Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft
File: q53IX5TKZH3g22TXTTE5lHzESbo.mft (raw, json)
Hash identifier: yYvQoTmg1NdUgCezN9B0aJbawwth9aB870+sZ47++nA=
Subject key identifier: F8:70:03:A3:05:2A:AD:38:89:94:E7:ED:24:31:26:23:86:F9:E1:91
Authority key identifier: AB:9D:C8:5F:94:CA:64:7D:E0:DB:64:D7:4D:31:39:94:7C:C4:49:BA
Certificate issuer: /CN=ab9dc85f94ca647de0db64d74d3139947cc449ba
Certificate serial: 019A4D73B6004025800F63581CA88B2F05B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q53IX5TKZH3g22TXTTE5lHzESbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft
Manifest number: 13F9
Signing time: Tue 04 Nov 2025 06:00:20 +0000
Manifest this update: Tue 04 Nov 2025 06:00:20 +0000
Manifest next update: Wed 05 Nov 2025 06:00:20 +0000
Files and hashes: 1: 3U4MivbAgZFFTzpri9v9qzr-9Dg.roa (hash: OpxoqQJPTPV/7nPesTeS09o0jfmFmQcqEJLqODzVTIM=)
2: q53IX5TKZH3g22TXTTE5lHzESbo.crl (hash: bI2dQ//7cCHyjQA+IwHOWv1dgz3ssOd9s7KfpBZf280=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft
rsync://rpki.ripe.net/repository/DEFAULT/q53IX5TKZH3g22TXTTE5lHzESbo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 06:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:73:b6:00:40:25:80:0f:63:58:1c:a8:8b:2f:05:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab9dc85f94ca647de0db64d74d3139947cc449ba
Validity
Not Before: Nov 4 06:00:20 2025 GMT
Not After : Nov 5 06:00:20 2025 GMT
Subject: CN=f87003a3052aad388994e7ed2431262386f9e191
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:95:ca:19:57:27:4c:2b:70:85:3b:26:d2:13:
5c:b1:32:da:cf:f5:23:85:da:69:1a:bb:1d:20:12:
70:4b:f9:8d:bf:7a:9d:01:35:dd:fd:c6:0d:36:91:
12:e0:78:38:4b:96:36:c6:dc:44:4a:da:ed:54:32:
4f:55:72:bf:98:53:3f:94:32:61:25:9e:86:51:34:
94:78:d0:3a:bc:a1:c8:30:3b:ed:44:de:84:47:99:
4e:0d:3d:74:ed:20:8d:93:20:25:d6:d5:f5:e8:20:
af:b6:d8:19:a2:51:d5:50:da:87:8b:9d:38:d1:b5:
ca:20:9e:e2:25:36:01:b9:66:0d:bd:5c:66:7c:75:
02:23:93:ba:e0:eb:6e:38:ee:d5:26:7f:1c:ac:e2:
62:6f:16:cc:c8:a1:0b:13:38:db:65:ee:b0:5c:f6:
f6:b3:e8:98:4e:27:10:e6:81:68:2e:e1:82:7e:60:
a6:a5:49:33:4b:68:f0:15:33:ed:ac:20:6a:21:a7:
32:2d:db:0f:e7:cd:f1:7f:1f:69:82:96:20:d0:0b:
3f:71:fd:3f:1c:f0:01:13:75:8a:6b:64:10:80:f5:
1a:c3:94:cf:d1:28:93:a9:4a:68:8e:75:df:36:dd:
5b:cb:cc:8f:ea:1a:ca:7c:2b:31:3c:72:42:2c:8f:
a4:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:70:03:A3:05:2A:AD:38:89:94:E7:ED:24:31:26:23:86:F9:E1:91
X509v3 Authority Key Identifier:
keyid:AB:9D:C8:5F:94:CA:64:7D:E0:DB:64:D7:4D:31:39:94:7C:C4:49:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q53IX5TKZH3g22TXTTE5lHzESbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4f:a3:76:e0:4f:54:39:4f:7a:1d:74:fb:98:86:5e:83:e2:59:
a8:fb:56:28:7e:e6:ca:fd:e2:3d:d2:e4:28:98:7d:1c:ef:3f:
d8:e5:91:c3:e6:c4:bf:a7:ad:18:7c:7c:2f:41:19:68:ae:c8:
d9:b1:9a:43:4d:ea:df:0d:70:77:bb:0d:93:7e:4b:e3:80:76:
64:33:74:ee:75:d7:bd:4e:a9:b2:d7:8b:dc:36:b8:f6:69:f0:
8a:65:92:e2:a9:bf:b6:e5:9d:a9:9e:e6:4d:6d:ec:b3:98:fb:
e4:65:1e:54:f9:b4:68:36:98:28:34:f7:67:e7:a3:b6:ae:b2:
61:19:66:07:96:87:d0:48:de:80:f5:24:7b:96:c0:49:63:ba:
bc:ef:3d:6b:f3:2e:18:23:34:e8:d3:df:07:19:45:e4:d4:06:
3a:d1:ed:c2:0f:96:52:bb:8d:62:85:10:8d:e1:09:ba:53:f5:
cb:19:e4:08:70:c5:f8:f5:67:b4:bc:b2:7d:a2:e7:fd:ac:f8:
1b:0f:40:ab:75:3c:ff:84:76:c4:47:bc:25:a2:8c:6d:ee:6f:
a2:0d:25:a1:58:08:37:50:65:aa:d0:da:aa:3b:49:8e:07:a3:
8a:a1:00:0a:23:fb:0c:6e:55:62:00:09:46:23:60:c8:bd:6f:
d5:f3:f2:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNc7YAQCWAD2NYHKiLLwWxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiOWRjODVmOTRjYTY0N2RlMGRiNjRkNzRkMzEzOTk0N2Nj
NDQ5YmEwHhcNMjUxMTA0MDYwMDIwWhcNMjUxMTA1MDYwMDIwWjAzMTEwLwYDVQQD
EyhmODcwMDNhMzA1MmFhZDM4ODk5NGU3ZWQyNDMxMjYyMzg2ZjllMTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpXKGVcnTCtwhTsm0hNcsTLaz/Uj
hdppGrsdIBJwS/mNv3qdATXd/cYNNpES4Hg4S5Y2xtxEStrtVDJPVXK/mFM/lDJh
JZ6GUTSUeNA6vKHIMDvtRN6ER5lODT107SCNkyAl1tX16CCvttgZolHVUNqHi504
0bXKIJ7iJTYBuWYNvVxmfHUCI5O64OtuOO7VJn8crOJibxbMyKELEzjbZe6wXPb2
s+iYTicQ5oFoLuGCfmCmpUkzS2jwFTPtrCBqIacyLdsP583xfx9pgpYg0As/cf0/
HPABE3WKa2QQgPUaw5TP0SiTqUpojnXfNt1by8yP6hrKfCsxPHJCLI+knQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPhwA6MFKq04iZTn7SQxJiOG+eGRMB8GA1UdIwQY
MBaAFKudyF+UymR94Ntk100xOZR8xEm6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTUzSVg1VEtaSDNnMjJUWFRURTVsSHpFU2JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy85YzgzYTUtM2E5YS00NzE1LTliMTYt
NDA0NjMyNDk3MGFmLzEvcTUzSVg1VEtaSDNnMjJUWFRURTVsSHpFU2JvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy85YzgzYTUtM2E5YS00NzE1LTliMTYtNDA0NjMyNDk3MGFm
LzEvcTUzSVg1VEtaSDNnMjJUWFRURTVsSHpFU2JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT6N24E9U
OU96HXT7mIZeg+JZqPtWKH7myv3iPdLkKJh9HO8/2OWRw+bEv6etGHx8L0EZaK7I
2bGaQ03q3w1wd7sNk35L44B2ZDN07nXXvU6psteL3Da49mnwimWS4qm/tuWdqZ7m
TW3ss5j75GUeVPm0aDaYKDT3Z+ejtq6yYRlmB5aH0EjegPUke5bASWO6vO89a/Mu
GCM06NPfBxlF5NQGOtHtwg+WUruNYoUQjeEJulP1yxnkCHDF+PVntLyyfaLn/az4
Gw9Aq3U8/4R2xEe8JaKMbe5vog0loVgIN1BlqtDaqjtJjgejiqEACiP7DG5VYgAJ
RiNgyL1v1fPykA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 10:46:32 2025 by rpki-client