Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/52a6de-7232-49b1-91c7-cfdfcd4ee0f2/1/QIVi4riWGyLinHYtbJkDMbo2Zm8.mft
File: QIVi4riWGyLinHYtbJkDMbo2Zm8.mft (raw, json)
Hash identifier: Nv/MFLOUr/2//lMYj+G7n02X+qesVEcYUupiAw0I0mg=
Subject key identifier: A5:35:AC:4D:BA:C5:88:C9:0D:D8:28:01:92:28:70:93:A1:AE:43:A6
Authority key identifier: 40:85:62:E2:B8:96:1B:22:E2:9C:76:2D:6C:99:03:31:BA:36:66:6F
Certificate issuer: /CN=408562e2b8961b22e29c762d6c990331ba36666f
Certificate serial: 019A4D3CDD011F539B3FDC582EC3EAF61367
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QIVi4riWGyLinHYtbJkDMbo2Zm8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/52a6de-7232-49b1-91c7-cfdfcd4ee0f2/1/QIVi4riWGyLinHYtbJkDMbo2Zm8.mft
Manifest number: 13C5
Signing time: Tue 04 Nov 2025 05:00:25 +0000
Manifest this update: Tue 04 Nov 2025 05:00:25 +0000
Manifest next update: Wed 05 Nov 2025 05:00:25 +0000
Files and hashes: 1: QIVi4riWGyLinHYtbJkDMbo2Zm8.crl (hash: w4NSJIvlQMeNghZZoO3BwWvDunV5Q57hWH75+vLBOp4=)
2: TH3iTyQHdiPtwrxen-ik0aBRXKI.roa (hash: 9e3J8Nl+Dc6K9RH7KE3BYQUYhRYoAJ/tNPR6z9IBOhE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/52a6de-7232-49b1-91c7-cfdfcd4ee0f2/1/QIVi4riWGyLinHYtbJkDMbo2Zm8.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/52a6de-7232-49b1-91c7-cfdfcd4ee0f2/1/QIVi4riWGyLinHYtbJkDMbo2Zm8.mft
rsync://rpki.ripe.net/repository/DEFAULT/QIVi4riWGyLinHYtbJkDMbo2Zm8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 05:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:3c:dd:01:1f:53:9b:3f:dc:58:2e:c3:ea:f6:13:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=408562e2b8961b22e29c762d6c990331ba36666f
Validity
Not Before: Nov 4 05:00:25 2025 GMT
Not After : Nov 5 05:00:25 2025 GMT
Subject: CN=a535ac4dbac588c90dd8280192287093a1ae43a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:73:43:9d:0a:a2:c1:a1:e0:d5:1f:da:04:83:
99:52:36:1e:26:9b:46:9b:70:3c:2c:9b:42:8b:0e:
41:e2:a7:78:b3:d0:19:ee:8c:e0:32:f1:95:1e:d2:
83:e6:bb:63:d7:a3:5a:cf:53:03:e8:c2:3d:0d:ba:
81:73:4d:70:63:68:29:3f:e2:94:e4:b9:ec:bb:8b:
1a:d8:27:01:54:6f:d4:86:c4:73:1f:4c:c5:6b:71:
1b:82:86:ec:21:ff:4c:87:7b:92:84:11:9e:42:85:
16:e6:38:38:92:0d:43:03:03:16:c1:cf:cb:a4:5a:
9f:c3:19:78:40:ee:e2:86:87:a3:db:12:95:46:d7:
68:98:8d:58:bc:c1:1a:fe:6e:0e:54:1c:ba:61:f7:
d6:f5:ac:c9:a0:17:88:65:d6:69:86:46:19:e6:bd:
59:0a:a2:39:5a:dc:12:b5:f7:75:a8:64:c5:33:8c:
94:ec:f1:0f:37:46:25:2d:85:ea:0d:6d:f8:9f:75:
53:2d:14:cc:1b:7a:2f:26:48:aa:62:60:48:c4:6a:
76:29:77:e1:d7:17:cd:fd:79:cf:6f:b6:93:cf:d3:
ff:a0:7b:94:39:f6:c0:3c:e0:87:5c:1a:e1:ec:17:
4c:4f:a0:2a:95:06:ca:39:db:a9:0b:c4:dd:14:a3:
8b:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:35:AC:4D:BA:C5:88:C9:0D:D8:28:01:92:28:70:93:A1:AE:43:A6
X509v3 Authority Key Identifier:
keyid:40:85:62:E2:B8:96:1B:22:E2:9C:76:2D:6C:99:03:31:BA:36:66:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIVi4riWGyLinHYtbJkDMbo2Zm8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/52a6de-7232-49b1-91c7-cfdfcd4ee0f2/1/QIVi4riWGyLinHYtbJkDMbo2Zm8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/52a6de-7232-49b1-91c7-cfdfcd4ee0f2/1/QIVi4riWGyLinHYtbJkDMbo2Zm8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
46:75:a1:fb:fa:2e:21:f9:06:4a:1e:57:d3:27:46:6e:5e:e9:
fc:06:34:9b:1c:f6:a5:b2:8f:44:27:78:44:7d:eb:cb:aa:e8:
3a:ad:08:57:5e:25:ef:ed:5b:69:59:a1:e3:3e:02:29:37:b7:
c7:9b:11:73:14:5a:c0:1e:d7:5c:e3:76:a7:37:03:5c:c5:22:
60:b9:02:c1:d4:50:53:08:10:ad:e0:6d:96:c2:39:5e:6a:db:
8b:b0:65:d1:d1:ec:f0:cb:1d:22:b4:8a:e8:d6:f4:9d:31:17:
49:a1:6b:69:be:fe:f3:a6:ad:25:6f:58:e8:ed:d1:0c:3e:b6:
59:32:84:cd:64:18:65:b2:45:a4:6e:16:8a:d7:5c:2c:5e:3d:
7e:ab:d9:5a:6c:bd:a6:61:98:0e:e5:5f:b0:de:14:0d:96:19:
e0:9e:f6:f3:83:65:fe:98:e0:96:5b:92:a0:ee:fc:c2:23:3c:
88:f4:16:df:5a:ec:50:db:a1:af:5a:b9:cc:27:fd:e8:aa:46:
8c:50:2c:76:7c:72:ad:9e:dd:85:39:78:32:44:8f:fb:64:02:
fe:66:62:c3:57:6d:12:ae:9a:6c:c3:ef:4c:74:65:e7:6d:c5:
1e:28:75:41:fa:a9:35:a9:8a:95:fe:ef:b8:41:65:b8:34:7b:
69:f1:ec:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNPN0BH1ObP9xYLsPq9hNnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwODU2MmUyYjg5NjFiMjJlMjljNzYyZDZjOTkwMzMxYmEz
NjY2NmYwHhcNMjUxMTA0MDUwMDI1WhcNMjUxMTA1MDUwMDI1WjAzMTEwLwYDVQQD
EyhhNTM1YWM0ZGJhYzU4OGM5MGRkODI4MDE5MjI4NzA5M2ExYWU0M2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXNDnQqiwaHg1R/aBIOZUjYeJptG
m3A8LJtCiw5B4qd4s9AZ7ozgMvGVHtKD5rtj16Naz1MD6MI9DbqBc01wY2gpP+KU
5Lnsu4sa2CcBVG/UhsRzH0zFa3EbgobsIf9Mh3uShBGeQoUW5jg4kg1DAwMWwc/L
pFqfwxl4QO7ihoej2xKVRtdomI1YvMEa/m4OVBy6YffW9azJoBeIZdZphkYZ5r1Z
CqI5WtwStfd1qGTFM4yU7PEPN0YlLYXqDW34n3VTLRTMG3ovJkiqYmBIxGp2KXfh
1xfN/XnPb7aTz9P/oHuUOfbAPOCHXBrh7BdMT6AqlQbKOdupC8TdFKOLIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKU1rE26xYjJDdgoAZIocJOhrkOmMB8GA1UdIwQY
MBaAFECFYuK4lhsi4px2LWyZAzG6NmZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUlWaTRyaVdHeUxpbkhZdGJKa0RNYm8yWm04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny81MmE2ZGUtNzIzMi00OWIxLTkxYzct
Y2ZkZmNkNGVlMGYyLzEvUUlWaTRyaVdHeUxpbkhZdGJKa0RNYm8yWm04Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny81MmE2ZGUtNzIzMi00OWIxLTkxYzctY2ZkZmNkNGVlMGYy
LzEvUUlWaTRyaVdHeUxpbkhZdGJKa0RNYm8yWm04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARnWh+/ou
IfkGSh5X0ydGbl7p/AY0mxz2pbKPRCd4RH3ry6roOq0IV14l7+1baVmh4z4CKTe3
x5sRcxRawB7XXON2pzcDXMUiYLkCwdRQUwgQreBtlsI5Xmrbi7Bl0dHs8MsdIrSK
6Nb0nTEXSaFrab7+86atJW9Y6O3RDD62WTKEzWQYZbJFpG4WitdcLF49fqvZWmy9
pmGYDuVfsN4UDZYZ4J7284Nl/pjglluSoO78wiM8iPQW31rsUNuhr1q5zCf96KpG
jFAsdnxyrZ7dhTl4MkSP+2QC/mZiw1dtEq6abMPvTHRl523FHih1QfqpNamKlf7v
uEFluDR7afHssQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 10:47:55 2025 by rpki-client