Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/285ab6-0109-44e1-bb2b-7534fe0f1b83/1/QLnKyTUxHngDS0BzgwqBo897Rdk.mft
File: QLnKyTUxHngDS0BzgwqBo897Rdk.mft (raw, json)
Hash identifier: vAahFIyJ+BKNNbTNmcZLfDU3xTlfdpVRx5wDyg4NMTg=
Subject key identifier: 24:2C:27:A4:00:38:A3:81:BE:59:DF:DB:E2:E3:BC:4B:5F:9E:6C:5B
Authority key identifier: 40:B9:CA:C9:35:31:1E:78:03:4B:40:73:83:0A:81:A3:CF:7B:45:D9
Certificate issuer: /CN=40b9cac935311e78034b4073830a81a3cf7b45d9
Certificate serial: 019A71B87E3327961F84E3035BE4CA81350F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QLnKyTUxHngDS0BzgwqBo897Rdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/285ab6-0109-44e1-bb2b-7534fe0f1b83/1/QLnKyTUxHngDS0BzgwqBo897Rdk.mft
Manifest number: 171F
Signing time: Tue 11 Nov 2025 07:01:47 +0000
Manifest this update: Tue 11 Nov 2025 07:01:47 +0000
Manifest next update: Wed 12 Nov 2025 07:01:47 +0000
Files and hashes: 1: 1q_nnAgndZaIqez5io_HHZB7TIg.roa (hash: fcE6bMGj83Q0hVMFOv0EAXM92bWkreUUh6T69N1a/Yo=)
2: QLnKyTUxHngDS0BzgwqBo897Rdk.crl (hash: i+eB8RslhMtCByzsgsn2JGMmnfNfGg3EvE34xbRUl+o=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/285ab6-0109-44e1-bb2b-7534fe0f1b83/1/QLnKyTUxHngDS0BzgwqBo897Rdk.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/285ab6-0109-44e1-bb2b-7534fe0f1b83/1/QLnKyTUxHngDS0BzgwqBo897Rdk.mft
rsync://rpki.ripe.net/repository/DEFAULT/QLnKyTUxHngDS0BzgwqBo897Rdk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:7e:33:27:96:1f:84:e3:03:5b:e4:ca:81:35:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40b9cac935311e78034b4073830a81a3cf7b45d9
Validity
Not Before: Nov 11 07:01:47 2025 GMT
Not After : Nov 12 07:01:47 2025 GMT
Subject: CN=242c27a40038a381be59dfdbe2e3bc4b5f9e6c5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:7b:0c:e8:77:23:1e:32:4e:2d:f9:7d:51:b4:
90:64:2e:f4:e3:bb:d5:3c:9e:5c:64:4c:91:05:97:
d1:2a:7a:51:d6:a7:8f:e3:5e:80:d4:64:48:43:ba:
f2:1e:85:82:a5:a3:7d:70:51:0f:08:e1:04:af:bb:
23:14:ac:8c:06:3c:d0:f2:80:00:14:b9:a7:19:2b:
0e:8d:f1:10:38:3a:48:81:4c:97:86:e2:62:f9:ea:
ac:40:89:57:34:4e:fb:8c:52:dd:2e:dc:71:e2:6b:
4f:09:bd:78:f8:a0:57:5f:1f:60:13:85:ae:de:e6:
a3:29:fa:c2:b2:ea:58:1b:52:e4:b0:2e:69:f4:5d:
27:79:8d:f9:df:d9:69:ce:f4:c0:4e:a4:91:40:45:
4c:ad:b0:6d:10:3b:ce:2b:03:dc:c1:e7:af:c6:66:
87:cd:5b:e2:4e:49:74:a9:8e:2d:89:28:64:36:b4:
60:71:d6:9d:f7:f3:aa:81:61:f2:d1:e6:67:ab:c3:
25:76:e7:37:25:70:53:0c:3c:10:16:72:e0:f7:89:
c9:2c:6b:ab:ab:2b:6c:9c:1a:5b:c2:81:ad:d9:11:
3a:e4:43:78:41:05:ea:c6:3f:13:86:e1:ae:75:78:
f6:cd:38:3c:d9:f0:2b:61:00:76:bb:f7:43:a5:53:
2e:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:2C:27:A4:00:38:A3:81:BE:59:DF:DB:E2:E3:BC:4B:5F:9E:6C:5B
X509v3 Authority Key Identifier:
keyid:40:B9:CA:C9:35:31:1E:78:03:4B:40:73:83:0A:81:A3:CF:7B:45:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QLnKyTUxHngDS0BzgwqBo897Rdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/285ab6-0109-44e1-bb2b-7534fe0f1b83/1/QLnKyTUxHngDS0BzgwqBo897Rdk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/285ab6-0109-44e1-bb2b-7534fe0f1b83/1/QLnKyTUxHngDS0BzgwqBo897Rdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3a:d9:51:44:22:6f:1a:da:cf:a2:e8:97:17:2e:7f:b6:a7:3e:
a3:5c:2c:41:00:ba:97:cd:12:d5:6c:0f:95:00:24:b6:83:a2:
b5:90:44:5f:76:93:a8:8f:c3:00:78:58:69:70:9a:c8:16:9a:
5f:7c:20:b3:55:9e:08:80:e6:51:07:ed:02:d0:d3:c4:f9:4e:
1a:46:7f:26:f5:c8:5c:68:eb:54:99:f9:3f:31:09:19:ac:aa:
2c:42:a9:34:b1:71:3d:c0:19:30:d0:bc:c6:44:7c:a8:2f:d1:
a9:37:4c:5e:7c:b2:ef:33:5f:6b:99:c0:1a:17:de:c5:d3:21:
6a:e6:cf:1a:e0:da:ed:ec:ae:12:23:80:c5:fb:c9:bf:bc:3a:
c0:23:bd:ce:82:61:ae:6a:92:d3:0f:53:e0:38:90:cc:ef:6f:
c9:f4:8e:f9:2e:32:0b:f9:d9:0e:a1:20:ae:d6:25:d4:24:41:
4e:d0:ab:6f:e7:53:d3:26:b8:28:81:b0:4c:1d:20:22:a2:05:
00:6d:e6:67:cc:df:06:30:ac:b7:8e:e0:39:60:cc:1d:c1:0a:
44:31:00:1b:53:83:62:96:af:d7:23:d5:fa:68:f5:4c:df:0d:
f7:b3:a7:da:b3:2b:f3:9c:3f:d4:57:68:22:f6:37:6f:fd:0d:
ae:2a:84:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuH4zJ5YfhOMDW+TKgTUPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYjljYWM5MzUzMTFlNzgwMzRiNDA3MzgzMGE4MWEzY2Y3
YjQ1ZDkwHhcNMjUxMTExMDcwMTQ3WhcNMjUxMTEyMDcwMTQ3WjAzMTEwLwYDVQQD
EygyNDJjMjdhNDAwMzhhMzgxYmU1OWRmZGJlMmUzYmM0YjVmOWU2YzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnsM6HcjHjJOLfl9UbSQZC7047vV
PJ5cZEyRBZfRKnpR1qeP416A1GRIQ7ryHoWCpaN9cFEPCOEEr7sjFKyMBjzQ8oAA
FLmnGSsOjfEQODpIgUyXhuJi+eqsQIlXNE77jFLdLtxx4mtPCb14+KBXXx9gE4Wu
3uajKfrCsupYG1LksC5p9F0neY3539lpzvTATqSRQEVMrbBtEDvOKwPcweevxmaH
zVviTkl0qY4tiShkNrRgcdad9/OqgWHy0eZnq8Mlduc3JXBTDDwQFnLg94nJLGur
qytsnBpbwoGt2RE65EN4QQXqxj8ThuGudXj2zTg82fArYQB2u/dDpVMuWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCQsJ6QAOKOBvlnf2+LjvEtfnmxbMB8GA1UdIwQY
MBaAFEC5ysk1MR54A0tAc4MKgaPPe0XZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxuS3lUVXhIbmdEUzBCemd3cUJvODk3UmRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8yODVhYjYtMDEwOS00NGUxLWJiMmIt
NzUzNGZlMGYxYjgzLzEvUUxuS3lUVXhIbmdEUzBCemd3cUJvODk3UmRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8yODVhYjYtMDEwOS00NGUxLWJiMmItNzUzNGZlMGYxYjgz
LzEvUUxuS3lUVXhIbmdEUzBCemd3cUJvODk3UmRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOtlRRCJv
GtrPouiXFy5/tqc+o1wsQQC6l80S1WwPlQAktoOitZBEX3aTqI/DAHhYaXCayBaa
X3wgs1WeCIDmUQftAtDTxPlOGkZ/JvXIXGjrVJn5PzEJGayqLEKpNLFxPcAZMNC8
xkR8qC/RqTdMXnyy7zNfa5nAGhfexdMhaubPGuDa7eyuEiOAxfvJv7w6wCO9zoJh
rmqS0w9T4DiQzO9vyfSO+S4yC/nZDqEgrtYl1CRBTtCrb+dT0ya4KIGwTB0gIqIF
AG3mZ8zfBjCst47gOWDMHcEKRDEAG1ODYpav1yPV+mj1TN8N97On2rMr85w/1Fdo
IvY3b/0NriqEAA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:43:20 2025 by rpki-client