Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/eb31db-e654-491e-a141-91d50738d1e8/1/qsqNwMC5IbCJ8WAmGORVN5enR0I.mft
File: qsqNwMC5IbCJ8WAmGORVN5enR0I.mft (raw, json)
Hash identifier: KUmicDlO4rlD/nlhCKLSFwqMvbZdDeDNOq1DI9h8JXo=
Subject key identifier: D5:D1:2A:9D:D2:B2:8E:DE:3E:1D:4F:1B:C0:DF:59:58:76:43:DA:3A
Authority key identifier: AA:CA:8D:C0:C0:B9:21:B0:89:F1:60:26:18:E4:55:37:97:A7:47:42
Certificate issuer: /CN=aaca8dc0c0b921b089f1602618e4553797a74742
Certificate serial: 019A552D45B7266F20575080A7A17DCBC950
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qsqNwMC5IbCJ8WAmGORVN5enR0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/eb31db-e654-491e-a141-91d50738d1e8/1/qsqNwMC5IbCJ8WAmGORVN5enR0I.mft
Manifest number: 02B3
Signing time: Wed 05 Nov 2025 18:00:21 +0000
Manifest this update: Wed 05 Nov 2025 18:00:21 +0000
Manifest next update: Thu 06 Nov 2025 18:00:21 +0000
Files and hashes: 1: 0TAMfzKO6y7wTDVfhrp7A0vqejU.roa (hash: 3Yzu9IXvscc/7fQLVXNg8nKXbm7Wf5jZKKVCSByaB5U=)
2: qsqNwMC5IbCJ8WAmGORVN5enR0I.crl (hash: ITD33AyoMFAgVgSfS0Vy9rdR/EEll+9EWBAbA+gyFrg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/eb31db-e654-491e-a141-91d50738d1e8/1/qsqNwMC5IbCJ8WAmGORVN5enR0I.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/eb31db-e654-491e-a141-91d50738d1e8/1/qsqNwMC5IbCJ8WAmGORVN5enR0I.mft
rsync://rpki.ripe.net/repository/DEFAULT/qsqNwMC5IbCJ8WAmGORVN5enR0I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 18:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:55:2d:45:b7:26:6f:20:57:50:80:a7:a1:7d:cb:c9:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aaca8dc0c0b921b089f1602618e4553797a74742
Validity
Not Before: Nov 5 18:00:21 2025 GMT
Not After : Nov 6 18:00:21 2025 GMT
Subject: CN=d5d12a9dd2b28ede3e1d4f1bc0df59587643da3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:77:b6:54:30:ae:e9:30:25:b7:ad:f8:ff:cf:
67:62:71:7f:d5:bb:13:a6:79:c9:81:3e:fc:20:19:
a2:be:4f:42:59:54:a8:43:6a:ed:ff:76:39:e7:95:
f2:a2:df:e2:7e:16:e7:c4:9b:25:7c:fc:b0:08:ab:
2a:de:1c:e4:35:4a:d7:e7:77:06:84:d3:94:41:0c:
3d:15:27:20:24:18:52:15:85:d8:61:8b:e1:e9:c7:
f1:30:2f:20:f0:fb:10:b1:ea:b1:39:c8:d0:34:bb:
28:05:77:b4:80:6e:47:de:11:af:b1:48:a7:ef:2c:
58:c9:f7:4c:c7:3a:1d:4e:7f:16:39:22:07:fe:0e:
89:0b:01:a2:03:ca:ce:97:dc:d3:4c:60:84:f0:ce:
e9:ba:65:cc:d7:ca:88:69:a9:a5:19:91:ee:47:4d:
55:d1:80:c1:3c:41:62:77:35:4d:43:bb:cb:04:95:
f2:46:8e:85:92:6a:f1:ed:e6:d8:01:53:37:67:fc:
d1:63:a5:8b:2a:36:6f:56:11:52:73:cc:47:03:38:
9d:d6:57:fb:21:67:a3:ba:4e:ed:a8:87:6a:f8:1e:
ef:54:3d:5a:cb:fc:76:18:b0:b9:df:34:38:fb:9b:
99:4a:86:3a:e7:87:f7:f8:e8:21:c2:79:9e:45:a2:
03:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:D1:2A:9D:D2:B2:8E:DE:3E:1D:4F:1B:C0:DF:59:58:76:43:DA:3A
X509v3 Authority Key Identifier:
keyid:AA:CA:8D:C0:C0:B9:21:B0:89:F1:60:26:18:E4:55:37:97:A7:47:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qsqNwMC5IbCJ8WAmGORVN5enR0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/eb31db-e654-491e-a141-91d50738d1e8/1/qsqNwMC5IbCJ8WAmGORVN5enR0I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/eb31db-e654-491e-a141-91d50738d1e8/1/qsqNwMC5IbCJ8WAmGORVN5enR0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6a:1b:28:95:5c:35:77:d5:8a:b2:c7:76:d1:bc:19:86:05:e2:
4e:26:0d:b0:7e:f0:09:bd:d1:91:1f:ff:cf:c3:50:38:1b:02:
c9:5a:ab:56:bc:96:1a:da:6f:fe:e2:92:c5:b5:a5:1b:5b:76:
c9:6b:47:f2:96:72:aa:a2:54:19:70:53:61:13:1d:96:a0:0b:
29:30:8b:99:39:55:60:b4:b7:96:40:1c:62:07:12:61:3a:71:
86:61:7e:c4:ce:e9:50:e4:ba:79:10:9c:2c:7c:78:62:9d:4c:
45:41:b4:20:01:24:13:ab:f6:72:6e:1e:f7:5d:ba:86:59:25:
6e:82:7b:c8:31:5b:e2:06:5a:64:a1:a6:60:c3:0b:84:ea:41:
8f:0d:f7:3c:a1:ce:a6:54:83:2b:87:20:05:46:9f:6d:6d:c3:
52:57:ed:b8:1f:76:62:4a:f9:fd:c2:0b:50:5d:f3:50:c7:3d:
ab:b7:8d:c8:b7:86:89:2f:23:bb:90:d8:46:71:70:53:cb:47:
08:7e:b8:9b:3a:b3:1a:5b:77:3b:08:d6:a2:23:6d:5d:50:6d:
34:8a:b9:48:95:65:3f:8b:02:21:d2:01:20:7b:00:2d:5d:af:
7b:90:8f:f5:27:2c:72:ef:26:4c:d2:ab:1c:b3:5c:f1:58:fb:
5a:0f:01:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpVLUW3Jm8gV1CAp6F9y8lQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhY2E4ZGMwYzBiOTIxYjA4OWYxNjAyNjE4ZTQ1NTM3OTdh
NzQ3NDIwHhcNMjUxMTA1MTgwMDIxWhcNMjUxMTA2MTgwMDIxWjAzMTEwLwYDVQQD
EyhkNWQxMmE5ZGQyYjI4ZWRlM2UxZDRmMWJjMGRmNTk1ODc2NDNkYTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3e2VDCu6TAlt634/89nYnF/1bsT
pnnJgT78IBmivk9CWVSoQ2rt/3Y555Xyot/ifhbnxJslfPywCKsq3hzkNUrX53cG
hNOUQQw9FScgJBhSFYXYYYvh6cfxMC8g8PsQseqxOcjQNLsoBXe0gG5H3hGvsUin
7yxYyfdMxzodTn8WOSIH/g6JCwGiA8rOl9zTTGCE8M7pumXM18qIaamlGZHuR01V
0YDBPEFidzVNQ7vLBJXyRo6Fkmrx7ebYAVM3Z/zRY6WLKjZvVhFSc8xHAzid1lf7
IWejuk7tqIdq+B7vVD1ay/x2GLC53zQ4+5uZSoY654f3+OghwnmeRaIDDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNXRKp3Sso7ePh1PG8DfWVh2Q9o6MB8GA1UdIwQY
MBaAFKrKjcDAuSGwifFgJhjkVTeXp0dCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXNxTndNQzVJYkNKOFdBbUdPUlZONWVuUjBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9lYjMxZGItZTY1NC00OTFlLWExNDEt
OTFkNTA3MzhkMWU4LzEvcXNxTndNQzVJYkNKOFdBbUdPUlZONWVuUjBJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9lYjMxZGItZTY1NC00OTFlLWExNDEtOTFkNTA3MzhkMWU4
LzEvcXNxTndNQzVJYkNKOFdBbUdPUlZONWVuUjBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAahsolVw1
d9WKssd20bwZhgXiTiYNsH7wCb3RkR//z8NQOBsCyVqrVryWGtpv/uKSxbWlG1t2
yWtH8pZyqqJUGXBTYRMdlqALKTCLmTlVYLS3lkAcYgcSYTpxhmF+xM7pUOS6eRCc
LHx4Yp1MRUG0IAEkE6v2cm4e9126hlklboJ7yDFb4gZaZKGmYMMLhOpBjw33PKHO
plSDK4cgBUafbW3DUlftuB92Ykr5/cILUF3zUMc9q7eNyLeGiS8ju5DYRnFwU8tH
CH64mzqzGlt3OwjWoiNtXVBtNIq5SJVlP4sCIdIBIHsALV2ve5CP9Scscu8mTNKr
HLNc8Vj7Wg8BoA==
-----END CERTIFICATE-----
Generated at Thu Nov 6 00:36:28 2025 by rpki-client