Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3f9619-4bd0-4aba-90e2-7c3f8c40c510/1/q9lqrojvmbTVDknsrpyuSPN4gfc.mft
File: q9lqrojvmbTVDknsrpyuSPN4gfc.mft (raw, json)
Hash identifier: FIcydCunQmlat3+w4dK25+t2pBxB/g/74vWvBWdiZ2o=
Subject key identifier: 3B:CA:D4:63:C2:0C:DB:44:0A:AF:F0:BE:F7:5D:BC:06:EF:CE:8B:5C
Authority key identifier: AB:D9:6A:AE:88:EF:99:B4:D5:0E:49:EC:AE:9C:AE:48:F3:78:81:F7
Certificate issuer: /CN=abd96aae88ef99b4d50e49ecae9cae48f37881f7
Certificate serial: 019A4E866B37D9FDE1D1AFFC426C6A6B7607
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q9lqrojvmbTVDknsrpyuSPN4gfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/3f9619-4bd0-4aba-90e2-7c3f8c40c510/1/q9lqrojvmbTVDknsrpyuSPN4gfc.mft
Manifest number: 035B
Signing time: Tue 04 Nov 2025 11:00:23 +0000
Manifest this update: Tue 04 Nov 2025 11:00:23 +0000
Manifest next update: Wed 05 Nov 2025 11:00:23 +0000
Files and hashes: 1: jOBsmTZZQR2oFpHPynuOSfcKlhQ.roa (hash: HS2UqrHXUPTUg04Ke/uHXIU8tldEPiGgxWt1zu5k5H0=)
2: q9lqrojvmbTVDknsrpyuSPN4gfc.crl (hash: E/GRxtsmYiFzfL/t2vEDCphRd+SY1kXzx449Gy/tzbs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/3f9619-4bd0-4aba-90e2-7c3f8c40c510/1/q9lqrojvmbTVDknsrpyuSPN4gfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/3f9619-4bd0-4aba-90e2-7c3f8c40c510/1/q9lqrojvmbTVDknsrpyuSPN4gfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/q9lqrojvmbTVDknsrpyuSPN4gfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:86:6b:37:d9:fd:e1:d1:af:fc:42:6c:6a:6b:76:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abd96aae88ef99b4d50e49ecae9cae48f37881f7
Validity
Not Before: Nov 4 11:00:23 2025 GMT
Not After : Nov 5 11:00:23 2025 GMT
Subject: CN=3bcad463c20cdb440aaff0bef75dbc06efce8b5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:55:b3:c6:e8:54:18:e5:2d:d5:c6:d8:84:86:
8e:35:12:ae:d4:ad:6e:0a:07:64:c9:63:94:40:60:
b7:0c:e7:6b:20:b5:94:93:55:25:84:5b:ba:8a:ba:
94:5d:dd:b6:5e:2a:ce:1d:86:29:38:51:36:a9:65:
a4:9f:4c:63:a6:5c:33:8a:8b:2c:8e:25:15:77:1a:
f8:06:55:3d:f7:11:4b:55:1d:a6:77:c6:0b:eb:43:
44:56:d3:d1:c2:13:a5:08:6e:b7:df:62:b8:b3:e5:
e3:f3:7b:73:e2:97:7a:74:6e:a1:41:8e:70:87:d4:
3c:b8:f6:82:06:af:f5:dc:ed:e3:9e:24:eb:d0:0b:
87:4b:81:26:65:7c:5f:85:11:26:27:7a:69:04:82:
12:bc:96:7b:3f:66:bb:78:e6:30:c0:e3:d0:e8:29:
09:18:1a:1b:ce:47:cf:e0:41:68:f5:f3:ff:f1:4c:
81:3f:d0:f5:17:33:b5:6c:51:09:29:78:89:6a:10:
e4:73:8e:e6:8f:24:3f:a5:33:d6:60:8c:77:d8:de:
74:b8:9f:9b:f9:63:be:e7:88:b6:73:b7:3e:c4:44:
f1:59:bf:d8:7b:07:0d:85:41:4d:cf:4b:49:f4:d8:
f2:70:5a:b8:65:33:d5:95:76:85:33:67:52:99:a7:
03:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:CA:D4:63:C2:0C:DB:44:0A:AF:F0:BE:F7:5D:BC:06:EF:CE:8B:5C
X509v3 Authority Key Identifier:
keyid:AB:D9:6A:AE:88:EF:99:B4:D5:0E:49:EC:AE:9C:AE:48:F3:78:81:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q9lqrojvmbTVDknsrpyuSPN4gfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3f9619-4bd0-4aba-90e2-7c3f8c40c510/1/q9lqrojvmbTVDknsrpyuSPN4gfc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3f9619-4bd0-4aba-90e2-7c3f8c40c510/1/q9lqrojvmbTVDknsrpyuSPN4gfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0a:a3:01:6f:d7:59:82:28:4a:bb:60:e8:15:d1:85:69:f6:e8:
34:72:6f:3e:a3:ec:6a:11:8d:2c:4e:3d:ac:2c:c4:4b:6c:a3:
4d:65:f6:18:fb:7e:d1:be:af:df:26:8f:4f:d3:36:39:35:74:
46:1c:e8:10:d2:08:66:f2:33:29:6f:2a:a0:4f:d2:10:fe:e9:
c6:36:28:03:2e:6d:43:8b:d8:88:9a:63:c9:a0:bb:10:2a:f8:
1e:9f:d6:0f:43:f5:67:ad:18:f5:12:a6:19:94:0c:a8:e3:d2:
30:69:93:13:22:a9:da:e0:a5:24:6d:41:ee:19:01:da:36:64:
6c:17:09:2a:e5:6a:71:89:2d:f1:c5:80:48:d0:dd:b8:b6:67:
59:02:30:f6:ab:c7:b9:74:25:4a:71:81:41:c5:e0:e5:57:1b:
26:28:a2:7f:64:75:4c:9f:69:62:ef:75:77:6c:5c:ce:a5:8c:
48:17:63:fc:ca:2e:c6:df:3b:96:5b:21:65:09:74:b4:dd:ba:
c3:74:38:cb:93:26:78:34:95:ab:ec:fd:28:9c:8b:5b:82:16:
39:66:e3:c7:6c:07:18:82:ca:22:1a:e1:30:3a:ce:dd:c6:a5:
ef:6b:be:26:38:5d:5f:cd:b8:69:71:b4:36:5b:6d:cc:d3:63:
50:e7:f0:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOhms32f3h0a/8Qmxqa3YHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiZDk2YWFlODhlZjk5YjRkNTBlNDllY2FlOWNhZTQ4ZjM3
ODgxZjcwHhcNMjUxMTA0MTEwMDIzWhcNMjUxMTA1MTEwMDIzWjAzMTEwLwYDVQQD
EygzYmNhZDQ2M2MyMGNkYjQ0MGFhZmYwYmVmNzVkYmMwNmVmY2U4YjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAilWzxuhUGOUt1cbYhIaONRKu1K1u
CgdkyWOUQGC3DOdrILWUk1UlhFu6irqUXd22XirOHYYpOFE2qWWkn0xjplwzioss
jiUVdxr4BlU99xFLVR2md8YL60NEVtPRwhOlCG6332K4s+Xj83tz4pd6dG6hQY5w
h9Q8uPaCBq/13O3jniTr0AuHS4EmZXxfhREmJ3ppBIISvJZ7P2a7eOYwwOPQ6CkJ
GBobzkfP4EFo9fP/8UyBP9D1FzO1bFEJKXiJahDkc47mjyQ/pTPWYIx32N50uJ+b
+WO+54i2c7c+xETxWb/YewcNhUFNz0tJ9NjycFq4ZTPVlXaFM2dSmacDqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDvK1GPCDNtECq/wvvddvAbvzotcMB8GA1UdIwQY
MBaAFKvZaq6I75m01Q5J7K6crkjzeIH3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTlscXJvanZtYlRWRGtuc3JweXVTUE40Z2ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zZjk2MTktNGJkMC00YWJhLTkwZTIt
N2MzZjhjNDBjNTEwLzEvcTlscXJvanZtYlRWRGtuc3JweXVTUE40Z2ZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zZjk2MTktNGJkMC00YWJhLTkwZTItN2MzZjhjNDBjNTEw
LzEvcTlscXJvanZtYlRWRGtuc3JweXVTUE40Z2ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACqMBb9dZ
gihKu2DoFdGFafboNHJvPqPsahGNLE49rCzES2yjTWX2GPt+0b6v3yaPT9M2OTV0
RhzoENIIZvIzKW8qoE/SEP7pxjYoAy5tQ4vYiJpjyaC7ECr4Hp/WD0P1Z60Y9RKm
GZQMqOPSMGmTEyKp2uClJG1B7hkB2jZkbBcJKuVqcYkt8cWASNDduLZnWQIw9qvH
uXQlSnGBQcXg5VcbJiiif2R1TJ9pYu91d2xczqWMSBdj/Mouxt87llshZQl0tN26
w3Q4y5MmeDSVq+z9KJyLW4IWOWbjx2wHGILKIhrhMDrO3cal72u+JjhdX824aXG0
NlttzNNjUOfwyg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:15:25 2025 by rpki-client