Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/157f1e-7cf8-4d98-a924-97c332f7239d/1/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.mft
File: rqhNfmS6PoW1cDbHMY-TzD2U0Yc.mft (raw, json)
Hash identifier: 6HwCxZiODXvQRRAgom+LHlDijSW9GWdXyRQ1mQ6VluI=
Subject key identifier: 76:E9:D9:6E:CE:39:78:FA:95:62:ED:EC:86:A8:EC:6F:BC:7F:BC:13
Authority key identifier: AE:A8:4D:7E:64:BA:3E:85:B5:70:36:C7:31:8F:93:CC:3D:94:D1:87
Certificate issuer: /CN=aea84d7e64ba3e85b57036c7318f93cc3d94d187
Certificate serial: 019A72260CF141B2C5A7FE9C1A10722563EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/157f1e-7cf8-4d98-a924-97c332f7239d/1/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.mft
Manifest number: 111A
Signing time: Tue 11 Nov 2025 09:01:27 +0000
Manifest this update: Tue 11 Nov 2025 09:01:27 +0000
Manifest next update: Wed 12 Nov 2025 09:01:27 +0000
Files and hashes: 1: 1Z36oEX0lkx8ndMTGV0SwL3pu6s.roa (hash: oLjRdDjCa874D2Ohi+4lYwxZSVZ663VZAUA47G0Sbic=)
2: rqhNfmS6PoW1cDbHMY-TzD2U0Yc.crl (hash: u2CtIfQL11367Zwf2qfS4MyITDGEIAV0oGiE0gMaqdk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/157f1e-7cf8-4d98-a924-97c332f7239d/1/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/157f1e-7cf8-4d98-a924-97c332f7239d/1/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.mft
rsync://rpki.ripe.net/repository/DEFAULT/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:0c:f1:41:b2:c5:a7:fe:9c:1a:10:72:25:63:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aea84d7e64ba3e85b57036c7318f93cc3d94d187
Validity
Not Before: Nov 11 09:01:27 2025 GMT
Not After : Nov 12 09:01:27 2025 GMT
Subject: CN=76e9d96ece3978fa9562edec86a8ec6fbc7fbc13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b2:27:6c:85:4f:15:88:76:06:08:4a:3c:42:
01:ee:9f:33:c2:35:94:11:2c:70:36:2c:b7:32:6a:
b4:4b:8c:30:d1:e7:ea:cb:89:36:ff:34:70:ca:5d:
ff:b0:3c:ba:54:4b:5b:64:3a:69:c2:98:22:7d:13:
a1:a6:22:c8:a0:31:c1:c6:b5:82:27:b9:f1:a1:1f:
22:7f:c7:20:60:a3:e2:95:18:a3:41:6f:3a:ce:6e:
16:98:d7:4a:c8:9c:09:f2:6e:a6:a7:c2:e3:4b:12:
86:c5:5f:56:11:79:d0:66:24:e5:41:cf:9b:ca:05:
3e:0b:c9:2f:b3:ae:a8:82:2e:a0:27:d5:23:16:eb:
c1:f7:29:d5:b9:2e:9f:54:d7:b2:51:29:58:f5:57:
80:33:85:91:ce:95:17:73:a9:29:b7:39:b7:96:f6:
64:c5:89:fd:46:58:17:a8:bc:b8:6a:e4:98:3f:58:
96:d7:87:54:e3:79:94:9a:d3:76:71:2f:9f:8b:28:
e4:86:f8:e7:64:7e:6c:ec:07:b1:05:68:1d:8f:97:
96:7f:ab:42:b7:7a:7b:32:34:b7:88:77:1d:fc:76:
1e:f8:dd:7b:69:fa:2e:4e:1d:a9:fb:77:52:fb:4a:
1e:b6:45:53:21:b5:f5:4e:58:a5:79:56:93:4c:72:
4a:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:E9:D9:6E:CE:39:78:FA:95:62:ED:EC:86:A8:EC:6F:BC:7F:BC:13
X509v3 Authority Key Identifier:
keyid:AE:A8:4D:7E:64:BA:3E:85:B5:70:36:C7:31:8F:93:CC:3D:94:D1:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/157f1e-7cf8-4d98-a924-97c332f7239d/1/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/157f1e-7cf8-4d98-a924-97c332f7239d/1/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8b:8f:c0:99:4b:4b:da:ab:f4:c8:cc:0a:6c:5f:10:37:9d:0c:
b3:59:4e:a8:68:24:a4:f4:a8:e8:fc:a3:5b:35:95:63:1b:fd:
d3:eb:c3:93:46:bf:fb:64:bc:ca:01:44:62:2c:f3:e2:4a:a6:
0c:d5:b5:62:32:ac:52:b8:3a:53:90:72:91:51:73:3a:17:8c:
02:5b:e0:7d:86:80:41:2f:07:7c:55:c0:31:ee:8f:ad:8c:0c:
66:c2:c8:e4:b7:11:b6:d5:3f:5d:0c:63:33:4f:de:3a:17:5b:
b0:61:97:a1:30:ad:df:ff:8c:fe:a8:1f:6c:22:3a:0a:78:6e:
d1:93:93:e4:92:cf:db:93:8a:c8:30:b1:65:a2:fc:b8:bb:69:
c1:c3:d5:0a:76:06:8f:51:f9:6e:db:d9:0e:73:04:cc:a9:48:
e8:7e:b4:e2:26:25:5b:29:1e:0a:ba:66:2d:8c:8b:10:4e:16:
48:c4:db:1c:36:92:a9:cc:ed:61:f9:d1:ef:45:33:41:58:47:
5c:57:8d:ca:33:9a:81:34:01:dc:26:36:65:93:bf:9e:82:6e:
03:18:13:04:a4:30:ac:90:88:97:e1:fb:fc:64:b4:75:7c:31:
9f:26:da:1d:a5:cf:bf:76:90:c9:39:d2:48:a2:b5:5e:5c:a4:
0c:ff:6d:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJgzxQbLFp/6cGhByJWPuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYTg0ZDdlNjRiYTNlODViNTcwMzZjNzMxOGY5M2NjM2Q5
NGQxODcwHhcNMjUxMTExMDkwMTI3WhcNMjUxMTEyMDkwMTI3WjAzMTEwLwYDVQQD
Eyg3NmU5ZDk2ZWNlMzk3OGZhOTU2MmVkZWM4NmE4ZWM2ZmJjN2ZiYzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7InbIVPFYh2BghKPEIB7p8zwjWU
ESxwNiy3Mmq0S4ww0efqy4k2/zRwyl3/sDy6VEtbZDppwpgifROhpiLIoDHBxrWC
J7nxoR8if8cgYKPilRijQW86zm4WmNdKyJwJ8m6mp8LjSxKGxV9WEXnQZiTlQc+b
ygU+C8kvs66ogi6gJ9UjFuvB9ynVuS6fVNeyUSlY9VeAM4WRzpUXc6kptzm3lvZk
xYn9RlgXqLy4auSYP1iW14dU43mUmtN2cS+fiyjkhvjnZH5s7AexBWgdj5eWf6tC
t3p7MjS3iHcd/HYe+N17afouTh2p+3dS+0oetkVTIbX1TlileVaTTHJKTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHbp2W7OOXj6lWLt7Iao7G+8f7wTMB8GA1UdIwQY
MBaAFK6oTX5kuj6FtXA2xzGPk8w9lNGHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnFoTmZtUzZQb1cxY0RiSE1ZLVR6RDJVMFljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xNTdmMWUtN2NmOC00ZDk4LWE5MjQt
OTdjMzMyZjcyMzlkLzEvcnFoTmZtUzZQb1cxY0RiSE1ZLVR6RDJVMFljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xNTdmMWUtN2NmOC00ZDk4LWE5MjQtOTdjMzMyZjcyMzlk
LzEvcnFoTmZtUzZQb1cxY0RiSE1ZLVR6RDJVMFljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi4/AmUtL
2qv0yMwKbF8QN50Ms1lOqGgkpPSo6PyjWzWVYxv90+vDk0a/+2S8ygFEYizz4kqm
DNW1YjKsUrg6U5BykVFzOheMAlvgfYaAQS8HfFXAMe6PrYwMZsLI5LcRttU/XQxj
M0/eOhdbsGGXoTCt3/+M/qgfbCI6Cnhu0ZOT5JLP25OKyDCxZaL8uLtpwcPVCnYG
j1H5btvZDnMEzKlI6H604iYlWykeCrpmLYyLEE4WSMTbHDaSqcztYfnR70UzQVhH
XFeNyjOagTQB3CY2ZZO/noJuAxgTBKQwrJCIl+H7/GS0dXwxnybaHaXPv3aQyTnS
SKK1XlykDP9t6A==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:10:18 2025 by rpki-client