Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.mft
File: QHxwg0YOGkxyxLxCdjE9OoWUSoc.mft (raw, json)
Hash identifier: gf17C4kFET9nmevGS9qzzn7cZgFwjNicioCvFR4Vsw0=
Subject key identifier: 88:E4:49:CC:70:F3:A1:99:D4:EE:0E:6E:27:27:F3:22:24:5D:9A:82
Authority key identifier: 40:7C:70:83:46:0E:1A:4C:72:C4:BC:42:76:31:3D:3A:85:94:4A:87
Certificate issuer: /CN=407c7083460e1a4c72c4bc4276313d3a85944a87
Certificate serial: 019A4E18F041159375EFF536AD40E3067989
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QHxwg0YOGkxyxLxCdjE9OoWUSoc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.mft
Manifest number: 0E9D
Signing time: Tue 04 Nov 2025 09:00:48 +0000
Manifest this update: Tue 04 Nov 2025 09:00:48 +0000
Manifest next update: Wed 05 Nov 2025 09:00:48 +0000
Files and hashes: 1: GQOl6LTvNyPMyG3KjW9Ajp0Bvpw.roa (hash: eZX/fpaYpvDnXloavaVJKtIU2XKfpzNfzwR74TFia7o=)
2: QHxwg0YOGkxyxLxCdjE9OoWUSoc.crl (hash: JO9x/gsn9h8M0+ClpZtFDBITUC7be9T4WGfiPyUFYME=)
3: b5Ug6NPJo2XtezY8UVzxnmPE-i0.roa (hash: VB+B1HYKvDBDwa8bPpxYYXoTuHADEZJRpgBpaSqbPu4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.mft
rsync://rpki.ripe.net/repository/DEFAULT/QHxwg0YOGkxyxLxCdjE9OoWUSoc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:18:f0:41:15:93:75:ef:f5:36:ad:40:e3:06:79:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=407c7083460e1a4c72c4bc4276313d3a85944a87
Validity
Not Before: Nov 4 09:00:48 2025 GMT
Not After : Nov 5 09:00:48 2025 GMT
Subject: CN=88e449cc70f3a199d4ee0e6e2727f322245d9a82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:98:08:72:bb:38:c8:66:cc:72:32:96:18:b6:
a1:b9:3d:16:95:73:2c:79:eb:3d:2a:d0:d0:8a:0a:
32:da:70:4d:0c:52:61:2c:e9:61:c7:7c:b4:8f:26:
89:22:28:3a:8c:33:5a:fd:45:27:3f:a2:00:a4:f3:
b0:8c:bd:4e:54:56:52:34:8b:05:ad:b1:01:7f:a6:
88:5d:cd:06:dc:93:da:d1:aa:8f:1f:ed:77:58:b3:
e0:0d:b0:f1:26:22:76:94:23:69:1c:8f:e8:5f:26:
e4:ae:03:f5:62:f8:9a:64:79:97:bf:22:1e:04:89:
49:b3:b3:fa:8c:03:4e:ec:c0:2c:d4:5d:cd:2b:ae:
83:c9:f5:e3:f8:6c:aa:e3:7d:ff:ca:6a:e9:19:cf:
2e:09:97:03:68:88:f9:49:eb:79:70:ea:02:1b:51:
26:16:09:77:ba:94:6d:59:4f:85:cb:af:34:c1:d0:
05:24:ad:fc:a4:68:c1:b9:cd:2b:e0:42:87:0a:d0:
e0:88:13:a5:a9:04:6c:54:26:e6:76:57:83:58:f4:
47:d9:c6:c6:fa:a5:b0:0f:9b:10:f0:b0:16:81:72:
ab:3a:d8:7f:f9:b0:4d:7f:3a:89:6f:75:1a:aa:0a:
25:10:fb:8b:72:e9:bf:db:1a:b9:92:9a:ae:36:0b:
0e:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:E4:49:CC:70:F3:A1:99:D4:EE:0E:6E:27:27:F3:22:24:5D:9A:82
X509v3 Authority Key Identifier:
keyid:40:7C:70:83:46:0E:1A:4C:72:C4:BC:42:76:31:3D:3A:85:94:4A:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QHxwg0YOGkxyxLxCdjE9OoWUSoc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a1:6e:63:a7:7f:09:cf:35:3a:b4:7a:21:1e:2e:56:b7:4b:14:
1b:77:33:1c:f7:36:f9:0a:be:76:5a:25:f2:fd:14:99:35:ad:
50:df:78:7d:96:2f:a9:ad:49:0a:04:79:75:29:67:34:85:2e:
d0:02:3c:26:45:80:24:f3:dd:c0:0f:19:f4:d9:52:e6:ee:04:
f9:88:d5:33:d5:6e:ef:9d:c8:43:20:ce:bb:51:ee:be:53:fb:
f0:24:2c:19:b4:23:06:3b:1d:ba:a4:0e:83:92:4a:fa:15:23:
e7:d4:e5:90:97:ac:99:3a:65:a4:c8:85:b8:29:5b:e4:bb:e5:
a6:03:ae:6d:31:71:11:3d:1b:f1:9c:4a:81:f1:46:a3:8d:50:
b4:71:19:0d:bc:e2:3c:13:4d:54:99:f6:8b:b4:cf:4f:c2:6e:
b6:31:84:5d:d8:4e:a2:cd:17:3c:92:55:3e:82:2f:d8:18:e3:
13:a9:7c:5c:3e:93:42:7d:1d:58:11:68:61:47:7f:75:15:17:
ac:ec:97:b0:f5:0e:82:fa:8c:72:96:92:67:e4:03:30:59:6e:
41:70:61:16:f2:4a:2e:33:c8:0d:2c:31:4e:53:14:9f:00:12:
fc:29:95:b7:04:81:08:92:8a:b6:87:39:b4:46:52:db:d6:3e:
3c:93:0a:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOGPBBFZN17/U2rUDjBnmJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwN2M3MDgzNDYwZTFhNGM3MmM0YmM0Mjc2MzEzZDNhODU5
NDRhODcwHhcNMjUxMTA0MDkwMDQ4WhcNMjUxMTA1MDkwMDQ4WjAzMTEwLwYDVQQD
Eyg4OGU0NDljYzcwZjNhMTk5ZDRlZTBlNmUyNzI3ZjMyMjI0NWQ5YTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpgIcrs4yGbMcjKWGLahuT0WlXMs
ees9KtDQigoy2nBNDFJhLOlhx3y0jyaJIig6jDNa/UUnP6IApPOwjL1OVFZSNIsF
rbEBf6aIXc0G3JPa0aqPH+13WLPgDbDxJiJ2lCNpHI/oXybkrgP1YviaZHmXvyIe
BIlJs7P6jANO7MAs1F3NK66DyfXj+Gyq433/ymrpGc8uCZcDaIj5Set5cOoCG1Em
Fgl3upRtWU+Fy680wdAFJK38pGjBuc0r4EKHCtDgiBOlqQRsVCbmdleDWPRH2cbG
+qWwD5sQ8LAWgXKrOth/+bBNfzqJb3UaqgolEPuLcum/2xq5kpquNgsOewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIjkScxw86GZ1O4Obicn8yIkXZqCMB8GA1UdIwQY
MBaAFEB8cINGDhpMcsS8QnYxPTqFlEqHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUh4d2cwWU9Ha3h5eEx4Q2RqRTlPb1dVU29jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi84YTc1NjktZWQ3NC00YTkyLTg2Mjct
OTg1ZWQxNWM5YWViLzEvUUh4d2cwWU9Ha3h5eEx4Q2RqRTlPb1dVU29jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi84YTc1NjktZWQ3NC00YTkyLTg2MjctOTg1ZWQxNWM5YWVi
LzEvUUh4d2cwWU9Ha3h5eEx4Q2RqRTlPb1dVU29jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoW5jp38J
zzU6tHohHi5Wt0sUG3czHPc2+Qq+dlol8v0UmTWtUN94fZYvqa1JCgR5dSlnNIUu
0AI8JkWAJPPdwA8Z9NlS5u4E+YjVM9Vu753IQyDOu1HuvlP78CQsGbQjBjsduqQO
g5JK+hUj59TlkJesmTplpMiFuClb5LvlpgOubTFxET0b8ZxKgfFGo41QtHEZDbzi
PBNNVJn2i7TPT8JutjGEXdhOos0XPJJVPoIv2BjjE6l8XD6TQn0dWBFoYUd/dRUX
rOyXsPUOgvqMcpaSZ+QDMFluQXBhFvJKLjPIDSwxTlMUnwAS/CmVtwSBCJKKtoc5
tEZS29Y+PJMKRw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 17:36:03 2025 by rpki-client