Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/ec39be-e227-4a2d-b4b2-632caeef4584/1/0xQt8vZwlAzPWksnoNDJh-zIhlY.mft
File: 0xQt8vZwlAzPWksnoNDJh-zIhlY.mft (raw, json)
Hash identifier: K+MWFDzqzJJsjw5j1zbrNNuk+AwZxaWjYsg5MT67Qdo=
Subject key identifier: 42:01:9B:A9:D9:A0:81:73:CF:BD:0B:90:FE:EB:C2:3E:F8:EF:D7:B8
Authority key identifier: D3:14:2D:F2:F6:70:94:0C:CF:5A:4B:27:A0:D0:C9:87:EC:C8:86:56
Certificate issuer: /CN=d3142df2f670940ccf5a4b27a0d0c987ecc88656
Certificate serial: 019A4DAB037BDC56D8F524999368A073028E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0xQt8vZwlAzPWksnoNDJh-zIhlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/ec39be-e227-4a2d-b4b2-632caeef4584/1/0xQt8vZwlAzPWksnoNDJh-zIhlY.mft
Manifest number: 041D
Signing time: Tue 04 Nov 2025 07:00:44 +0000
Manifest this update: Tue 04 Nov 2025 07:00:44 +0000
Manifest next update: Wed 05 Nov 2025 07:00:44 +0000
Files and hashes: 1: 0xQt8vZwlAzPWksnoNDJh-zIhlY.crl (hash: P+ww8L4JfAjCXRFHxpkJkKUovMfLlSp9kxAl5x/Xxjo=)
2: DxWkaJkNeo1GnfX8PTB6m_7NDo8.roa (hash: 1C13Qsc+uAlJmXy/kak788lVFXMyWIaA+AZiv7RcjGk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/ec39be-e227-4a2d-b4b2-632caeef4584/1/0xQt8vZwlAzPWksnoNDJh-zIhlY.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/ec39be-e227-4a2d-b4b2-632caeef4584/1/0xQt8vZwlAzPWksnoNDJh-zIhlY.mft
rsync://rpki.ripe.net/repository/DEFAULT/0xQt8vZwlAzPWksnoNDJh-zIhlY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 07:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:ab:03:7b:dc:56:d8:f5:24:99:93:68:a0:73:02:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3142df2f670940ccf5a4b27a0d0c987ecc88656
Validity
Not Before: Nov 4 07:00:44 2025 GMT
Not After : Nov 5 07:00:44 2025 GMT
Subject: CN=42019ba9d9a08173cfbd0b90feebc23ef8efd7b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f0:f0:b9:a4:f8:cf:4d:90:78:cb:ea:77:4d:
ed:5a:f1:2e:e3:25:27:b0:ea:32:86:b4:3d:c1:ea:
08:52:67:f5:99:b5:2d:a1:00:4e:03:d4:4b:de:f6:
57:a9:ed:0c:26:94:a3:83:79:44:0e:5b:22:a8:4b:
db:86:84:06:5c:32:df:b2:bf:a9:01:72:9d:99:f8:
c7:61:19:0c:bf:b1:70:a1:c9:96:ad:2e:cb:d4:21:
c5:6f:01:3e:97:f7:ca:8b:f4:54:84:c7:b4:1e:57:
76:6f:f1:d8:82:f4:5d:16:ef:41:84:1f:84:c7:91:
a4:c8:84:3c:32:9f:87:1a:83:2e:de:5e:31:f9:32:
5a:b2:72:ef:1b:b1:79:0b:d0:53:0d:2c:ef:fc:99:
46:a4:8c:09:88:89:42:b0:62:92:71:93:5c:d5:e7:
ad:96:2a:cf:ae:4c:4b:5a:79:eb:c8:2c:df:80:26:
80:3e:15:50:6d:bb:54:0c:f1:22:a8:8e:ce:4b:8d:
a7:b0:d8:79:65:2f:bf:9d:f9:e7:d0:df:18:fa:13:
06:f3:69:25:5a:97:4f:f7:47:6a:14:b8:e9:e5:2b:
bb:e3:40:3a:b2:51:7b:73:90:6c:13:e8:36:17:fd:
73:0e:5a:0a:30:0f:9e:02:6a:18:fa:d1:33:22:68:
32:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:01:9B:A9:D9:A0:81:73:CF:BD:0B:90:FE:EB:C2:3E:F8:EF:D7:B8
X509v3 Authority Key Identifier:
keyid:D3:14:2D:F2:F6:70:94:0C:CF:5A:4B:27:A0:D0:C9:87:EC:C8:86:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0xQt8vZwlAzPWksnoNDJh-zIhlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ec39be-e227-4a2d-b4b2-632caeef4584/1/0xQt8vZwlAzPWksnoNDJh-zIhlY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ec39be-e227-4a2d-b4b2-632caeef4584/1/0xQt8vZwlAzPWksnoNDJh-zIhlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a4:ff:75:cb:71:c3:ff:14:8e:5d:26:80:ee:fe:a7:8d:b8:b5:
5c:f3:95:95:55:5b:5e:b8:9a:eb:a8:b4:f1:36:1b:2d:68:f3:
64:ed:fb:ce:52:0b:c4:30:2f:72:cc:30:a6:ba:1b:77:05:c2:
ef:5a:f1:93:00:02:4a:6b:a9:a5:bb:e2:14:db:a4:e6:ca:16:
60:00:5f:c9:0c:8e:ca:37:41:4e:ba:26:d7:be:3a:75:21:42:
81:4e:94:96:8f:fc:f0:2f:40:60:90:7d:be:b5:ae:50:f5:f8:
2e:27:7f:7c:fe:4c:57:8b:6d:8d:b1:10:b0:78:c8:35:79:49:
c7:b7:ba:2b:f9:ef:7f:7f:51:b9:cf:81:8d:06:54:0b:44:58:
44:95:9d:1c:c9:dc:8e:cc:36:ec:ca:cf:bd:53:73:3f:02:7f:
19:e4:37:48:c1:66:3b:0f:2d:72:5c:e7:a9:ca:26:2f:6b:6c:
eb:d5:56:da:22:bb:3f:60:8a:fd:98:b1:70:3f:ce:0c:11:3d:
11:cf:d3:6e:2f:00:8e:1c:31:e1:34:6f:a9:7c:08:d3:60:cd:
73:5c:e0:4c:9f:79:e4:9d:3b:3b:d1:fe:5d:6a:1c:31:cf:22:
d9:13:57:50:45:5c:16:d3:6b:8c:f3:30:e2:5f:c0:58:d5:f5:
4d:3f:4a:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNqwN73FbY9SSZk2igcwKOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMTQyZGYyZjY3MDk0MGNjZjVhNGIyN2EwZDBjOTg3ZWNj
ODg2NTYwHhcNMjUxMTA0MDcwMDQ0WhcNMjUxMTA1MDcwMDQ0WjAzMTEwLwYDVQQD
Eyg0MjAxOWJhOWQ5YTA4MTczY2ZiZDBiOTBmZWViYzIzZWY4ZWZkN2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfDwuaT4z02QeMvqd03tWvEu4yUn
sOoyhrQ9weoIUmf1mbUtoQBOA9RL3vZXqe0MJpSjg3lEDlsiqEvbhoQGXDLfsr+p
AXKdmfjHYRkMv7FwocmWrS7L1CHFbwE+l/fKi/RUhMe0Hld2b/HYgvRdFu9BhB+E
x5GkyIQ8Mp+HGoMu3l4x+TJasnLvG7F5C9BTDSzv/JlGpIwJiIlCsGKScZNc1eet
lirPrkxLWnnryCzfgCaAPhVQbbtUDPEiqI7OS42nsNh5ZS+/nfnn0N8Y+hMG82kl
WpdP90dqFLjp5Su740A6slF7c5BsE+g2F/1zDloKMA+eAmoY+tEzImgyTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEIBm6nZoIFzz70LkP7rwj7479e4MB8GA1UdIwQY
MBaAFNMULfL2cJQMz1pLJ6DQyYfsyIZWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHhRdDh2WndsQXpQV2tzbm9OREpoLXpJaGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9lYzM5YmUtZTIyNy00YTJkLWI0YjIt
NjMyY2FlZWY0NTg0LzEvMHhRdDh2WndsQXpQV2tzbm9OREpoLXpJaGxZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9lYzM5YmUtZTIyNy00YTJkLWI0YjItNjMyY2FlZWY0NTg0
LzEvMHhRdDh2WndsQXpQV2tzbm9OREpoLXpJaGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApP91y3HD
/xSOXSaA7v6njbi1XPOVlVVbXria66i08TYbLWjzZO37zlILxDAvcswwprobdwXC
71rxkwACSmuppbviFNuk5soWYABfyQyOyjdBTrom1746dSFCgU6Ulo/88C9AYJB9
vrWuUPX4Lid/fP5MV4ttjbEQsHjINXlJx7e6K/nvf39Ruc+BjQZUC0RYRJWdHMnc
jsw27MrPvVNzPwJ/GeQ3SMFmOw8tclznqcomL2ts69VW2iK7P2CK/ZixcD/ODBE9
Ec/Tbi8Ajhwx4TRvqXwI02DNc1zgTJ955J07O9H+XWocMc8i2RNXUEVcFtNrjPMw
4l/AWNX1TT9Kmg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:38:09 2025 by rpki-client