Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/874c85-9e7d-4ace-958f-dab7f0c8d240/1/Q2dUfYUePNd2zTMpCyRUrMDoUbs.mft
File: Q2dUfYUePNd2zTMpCyRUrMDoUbs.mft (raw, json)
Hash identifier: kr3pc7W6xzHBa9WAQeI57mhMtPDUYenl1sbdOqI6f08=
Subject key identifier: 3F:32:3A:95:39:C1:C8:22:6F:48:C7:EB:26:C6:AD:59:4C:23:E7:50
Authority key identifier: 43:67:54:7D:85:1E:3C:D7:76:CD:33:29:0B:24:54:AC:C0:E8:51:BB
Certificate issuer: /CN=4367547d851e3cd776cd33290b2454acc0e851bb
Certificate serial: 019A50AB72C3949988B12BFA43CDF2E73191
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q2dUfYUePNd2zTMpCyRUrMDoUbs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/874c85-9e7d-4ace-958f-dab7f0c8d240/1/Q2dUfYUePNd2zTMpCyRUrMDoUbs.mft
Manifest number: 0395
Signing time: Tue 04 Nov 2025 21:00:04 +0000
Manifest this update: Tue 04 Nov 2025 21:00:04 +0000
Manifest next update: Wed 05 Nov 2025 21:00:04 +0000
Files and hashes: 1: Q2dUfYUePNd2zTMpCyRUrMDoUbs.crl (hash: 8BAmtC7NPsH6xanfiUNdtfKrEoWncGmif1YLkzymKYI=)
2: apiYt9ohXJuOfEyGrXHa7HB76MM.roa (hash: AEcAgCyBbIryV+blkcPYvEvGtcs/WXK2xP1cYHmzk9M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/874c85-9e7d-4ace-958f-dab7f0c8d240/1/Q2dUfYUePNd2zTMpCyRUrMDoUbs.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/874c85-9e7d-4ace-958f-dab7f0c8d240/1/Q2dUfYUePNd2zTMpCyRUrMDoUbs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q2dUfYUePNd2zTMpCyRUrMDoUbs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:50:ab:72:c3:94:99:88:b1:2b:fa:43:cd:f2:e7:31:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4367547d851e3cd776cd33290b2454acc0e851bb
Validity
Not Before: Nov 4 21:00:04 2025 GMT
Not After : Nov 5 21:00:04 2025 GMT
Subject: CN=3f323a9539c1c8226f48c7eb26c6ad594c23e750
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:91:aa:85:2a:0f:e7:5c:fb:b8:d0:81:76:2b:
48:b0:5b:d5:43:be:15:5c:40:cf:15:0e:0d:2a:ab:
1c:32:9e:23:18:8d:72:5e:39:ec:58:6d:38:a3:25:
5f:f4:60:42:01:d1:f6:3a:bf:86:47:2a:d0:60:d3:
e6:f6:aa:dc:fa:45:cd:25:0f:89:b0:89:84:e7:09:
5d:98:f0:5f:f9:17:37:10:b0:d1:dd:3e:72:20:90:
2e:c3:98:a0:07:5e:e5:94:79:30:28:b9:a8:9c:1a:
4b:20:3a:b4:0f:7e:d6:21:7f:66:11:05:c4:57:2f:
de:bb:64:42:1d:be:81:e9:8d:41:70:6c:aa:cb:1d:
ed:71:ce:ea:3f:5d:b3:e8:c5:6a:74:25:2b:32:4d:
47:ca:51:8b:91:a4:a2:8a:66:57:86:f3:f8:8a:e3:
9f:e7:a3:b4:33:bb:d3:e5:f8:5e:a4:fe:ac:d7:6f:
4a:17:02:c1:92:9f:c9:b5:83:aa:ff:e1:4b:18:49:
43:e1:40:1f:af:99:d6:69:3e:93:6e:ff:24:d7:e2:
49:c5:3e:95:a8:b6:d4:ee:5f:0f:da:6f:55:ca:e5:
93:8b:48:d0:18:55:5d:59:50:11:78:58:c2:c1:7a:
49:6e:20:42:3d:ce:66:f4:77:99:cf:32:6c:24:fe:
0d:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:32:3A:95:39:C1:C8:22:6F:48:C7:EB:26:C6:AD:59:4C:23:E7:50
X509v3 Authority Key Identifier:
keyid:43:67:54:7D:85:1E:3C:D7:76:CD:33:29:0B:24:54:AC:C0:E8:51:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q2dUfYUePNd2zTMpCyRUrMDoUbs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/874c85-9e7d-4ace-958f-dab7f0c8d240/1/Q2dUfYUePNd2zTMpCyRUrMDoUbs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/874c85-9e7d-4ace-958f-dab7f0c8d240/1/Q2dUfYUePNd2zTMpCyRUrMDoUbs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5d:3f:98:26:c6:16:df:5c:2c:29:9b:48:ff:81:56:ad:e0:0c:
34:ec:d0:e6:a6:01:ce:87:4f:c8:76:7a:02:dc:b1:19:bd:bf:
b7:0a:41:6b:9e:40:b3:b1:e7:43:fe:50:7b:b2:0c:33:ea:15:
26:cc:a5:77:bd:9e:62:62:de:46:7f:25:5a:31:11:05:42:c1:
da:cb:77:2a:aa:b1:23:25:03:2c:d7:93:8c:7c:b6:1a:6d:49:
13:24:a7:e4:0e:de:ca:6d:e5:a1:9b:95:24:f6:57:49:1c:08:
b3:d3:cd:e4:1d:76:8e:5c:cc:65:e7:cb:d5:08:3e:08:64:7b:
a7:8e:b7:0a:c8:a8:09:f4:fa:ff:f6:1c:19:7e:53:a5:b7:88:
82:83:a6:7f:2b:ef:6f:af:15:e5:da:e8:89:1b:da:10:fd:64:
be:53:b5:8a:5f:7e:67:fb:ce:33:e0:f6:2c:13:12:06:ca:c2:
b5:8c:b6:60:a4:6b:25:15:cb:e3:6b:0f:b8:ab:6f:cf:4a:22:
e9:51:e9:b0:b9:88:d6:15:68:96:f6:fe:0e:fb:3e:b2:79:9c:
91:aa:fa:d3:47:d3:f4:5c:79:86:4e:6f:ee:d4:4b:30:3f:d0:
c3:51:36:8c:57:97:53:2f:1b:c3:48:9d:06:1c:20:95:1f:96:
d6:b3:9f:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQq3LDlJmIsSv6Q83y5zGRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNjc1NDdkODUxZTNjZDc3NmNkMzMyOTBiMjQ1NGFjYzBl
ODUxYmIwHhcNMjUxMTA0MjEwMDA0WhcNMjUxMTA1MjEwMDA0WjAzMTEwLwYDVQQD
EygzZjMyM2E5NTM5YzFjODIyNmY0OGM3ZWIyNmM2YWQ1OTRjMjNlNzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZGqhSoP51z7uNCBditIsFvVQ74V
XEDPFQ4NKqscMp4jGI1yXjnsWG04oyVf9GBCAdH2Or+GRyrQYNPm9qrc+kXNJQ+J
sImE5wldmPBf+Rc3ELDR3T5yIJAuw5igB17llHkwKLmonBpLIDq0D37WIX9mEQXE
Vy/eu2RCHb6B6Y1BcGyqyx3tcc7qP12z6MVqdCUrMk1HylGLkaSiimZXhvP4iuOf
56O0M7vT5fhepP6s129KFwLBkp/JtYOq/+FLGElD4UAfr5nWaT6Tbv8k1+JJxT6V
qLbU7l8P2m9VyuWTi0jQGFVdWVAReFjCwXpJbiBCPc5m9HeZzzJsJP4N6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD8yOpU5wcgib0jH6ybGrVlMI+dQMB8GA1UdIwQY
MBaAFENnVH2FHjzXds0zKQskVKzA6FG7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTJkVWZZVWVQTmQyelRNcEN5UlVyTURvVWJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi84NzRjODUtOWU3ZC00YWNlLTk1OGYt
ZGFiN2YwYzhkMjQwLzEvUTJkVWZZVWVQTmQyelRNcEN5UlVyTURvVWJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi84NzRjODUtOWU3ZC00YWNlLTk1OGYtZGFiN2YwYzhkMjQw
LzEvUTJkVWZZVWVQTmQyelRNcEN5UlVyTURvVWJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXT+YJsYW
31wsKZtI/4FWreAMNOzQ5qYBzodPyHZ6AtyxGb2/twpBa55As7HnQ/5Qe7IMM+oV
Jsyld72eYmLeRn8lWjERBULB2st3KqqxIyUDLNeTjHy2Gm1JEySn5A7eym3loZuV
JPZXSRwIs9PN5B12jlzMZefL1Qg+CGR7p463CsioCfT6//YcGX5TpbeIgoOmfyvv
b68V5droiRvaEP1kvlO1il9+Z/vOM+D2LBMSBsrCtYy2YKRrJRXL42sPuKtvz0oi
6VHpsLmI1hVolvb+Dvs+snmckar600fT9Fx5hk5v7tRLMD/Qw1E2jFeXUy8bw0id
BhwglR+W1rOfvw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 01:52:23 2025 by rpki-client