Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3b3215-5721-4345-841b-2ad9308f1f6c/1/Qkq4x890A7ViChuBPmrR2g2stE0.mft
File: Qkq4x890A7ViChuBPmrR2g2stE0.mft (raw, json)
Hash identifier: 4FBRy/KoeuI45yqytxGoly26dXq0nNPy/f+uD3iBo6g=
Subject key identifier: 45:57:97:EA:24:B6:9A:CB:DC:EF:C3:AA:EB:16:0F:B2:47:43:CD:FA
Authority key identifier: 42:4A:B8:C7:CF:74:03:B5:62:0A:1B:81:3E:6A:D1:DA:0D:AC:B4:4D
Certificate issuer: /CN=424ab8c7cf7403b5620a1b813e6ad1da0dacb44d
Certificate serial: 019A4EF3FB266B433220A5421505E120C533
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qkq4x890A7ViChuBPmrR2g2stE0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/3b3215-5721-4345-841b-2ad9308f1f6c/1/Qkq4x890A7ViChuBPmrR2g2stE0.mft
Manifest number: 170F
Signing time: Tue 04 Nov 2025 13:00:03 +0000
Manifest this update: Tue 04 Nov 2025 13:00:03 +0000
Manifest next update: Wed 05 Nov 2025 13:00:03 +0000
Files and hashes: 1: MCPNj8vuGzZknoWdqGIIivLkJGU.roa (hash: 4hhwQet2SGHC4RmJ2ByvcZIanR2/yV/AqfOhLRjbUPM=)
2: Qkq4x890A7ViChuBPmrR2g2stE0.crl (hash: jbrRTqIgYDz4LF+dqlvHldQGqEh08Htsj7ZjTKe8k9s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/3b3215-5721-4345-841b-2ad9308f1f6c/1/Qkq4x890A7ViChuBPmrR2g2stE0.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/3b3215-5721-4345-841b-2ad9308f1f6c/1/Qkq4x890A7ViChuBPmrR2g2stE0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Qkq4x890A7ViChuBPmrR2g2stE0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f3:fb:26:6b:43:32:20:a5:42:15:05:e1:20:c5:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=424ab8c7cf7403b5620a1b813e6ad1da0dacb44d
Validity
Not Before: Nov 4 13:00:03 2025 GMT
Not After : Nov 5 13:00:03 2025 GMT
Subject: CN=455797ea24b69acbdcefc3aaeb160fb24743cdfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:79:11:ec:a7:b3:31:54:3d:08:9f:3b:26:b2:
ae:b0:3a:61:ed:ce:ed:17:93:e1:c7:e8:9c:cb:0a:
45:8b:f3:ed:a5:05:97:51:2a:39:b9:a3:02:7c:72:
64:6c:43:b6:d5:b1:44:1f:70:60:26:0a:8f:c9:ab:
68:bd:af:6e:b2:2e:d5:eb:8e:64:43:28:fd:e5:31:
42:74:51:8e:05:27:c1:ee:be:fa:29:11:50:30:3d:
87:37:c1:96:8b:b4:d7:aa:28:26:49:9b:08:3d:c3:
5f:59:89:e3:92:0e:56:9c:7b:fa:d4:8d:25:de:17:
5a:d2:a8:f7:4b:1b:15:cb:df:a0:0b:c4:b1:68:35:
19:5d:57:6e:63:ea:79:57:45:f2:28:55:cd:e2:c0:
ea:ec:ae:5f:d5:84:04:9d:4e:35:98:41:8e:6d:c9:
91:4e:c7:d7:92:9c:40:2b:77:90:7a:e2:46:08:5f:
4e:83:cc:1d:ee:af:9a:34:7c:4c:f2:8f:30:c1:c7:
d8:62:70:01:72:08:50:99:3f:70:9b:bb:ee:56:56:
13:b6:07:51:01:c1:bb:60:71:44:bf:6b:0b:dd:bf:
28:9d:be:50:e1:a6:22:e9:9f:3b:62:fc:2e:cb:e9:
34:3f:80:c3:34:fa:29:aa:e0:29:51:8c:2a:37:e4:
d7:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:57:97:EA:24:B6:9A:CB:DC:EF:C3:AA:EB:16:0F:B2:47:43:CD:FA
X509v3 Authority Key Identifier:
keyid:42:4A:B8:C7:CF:74:03:B5:62:0A:1B:81:3E:6A:D1:DA:0D:AC:B4:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qkq4x890A7ViChuBPmrR2g2stE0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3b3215-5721-4345-841b-2ad9308f1f6c/1/Qkq4x890A7ViChuBPmrR2g2stE0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3b3215-5721-4345-841b-2ad9308f1f6c/1/Qkq4x890A7ViChuBPmrR2g2stE0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
04:d4:e0:a6:8b:21:9d:d2:85:c1:a2:ef:64:67:a5:75:db:b6:
30:06:c2:40:b5:ed:c2:49:2c:ca:b9:a7:5b:50:09:83:17:2f:
36:f7:bc:78:d1:9f:d5:d9:d0:b2:a7:12:09:12:1a:b0:9e:7a:
da:88:a3:f7:55:fd:cf:ae:48:d6:9d:2d:6f:bf:f0:bb:f6:96:
8a:27:0c:34:7c:06:da:64:f7:f5:4f:0e:05:27:cc:86:c6:39:
9b:23:69:fd:0f:cd:ee:53:71:88:29:2b:37:6e:b1:4b:86:e8:
80:c2:88:fc:42:43:19:a2:da:7a:4e:6a:68:aa:da:5e:3b:44:
46:eb:c8:41:93:ca:46:e3:89:cb:ea:ac:86:82:70:66:fc:45:
89:c0:ff:b6:1c:60:2e:3d:87:b6:81:b9:f5:a6:cd:0a:be:49:
39:1d:94:b7:61:ca:ac:54:03:56:05:b9:0c:78:7a:d6:34:6e:
5a:33:db:3b:ef:41:ed:59:1f:94:ce:dc:4e:b1:93:97:77:35:
e6:f1:b5:12:b7:95:7f:d4:fa:2f:73:85:7f:53:0c:d6:f0:08:
ea:db:02:cc:a2:75:46:44:8d:77:eb:ed:93:2b:b7:a7:a7:96:
35:9c:0e:dc:dd:cf:8a:6b:b9:70:e3:6e:97:e3:12:ba:1f:fa:
a4:91:db:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO8/sma0MyIKVCFQXhIMUzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyNGFiOGM3Y2Y3NDAzYjU2MjBhMWI4MTNlNmFkMWRhMGRh
Y2I0NGQwHhcNMjUxMTA0MTMwMDAzWhcNMjUxMTA1MTMwMDAzWjAzMTEwLwYDVQQD
Eyg0NTU3OTdlYTI0YjY5YWNiZGNlZmMzYWFlYjE2MGZiMjQ3NDNjZGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHkR7KezMVQ9CJ87JrKusDph7c7t
F5Phx+icywpFi/PtpQWXUSo5uaMCfHJkbEO21bFEH3BgJgqPyatova9usi7V645k
Qyj95TFCdFGOBSfB7r76KRFQMD2HN8GWi7TXqigmSZsIPcNfWYnjkg5WnHv61I0l
3hda0qj3SxsVy9+gC8SxaDUZXVduY+p5V0XyKFXN4sDq7K5f1YQEnU41mEGObcmR
TsfXkpxAK3eQeuJGCF9Og8wd7q+aNHxM8o8wwcfYYnABcghQmT9wm7vuVlYTtgdR
AcG7YHFEv2sL3b8onb5Q4aYi6Z87Yvwuy+k0P4DDNPopquApUYwqN+TXpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEVXl+oktprL3O/DqusWD7JHQ836MB8GA1UdIwQY
MBaAFEJKuMfPdAO1YgobgT5q0doNrLRNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWtxNHg4OTBBN1ZpQ2h1QlBtclIyZzJzdEUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zYjMyMTUtNTcyMS00MzQ1LTg0MWIt
MmFkOTMwOGYxZjZjLzEvUWtxNHg4OTBBN1ZpQ2h1QlBtclIyZzJzdEUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zYjMyMTUtNTcyMS00MzQ1LTg0MWItMmFkOTMwOGYxZjZj
LzEvUWtxNHg4OTBBN1ZpQ2h1QlBtclIyZzJzdEUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABNTgposh
ndKFwaLvZGelddu2MAbCQLXtwkksyrmnW1AJgxcvNve8eNGf1dnQsqcSCRIasJ56
2oij91X9z65I1p0tb7/wu/aWiicMNHwG2mT39U8OBSfMhsY5myNp/Q/N7lNxiCkr
N26xS4bogMKI/EJDGaLaek5qaKraXjtERuvIQZPKRuOJy+qshoJwZvxFicD/thxg
Lj2HtoG59abNCr5JOR2Ut2HKrFQDVgW5DHh61jRuWjPbO+9B7VkflM7cTrGTl3c1
5vG1EreVf9T6L3OFf1MM1vAI6tsCzKJ1RkSNd+vtkyu3p6eWNZwO3N3Pimu5cONu
l+MSuh/6pJHbJA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:14:22 2025 by rpki-client