Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.mft
File: QH0twQwC9ewk9pD59mBVVIZWLlk.mft (raw, json)
Hash identifier: lPCDiaix/w2IseIJWq94oz//gHHULRUoGxKh7uEFkGc=
Subject key identifier: 78:29:1C:60:F1:A6:F0:08:D3:9D:13:63:41:C4:BD:A8:1D:94:A4:6E
Authority key identifier: 40:7D:2D:C1:0C:02:F5:EC:24:F6:90:F9:F6:60:55:54:86:56:2E:59
Certificate issuer: /CN=407d2dc10c02f5ec24f690f9f660555486562e59
Certificate serial: 019A725CCECA066D76B76612915944F37871
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QH0twQwC9ewk9pD59mBVVIZWLlk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.mft
Manifest number: 141E
Signing time: Tue 11 Nov 2025 10:01:16 +0000
Manifest this update: Tue 11 Nov 2025 10:01:16 +0000
Manifest next update: Wed 12 Nov 2025 10:01:16 +0000
Files and hashes: 1: H0bQgySRSVEBMsUFWG1LFpsoHvo.roa (hash: xkMnmqfm74JviA1Eb+MeDPeuGBKpBqJAXaeRNQIX3FU=)
2: QH0twQwC9ewk9pD59mBVVIZWLlk.crl (hash: 9s62/iLnKtw7m0/bafvGNumHyGGIH+Nn7coyP0tP/Iw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.mft
rsync://rpki.ripe.net/repository/DEFAULT/QH0twQwC9ewk9pD59mBVVIZWLlk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:ce:ca:06:6d:76:b7:66:12:91:59:44:f3:78:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=407d2dc10c02f5ec24f690f9f660555486562e59
Validity
Not Before: Nov 11 10:01:16 2025 GMT
Not After : Nov 12 10:01:16 2025 GMT
Subject: CN=78291c60f1a6f008d39d136341c4bda81d94a46e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:de:9b:f4:e2:95:13:df:b1:82:2b:11:be:1f:
e1:c1:30:6e:4f:35:77:48:4f:4f:a8:88:5a:bd:41:
85:4f:e0:bd:a5:de:91:42:77:d8:d9:fa:80:0b:1c:
3f:a8:41:c2:d5:e1:81:51:59:d0:de:69:7e:bc:0c:
f6:b0:e0:7e:e4:6a:f2:e9:83:58:34:a5:b5:17:af:
3a:3a:8a:3a:7e:11:93:9a:e3:77:a3:9d:63:ab:7f:
80:f1:88:14:cf:a6:8b:aa:95:ab:7e:8f:2c:f6:af:
a5:d9:20:77:ec:65:3c:44:6b:98:99:2d:61:33:23:
99:56:0d:3a:d4:94:66:d9:91:9f:7f:ce:dd:d3:31:
51:08:64:4a:91:3c:c3:bb:56:e8:6f:37:9e:e1:ee:
81:8d:41:61:5d:f8:97:1e:e4:e6:2a:24:20:93:b3:
ef:0c:0e:e8:14:0d:80:0b:d5:a7:02:b4:a2:b2:1b:
4a:1a:11:fa:a5:c1:e1:52:cf:e7:d4:35:3a:f5:96:
e5:2b:7d:c4:0e:89:65:5a:3f:5e:e4:3b:60:c5:b5:
9c:da:7d:20:36:45:76:2a:48:ed:b7:30:51:e7:b7:
cc:d0:c2:6e:a2:79:67:9b:2d:27:d9:44:37:13:2e:
1f:4b:71:53:5c:4f:b0:31:54:0b:5b:f2:84:fa:20:
4f:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:29:1C:60:F1:A6:F0:08:D3:9D:13:63:41:C4:BD:A8:1D:94:A4:6E
X509v3 Authority Key Identifier:
keyid:40:7D:2D:C1:0C:02:F5:EC:24:F6:90:F9:F6:60:55:54:86:56:2E:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QH0twQwC9ewk9pD59mBVVIZWLlk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
99:16:71:36:32:ca:00:08:38:61:1c:6f:3b:6c:d7:0b:79:c5:
2f:cc:61:27:d0:1f:78:c6:87:73:f4:f6:af:68:fb:d1:65:95:
86:2c:3d:3c:01:b1:5a:dc:88:4e:d5:7a:95:33:bf:28:23:db:
eb:31:4e:e9:83:67:ba:fa:c7:e3:0d:4f:24:ed:d3:5f:99:94:
f1:d3:fc:76:61:3d:a9:88:81:c6:40:a5:16:16:3a:61:50:9c:
28:bd:45:b0:9c:d9:e1:36:2b:28:ba:f8:92:4e:ce:20:d6:d1:
63:da:e9:62:f7:c5:ed:4f:7a:a8:b9:ff:c4:9a:93:f5:36:75:
73:18:b1:61:e0:f9:07:fc:51:08:17:03:20:84:3f:5b:58:29:
f3:ee:b9:fa:5a:9b:62:27:50:55:7b:c0:45:ae:ef:75:61:c4:
c7:26:10:6e:45:d1:9b:92:45:82:ca:91:02:ab:3c:ab:65:06:
cb:50:31:87:71:44:d9:20:28:9c:ab:07:0f:d5:a2:9c:70:21:
8b:aa:ac:28:e3:68:c7:e4:29:50:19:a3:e3:90:b2:17:87:90:
19:d1:64:e5:68:25:37:7e:e1:7c:90:5f:70:9c:68:3d:70:46:
d0:ad:94:eb:b0:aa:47:aa:f1:13:41:06:c0:8f:32:03:be:ff:
7a:87:82:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXM7KBm12t2YSkVlE83hxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwN2QyZGMxMGMwMmY1ZWMyNGY2OTBmOWY2NjA1NTU0ODY1
NjJlNTkwHhcNMjUxMTExMTAwMTE2WhcNMjUxMTEyMTAwMTE2WjAzMTEwLwYDVQQD
Eyg3ODI5MWM2MGYxYTZmMDA4ZDM5ZDEzNjM0MWM0YmRhODFkOTRhNDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu96b9OKVE9+xgisRvh/hwTBuTzV3
SE9PqIhavUGFT+C9pd6RQnfY2fqACxw/qEHC1eGBUVnQ3ml+vAz2sOB+5Gry6YNY
NKW1F686Ooo6fhGTmuN3o51jq3+A8YgUz6aLqpWrfo8s9q+l2SB37GU8RGuYmS1h
MyOZVg061JRm2ZGff87d0zFRCGRKkTzDu1bobzee4e6BjUFhXfiXHuTmKiQgk7Pv
DA7oFA2AC9WnArSishtKGhH6pcHhUs/n1DU69ZblK33EDollWj9e5DtgxbWc2n0g
NkV2KkjttzBR57fM0MJuonlnmy0n2UQ3Ey4fS3FTXE+wMVQLW/KE+iBPMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHgpHGDxpvAI050TY0HEvagdlKRuMB8GA1UdIwQY
MBaAFEB9LcEMAvXsJPaQ+fZgVVSGVi5ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUgwdHdRd0M5ZXdrOXBENTltQlZWSVpXTGxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9hNmZjYzktZDI1MS00MmRjLWFkMDIt
OTY3YzIyODVlYTYyLzEvUUgwdHdRd0M5ZXdrOXBENTltQlZWSVpXTGxrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9hNmZjYzktZDI1MS00MmRjLWFkMDItOTY3YzIyODVlYTYy
LzEvUUgwdHdRd0M5ZXdrOXBENTltQlZWSVpXTGxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmRZxNjLK
AAg4YRxvO2zXC3nFL8xhJ9AfeMaHc/T2r2j70WWVhiw9PAGxWtyITtV6lTO/KCPb
6zFO6YNnuvrH4w1PJO3TX5mU8dP8dmE9qYiBxkClFhY6YVCcKL1FsJzZ4TYrKLr4
kk7OINbRY9rpYvfF7U96qLn/xJqT9TZ1cxixYeD5B/xRCBcDIIQ/W1gp8+65+lqb
YidQVXvARa7vdWHExyYQbkXRm5JFgsqRAqs8q2UGy1Axh3FE2SAonKsHD9WinHAh
i6qsKONox+QpUBmj45CyF4eQGdFk5WglN37hfJBfcJxoPXBG0K2U67CqR6rxE0EG
wI8yA77/eoeC2Q==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:05:48 2025 by rpki-client