Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/452dd5-d0e4-4d4b-8ae6-1951345cea33/1/qajkTlc8U8cZIxL8xyFQ0t43fW0.mft
File: qajkTlc8U8cZIxL8xyFQ0t43fW0.mft (raw, json)
Hash identifier: PkGnPztxoUtqFTZy8yC7EIBM3vVFy1DK7yE66OXJJ64=
Subject key identifier: 8E:DE:F6:F9:E6:1B:B5:3D:E7:44:2F:C1:73:C6:3B:04:ED:90:1D:2C
Authority key identifier: A9:A8:E4:4E:57:3C:53:C7:19:23:12:FC:C7:21:50:D2:DE:37:7D:6D
Certificate issuer: /CN=a9a8e44e573c53c7192312fcc72150d2de377d6d
Certificate serial: 019A70DBF24E2524B261F513EB525A4810CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qajkTlc8U8cZIxL8xyFQ0t43fW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/452dd5-d0e4-4d4b-8ae6-1951345cea33/1/qajkTlc8U8cZIxL8xyFQ0t43fW0.mft
Manifest number: 1724
Signing time: Tue 11 Nov 2025 03:00:53 +0000
Manifest this update: Tue 11 Nov 2025 03:00:53 +0000
Manifest next update: Wed 12 Nov 2025 03:00:53 +0000
Files and hashes: 1: CTedhf-UDhDCo0gKWN1eFB95iME.roa (hash: Vr6y6sdI8B/BSyNE6gcBQftZW1dE4fIdtomKsz3LLNE=)
2: qajkTlc8U8cZIxL8xyFQ0t43fW0.crl (hash: oGHyLyUAAj+VknWFmtXoRGmbYlNX/5HMT8CMFTfX1qs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/452dd5-d0e4-4d4b-8ae6-1951345cea33/1/qajkTlc8U8cZIxL8xyFQ0t43fW0.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/452dd5-d0e4-4d4b-8ae6-1951345cea33/1/qajkTlc8U8cZIxL8xyFQ0t43fW0.mft
rsync://rpki.ripe.net/repository/DEFAULT/qajkTlc8U8cZIxL8xyFQ0t43fW0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:db:f2:4e:25:24:b2:61:f5:13:eb:52:5a:48:10:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9a8e44e573c53c7192312fcc72150d2de377d6d
Validity
Not Before: Nov 11 03:00:53 2025 GMT
Not After : Nov 12 03:00:53 2025 GMT
Subject: CN=8edef6f9e61bb53de7442fc173c63b04ed901d2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:4a:b4:79:0e:75:f3:4d:78:01:c2:47:15:d6:
e6:44:8c:26:95:b2:08:87:52:c8:65:c8:43:78:1b:
43:f7:af:29:71:22:b2:61:0e:fe:84:76:e3:9f:31:
53:a1:1f:2e:fb:32:44:f7:b4:dc:63:94:00:4c:79:
6b:dc:ed:97:15:1c:2d:80:df:33:6c:28:cd:1d:a5:
5a:41:53:f0:2f:05:0a:f0:dd:ab:d3:0a:57:32:11:
80:c2:bb:be:82:a3:9d:a7:b5:9d:7c:62:58:a8:a7:
e9:76:b0:98:d7:64:52:a5:19:2c:ce:82:20:19:c2:
3d:82:97:2c:ff:06:c1:3a:54:b4:e6:f6:88:67:29:
f1:0c:3d:ae:cb:8b:05:4b:ff:08:24:cc:32:8b:27:
65:08:f2:41:14:ce:0c:48:fa:9c:b7:09:35:79:a8:
b1:2a:f9:78:c9:6c:a0:1c:c0:c1:10:63:59:be:e4:
9e:cf:56:7d:69:04:ed:91:1a:6b:16:66:d1:05:45:
b7:64:52:91:4e:d0:a9:3e:20:80:de:40:cf:9b:ea:
b7:b6:d0:9a:c4:a6:e7:7b:d1:2f:d3:10:59:b2:51:
0f:b7:45:48:35:49:44:b3:d3:ea:fe:80:d8:82:8f:
d6:2c:8a:34:ef:4a:19:06:d1:d1:39:8b:f1:1e:0d:
8c:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:DE:F6:F9:E6:1B:B5:3D:E7:44:2F:C1:73:C6:3B:04:ED:90:1D:2C
X509v3 Authority Key Identifier:
keyid:A9:A8:E4:4E:57:3C:53:C7:19:23:12:FC:C7:21:50:D2:DE:37:7D:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qajkTlc8U8cZIxL8xyFQ0t43fW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/452dd5-d0e4-4d4b-8ae6-1951345cea33/1/qajkTlc8U8cZIxL8xyFQ0t43fW0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/452dd5-d0e4-4d4b-8ae6-1951345cea33/1/qajkTlc8U8cZIxL8xyFQ0t43fW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3d:29:f9:3a:4c:50:01:4c:75:b3:2a:3d:59:84:44:e1:9c:f6:
7f:f0:e1:ce:67:23:ab:ad:b7:06:7a:7a:b5:7c:58:52:bb:61:
fb:fb:03:ff:c4:ca:57:65:78:0b:f4:8f:bb:6e:9b:3a:6a:bc:
55:ab:06:65:86:e4:3f:78:dc:4d:b6:e9:57:ba:77:b7:fc:13:
ea:2e:32:f2:72:ed:2c:5d:93:79:7e:38:9d:a1:ee:8f:8f:cd:
c4:32:46:0a:3c:db:09:4d:fe:6b:cc:63:03:51:e4:2f:54:24:
d9:f7:f4:78:e6:a3:c2:1e:fc:2e:47:f8:c7:09:58:a0:36:19:
90:cb:00:0d:bb:d2:4a:f3:f0:a2:46:92:ab:e1:ec:43:3b:70:
66:21:2f:f8:ba:92:22:5d:6b:f8:60:2e:db:58:a7:b2:e8:b6:
09:11:34:ec:31:77:44:4a:22:6c:a5:0c:ee:67:4a:7b:5f:15:
63:e2:ba:47:23:ca:9e:7b:a4:da:62:b4:04:83:5f:38:2a:d4:
5b:69:26:8e:98:c1:a1:dd:09:1d:8c:65:f5:7a:92:43:98:1e:
2a:ec:b1:6d:33:00:a7:4a:02:2a:f9:4d:1a:e3:dc:00:ce:43:
bb:a2:04:bc:69:c8:ac:60:4e:c6:05:85:99:15:75:37:16:32:
38:b0:49:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw2/JOJSSyYfUT61JaSBDPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5YThlNDRlNTczYzUzYzcxOTIzMTJmY2M3MjE1MGQyZGUz
NzdkNmQwHhcNMjUxMTExMDMwMDUzWhcNMjUxMTEyMDMwMDUzWjAzMTEwLwYDVQQD
Eyg4ZWRlZjZmOWU2MWJiNTNkZTc0NDJmYzE3M2M2M2IwNGVkOTAxZDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEq0eQ518014AcJHFdbmRIwmlbII
h1LIZchDeBtD968pcSKyYQ7+hHbjnzFToR8u+zJE97TcY5QATHlr3O2XFRwtgN8z
bCjNHaVaQVPwLwUK8N2r0wpXMhGAwru+gqOdp7WdfGJYqKfpdrCY12RSpRkszoIg
GcI9gpcs/wbBOlS05vaIZynxDD2uy4sFS/8IJMwyiydlCPJBFM4MSPqctwk1eaix
Kvl4yWygHMDBEGNZvuSez1Z9aQTtkRprFmbRBUW3ZFKRTtCpPiCA3kDPm+q3ttCa
xKbne9Ev0xBZslEPt0VINUlEs9Pq/oDYgo/WLIo070oZBtHROYvxHg2MrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI7e9vnmG7U950QvwXPGOwTtkB0sMB8GA1UdIwQY
MBaAFKmo5E5XPFPHGSMS/MchUNLeN31tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWFqa1RsYzhVOGNaSXhMOHh5RlEwdDQzZlcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy80NTJkZDUtZDBlNC00ZDRiLThhZTYt
MTk1MTM0NWNlYTMzLzEvcWFqa1RsYzhVOGNaSXhMOHh5RlEwdDQzZlcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy80NTJkZDUtZDBlNC00ZDRiLThhZTYtMTk1MTM0NWNlYTMz
LzEvcWFqa1RsYzhVOGNaSXhMOHh5RlEwdDQzZlcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPSn5OkxQ
AUx1syo9WYRE4Zz2f/Dhzmcjq623Bnp6tXxYUrth+/sD/8TKV2V4C/SPu26bOmq8
VasGZYbkP3jcTbbpV7p3t/wT6i4y8nLtLF2TeX44naHuj4/NxDJGCjzbCU3+a8xj
A1HkL1Qk2ff0eOajwh78Lkf4xwlYoDYZkMsADbvSSvPwokaSq+HsQztwZiEv+LqS
Il1r+GAu21insui2CRE07DF3REoibKUM7mdKe18VY+K6RyPKnnuk2mK0BINfOCrU
W2kmjpjBod0JHYxl9XqSQ5geKuyxbTMAp0oCKvlNGuPcAM5Du6IEvGnIrGBOxgWF
mRV1NxYyOLBJ8A==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:45:18 2025 by rpki-client