Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/56d490-0196-45ac-83eb-c3297129e4d3/1/KQhfxTTBPgiC4mColfPPDFVD7wg.mft
File: KQhfxTTBPgiC4mColfPPDFVD7wg.mft (raw, json)
Hash identifier: DsiUObMDKLEp/1MhuKtBmmK0tDNeLy4xu19Z/gPl7UU=
Subject key identifier: 60:42:52:5F:29:CB:51:E8:88:70:35:9B:C5:D5:74:11:B6:5A:95:79
Authority key identifier: 29:08:5F:C5:34:C1:3E:08:82:E2:60:A8:95:F3:CF:0C:55:43:EF:08
Certificate issuer: /CN=29085fc534c13e0882e260a895f3cf0c5543ef08
Certificate serial: 019A51BEBA18C9C8BC98F1514DAF77E60F8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQhfxTTBPgiC4mColfPPDFVD7wg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/56d490-0196-45ac-83eb-c3297129e4d3/1/KQhfxTTBPgiC4mColfPPDFVD7wg.mft
Manifest number: 0684
Signing time: Wed 05 Nov 2025 02:00:45 +0000
Manifest this update: Wed 05 Nov 2025 02:00:45 +0000
Manifest next update: Thu 06 Nov 2025 02:00:45 +0000
Files and hashes: 1: 7maLWxU6IkDM2FmAqNdy7l2m8vA.roa (hash: hXSJo4W1y0TIt55yVm6o0sEdz9TFsi3M02ghZ52Dqcs=)
2: KQhfxTTBPgiC4mColfPPDFVD7wg.crl (hash: 3l4xRJpMJMfN3WbHIAUwboN+qpDHqB+0oao3fO1fPkI=)
3: qf1_Wz1js3xh5T6fOQssL748W8Y.roa (hash: LIiJDjtWI/OSM/oOUeypQGPeFD9dNyCQffUSuaGgb/s=)
4: uhoFt9UL3_6UT-K7hdXHNLEPe6w.roa (hash: ABkAtvRZwRy7ibQa3d8iTzWCloU1O/vDLYDZwO5edyc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/56d490-0196-45ac-83eb-c3297129e4d3/1/KQhfxTTBPgiC4mColfPPDFVD7wg.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/56d490-0196-45ac-83eb-c3297129e4d3/1/KQhfxTTBPgiC4mColfPPDFVD7wg.mft
rsync://rpki.ripe.net/repository/DEFAULT/KQhfxTTBPgiC4mColfPPDFVD7wg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:51:be:ba:18:c9:c8:bc:98:f1:51:4d:af:77:e6:0f:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29085fc534c13e0882e260a895f3cf0c5543ef08
Validity
Not Before: Nov 5 02:00:45 2025 GMT
Not After : Nov 6 02:00:45 2025 GMT
Subject: CN=6042525f29cb51e88870359bc5d57411b65a9579
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:16:d7:88:f9:5f:14:53:ca:8b:f4:b1:01:c0:
fb:24:29:7f:61:c2:1a:a7:dd:45:36:09:15:aa:ad:
d0:bd:9c:3c:ee:07:ef:18:0c:2a:b3:1a:75:b2:5d:
f3:70:06:3d:1e:84:7d:8e:49:84:2c:bd:6b:31:cf:
be:22:d9:24:52:6c:d5:ab:5d:5f:96:b5:44:b9:ee:
13:82:8f:31:0a:09:4d:37:08:0a:2a:39:c7:d3:c8:
2f:3d:e2:e3:77:7b:4b:8c:45:df:c6:cb:b8:13:af:
79:23:ae:90:90:1f:2f:bb:82:86:0b:ed:c6:12:d5:
6d:77:a0:04:33:0e:c4:f0:ed:08:c2:1a:7e:b5:6a:
f8:80:da:d9:47:d8:c0:6f:d5:48:69:60:69:e9:c1:
fb:27:ba:9a:96:03:5d:18:73:21:fc:6d:81:57:d4:
54:ef:74:8f:7d:19:97:3a:b7:9b:e7:20:dd:e3:b0:
a4:0e:16:71:b3:ba:1e:3f:3e:4f:80:91:52:e2:6a:
84:3c:7b:e3:7c:ee:55:2a:0e:48:94:07:92:b5:f9:
48:91:bc:a2:de:b8:b5:23:0f:f2:97:27:4e:ac:09:
ac:ea:4e:43:b4:07:36:56:37:7d:76:9f:02:17:0e:
42:1f:0a:44:5b:e8:66:8c:20:07:08:c2:55:5a:70:
91:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:42:52:5F:29:CB:51:E8:88:70:35:9B:C5:D5:74:11:B6:5A:95:79
X509v3 Authority Key Identifier:
keyid:29:08:5F:C5:34:C1:3E:08:82:E2:60:A8:95:F3:CF:0C:55:43:EF:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQhfxTTBPgiC4mColfPPDFVD7wg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/56d490-0196-45ac-83eb-c3297129e4d3/1/KQhfxTTBPgiC4mColfPPDFVD7wg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/56d490-0196-45ac-83eb-c3297129e4d3/1/KQhfxTTBPgiC4mColfPPDFVD7wg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7d:63:a5:2c:de:62:68:66:0d:c9:10:4e:d6:10:8a:b7:d1:01:
a3:59:fe:85:50:e9:a1:76:84:26:e6:e8:76:54:a8:ab:2a:86:
58:fe:dc:cf:1f:c2:80:50:b0:3d:d8:1a:2a:db:42:61:49:4f:
a5:1d:68:75:45:cd:3b:3f:bd:76:62:da:8c:2e:4c:ab:53:75:
ee:c9:5e:d2:04:c5:bc:ec:c1:e9:c9:95:36:ba:08:46:c9:0b:
17:e1:46:a5:9a:6a:77:59:43:4a:db:5a:03:55:3f:da:1d:42:
fb:24:9e:56:66:7f:85:89:2c:61:59:3d:84:91:7d:95:f0:0b:
07:42:a9:cf:62:e2:a2:53:c5:6b:5e:70:96:c5:a8:94:d6:35:
7b:9d:e1:db:27:6d:40:19:b1:96:89:c1:a1:65:46:c6:98:b1:
79:53:2e:ad:7b:59:b8:f9:60:d9:f7:36:93:6a:c9:93:bc:7e:
55:89:ac:0d:03:15:99:38:89:00:cd:97:c7:54:8c:89:29:1f:
7d:8f:be:2a:a2:c7:7d:3a:7c:50:04:7e:fc:20:6d:14:e8:77:
d2:1a:ac:fd:b1:f9:eb:88:e4:be:00:46:46:47:28:43:de:6e:
55:4d:7e:3a:3f:ba:46:46:bd:62:bb:06:44:d9:89:47:5e:b5:
18:b0:ec:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRvroYyci8mPFRTa935g+NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDg1ZmM1MzRjMTNlMDg4MmUyNjBhODk1ZjNjZjBjNTU0
M2VmMDgwHhcNMjUxMTA1MDIwMDQ1WhcNMjUxMTA2MDIwMDQ1WjAzMTEwLwYDVQQD
Eyg2MDQyNTI1ZjI5Y2I1MWU4ODg3MDM1OWJjNWQ1NzQxMWI2NWE5NTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7xbXiPlfFFPKi/SxAcD7JCl/YcIa
p91FNgkVqq3QvZw87gfvGAwqsxp1sl3zcAY9HoR9jkmELL1rMc++ItkkUmzVq11f
lrVEue4Tgo8xCglNNwgKKjnH08gvPeLjd3tLjEXfxsu4E695I66QkB8vu4KGC+3G
EtVtd6AEMw7E8O0Iwhp+tWr4gNrZR9jAb9VIaWBp6cH7J7qalgNdGHMh/G2BV9RU
73SPfRmXOreb5yDd47CkDhZxs7oePz5PgJFS4mqEPHvjfO5VKg5IlAeStflIkbyi
3ri1Iw/ylydOrAms6k5DtAc2Vjd9dp8CFw5CHwpEW+hmjCAHCMJVWnCRmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGBCUl8py1HoiHA1m8XVdBG2WpV5MB8GA1UdIwQY
MBaAFCkIX8U0wT4IguJgqJXzzwxVQ+8IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FoZnhUVEJQZ2lDNG1Db2xmUFBERlZEN3dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS81NmQ0OTAtMDE5Ni00NWFjLTgzZWIt
YzMyOTcxMjllNGQzLzEvS1FoZnhUVEJQZ2lDNG1Db2xmUFBERlZEN3dnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS81NmQ0OTAtMDE5Ni00NWFjLTgzZWItYzMyOTcxMjllNGQz
LzEvS1FoZnhUVEJQZ2lDNG1Db2xmUFBERlZEN3dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfWOlLN5i
aGYNyRBO1hCKt9EBo1n+hVDpoXaEJubodlSoqyqGWP7czx/CgFCwPdgaKttCYUlP
pR1odUXNOz+9dmLajC5Mq1N17sle0gTFvOzB6cmVNroIRskLF+FGpZpqd1lDStta
A1U/2h1C+ySeVmZ/hYksYVk9hJF9lfALB0Kpz2LiolPFa15wlsWolNY1e53h2ydt
QBmxlonBoWVGxpixeVMurXtZuPlg2fc2k2rJk7x+VYmsDQMVmTiJAM2Xx1SMiSkf
fY++KqLHfTp8UAR+/CBtFOh30hqs/bH564jkvgBGRkcoQ95uVU1+Oj+6Rka9YrsG
RNmJR161GLDsUw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:01:11 2025 by rpki-client