Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/QhuumJiY2UAkJKra-7R8Om1MJbM.mft
File: QhuumJiY2UAkJKra-7R8Om1MJbM.mft (raw, json)
Hash identifier: 6jKa6Mr6TF5U7oZ76bTtrnWvIYCD4xNjgmRxPwGtgLM=
Subject key identifier: BC:41:AC:F1:74:2D:DD:19:4B:A6:3D:34:30:AB:10:A2:94:28:EF:01
Authority key identifier: 42:1B:AE:98:98:98:D9:40:24:24:AA:DA:FB:B4:7C:3A:6D:4C:25:B3
Certificate issuer: /CN=421bae989898d9402424aadafbb47c3a6d4c25b3
Certificate serial: 019A59E69F02F8CD9C2C57B2D04EF3E8F09A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QhuumJiY2UAkJKra-7R8Om1MJbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/QhuumJiY2UAkJKra-7R8Om1MJbM.mft
Manifest number: 171A
Signing time: Thu 06 Nov 2025 16:01:17 +0000
Manifest this update: Thu 06 Nov 2025 16:01:17 +0000
Manifest next update: Fri 07 Nov 2025 16:01:17 +0000
Files and hashes: 1: QhuumJiY2UAkJKra-7R8Om1MJbM.crl (hash: h6gBcqZ5G9UjTEzwkFnuwITInZsBqqm4Wcri9r3wxQA=)
2: YqDxs-OvuVQHWefybCF_NO3X2LQ.roa (hash: T8m4+98qGxOiuFkFF1AHlHH+ajIR7QgNJlfbjXDXJ94=)
3: tc90ntWAEd82qK0_CS7-3-Q6s0Y.roa (hash: 0mZz7plH7Kh9tzG5C0loWt280MVfKoBtrgSHIPS0Ry4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/QhuumJiY2UAkJKra-7R8Om1MJbM.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/QhuumJiY2UAkJKra-7R8Om1MJbM.mft
rsync://rpki.ripe.net/repository/DEFAULT/QhuumJiY2UAkJKra-7R8Om1MJbM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 07 Nov 2025 16:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:59:e6:9f:02:f8:cd:9c:2c:57:b2:d0:4e:f3:e8:f0:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=421bae989898d9402424aadafbb47c3a6d4c25b3
Validity
Not Before: Nov 6 16:01:17 2025 GMT
Not After : Nov 7 16:01:17 2025 GMT
Subject: CN=bc41acf1742ddd194ba63d3430ab10a29428ef01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:5f:cd:b0:bc:14:ea:c5:e3:08:a8:76:d4:71:
83:06:a5:dd:72:e6:f8:f8:9f:8a:7b:c3:5d:3b:4e:
57:5b:5b:05:d6:1c:2f:0c:06:98:6a:1f:b3:16:62:
96:cf:d9:d6:22:66:66:59:e0:4f:61:69:30:cb:f0:
a3:7f:01:34:93:d2:c4:84:00:b1:d6:e9:20:45:09:
9f:a0:e0:74:f9:b7:49:f8:ff:bd:27:bf:4a:eb:d1:
7d:27:bb:47:6b:23:e2:06:40:7f:2c:05:a6:fa:72:
dd:b4:ae:0d:3d:7a:69:b4:a4:2b:bc:ce:dc:b9:2c:
63:eb:99:85:eb:09:95:5b:d0:3c:b8:24:eb:4c:d9:
77:3e:18:30:34:b4:53:22:29:1e:70:f1:98:25:b0:
60:e1:57:9e:5c:fe:8c:c6:54:00:38:25:ec:cb:bc:
1b:b0:0f:03:23:35:91:35:67:4a:cb:c5:33:a1:61:
60:e4:b1:d2:32:3e:31:6c:62:01:af:cd:69:c6:f4:
1d:61:ee:9d:33:02:7e:53:ef:87:14:15:7b:50:bf:
cd:5d:1c:db:f1:97:18:dd:54:fb:73:50:21:e1:80:
8c:35:fa:1a:0a:2c:cb:f0:d1:b2:23:14:66:17:66:
b3:6b:6c:17:40:5b:49:38:25:64:7b:55:2e:8e:60:
28:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:41:AC:F1:74:2D:DD:19:4B:A6:3D:34:30:AB:10:A2:94:28:EF:01
X509v3 Authority Key Identifier:
keyid:42:1B:AE:98:98:98:D9:40:24:24:AA:DA:FB:B4:7C:3A:6D:4C:25:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QhuumJiY2UAkJKra-7R8Om1MJbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/QhuumJiY2UAkJKra-7R8Om1MJbM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/QhuumJiY2UAkJKra-7R8Om1MJbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2d:28:01:5f:8f:04:9f:15:61:8d:27:91:ba:da:66:96:92:3a:
13:ad:01:d9:0e:9f:c7:6e:13:1c:02:b8:de:af:ce:64:9f:51:
eb:07:bd:ea:18:87:13:0d:59:b3:50:22:4d:7e:3a:98:f4:6a:
e6:41:0e:65:9b:ba:98:99:34:f4:77:c0:c2:e4:95:f7:94:4e:
9e:6b:df:06:61:ce:4b:51:01:09:0a:65:57:90:34:c8:ec:5c:
66:0d:3e:a1:f4:0d:6e:58:a0:46:c7:76:f7:66:ad:da:fa:bd:
f7:f0:fa:4c:36:97:0b:60:b1:53:fb:f9:3e:02:d7:60:31:6c:
60:e2:f1:79:55:9f:ac:38:82:40:0f:cb:0e:b3:ce:cd:4f:51:
29:ba:78:55:88:b1:09:ad:9d:b7:42:cd:1f:ef:77:4f:69:8f:
82:c3:ae:7c:8e:88:f2:16:72:f6:f3:a7:28:4a:23:c4:74:5c:
5e:39:6f:d9:d1:eb:b2:d4:da:33:91:83:8c:a3:ed:aa:a1:d0:
71:e4:a9:5b:b5:d9:16:a9:ec:80:72:db:65:62:7a:7a:77:fd:
92:18:8d:0d:60:a6:e9:a0:15:94:ef:ca:65:6a:0b:b8:47:ba:
38:28:dd:40:46:43:2d:08:e9:d6:d4:4c:46:ea:3c:f9:7d:c2:
9e:4e:8d:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpZ5p8C+M2cLFey0E7z6PCaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMWJhZTk4OTg5OGQ5NDAyNDI0YWFkYWZiYjQ3YzNhNmQ0
YzI1YjMwHhcNMjUxMTA2MTYwMTE3WhcNMjUxMTA3MTYwMTE3WjAzMTEwLwYDVQQD
EyhiYzQxYWNmMTc0MmRkZDE5NGJhNjNkMzQzMGFiMTBhMjk0MjhlZjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4F/NsLwU6sXjCKh21HGDBqXdcub4
+J+Ke8NdO05XW1sF1hwvDAaYah+zFmKWz9nWImZmWeBPYWkwy/CjfwE0k9LEhACx
1ukgRQmfoOB0+bdJ+P+9J79K69F9J7tHayPiBkB/LAWm+nLdtK4NPXpptKQrvM7c
uSxj65mF6wmVW9A8uCTrTNl3PhgwNLRTIikecPGYJbBg4VeeXP6MxlQAOCXsy7wb
sA8DIzWRNWdKy8UzoWFg5LHSMj4xbGIBr81pxvQdYe6dMwJ+U++HFBV7UL/NXRzb
8ZcY3VT7c1Ah4YCMNfoaCizL8NGyIxRmF2aza2wXQFtJOCVke1UujmAoCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLxBrPF0Ld0ZS6Y9NDCrEKKUKO8BMB8GA1UdIwQY
MBaAFEIbrpiYmNlAJCSq2vu0fDptTCWzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWh1dW1KaVkyVUFrSktyYS03UjhPbTFNSmJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9iMzRjYjAtMmY3MS00ZjU5LWJkNWUt
NjdlZmNiM2Q4NmZlLzEvUWh1dW1KaVkyVUFrSktyYS03UjhPbTFNSmJNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9iMzRjYjAtMmY3MS00ZjU5LWJkNWUtNjdlZmNiM2Q4NmZl
LzEvUWh1dW1KaVkyVUFrSktyYS03UjhPbTFNSmJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALSgBX48E
nxVhjSeRutpmlpI6E60B2Q6fx24THAK43q/OZJ9R6we96hiHEw1Zs1AiTX46mPRq
5kEOZZu6mJk09HfAwuSV95ROnmvfBmHOS1EBCQplV5A0yOxcZg0+ofQNbligRsd2
92at2vq99/D6TDaXC2CxU/v5PgLXYDFsYOLxeVWfrDiCQA/LDrPOzU9RKbp4VYix
Ca2dt0LNH+93T2mPgsOufI6I8hZy9vOnKEojxHRcXjlv2dHrstTaM5GDjKPtqqHQ
ceSpW7XZFqnsgHLbZWJ6enf9khiNDWCm6aAVlO/KZWoLuEe6OCjdQEZDLQjp1tRM
Ruo8+X3Cnk6N6Q==
-----END CERTIFICATE-----
Generated at Fri Nov 7 00:29:13 2025 by rpki-client