Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/654b89-37c1-4061-90b3-6b95500da23b/1/QxfdFbYr3XESWZuBQjNg7uegEpY.mft
File: QxfdFbYr3XESWZuBQjNg7uegEpY.mft (raw, json)
Hash identifier: /bhcFkMQxg0tO7d5HwezmBFa0ASEjBm13plw+lgTWvM=
Subject key identifier: DC:64:7C:84:12:EB:64:BF:1C:61:95:AE:F9:1C:35:BE:EE:23:32:A7
Authority key identifier: 43:17:DD:15:B6:2B:DD:71:12:59:9B:81:42:33:60:EE:E7:A0:12:96
Certificate issuer: /CN=4317dd15b62bdd7112599b81423360eee7a01296
Certificate serial: 019A53E40FEB0669F78AF3119A4984F1E7CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QxfdFbYr3XESWZuBQjNg7uegEpY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/654b89-37c1-4061-90b3-6b95500da23b/1/QxfdFbYr3XESWZuBQjNg7uegEpY.mft
Manifest number: 0875
Signing time: Wed 05 Nov 2025 12:00:46 +0000
Manifest this update: Wed 05 Nov 2025 12:00:46 +0000
Manifest next update: Thu 06 Nov 2025 12:00:46 +0000
Files and hashes: 1: DRGQu6VcNUxgbC-i_8UH42qgDUM.roa (hash: Tkt8CjSKbVkubPBErWJwsPegnkm3xx4+YfHW6WMiPHA=)
2: QxfdFbYr3XESWZuBQjNg7uegEpY.crl (hash: AUW+qNmXnJr8sXYCEh+9L4LDXnN211FxPdEl1KqqbiM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/654b89-37c1-4061-90b3-6b95500da23b/1/QxfdFbYr3XESWZuBQjNg7uegEpY.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/654b89-37c1-4061-90b3-6b95500da23b/1/QxfdFbYr3XESWZuBQjNg7uegEpY.mft
rsync://rpki.ripe.net/repository/DEFAULT/QxfdFbYr3XESWZuBQjNg7uegEpY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:53:e4:0f:eb:06:69:f7:8a:f3:11:9a:49:84:f1:e7:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4317dd15b62bdd7112599b81423360eee7a01296
Validity
Not Before: Nov 5 12:00:46 2025 GMT
Not After : Nov 6 12:00:46 2025 GMT
Subject: CN=dc647c8412eb64bf1c6195aef91c35beee2332a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:5e:f7:6e:76:3e:4b:0f:e4:69:cc:a8:d5:1b:
08:f6:60:ac:02:dd:7b:c0:21:1c:f3:b1:1e:1b:30:
02:a9:c5:9b:08:ce:30:e0:d7:0f:9b:ea:5c:bb:43:
b6:c7:b0:fd:e2:c3:2e:ef:60:09:98:c0:58:ca:25:
4f:d5:b7:4b:46:6c:b2:a5:cf:09:fc:c3:94:03:c0:
03:63:19:7b:99:a6:2f:58:73:d1:34:3e:99:0a:a4:
9f:76:c0:57:13:8b:02:1c:6a:b0:c5:c0:34:3c:ba:
ff:72:b6:b2:94:8d:23:fe:34:32:f6:cf:6c:11:57:
5d:56:a8:bd:29:42:51:3c:56:21:64:d0:c6:9e:7b:
e5:3c:5c:83:ee:14:84:8d:db:fc:53:3c:89:14:8e:
d5:29:d2:06:71:98:cc:26:b0:6d:09:87:37:6f:15:
f4:a5:76:5b:b0:7c:43:d1:47:b3:e9:0d:d6:69:cf:
cd:9d:15:a8:04:b3:38:de:9a:a2:f3:be:f0:5c:b3:
aa:6f:9a:55:ed:8f:5f:46:07:32:da:d1:b3:1c:91:
e5:f8:10:d1:b3:24:d0:6a:9c:57:55:c7:d3:db:de:
af:d3:80:ec:0a:ae:08:f2:e5:fb:98:ca:e6:ad:cd:
f1:96:60:46:cc:be:59:e2:0b:60:65:e7:33:cf:21:
be:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:64:7C:84:12:EB:64:BF:1C:61:95:AE:F9:1C:35:BE:EE:23:32:A7
X509v3 Authority Key Identifier:
keyid:43:17:DD:15:B6:2B:DD:71:12:59:9B:81:42:33:60:EE:E7:A0:12:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QxfdFbYr3XESWZuBQjNg7uegEpY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/654b89-37c1-4061-90b3-6b95500da23b/1/QxfdFbYr3XESWZuBQjNg7uegEpY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/654b89-37c1-4061-90b3-6b95500da23b/1/QxfdFbYr3XESWZuBQjNg7uegEpY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c2:12:e8:97:fb:40:1c:0e:c3:e1:30:35:8a:74:70:9f:2d:9e:
90:fa:18:b6:5c:70:20:9f:28:3c:b7:fd:b0:0f:90:95:38:b5:
0c:7e:5b:50:d5:73:df:ef:35:dd:f7:82:04:2c:a9:b7:a4:3b:
14:95:0c:82:08:10:38:82:86:e0:ae:59:00:fd:3e:06:5c:27:
14:5c:f4:7a:44:dc:01:c6:f3:bd:df:58:e8:08:59:75:32:11:
b4:2d:43:c2:ba:5f:19:34:51:e8:93:7f:55:cd:fd:59:35:6c:
4d:9b:3e:82:0f:fa:69:20:11:0e:8e:63:f3:d6:68:7f:8d:40:
9f:b2:27:60:04:80:c0:b0:b5:b5:06:39:98:fd:0f:f3:60:f8:
57:2f:50:cd:3a:4a:be:19:23:cd:fa:5c:64:a5:68:72:6a:38:
92:51:8c:e4:07:22:44:17:01:91:da:ab:a5:5c:e4:46:3e:80:
9e:33:09:9e:0f:db:9c:e7:79:7d:19:ee:e2:b4:66:fb:0d:ed:
18:33:92:3f:4e:c6:b0:a7:a8:a1:ab:fa:55:91:7b:14:23:65:
75:47:ef:51:14:61:e3:c2:5a:5c:4f:e6:65:24:b9:5a:b0:c6:
d2:da:86:fa:ce:66:2e:e7:61:45:46:6e:2d:bf:45:8c:7d:8e:
e2:27:ac:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpT5A/rBmn3ivMRmkmE8efLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMTdkZDE1YjYyYmRkNzExMjU5OWI4MTQyMzM2MGVlZTdh
MDEyOTYwHhcNMjUxMTA1MTIwMDQ2WhcNMjUxMTA2MTIwMDQ2WjAzMTEwLwYDVQQD
EyhkYzY0N2M4NDEyZWI2NGJmMWM2MTk1YWVmOTFjMzViZWVlMjMzMmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwV73bnY+Sw/kacyo1RsI9mCsAt17
wCEc87EeGzACqcWbCM4w4NcPm+pcu0O2x7D94sMu72AJmMBYyiVP1bdLRmyypc8J
/MOUA8ADYxl7maYvWHPRND6ZCqSfdsBXE4sCHGqwxcA0PLr/craylI0j/jQy9s9s
EVddVqi9KUJRPFYhZNDGnnvlPFyD7hSEjdv8UzyJFI7VKdIGcZjMJrBtCYc3bxX0
pXZbsHxD0Uez6Q3Wac/NnRWoBLM43pqi877wXLOqb5pV7Y9fRgcy2tGzHJHl+BDR
syTQapxXVcfT296v04DsCq4I8uX7mMrmrc3xlmBGzL5Z4gtgZeczzyG+QQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNxkfIQS62S/HGGVrvkcNb7uIzKnMB8GA1UdIwQY
MBaAFEMX3RW2K91xElmbgUIzYO7noBKWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXhmZEZiWXIzWEVTV1p1QlFqTmc3dWVnRXBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi82NTRiODktMzdjMS00MDYxLTkwYjMt
NmI5NTUwMGRhMjNiLzEvUXhmZEZiWXIzWEVTV1p1QlFqTmc3dWVnRXBZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi82NTRiODktMzdjMS00MDYxLTkwYjMtNmI5NTUwMGRhMjNi
LzEvUXhmZEZiWXIzWEVTV1p1QlFqTmc3dWVnRXBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwhLol/tA
HA7D4TA1inRwny2ekPoYtlxwIJ8oPLf9sA+QlTi1DH5bUNVz3+813feCBCypt6Q7
FJUMgggQOIKG4K5ZAP0+BlwnFFz0ekTcAcbzvd9Y6AhZdTIRtC1DwrpfGTRR6JN/
Vc39WTVsTZs+gg/6aSARDo5j89Zof41An7InYASAwLC1tQY5mP0P82D4Vy9QzTpK
vhkjzfpcZKVocmo4klGM5AciRBcBkdqrpVzkRj6AnjMJng/bnOd5fRnu4rRm+w3t
GDOSP07GsKeooav6VZF7FCNldUfvURRh48JaXE/mZSS5WrDG0tqG+s5mLudhRUZu
Lb9FjH2O4iesKA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 16:44:29 2025 by rpki-client