Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/52a97f-2ad6-4059-8646-0686160a7e68/1/Qw4JSd9ZMPa3nvy9nLoXTKIT9Wk.mft
File: Qw4JSd9ZMPa3nvy9nLoXTKIT9Wk.mft (raw, json)
Hash identifier: N+Z1he54K7ZWmqlfn03iiHF5TJdmDIplIWfvI6/Wyqw=
Subject key identifier: 38:03:0F:73:43:4C:A3:5D:9A:13:48:B9:EF:2B:24:AD:11:D5:2E:F5
Authority key identifier: 43:0E:09:49:DF:59:30:F6:B7:9E:FC:BD:9C:BA:17:4C:A2:13:F5:69
Certificate issuer: /CN=430e0949df5930f6b79efcbd9cba174ca213f569
Certificate serial: 019A5263841EB82CE2F0AAA233AAD19B971D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qw4JSd9ZMPa3nvy9nLoXTKIT9Wk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/52a97f-2ad6-4059-8646-0686160a7e68/1/Qw4JSd9ZMPa3nvy9nLoXTKIT9Wk.mft
Manifest number: 16A2
Signing time: Wed 05 Nov 2025 05:00:44 +0000
Manifest this update: Wed 05 Nov 2025 05:00:44 +0000
Manifest next update: Thu 06 Nov 2025 05:00:44 +0000
Files and hashes: 1: B2zXHYwEq1mSDhRzWM21ZLKQRZ0.roa (hash: P+0tfOZ2RaLt/nUPuFjZ/CAtJcAtybwXEXHcIsSIUm4=)
2: Qw4JSd9ZMPa3nvy9nLoXTKIT9Wk.crl (hash: u738vgsbsXxdg5SiymCxUEkuL++v7+OAUZKJLVrGzgU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/52a97f-2ad6-4059-8646-0686160a7e68/1/Qw4JSd9ZMPa3nvy9nLoXTKIT9Wk.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/52a97f-2ad6-4059-8646-0686160a7e68/1/Qw4JSd9ZMPa3nvy9nLoXTKIT9Wk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Qw4JSd9ZMPa3nvy9nLoXTKIT9Wk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:52:63:84:1e:b8:2c:e2:f0:aa:a2:33:aa:d1:9b:97:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=430e0949df5930f6b79efcbd9cba174ca213f569
Validity
Not Before: Nov 5 05:00:44 2025 GMT
Not After : Nov 6 05:00:44 2025 GMT
Subject: CN=38030f73434ca35d9a1348b9ef2b24ad11d52ef5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:98:a9:0f:c0:32:ff:bc:70:9a:28:02:7e:4d:
fc:07:cd:fa:de:ec:46:58:fd:80:f3:2e:01:6b:51:
b5:07:07:80:3b:27:06:bb:9d:f5:96:b4:27:30:72:
25:69:1b:bb:66:f2:05:46:05:66:42:c5:f1:73:13:
ff:e2:51:1d:52:e9:91:3b:a0:9b:50:a7:96:5a:8c:
f3:c9:20:f0:b2:1d:66:00:58:b4:16:da:9e:43:ae:
e1:c6:ba:47:7f:1e:a4:95:a6:0b:99:82:30:40:62:
d4:df:1e:85:d6:13:41:51:fd:c3:87:fa:09:d3:ea:
3a:68:4c:64:79:ec:6f:de:a5:d8:0e:15:1a:57:88:
4e:42:d7:8d:27:13:59:8f:29:d7:af:86:af:81:63:
62:93:91:e5:08:32:18:a5:8f:e8:aa:2c:45:07:07:
9e:a5:4b:05:ad:59:e2:48:16:48:41:9f:1f:7f:20:
40:be:b4:67:9e:0e:90:32:92:1d:e5:69:d6:4d:0b:
4c:ff:d7:84:58:e2:42:12:58:20:c8:44:43:cc:fc:
b7:00:74:75:b3:ba:dc:41:ee:15:aa:cf:18:b8:2e:
ac:f4:e9:4d:ba:17:90:b8:f2:cb:7d:91:64:cd:10:
5d:82:7e:7d:e9:ed:8c:50:d1:57:4e:42:5e:db:26:
db:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:03:0F:73:43:4C:A3:5D:9A:13:48:B9:EF:2B:24:AD:11:D5:2E:F5
X509v3 Authority Key Identifier:
keyid:43:0E:09:49:DF:59:30:F6:B7:9E:FC:BD:9C:BA:17:4C:A2:13:F5:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qw4JSd9ZMPa3nvy9nLoXTKIT9Wk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/52a97f-2ad6-4059-8646-0686160a7e68/1/Qw4JSd9ZMPa3nvy9nLoXTKIT9Wk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/52a97f-2ad6-4059-8646-0686160a7e68/1/Qw4JSd9ZMPa3nvy9nLoXTKIT9Wk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7f:ad:71:6f:b8:91:6e:35:0a:68:d2:af:1c:ee:1c:c6:f8:0b:
fb:4d:01:bc:74:1a:29:de:1c:8e:97:74:56:2a:4a:0b:5c:33:
42:0e:60:bf:bb:4f:e9:d3:43:74:b9:ab:1f:7b:58:50:e0:af:
87:b5:c3:69:31:79:83:ff:25:3e:32:4c:f7:b7:14:35:7c:0a:
57:16:81:cd:69:5e:56:02:e3:97:d3:6f:89:2a:e7:9c:a5:a8:
6f:41:9f:b0:ce:32:db:d8:9a:20:5c:a1:4c:0e:3e:41:58:6c:
86:2e:a1:2f:66:7c:db:31:c0:86:ff:65:0d:14:91:ce:2f:5d:
a4:93:58:d2:2a:83:26:fa:78:33:27:64:46:cb:1b:0e:a5:d2:
a2:b1:1a:4c:aa:20:61:95:91:c7:7e:a3:45:5f:ca:ab:b9:31:
d9:0c:a1:c7:e8:ac:54:66:ee:4e:6e:2a:2e:7c:98:90:00:0b:
e9:6d:30:ba:9e:5e:76:48:69:1c:2d:52:29:da:25:43:30:84:
47:87:54:47:23:40:64:8f:f3:cb:7d:6b:ef:21:84:1e:bb:7f:
68:97:e5:81:51:e4:e1:81:ae:c4:76:c6:ce:4e:d7:12:db:c3:
79:cb:d0:fc:c2:db:ee:18:81:a2:58:83:60:5d:79:c1:6f:3e:
87:da:54:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpSY4QeuCzi8KqiM6rRm5cdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMGUwOTQ5ZGY1OTMwZjZiNzllZmNiZDljYmExNzRjYTIx
M2Y1NjkwHhcNMjUxMTA1MDUwMDQ0WhcNMjUxMTA2MDUwMDQ0WjAzMTEwLwYDVQQD
EygzODAzMGY3MzQzNGNhMzVkOWExMzQ4YjllZjJiMjRhZDExZDUyZWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9JipD8Ay/7xwmigCfk38B8363uxG
WP2A8y4Ba1G1BweAOycGu531lrQnMHIlaRu7ZvIFRgVmQsXxcxP/4lEdUumRO6Cb
UKeWWozzySDwsh1mAFi0FtqeQ67hxrpHfx6klaYLmYIwQGLU3x6F1hNBUf3Dh/oJ
0+o6aExkeexv3qXYDhUaV4hOQteNJxNZjynXr4avgWNik5HlCDIYpY/oqixFBwee
pUsFrVniSBZIQZ8ffyBAvrRnng6QMpId5WnWTQtM/9eEWOJCElggyERDzPy3AHR1
s7rcQe4Vqs8YuC6s9OlNuheQuPLLfZFkzRBdgn596e2MUNFXTkJe2ybbTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDgDD3NDTKNdmhNIue8rJK0R1S71MB8GA1UdIwQY
MBaAFEMOCUnfWTD2t578vZy6F0yiE/VpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXc0SlNkOVpNUGEzbnZ5OW5Mb1hUS0lUOVdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC81MmE5N2YtMmFkNi00MDU5LTg2NDYt
MDY4NjE2MGE3ZTY4LzEvUXc0SlNkOVpNUGEzbnZ5OW5Mb1hUS0lUOVdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC81MmE5N2YtMmFkNi00MDU5LTg2NDYtMDY4NjE2MGE3ZTY4
LzEvUXc0SlNkOVpNUGEzbnZ5OW5Mb1hUS0lUOVdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf61xb7iR
bjUKaNKvHO4cxvgL+00BvHQaKd4cjpd0VipKC1wzQg5gv7tP6dNDdLmrH3tYUOCv
h7XDaTF5g/8lPjJM97cUNXwKVxaBzWleVgLjl9NviSrnnKWob0GfsM4y29iaIFyh
TA4+QVhshi6hL2Z82zHAhv9lDRSRzi9dpJNY0iqDJvp4MydkRssbDqXSorEaTKog
YZWRx36jRV/Kq7kx2Qyhx+isVGbuTm4qLnyYkAAL6W0wup5edkhpHC1SKdolQzCE
R4dURyNAZI/zy31r7yGEHrt/aJflgVHk4YGuxHbGzk7XEtvDecvQ/MLb7hiBoliD
YF15wW8+h9pUwg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 07:45:06 2025 by rpki-client