:fa:87:7b:79:d3:72:73:eb:46:73:5b:e1:
41:ec:d6:f2:b4:c1:df:f0:05:8f:68:77:c5:d0:99:41:ce:2f:
d5:f3:1b:10:9f:a8:7c:42:45:79:9f:0d:c3:f6:7f:09:c9:e9:
0c:67:d8:0e:24:6a:1b:61:29:a6:92:71:5f:a4:2e:6b:d8:60:
fb:4c:81:d5:cd:5d:8f:0f:b5:12:18:b6:93:25:38:16:77:d8:
f5:19:c4:9c:01:eb:31:92:30:5b:18:24:09:ef:13:e8:7f:db:
27:01:57:7a:50:81:5b:83:cd:5c:bb:70:03:3c:61:3c:db:f9:
c5:6a:73:94:7d:0c:3a:bc:90:83:03:89:04:ee:b4:27:f7:29:
ad:a0:95:20:db:30:76:da:bb:fc:20:59:58:58:0b:aa:55:c6:
bb:e6:43:e7:cb:93:56:da:d4:08:38:b5:d6:43:ea:56:eb:97:
d3:e6:5e:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpUwMMb0I+mH8SvTKGx+FqNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MDI4NzI1NmUyNWZhMzQwZDNhZmJhNzgwZWFjNjBkNTU2
YWRlYzAwHhcNMjUxMTA1MTYwMTUwWhcNMjUxMTA2MTYwMTUwWjAzMTEwLwYDVQQD
Eyg1MzEzZGQyNzEzOGNlNjQ5OGNiMjhhZDkyYjk1NzA3NWQwZTQxZDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttDala9QlxdaUEqXa0yMxdQQmpUh
NJxr93W1BsgQl5/+3jVixuqNnC57pznCOzioCS3xsdF8WV0aLrPdjQ4ckFK2uMZd
rTCfL7NkqEOU929mS9SkrEGQcSHC1cbVtic/BO82z+dEQKOnOpcQbvQZA9CBKVBF
dUjHVCImLxWZmb+TQG8X1fU9QRi8TISoR+Wq4fTiHLoR2Nz8rAj7dWT8kuv7wq1a
zEQgj4nS6MKumMgT4pVfEmh3XI9WctBOTpddPVNp3h8mcgkCvo6hICWLJNPvO2yy
Ij77fjPLDjCBpWSQ5Csv+jUQvo8JcTTQuaT2L0RL4GVD/7zyJms5gVEQsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFMT3ScTjOZJjLKK2SuVcHXQ5B19MB8GA1UdIwQY
MBaAFAkChyVuJfo0DTr7p4Dqxg1Vat7AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1FLSEpXNGwtalFOT3Z1bmdPckdEVlZxM3NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC81YjBmZjUtODRjMy00OWJiLTlmYWIt
NzdiMjFjMDRiYzdkLzEvQ1FLSEpXNGwtalFOT3Z1bmdPckdEVlZxM3NBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC81YjBmZjUtODRjMy00OWJiLTlmYWItNzdiMjFjMDRiYzdk
LzEvQ1FLSEpXNGwtalFOT3Z1bmdPckdEVlZxM3NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbWtMFfTy
7F7DSs/MnyC3BPS6l5e9jL87ke25IefhHPug1jrTMZwb8w+xDnV/Lh3bUlbKy+V6
pfXA7IG7DTlCaQLJjo7PLbIXj1Y2bRbz+od7edNyc+tGc1vhQezW8rTB3/AFj2h3
xdCZQc4v1fMbEJ+ofEJFeZ8Nw/Z/CcnpDGfYDiRqG2EpppJxX6Qua9hg+0yB1c1d
jw+1Ehi2kyU4FnfY9RnEnAHrMZIwWxgkCe8T6H/bJwFXelCBW4PNXLtwAzxhPNv5
xWpzlH0MOryQgwOJBO60J/cpraCVINswdtq7/CBZWFgLqlXGu+ZD58uTVtrUCDi1
1kPqVuuX0+ZeQA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 20:45:11 2025 by rpki-client