Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.mft
File: QkMqMZ9UsFg3L9MlKOrlH8kMFbI.mft (raw, json)
Hash identifier: 9uXGwWgmVeFl3XdiJufws6BhE1aXlk+ravogLHr1NCU=
Subject key identifier: 14:8D:4C:9F:E4:1B:E2:15:97:58:69:86:4F:53:40:C1:F9:A6:C2:39
Authority key identifier: 42:43:2A:31:9F:54:B0:58:37:2F:D3:25:28:EA:E5:1F:C9:0C:15:B2
Certificate issuer: /CN=42432a319f54b058372fd32528eae51fc90c15b2
Certificate serial: 019A2854D2AEF2C87760760787425E87F87E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.mft
Manifest number: 03A7
Signing time: Tue 28 Oct 2025 01:00:38 +0000
Manifest this update: Tue 28 Oct 2025 01:00:38 +0000
Manifest next update: Wed 29 Oct 2025 01:00:38 +0000
Files and hashes: 1: Fg4gfGthOyzcFXfxEYyjwrss7as.roa (hash: mWUv12QovIjIHXpuDNAMlgedx6+BQ3vMWaiHrsA7+3A=)
2: Q5e6g1WUMRG4cL4aNZtJqqD_-yo.roa (hash: T3aZ91YVxRUkDJ96e4vMqo7oCynEMTZ2Xb8h0pZbGMo=)
3: QkMqMZ9UsFg3L9MlKOrlH8kMFbI.crl (hash: DFWhyAcWOnJFKh8gIWmUxQ0Vtc1FuSHOCIykRNVJoUg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.mft
rsync://rpki.ripe.net/repository/DEFAULT/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:28:54:d2:ae:f2:c8:77:60:76:07:87:42:5e:87:f8:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42432a319f54b058372fd32528eae51fc90c15b2
Validity
Not Before: Oct 28 01:00:38 2025 GMT
Not After : Oct 29 01:00:38 2025 GMT
Subject: CN=148d4c9fe41be215975869864f5340c1f9a6c239
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:84:22:eb:aa:7c:f1:a5:c0:41:89:00:08:6b:
30:01:c2:95:ff:57:b8:7a:ad:40:e4:83:db:09:13:
b0:45:c7:40:2e:75:9d:18:97:10:09:ee:07:0b:8a:
a1:47:dc:87:2e:ea:54:25:9e:a8:c1:8c:aa:56:3f:
35:db:b6:14:60:60:f4:a4:aa:a5:61:91:f4:ac:56:
8b:d7:b9:f4:af:5e:22:73:5f:e4:74:c4:70:38:84:
e8:37:45:81:96:3b:ed:13:d6:dc:19:23:28:28:82:
a9:82:37:0a:93:cf:0d:f5:9e:00:df:72:bc:e7:f8:
a8:e5:b2:c3:03:37:7a:9f:32:9e:83:68:5a:6d:45:
e1:e1:51:9e:3f:8b:65:4a:22:92:23:12:4c:f0:6f:
38:72:49:7d:04:e1:47:2b:b7:ee:7f:86:a1:93:94:
16:92:20:fc:a1:bb:c2:c5:4c:1c:36:c6:2f:18:46:
5f:d7:97:69:33:82:c6:e9:82:04:31:02:38:7b:7e:
a0:01:bd:09:c5:7e:f9:b0:c8:85:e0:2e:7e:f2:e9:
a4:2b:c6:9c:3e:2d:12:9a:6a:00:7e:32:c6:6c:f2:
9e:dc:ac:ab:37:a7:13:1d:38:2e:65:9f:e4:ee:f7:
a1:7e:74:c3:3d:3e:de:7f:fb:51:cc:d2:6f:01:9b:
4c:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:8D:4C:9F:E4:1B:E2:15:97:58:69:86:4F:53:40:C1:F9:A6:C2:39
X509v3 Authority Key Identifier:
keyid:42:43:2A:31:9F:54:B0:58:37:2F:D3:25:28:EA:E5:1F:C9:0C:15:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
86:a2:0b:5b:5e:8f:51:33:b0:a6:74:b0:fd:74:b0:86:b5:8a:
98:a2:ad:a7:1e:1a:52:5a:b7:29:27:31:71:83:2f:35:5e:34:
87:c0:86:fa:15:bc:e0:a3:e3:99:60:42:3d:0a:50:bf:52:2b:
d4:2d:38:0e:7f:ab:6f:e0:72:a9:26:d6:45:ae:db:79:f8:71:
aa:2d:fc:4a:70:6e:fb:fd:4c:e6:b5:6b:31:ca:97:e9:c1:cf:
fa:02:cc:74:df:d8:6f:70:62:59:af:1f:49:f0:77:c4:98:33:
7e:28:52:00:ea:73:17:f9:dc:1d:03:52:3a:ef:5c:21:17:66:
38:5a:a0:28:2c:61:e4:97:48:22:f1:01:82:21:6a:ec:48:a3:
98:7a:97:7e:82:22:5c:dc:c3:ff:15:f3:8f:56:47:a8:bf:62:
0b:01:0b:a1:0c:dc:1c:a4:0f:70:af:47:49:8f:57:8a:0d:ec:
cf:1f:24:5a:af:29:6e:f2:ee:f1:ad:b7:bb:f3:21:2a:3e:38:
15:d4:70:6d:9f:cc:38:ef:ae:84:b4:4e:80:05:3c:02:47:11:
af:30:35:fd:e5:e3:3b:d6:d3:50:f0:80:bd:94:d7:0a:be:8c:
2c:48:b6:68:37:a5:24:47:69:51:12:87:b8:af:e8:aa:79:a9:
9f:da:b0:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZooVNKu8sh3YHYHh0Jeh/h+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyNDMyYTMxOWY1NGIwNTgzNzJmZDMyNTI4ZWFlNTFmYzkw
YzE1YjIwHhcNMjUxMDI4MDEwMDM4WhcNMjUxMDI5MDEwMDM4WjAzMTEwLwYDVQQD
EygxNDhkNGM5ZmU0MWJlMjE1OTc1ODY5ODY0ZjUzNDBjMWY5YTZjMjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIQi66p88aXAQYkACGswAcKV/1e4
eq1A5IPbCROwRcdALnWdGJcQCe4HC4qhR9yHLupUJZ6owYyqVj8127YUYGD0pKql
YZH0rFaL17n0r14ic1/kdMRwOIToN0WBljvtE9bcGSMoKIKpgjcKk88N9Z4A33K8
5/io5bLDAzd6nzKeg2habUXh4VGeP4tlSiKSIxJM8G84ckl9BOFHK7fuf4ahk5QW
kiD8obvCxUwcNsYvGEZf15dpM4LG6YIEMQI4e36gAb0JxX75sMiF4C5+8umkK8ac
Pi0SmmoAfjLGbPKe3KyrN6cTHTguZZ/k7vehfnTDPT7ef/tRzNJvAZtMwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBSNTJ/kG+IVl1hphk9TQMH5psI5MB8GA1UdIwQY
MBaAFEJDKjGfVLBYNy/TJSjq5R/JDBWyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWtNcU1aOVVzRmczTDlNbEtPcmxIOGtNRmJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS83YWI3OWMtOWRmZi00YTVkLWFlODMt
MTMxZGMyYmEyZWM4LzEvUWtNcU1aOVVzRmczTDlNbEtPcmxIOGtNRmJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS83YWI3OWMtOWRmZi00YTVkLWFlODMtMTMxZGMyYmEyZWM4
LzEvUWtNcU1aOVVzRmczTDlNbEtPcmxIOGtNRmJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhqILW16P
UTOwpnSw/XSwhrWKmKKtpx4aUlq3KScxcYMvNV40h8CG+hW84KPjmWBCPQpQv1Ir
1C04Dn+rb+ByqSbWRa7befhxqi38SnBu+/1M5rVrMcqX6cHP+gLMdN/Yb3BiWa8f
SfB3xJgzfihSAOpzF/ncHQNSOu9cIRdmOFqgKCxh5JdIIvEBgiFq7EijmHqXfoIi
XNzD/xXzj1ZHqL9iCwELoQzcHKQPcK9HSY9Xig3szx8kWq8pbvLu8a23u/MhKj44
FdRwbZ/MOO+uhLROgAU8AkcRrzA1/eXjO9bTUPCAvZTXCr6MLEi2aDelJEdpURKH
uK/oqnmpn9qwhg==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:58:24 2025 by rpki-client