Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/aa1af4-9256-46c8-ab02-94e647262160/1/qHxnPzWntwWmtCTTORT6OS07li4.mft
File: qHxnPzWntwWmtCTTORT6OS07li4.mft (raw, json)
Hash identifier: uwpNhwhpM2/tXmXy0aPhUkibz4JEEx5f7SVXjFhlL9Y=
Subject key identifier: 26:08:BB:37:E6:D0:E6:F5:8B:14:36:DF:40:83:07:41:7E:32:9B:C5
Authority key identifier: A8:7C:67:3F:35:A7:B7:05:A6:B4:24:D3:39:14:FA:39:2D:3B:96:2E
Certificate issuer: /CN=a87c673f35a7b705a6b424d33914fa392d3b962e
Certificate serial: 019A4D3D26790CF38936E04330A6D6E0B20A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qHxnPzWntwWmtCTTORT6OS07li4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/aa1af4-9256-46c8-ab02-94e647262160/1/qHxnPzWntwWmtCTTORT6OS07li4.mft
Manifest number: 0987
Signing time: Tue 04 Nov 2025 05:00:44 +0000
Manifest this update: Tue 04 Nov 2025 05:00:44 +0000
Manifest next update: Wed 05 Nov 2025 05:00:44 +0000
Files and hashes: 1: Eax-YG047Te5n0m45RUjhbrR1oI.roa (hash: iDlk1T+vVuMTMOmIBdx2Kl0rk1EldiQCxibfcQYd5i0=)
2: qHxnPzWntwWmtCTTORT6OS07li4.crl (hash: IQkcGFG4Qsj855YPWSnqFZV4r1nlkZNdpfK3jVgbtCE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/aa1af4-9256-46c8-ab02-94e647262160/1/qHxnPzWntwWmtCTTORT6OS07li4.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/aa1af4-9256-46c8-ab02-94e647262160/1/qHxnPzWntwWmtCTTORT6OS07li4.mft
rsync://rpki.ripe.net/repository/DEFAULT/qHxnPzWntwWmtCTTORT6OS07li4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 05:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:3d:26:79:0c:f3:89:36:e0:43:30:a6:d6:e0:b2:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a87c673f35a7b705a6b424d33914fa392d3b962e
Validity
Not Before: Nov 4 05:00:44 2025 GMT
Not After : Nov 5 05:00:44 2025 GMT
Subject: CN=2608bb37e6d0e6f58b1436df408307417e329bc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:d4:99:9f:e1:c9:87:bc:83:8f:af:f9:55:35:
e5:fa:7e:07:0a:34:42:d0:de:c0:ea:91:6c:29:d5:
b6:05:08:69:98:fa:08:0d:2a:63:d2:84:bb:57:ab:
ef:a8:82:71:70:87:7a:aa:e0:02:96:e8:1b:6e:15:
0b:fe:dd:72:9b:11:ef:6a:74:be:65:42:71:fe:bc:
12:ba:12:26:5e:04:f6:40:24:7e:79:85:c4:0b:53:
a0:b6:92:ca:00:c8:0c:0c:67:34:be:68:f1:c8:d5:
28:0f:14:c4:43:66:53:a9:57:5c:71:87:9e:26:6b:
5e:f7:26:10:75:b1:be:bc:7c:5e:ad:df:89:a6:b6:
2f:33:f6:e0:72:42:b2:34:b7:b5:15:f2:30:ed:32:
97:b3:fb:28:6e:1f:e1:7b:a2:d1:72:5d:8c:dc:c0:
29:47:71:59:aa:91:b7:9a:c6:d2:cd:f3:e7:a0:38:
b2:20:fc:6c:ae:92:81:5e:ce:f9:f7:3a:8d:5a:2f:
97:53:a5:c6:02:f8:1a:0d:bf:05:0d:ef:07:3c:93:
92:d4:35:af:5d:3c:b6:2d:7c:45:1f:21:ad:05:07:
68:5b:b0:bc:f7:88:1b:0f:be:06:4c:b6:51:a9:e0:
bd:bb:6e:13:97:29:b7:a2:5b:6b:ce:f6:87:50:fd:
5b:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:08:BB:37:E6:D0:E6:F5:8B:14:36:DF:40:83:07:41:7E:32:9B:C5
X509v3 Authority Key Identifier:
keyid:A8:7C:67:3F:35:A7:B7:05:A6:B4:24:D3:39:14:FA:39:2D:3B:96:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qHxnPzWntwWmtCTTORT6OS07li4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/aa1af4-9256-46c8-ab02-94e647262160/1/qHxnPzWntwWmtCTTORT6OS07li4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/aa1af4-9256-46c8-ab02-94e647262160/1/qHxnPzWntwWmtCTTORT6OS07li4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
34:46:1d:66:73:54:d2:c4:eb:ae:cf:81:65:68:67:2b:86:6c:
15:72:d6:7c:0d:ef:5e:db:01:bb:9e:18:5c:a0:fe:2d:0f:59:
3e:ee:63:e5:c1:26:d3:b2:4e:01:2b:fe:9b:d2:2b:1c:59:ce:
ea:47:53:cf:64:b5:ec:a7:80:9d:df:af:97:2b:33:13:e9:b8:
66:9c:32:db:6a:f7:6b:cb:a8:00:39:b9:8f:80:f6:91:76:4f:
15:a8:1d:c5:ab:c4:7f:25:cc:89:a3:ee:f5:ee:65:85:59:13:
0e:56:f0:7f:d2:1b:67:fb:84:84:fe:bf:86:25:96:7f:13:93:
fb:26:0d:08:1c:2b:8e:6b:70:2a:62:6f:94:11:79:fa:66:ea:
55:9b:48:56:cc:ba:3b:13:66:35:b6:23:15:21:6e:ee:de:bc:
99:8e:61:79:90:3d:91:3e:74:38:d8:c3:54:80:c7:a4:3f:ea:
7b:8e:39:00:34:63:87:f0:a8:4d:61:c0:a4:bc:bb:07:4a:45:
cd:75:31:2e:d7:a7:f6:67:23:71:64:fc:c7:e7:48:32:2f:ae:
be:d8:6c:e3:5b:53:a3:68:d9:1e:2a:ef:5c:ac:6c:45:84:35:
08:58:60:ea:4a:fd:38:b6:9d:b6:2b:5c:df:c7:84:bd:6b:20:
2b:d9:52:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNPSZ5DPOJNuBDMKbW4LIKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4N2M2NzNmMzVhN2I3MDVhNmI0MjRkMzM5MTRmYTM5MmQz
Yjk2MmUwHhcNMjUxMTA0MDUwMDQ0WhcNMjUxMTA1MDUwMDQ0WjAzMTEwLwYDVQQD
EygyNjA4YmIzN2U2ZDBlNmY1OGIxNDM2ZGY0MDgzMDc0MTdlMzI5YmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9SZn+HJh7yDj6/5VTXl+n4HCjRC
0N7A6pFsKdW2BQhpmPoIDSpj0oS7V6vvqIJxcId6quAClugbbhUL/t1ymxHvanS+
ZUJx/rwSuhImXgT2QCR+eYXEC1OgtpLKAMgMDGc0vmjxyNUoDxTEQ2ZTqVdccYee
Jmte9yYQdbG+vHxerd+JprYvM/bgckKyNLe1FfIw7TKXs/sobh/he6LRcl2M3MAp
R3FZqpG3msbSzfPnoDiyIPxsrpKBXs759zqNWi+XU6XGAvgaDb8FDe8HPJOS1DWv
XTy2LXxFHyGtBQdoW7C894gbD74GTLZRqeC9u24Tlym3oltrzvaHUP1bnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCYIuzfm0Ob1ixQ230CDB0F+MpvFMB8GA1UdIwQY
MBaAFKh8Zz81p7cFprQk0zkU+jktO5YuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUh4blB6V250d1dtdENUVE9SVDZPUzA3bGk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9hYTFhZjQtOTI1Ni00NmM4LWFiMDIt
OTRlNjQ3MjYyMTYwLzEvcUh4blB6V250d1dtdENUVE9SVDZPUzA3bGk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9hYTFhZjQtOTI1Ni00NmM4LWFiMDItOTRlNjQ3MjYyMTYw
LzEvcUh4blB6V250d1dtdENUVE9SVDZPUzA3bGk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANEYdZnNU
0sTrrs+BZWhnK4ZsFXLWfA3vXtsBu54YXKD+LQ9ZPu5j5cEm07JOASv+m9IrHFnO
6kdTz2S17KeAnd+vlyszE+m4Zpwy22r3a8uoADm5j4D2kXZPFagdxavEfyXMiaPu
9e5lhVkTDlbwf9IbZ/uEhP6/hiWWfxOT+yYNCBwrjmtwKmJvlBF5+mbqVZtIVsy6
OxNmNbYjFSFu7t68mY5heZA9kT50ONjDVIDHpD/qe445ADRjh/CoTWHApLy7B0pF
zXUxLten9mcjcWT8x+dIMi+uvths41tTo2jZHirvXKxsRYQ1CFhg6kr9OLadtitc
38eEvWsgK9lSTw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 10:51:13 2025 by rpki-client