Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/5efae5-2c92-40d0-a3b6-a6c17ce82d77/1/QO5hC9zSO60rEZK9RcqKl204Vdo.mft
File: QO5hC9zSO60rEZK9RcqKl204Vdo.mft (raw, json)
Hash identifier: TJf2BVqR/6ppYpyGJreLGC/d4ne3cSzYFLITOZ7DTD8=
Subject key identifier: CA:37:84:22:5D:54:51:2F:37:59:BE:44:57:1C:6E:12:F9:AC:53:C9
Authority key identifier: 40:EE:61:0B:DC:D2:3B:AD:2B:11:92:BD:45:CA:8A:97:6D:38:55:DA
Certificate issuer: /CN=40ee610bdcd23bad2b1192bd45ca8a976d3855da
Certificate serial: 019A71B92DCA7262254C756924BAA9DEA31A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QO5hC9zSO60rEZK9RcqKl204Vdo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/5efae5-2c92-40d0-a3b6-a6c17ce82d77/1/QO5hC9zSO60rEZK9RcqKl204Vdo.mft
Manifest number: 15B9
Signing time: Tue 11 Nov 2025 07:02:32 +0000
Manifest this update: Tue 11 Nov 2025 07:02:32 +0000
Manifest next update: Wed 12 Nov 2025 07:02:32 +0000
Files and hashes: 1: QO5hC9zSO60rEZK9RcqKl204Vdo.crl (hash: h4VRGfZ1NoqD2bw5XcZNQOGQ08gbIKVAJ0W2bbLsxWg=)
2: WXzwl6dDgLLRTGjEWsJa-Mt4DFY.roa (hash: AsvwbpP9IRPmxXb+scTtlP8HJBrFwXPs3woICGrCIxY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/5efae5-2c92-40d0-a3b6-a6c17ce82d77/1/QO5hC9zSO60rEZK9RcqKl204Vdo.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/5efae5-2c92-40d0-a3b6-a6c17ce82d77/1/QO5hC9zSO60rEZK9RcqKl204Vdo.mft
rsync://rpki.ripe.net/repository/DEFAULT/QO5hC9zSO60rEZK9RcqKl204Vdo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b9:2d:ca:72:62:25:4c:75:69:24:ba:a9:de:a3:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40ee610bdcd23bad2b1192bd45ca8a976d3855da
Validity
Not Before: Nov 11 07:02:32 2025 GMT
Not After : Nov 12 07:02:32 2025 GMT
Subject: CN=ca3784225d54512f3759be44571c6e12f9ac53c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f6:c4:24:43:c6:42:15:27:19:5d:ad:df:c4:
63:96:db:7a:bd:a8:90:c5:55:20:a9:bb:71:6b:74:
54:66:28:55:91:49:e6:d3:c4:ce:37:93:f9:e9:80:
31:d3:95:5c:04:07:3d:55:ce:b2:e2:49:10:0d:1a:
8b:58:34:6e:83:56:a8:87:2e:fa:6d:ef:9e:58:5d:
ed:3e:0f:e5:de:02:dc:a1:0f:0b:18:d2:fd:1b:1a:
62:1a:c3:2e:9f:be:2d:4b:1c:78:7e:9f:e7:70:ad:
41:22:a5:3b:db:7d:2b:3e:10:f7:ce:92:5b:60:ab:
76:3f:dd:8c:6a:98:5c:81:a0:19:e8:b2:aa:ee:23:
4b:1f:0b:26:14:ee:1f:d3:0e:a1:82:66:9c:e5:1d:
23:6f:e5:a9:04:00:9c:ee:50:cf:ba:f3:a3:01:a4:
ec:d2:7f:f5:e1:5e:e4:bb:d4:95:91:45:38:89:f8:
7e:37:84:f2:d8:1e:8b:b4:d4:86:ee:48:86:88:27:
d7:d4:d7:e1:30:c5:18:81:a8:29:83:d3:c2:e9:2a:
f4:da:2f:24:bc:06:10:ab:9f:4d:1d:e6:3c:ed:b2:
64:11:6b:30:a9:37:23:11:82:14:9c:fa:4b:c4:4f:
49:d3:77:24:0d:cb:4b:72:06:47:39:46:ca:67:51:
59:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:37:84:22:5D:54:51:2F:37:59:BE:44:57:1C:6E:12:F9:AC:53:C9
X509v3 Authority Key Identifier:
keyid:40:EE:61:0B:DC:D2:3B:AD:2B:11:92:BD:45:CA:8A:97:6D:38:55:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QO5hC9zSO60rEZK9RcqKl204Vdo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/5efae5-2c92-40d0-a3b6-a6c17ce82d77/1/QO5hC9zSO60rEZK9RcqKl204Vdo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/5efae5-2c92-40d0-a3b6-a6c17ce82d77/1/QO5hC9zSO60rEZK9RcqKl204Vdo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6e:a7:3b:cc:14:23:3a:cb:23:0c:fc:ab:c8:f2:97:d7:cf:55:
f0:7e:53:d0:ed:c3:70:77:0b:7f:c2:c2:76:19:a2:2c:d9:a2:
24:5a:27:df:09:bc:69:a4:d0:95:e3:da:f8:82:57:5f:66:44:
e3:51:eb:9c:15:1e:c2:73:1b:81:7b:f2:9c:1d:32:29:0f:bb:
87:05:0b:74:9c:6c:d7:13:56:88:5d:89:73:60:8e:d7:18:89:
4e:35:09:45:d7:90:16:40:26:f2:db:a8:4a:34:48:20:36:9f:
b2:a5:a4:00:75:53:1b:d1:c3:48:93:72:45:48:b4:94:50:ea:
a2:5f:ba:96:15:d7:f7:fa:77:8c:3f:dd:8c:cb:34:05:d3:03:
24:a6:b0:a3:8e:b0:06:40:f9:07:52:07:4a:98:e7:d2:b9:c3:
d9:65:e1:04:61:79:b2:6b:ab:b6:a3:95:f8:69:9b:92:c1:fd:
c0:15:c7:e4:81:49:71:be:9e:4f:9a:3f:29:a0:f6:19:50:9b:
70:7f:7f:33:39:a3:78:44:be:7e:f0:c3:7f:f2:75:9d:2b:28:
80:8a:ac:a6:07:6d:40:42:aa:3d:d2:f1:15:a5:7d:00:65:f3:
19:8b:f9:7c:f2:bd:3e:9d:1f:f4:c7:18:2a:f2:8e:d1:f8:4f:
6e:cd:7b:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuS3KcmIlTHVpJLqp3qMaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZWU2MTBiZGNkMjNiYWQyYjExOTJiZDQ1Y2E4YTk3NmQz
ODU1ZGEwHhcNMjUxMTExMDcwMjMyWhcNMjUxMTEyMDcwMjMyWjAzMTEwLwYDVQQD
EyhjYTM3ODQyMjVkNTQ1MTJmMzc1OWJlNDQ1NzFjNmUxMmY5YWM1M2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2PbEJEPGQhUnGV2t38Rjltt6vaiQ
xVUgqbtxa3RUZihVkUnm08TON5P56YAx05VcBAc9Vc6y4kkQDRqLWDRug1aohy76
be+eWF3tPg/l3gLcoQ8LGNL9GxpiGsMun74tSxx4fp/ncK1BIqU7230rPhD3zpJb
YKt2P92MaphcgaAZ6LKq7iNLHwsmFO4f0w6hgmac5R0jb+WpBACc7lDPuvOjAaTs
0n/14V7ku9SVkUU4ifh+N4Ty2B6LtNSG7kiGiCfX1NfhMMUYgagpg9PC6Sr02i8k
vAYQq59NHeY87bJkEWswqTcjEYIUnPpLxE9J03ckDctLcgZHOUbKZ1FZlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMo3hCJdVFEvN1m+RFccbhL5rFPJMB8GA1UdIwQY
MBaAFEDuYQvc0jutKxGSvUXKipdtOFXaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU81aEM5elNPNjByRVpLOVJjcUtsMjA0VmRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi81ZWZhZTUtMmM5Mi00MGQwLWEzYjYt
YTZjMTdjZTgyZDc3LzEvUU81aEM5elNPNjByRVpLOVJjcUtsMjA0VmRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi81ZWZhZTUtMmM5Mi00MGQwLWEzYjYtYTZjMTdjZTgyZDc3
LzEvUU81aEM5elNPNjByRVpLOVJjcUtsMjA0VmRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbqc7zBQj
OssjDPyryPKX189V8H5T0O3DcHcLf8LCdhmiLNmiJFon3wm8aaTQlePa+IJXX2ZE
41HrnBUewnMbgXvynB0yKQ+7hwULdJxs1xNWiF2Jc2CO1xiJTjUJRdeQFkAm8tuo
SjRIIDafsqWkAHVTG9HDSJNyRUi0lFDqol+6lhXX9/p3jD/djMs0BdMDJKawo46w
BkD5B1IHSpjn0rnD2WXhBGF5smurtqOV+GmbksH9wBXH5IFJcb6eT5o/KaD2GVCb
cH9/MzmjeES+fvDDf/J1nSsogIqspgdtQEKqPdLxFaV9AGXzGYv5fPK9Pp0f9McY
KvKO0fhPbs17fw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:04:19 2025 by rpki-client