Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/8513cd-aac7-466d-a031-84ccf3420286/1/QhtM1AuuR9SPUcnMzGB8zlfOAPc.mft
File: QhtM1AuuR9SPUcnMzGB8zlfOAPc.mft (raw, json)
Hash identifier: kCbl7pi2i3zvuBjYwfl1cwZljpm0XpH/LZ2dUWkh5cI=
Subject key identifier: 46:BE:21:8B:B0:8F:53:49:C6:CE:5C:5F:6D:8A:64:21:AA:C0:BF:6C
Authority key identifier: 42:1B:4C:D4:0B:AE:47:D4:8F:51:C9:CC:CC:60:7C:CE:57:CE:00:F7
Certificate issuer: /CN=421b4cd40bae47d48f51c9cccc607cce57ce00f7
Certificate serial: 019A5075094A44D8B2CFA9813A6DE6412CD0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QhtM1AuuR9SPUcnMzGB8zlfOAPc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/8513cd-aac7-466d-a031-84ccf3420286/1/QhtM1AuuR9SPUcnMzGB8zlfOAPc.mft
Manifest number: 170D
Signing time: Tue 04 Nov 2025 20:00:38 +0000
Manifest this update: Tue 04 Nov 2025 20:00:38 +0000
Manifest next update: Wed 05 Nov 2025 20:00:38 +0000
Files and hashes: 1: QhtM1AuuR9SPUcnMzGB8zlfOAPc.crl (hash: 42Z7yi2QH3H8WMEdXwmb6V7tKe28VFlNKX4Thyt589g=)
2: rjvci4lVGCr57ADE7C3M4Mib4mk.roa (hash: yRKI8JSBUthmJegOInkpPYFyfDjZ1t7SRsTNJhUbFjo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/8513cd-aac7-466d-a031-84ccf3420286/1/QhtM1AuuR9SPUcnMzGB8zlfOAPc.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/8513cd-aac7-466d-a031-84ccf3420286/1/QhtM1AuuR9SPUcnMzGB8zlfOAPc.mft
rsync://rpki.ripe.net/repository/DEFAULT/QhtM1AuuR9SPUcnMzGB8zlfOAPc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 20:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:50:75:09:4a:44:d8:b2:cf:a9:81:3a:6d:e6:41:2c:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=421b4cd40bae47d48f51c9cccc607cce57ce00f7
Validity
Not Before: Nov 4 20:00:38 2025 GMT
Not After : Nov 5 20:00:38 2025 GMT
Subject: CN=46be218bb08f5349c6ce5c5f6d8a6421aac0bf6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:11:c5:56:47:86:a2:d6:bb:15:0c:c4:30:12:
87:d7:de:a8:14:f7:cb:80:da:6b:4d:70:b8:c1:ed:
5e:51:db:0b:1e:c5:61:9f:f1:33:30:72:93:da:32:
ac:78:55:73:18:95:aa:06:a5:60:f0:74:1a:f1:fe:
0e:c6:f3:c0:94:74:95:76:dd:99:ed:d7:ce:bb:ea:
e3:19:48:e4:91:f3:ce:c5:eb:07:88:c1:fc:b9:87:
b9:02:ae:3e:f8:70:c9:b5:5f:67:be:71:d7:e1:5a:
f6:4e:03:11:b3:78:9d:4a:d9:a5:d3:0a:84:2d:1c:
97:af:e3:55:94:1d:55:fc:58:1e:d9:bb:91:d3:11:
49:19:28:d9:99:dd:57:e8:26:8c:09:7f:e1:91:87:
20:2b:63:d6:07:14:31:eb:0b:65:a3:f6:09:91:70:
26:b0:be:15:79:28:a6:da:50:84:ee:97:85:d7:f4:
6f:37:5f:b7:70:ba:9f:5a:b9:bb:36:97:62:bf:47:
37:fa:ca:11:4a:cf:ef:4b:2d:55:4f:98:67:b9:f6:
de:d2:aa:81:5f:d7:96:70:f7:8e:9f:8e:86:ce:66:
45:9e:b7:04:49:d6:c4:af:01:51:1d:d6:11:a1:61:
ea:94:f4:9b:8e:bb:29:31:3e:75:55:1a:31:9c:5a:
5b:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:BE:21:8B:B0:8F:53:49:C6:CE:5C:5F:6D:8A:64:21:AA:C0:BF:6C
X509v3 Authority Key Identifier:
keyid:42:1B:4C:D4:0B:AE:47:D4:8F:51:C9:CC:CC:60:7C:CE:57:CE:00:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QhtM1AuuR9SPUcnMzGB8zlfOAPc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/8513cd-aac7-466d-a031-84ccf3420286/1/QhtM1AuuR9SPUcnMzGB8zlfOAPc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/8513cd-aac7-466d-a031-84ccf3420286/1/QhtM1AuuR9SPUcnMzGB8zlfOAPc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
32:63:31:49:b6:0d:18:8a:6f:3b:7d:97:61:19:ae:7c:e5:98:
1f:dc:4f:17:b1:0c:10:bf:bb:be:7c:cf:b2:de:28:52:89:73:
b6:53:27:08:4a:19:07:f8:29:75:89:d1:8a:dd:ac:2c:9b:47:
da:7b:87:ff:c4:35:1c:0c:c5:e7:ef:67:c8:42:94:6f:ac:2d:
01:bd:d7:70:b5:f2:88:07:db:5e:0c:b2:b2:06:c0:e6:fb:a1:
b9:9e:28:8f:85:31:97:26:9a:7a:d9:00:d4:0b:88:1b:46:f8:
07:64:a4:cc:a5:31:5c:44:c2:cf:52:9f:12:5c:20:3a:6a:f7:
c9:8b:9a:34:d7:69:7b:33:aa:75:3f:d1:a4:6d:eb:f7:41:a4:
28:eb:ce:99:3d:cf:c9:6b:cf:01:1b:3f:da:e5:d4:b3:dd:41:
d8:46:9f:2e:b2:99:51:27:26:9e:70:39:8e:c6:9e:71:0c:3d:
1c:b0:6d:8b:02:70:b3:d3:23:e2:85:10:21:81:72:b9:dc:4d:
fe:2a:e3:12:34:60:fb:4d:ff:37:59:f0:32:4b:37:08:2a:5b:
c6:ae:c5:28:1c:33:81:7d:8b:4f:0e:e1:01:4f:00:3e:e8:30:
e7:b7:ad:fa:36:0b:fd:61:2b:61:90:e3:59:54:90:6e:cd:44:
87:90:48:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQdQlKRNiyz6mBOm3mQSzQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMWI0Y2Q0MGJhZTQ3ZDQ4ZjUxYzljY2NjNjA3Y2NlNTdj
ZTAwZjcwHhcNMjUxMTA0MjAwMDM4WhcNMjUxMTA1MjAwMDM4WjAzMTEwLwYDVQQD
Eyg0NmJlMjE4YmIwOGY1MzQ5YzZjZTVjNWY2ZDhhNjQyMWFhYzBiZjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0hHFVkeGota7FQzEMBKH196oFPfL
gNprTXC4we1eUdsLHsVhn/EzMHKT2jKseFVzGJWqBqVg8HQa8f4OxvPAlHSVdt2Z
7dfOu+rjGUjkkfPOxesHiMH8uYe5Aq4++HDJtV9nvnHX4Vr2TgMRs3idStml0wqE
LRyXr+NVlB1V/Fge2buR0xFJGSjZmd1X6CaMCX/hkYcgK2PWBxQx6wtlo/YJkXAm
sL4VeSim2lCE7peF1/RvN1+3cLqfWrm7Npdiv0c3+soRSs/vSy1VT5hnufbe0qqB
X9eWcPeOn46GzmZFnrcESdbErwFRHdYRoWHqlPSbjrspMT51VRoxnFpbZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEa+IYuwj1NJxs5cX22KZCGqwL9sMB8GA1UdIwQY
MBaAFEIbTNQLrkfUj1HJzMxgfM5XzgD3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWh0TTFBdXVSOVNQVWNuTXpHQjh6bGZPQVBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi84NTEzY2QtYWFjNy00NjZkLWEwMzEt
ODRjY2YzNDIwMjg2LzEvUWh0TTFBdXVSOVNQVWNuTXpHQjh6bGZPQVBjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi84NTEzY2QtYWFjNy00NjZkLWEwMzEtODRjY2YzNDIwMjg2
LzEvUWh0TTFBdXVSOVNQVWNuTXpHQjh6bGZPQVBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMmMxSbYN
GIpvO32XYRmufOWYH9xPF7EMEL+7vnzPst4oUolztlMnCEoZB/gpdYnRit2sLJtH
2nuH/8Q1HAzF5+9nyEKUb6wtAb3XcLXyiAfbXgyysgbA5vuhuZ4oj4UxlyaaetkA
1AuIG0b4B2SkzKUxXETCz1KfElwgOmr3yYuaNNdpezOqdT/RpG3r90GkKOvOmT3P
yWvPARs/2uXUs91B2EafLrKZUScmnnA5jsaecQw9HLBtiwJws9Mj4oUQIYFyudxN
/irjEjRg+03/N1nwMks3CCpbxq7FKBwzgX2LTw7hAU8APugw57et+jYL/WErYZDj
WVSQbs1Eh5BITg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 05:45:20 2025 by rpki-client