Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/a26050-49ec-4955-9810-e5453707a58e/1/qyt5QmiS7R2nsuYYZ3DPsErmA80.mft
File: qyt5QmiS7R2nsuYYZ3DPsErmA80.mft (raw, json)
Hash identifier: 6xhxEAsjXs8yQVq6RdvXbt3zYr0Xd8SjNcI6Zr5DW/Q=
Subject key identifier: CB:C4:98:57:A6:C8:53:E5:4D:45:C9:E8:A2:21:25:0E:1C:4F:25:95
Authority key identifier: AB:2B:79:42:68:92:ED:1D:A7:B2:E6:18:67:70:CF:B0:4A:E6:03:CD
Certificate issuer: /CN=ab2b79426892ed1da7b2e6186770cfb04ae603cd
Certificate serial: 019A725CAEBD9DB1D8897850974489C1107A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qyt5QmiS7R2nsuYYZ3DPsErmA80.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/a26050-49ec-4955-9810-e5453707a58e/1/qyt5QmiS7R2nsuYYZ3DPsErmA80.mft
Manifest number: 09C5
Signing time: Tue 11 Nov 2025 10:01:07 +0000
Manifest this update: Tue 11 Nov 2025 10:01:07 +0000
Manifest next update: Wed 12 Nov 2025 10:01:07 +0000
Files and hashes: 1: qyt5QmiS7R2nsuYYZ3DPsErmA80.crl (hash: 7FiTFbZyxaar0vUIPK0QPTgbP0Gw1ptik4k1RTW33WI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/a26050-49ec-4955-9810-e5453707a58e/1/qyt5QmiS7R2nsuYYZ3DPsErmA80.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/a26050-49ec-4955-9810-e5453707a58e/1/qyt5QmiS7R2nsuYYZ3DPsErmA80.mft
rsync://rpki.ripe.net/repository/DEFAULT/qyt5QmiS7R2nsuYYZ3DPsErmA80.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:ae:bd:9d:b1:d8:89:78:50:97:44:89:c1:10:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2b79426892ed1da7b2e6186770cfb04ae603cd
Validity
Not Before: Nov 11 10:01:07 2025 GMT
Not After : Nov 12 10:01:07 2025 GMT
Subject: CN=cbc49857a6c853e54d45c9e8a221250e1c4f2595
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:94:d4:dd:39:95:39:88:d6:9c:74:08:a2:83:
4b:5d:e2:d6:39:16:36:83:a5:1b:45:ed:eb:2a:c9:
97:d1:c3:2a:76:e8:e7:de:09:65:49:3d:4f:df:e8:
87:6a:4e:40:55:76:ff:63:51:4a:fa:5e:4d:d2:03:
f8:19:55:ef:a3:af:b9:8c:92:fa:9e:27:a1:c1:ec:
2c:a5:a0:05:cb:19:e1:34:2d:63:e6:bd:14:9d:d7:
71:7c:10:e7:e1:ea:4f:1d:d0:2c:28:e6:68:8a:63:
03:65:8d:56:b6:b5:be:be:2a:af:7c:3a:1d:87:dd:
65:3a:3a:de:f5:75:1b:91:1e:18:dd:e5:b3:08:e8:
8b:29:14:8c:68:5e:dc:54:62:85:5e:4c:05:81:c3:
52:07:f6:e0:52:1f:d0:4f:2f:8a:df:14:9d:de:8d:
ad:b1:72:3a:c0:85:6d:ec:3c:0f:c5:ea:4e:9b:38:
cd:3f:d3:96:0f:b8:88:2c:a4:4c:ea:9b:48:cd:ec:
1f:99:00:2a:60:71:e3:1b:28:16:55:99:56:f5:74:
04:87:dc:89:80:02:83:1c:bb:f6:d9:b3:55:21:a1:
91:e3:89:2f:6d:4d:bf:3a:76:53:b1:dd:0f:01:3e:
18:9b:23:84:97:0e:78:9f:2c:89:a0:f4:3b:8f:45:
cd:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:C4:98:57:A6:C8:53:E5:4D:45:C9:E8:A2:21:25:0E:1C:4F:25:95
X509v3 Authority Key Identifier:
keyid:AB:2B:79:42:68:92:ED:1D:A7:B2:E6:18:67:70:CF:B0:4A:E6:03:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qyt5QmiS7R2nsuYYZ3DPsErmA80.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/a26050-49ec-4955-9810-e5453707a58e/1/qyt5QmiS7R2nsuYYZ3DPsErmA80.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/a26050-49ec-4955-9810-e5453707a58e/1/qyt5QmiS7R2nsuYYZ3DPsErmA80.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
63:90:de:b2:cf:25:27:4e:a6:5f:b4:a3:99:68:1e:00:4b:b4:
c7:51:95:41:19:7e:f8:f3:84:66:8d:a8:33:7d:a7:d7:b4:d9:
72:2e:34:98:a0:92:05:82:b4:94:6b:f8:04:5e:b2:9d:af:e8:
36:d5:f0:da:29:7b:f2:21:e5:6f:e4:39:00:e8:f8:7c:db:a4:
cc:26:5b:06:95:c3:12:97:80:fb:ac:19:02:a8:eb:5b:aa:15:
35:58:68:43:40:8e:d0:0c:17:70:34:ad:ed:7c:2d:45:c8:20:
2b:18:1f:aa:d8:93:28:35:86:a3:5c:6f:cc:e1:88:70:e0:e2:
4b:c8:63:5d:95:d5:8c:05:37:5d:11:5f:10:50:8d:80:2f:24:
cf:f3:13:c5:59:ec:b3:4b:54:e0:59:54:29:f4:32:29:79:4e:
81:a3:cc:ce:8b:27:46:6d:c5:5d:20:ae:45:44:22:ce:5f:85:
e2:d6:e1:d7:c5:be:ec:4e:24:c9:0c:b9:0e:b4:d0:00:d5:53:
de:2c:c7:ff:54:df:fc:45:7b:1e:00:18:ab:35:7e:d9:36:67:
7a:58:a4:e7:19:2d:f6:16:14:44:0d:fc:b2:b2:02:03:ac:85:
1d:ca:07:50:b3:9d:27:9c:49:15:eb:78:f7:2f:99:7f:fd:11:
7f:c2:f3:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXK69nbHYiXhQl0SJwRB6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMmI3OTQyNjg5MmVkMWRhN2IyZTYxODY3NzBjZmIwNGFl
NjAzY2QwHhcNMjUxMTExMTAwMTA3WhcNMjUxMTEyMTAwMTA3WjAzMTEwLwYDVQQD
EyhjYmM0OTg1N2E2Yzg1M2U1NGQ0NWM5ZThhMjIxMjUwZTFjNGYyNTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15TU3TmVOYjWnHQIooNLXeLWORY2
g6UbRe3rKsmX0cMqdujn3gllST1P3+iHak5AVXb/Y1FK+l5N0gP4GVXvo6+5jJL6
niehwewspaAFyxnhNC1j5r0UnddxfBDn4epPHdAsKOZoimMDZY1WtrW+viqvfDod
h91lOjre9XUbkR4Y3eWzCOiLKRSMaF7cVGKFXkwFgcNSB/bgUh/QTy+K3xSd3o2t
sXI6wIVt7DwPxepOmzjNP9OWD7iILKRM6ptIzewfmQAqYHHjGygWVZlW9XQEh9yJ
gAKDHLv22bNVIaGR44kvbU2/OnZTsd0PAT4YmyOElw54nyyJoPQ7j0XNbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMvEmFemyFPlTUXJ6KIhJQ4cTyWVMB8GA1UdIwQY
MBaAFKsreUJoku0dp7LmGGdwz7BK5gPNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXl0NVFtaVM3UjJuc3VZWVozRFBzRXJtQTgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9hMjYwNTAtNDllYy00OTU1LTk4MTAt
ZTU0NTM3MDdhNThlLzEvcXl0NVFtaVM3UjJuc3VZWVozRFBzRXJtQTgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9hMjYwNTAtNDllYy00OTU1LTk4MTAtZTU0NTM3MDdhNThl
LzEvcXl0NVFtaVM3UjJuc3VZWVozRFBzRXJtQTgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY5Dess8l
J06mX7SjmWgeAEu0x1GVQRl++POEZo2oM32n17TZci40mKCSBYK0lGv4BF6yna/o
NtXw2il78iHlb+Q5AOj4fNukzCZbBpXDEpeA+6wZAqjrW6oVNVhoQ0CO0AwXcDSt
7XwtRcggKxgfqtiTKDWGo1xvzOGIcODiS8hjXZXVjAU3XRFfEFCNgC8kz/MTxVns
s0tU4FlUKfQyKXlOgaPMzosnRm3FXSCuRUQizl+F4tbh18W+7E4kyQy5DrTQANVT
3izH/1Tf/EV7HgAYqzV+2TZnelik5xkt9hYURA38srICA6yFHcoHULOdJ5xJFet4
9y+Zf/0Rf8LzBA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:22:48 2025 by rpki-client