Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/106b3f-55a3-4558-8013-4bee3274c698/1/MQmo1w-kR4k1sFwGIfaIlVJAXa8.mft
File: MQmo1w-kR4k1sFwGIfaIlVJAXa8.mft (raw, json)
Hash identifier: SX+yZX658TGGYpcdlmhR0aPFVMnNhlQZ5o8fY8hx3Kc=
Subject key identifier: E5:FC:97:D7:D4:FA:09:91:BA:97:4A:CF:C6:AC:A9:14:01:B3:69:1C
Authority key identifier: 31:09:A8:D7:0F:A4:47:89:35:B0:5C:06:21:F6:88:95:52:40:5D:AF
Certificate issuer: /CN=3109a8d70fa4478935b05c0621f6889552405daf
Certificate serial: 019A73A620208F0306C724F93C4302D35866
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MQmo1w-kR4k1sFwGIfaIlVJAXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/106b3f-55a3-4558-8013-4bee3274c698/1/MQmo1w-kR4k1sFwGIfaIlVJAXa8.mft
Manifest number: 0196
Signing time: Tue 11 Nov 2025 16:00:58 +0000
Manifest this update: Tue 11 Nov 2025 16:00:58 +0000
Manifest next update: Wed 12 Nov 2025 16:00:58 +0000
Files and hashes: 1: MQmo1w-kR4k1sFwGIfaIlVJAXa8.crl (hash: AIUkLaT/7Nms2WPS1n7yvkroXdAa4lbVIDO3HZQYPDA=)
2: yIyDsEh1dvcmsUPH7E2Ou8dLDUQ.roa (hash: wtZTOXp1JfHeuiQ37lVv2g4xea2Kfo548MrcJ05G7l8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/106b3f-55a3-4558-8013-4bee3274c698/1/MQmo1w-kR4k1sFwGIfaIlVJAXa8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/106b3f-55a3-4558-8013-4bee3274c698/1/MQmo1w-kR4k1sFwGIfaIlVJAXa8.mft
rsync://rpki.ripe.net/repository/DEFAULT/MQmo1w-kR4k1sFwGIfaIlVJAXa8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:a6:20:20:8f:03:06:c7:24:f9:3c:43:02:d3:58:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3109a8d70fa4478935b05c0621f6889552405daf
Validity
Not Before: Nov 11 16:00:58 2025 GMT
Not After : Nov 12 16:00:58 2025 GMT
Subject: CN=e5fc97d7d4fa0991ba974acfc6aca91401b3691c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:88:ee:09:54:9e:4f:c1:6d:80:08:d8:a0:42:
bc:37:99:ae:b5:32:4e:6a:60:ad:53:ea:d8:c4:e4:
90:35:58:1a:94:7d:1f:12:5a:31:25:19:f5:4c:62:
4d:01:54:47:14:ac:f3:62:40:f1:b0:8b:f8:40:a5:
c2:44:68:2e:34:0e:2a:0b:44:77:be:31:cc:6a:80:
0d:bc:c0:44:2e:ee:ff:8b:f4:fd:36:2c:f0:c6:ba:
41:4c:48:45:88:c0:fe:76:7e:a7:ca:f3:ec:70:30:
ef:26:e2:d6:a8:49:a5:a1:a1:03:98:49:c1:4f:8b:
e7:b0:6e:2a:4d:90:f4:ed:8f:92:ca:9b:46:0c:ba:
ad:7a:d8:62:5b:bc:ef:fe:cf:35:a4:24:d7:2e:8c:
88:2a:28:1f:a0:c0:0a:55:30:17:16:c0:0c:a7:1b:
e9:22:48:f9:8b:de:10:4d:6e:5b:f6:9a:28:0f:96:
f0:14:e4:7f:e7:48:ae:ae:e4:47:1f:4d:75:e8:e6:
cb:34:0b:aa:d1:0b:fe:6c:be:4f:51:c8:37:f9:ed:
6e:49:3a:fd:a8:20:d9:5f:25:67:0b:18:4a:f8:e1:
92:8f:33:14:b2:16:a0:4d:f1:98:22:ae:0d:f3:72:
5f:3c:f0:d0:c1:8e:8e:95:0e:03:54:5f:62:5e:a1:
39:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:FC:97:D7:D4:FA:09:91:BA:97:4A:CF:C6:AC:A9:14:01:B3:69:1C
X509v3 Authority Key Identifier:
keyid:31:09:A8:D7:0F:A4:47:89:35:B0:5C:06:21:F6:88:95:52:40:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MQmo1w-kR4k1sFwGIfaIlVJAXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/106b3f-55a3-4558-8013-4bee3274c698/1/MQmo1w-kR4k1sFwGIfaIlVJAXa8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/106b3f-55a3-4558-8013-4bee3274c698/1/MQmo1w-kR4k1sFwGIfaIlVJAXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0a:e6:85:f9:1b:2b:99:2e:b4:88:72:dd:53:8a:cb:b4:0c:88:
40:a4:71:23:55:e8:94:27:22:05:a3:46:30:06:1c:10:63:72:
70:c6:09:32:f5:47:c5:ac:4a:d3:02:a6:0f:68:d6:da:b8:2e:
87:11:0c:ec:18:c8:b4:fd:a7:ff:51:fa:80:0d:f8:45:94:93:
ac:36:f0:a4:53:77:4f:74:90:53:b3:dd:b4:66:4b:6f:55:32:
8f:35:40:1f:3e:d0:d3:d0:4b:db:9a:00:dd:ab:7f:bb:5a:6f:
3e:54:4c:c7:0f:81:b4:61:b5:47:51:86:6d:97:0e:34:f9:eb:
6f:87:a9:26:c3:d2:ae:1d:8d:2f:6e:66:4b:3b:59:1c:26:71:
2d:fd:da:8e:88:26:67:58:b1:7c:17:0d:43:0c:40:2e:0b:89:
e3:a0:2c:2d:cb:b3:41:19:fe:0a:2f:30:fa:d2:02:fd:66:7c:
17:91:df:61:64:d5:c8:19:f8:dc:1e:2e:25:d6:34:57:3d:7a:
ae:ed:19:5f:d6:9a:44:74:b6:26:2d:7c:7c:be:4e:ea:bb:f6:
9a:56:0f:92:f4:03:80:04:8a:aa:89:7d:97:c4:46:f0:a2:f7:
23:76:a3:d1:e0:b3:e9:fc:21:db:e9:a2:af:6c:d2:f2:7c:94:
58:c2:1c:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzpiAgjwMGxyT5PEMC01hmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxMDlhOGQ3MGZhNDQ3ODkzNWIwNWMwNjIxZjY4ODk1NTI0
MDVkYWYwHhcNMjUxMTExMTYwMDU4WhcNMjUxMTEyMTYwMDU4WjAzMTEwLwYDVQQD
EyhlNWZjOTdkN2Q0ZmEwOTkxYmE5NzRhY2ZjNmFjYTkxNDAxYjM2OTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA54juCVSeT8FtgAjYoEK8N5mutTJO
amCtU+rYxOSQNVgalH0fEloxJRn1TGJNAVRHFKzzYkDxsIv4QKXCRGguNA4qC0R3
vjHMaoANvMBELu7/i/T9NizwxrpBTEhFiMD+dn6nyvPscDDvJuLWqEmloaEDmEnB
T4vnsG4qTZD07Y+SyptGDLqtethiW7zv/s81pCTXLoyIKigfoMAKVTAXFsAMpxvp
Ikj5i94QTW5b9pooD5bwFOR/50iuruRHH0116ObLNAuq0Qv+bL5PUcg3+e1uSTr9
qCDZXyVnCxhK+OGSjzMUshagTfGYIq4N83JfPPDQwY6OlQ4DVF9iXqE5SwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOX8l9fU+gmRupdKz8asqRQBs2kcMB8GA1UdIwQY
MBaAFDEJqNcPpEeJNbBcBiH2iJVSQF2vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVFtbzF3LWtSNGsxc0Z3R0lmYUlsVkpBWGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8xMDZiM2YtNTVhMy00NTU4LTgwMTMt
NGJlZTMyNzRjNjk4LzEvTVFtbzF3LWtSNGsxc0Z3R0lmYUlsVkpBWGE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8xMDZiM2YtNTVhMy00NTU4LTgwMTMtNGJlZTMyNzRjNjk4
LzEvTVFtbzF3LWtSNGsxc0Z3R0lmYUlsVkpBWGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACuaF+Rsr
mS60iHLdU4rLtAyIQKRxI1XolCciBaNGMAYcEGNycMYJMvVHxaxK0wKmD2jW2rgu
hxEM7BjItP2n/1H6gA34RZSTrDbwpFN3T3SQU7PdtGZLb1UyjzVAHz7Q09BL25oA
3at/u1pvPlRMxw+BtGG1R1GGbZcONPnrb4epJsPSrh2NL25mSztZHCZxLf3ajogm
Z1ixfBcNQwxALguJ46AsLcuzQRn+Ci8w+tIC/WZ8F5HfYWTVyBn43B4uJdY0Vz16
ru0ZX9aaRHS2Ji18fL5O6rv2mlYPkvQDgASKqol9l8RG8KL3I3aj0eCz6fwh2+mi
r2zS8nyUWMIcKg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 18:34:25 2025 by rpki-client