Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.mft
File: QB0ZYVrOK7vPoJFpCAgIdipksX4.mft (raw, json)
Hash identifier: IxBRu1ZjmyMcg76gPrbzwdnr68OIyEBQTKXbZcC5QXw=
Subject key identifier: 44:AB:25:4F:59:1D:20:E7:B1:AB:9D:A7:D7:D2:EE:0E:D5:41:6B:02
Authority key identifier: 40:1D:19:61:5A:CE:2B:BB:CF:A0:91:69:08:08:08:76:2A:64:B1:7E
Certificate issuer: /CN=401d19615ace2bbbcfa09169080808762a64b17e
Certificate serial: 019A5007661A6DCB1723B29945DA1C77B290
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QB0ZYVrOK7vPoJFpCAgIdipksX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.mft
Manifest number: 05DC
Signing time: Tue 04 Nov 2025 18:00:53 +0000
Manifest this update: Tue 04 Nov 2025 18:00:53 +0000
Manifest next update: Wed 05 Nov 2025 18:00:53 +0000
Files and hashes: 1: KrtTh6gsfptfdAcGq3CmJjqfV2o.roa (hash: eRRAdGSdFwP7Zvo2rxHWeAe37W0cOjnKNlia+tVBb+M=)
2: QB0ZYVrOK7vPoJFpCAgIdipksX4.crl (hash: MuJYnCsqm1yvfvofgGs2befCADG1U9WLdXQ4XDdlrMY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.mft
rsync://rpki.ripe.net/repository/DEFAULT/QB0ZYVrOK7vPoJFpCAgIdipksX4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:50:07:66:1a:6d:cb:17:23:b2:99:45:da:1c:77:b2:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=401d19615ace2bbbcfa09169080808762a64b17e
Validity
Not Before: Nov 4 18:00:53 2025 GMT
Not After : Nov 5 18:00:53 2025 GMT
Subject: CN=44ab254f591d20e7b1ab9da7d7d2ee0ed5416b02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:bd:23:76:b4:24:21:68:1b:89:f7:96:5e:d9:
83:a3:cb:86:0b:f0:07:db:0c:4b:a6:1d:64:bb:19:
c5:80:6f:ac:51:fa:fb:7a:6d:86:00:0b:42:0f:76:
ef:bf:b2:58:dd:44:ef:3e:b9:8b:76:0d:5c:f8:96:
b1:ab:43:0d:1d:92:c2:e4:7e:dd:42:e4:bd:f7:1d:
9d:30:71:86:b6:cd:94:51:15:ec:70:53:86:3a:d3:
cd:ff:39:50:83:04:45:f5:27:fc:06:59:07:ed:8b:
ef:22:25:ce:3c:57:a5:5c:2b:fe:95:f3:7b:c4:17:
46:21:a6:02:a3:a0:3b:78:b5:2e:f4:2f:e4:45:5a:
8b:d5:02:c6:98:24:77:76:68:89:c3:d1:56:87:aa:
90:eb:e3:75:a0:a3:3c:09:5b:71:07:b6:3f:fc:30:
0f:1b:7c:5b:71:e5:90:d4:05:d3:16:fa:56:e9:fa:
10:30:f5:79:3a:8e:0a:69:f3:f9:88:81:84:43:66:
4e:a1:ef:7e:eb:30:70:2e:4d:c0:56:5e:bc:95:e1:
bc:99:b7:35:3b:59:86:fa:6b:c5:fc:67:08:89:48:
06:14:e5:c0:bc:d9:ec:d4:94:40:40:ba:b4:28:9f:
6c:13:fa:94:b7:97:0b:4d:93:cc:d8:7e:aa:af:cc:
29:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:AB:25:4F:59:1D:20:E7:B1:AB:9D:A7:D7:D2:EE:0E:D5:41:6B:02
X509v3 Authority Key Identifier:
keyid:40:1D:19:61:5A:CE:2B:BB:CF:A0:91:69:08:08:08:76:2A:64:B1:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QB0ZYVrOK7vPoJFpCAgIdipksX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a9:6e:3f:f7:57:dc:24:92:8c:d7:dc:32:b4:1e:be:a7:a4:fe:
3c:7b:e6:79:90:3c:30:7c:a8:ff:67:34:92:53:7f:8d:d6:83:
59:9a:93:c3:f6:bd:74:14:d3:36:d6:e2:f3:0b:61:2f:7c:ac:
e9:53:f7:dc:08:4e:72:4e:9a:ed:cb:74:19:8f:50:1b:6a:f9:
7f:8a:75:1b:4e:d2:c7:41:bc:40:f3:cb:09:fd:77:57:00:05:
8e:d6:19:a0:f4:10:cd:58:c8:f2:f4:46:fb:d5:cc:e8:02:6c:
26:7c:ec:35:f9:9a:a4:80:df:b4:51:cb:d8:23:43:d1:c1:4e:
18:75:78:c0:fa:a6:c0:54:4b:9e:3f:9e:12:87:2b:1b:fe:a3:
91:ff:3b:ab:87:85:42:33:4d:25:e4:1c:2f:b4:4b:38:87:62:
ad:c9:23:92:87:8b:4a:bd:a5:cd:5c:d9:0c:e8:f9:8e:0a:4c:
62:34:fd:76:dd:d4:dc:08:49:df:25:40:c4:ab:5b:38:67:65:
87:9a:c1:29:f5:aa:fb:03:f8:19:fe:73:d8:fa:a8:ad:bf:5f:
a9:bd:42:a6:5d:f3:ff:12:df:42:ba:13:bf:a6:74:66:4a:d9:
1b:93:a7:c7:06:e2:13:ce:f7:47:d9:37:bc:28:23:76:c0:8f:
ee:1e:a4:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQB2YabcsXI7KZRdocd7KQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMWQxOTYxNWFjZTJiYmJjZmEwOTE2OTA4MDgwODc2MmE2
NGIxN2UwHhcNMjUxMTA0MTgwMDUzWhcNMjUxMTA1MTgwMDUzWjAzMTEwLwYDVQQD
Eyg0NGFiMjU0ZjU5MWQyMGU3YjFhYjlkYTdkN2QyZWUwZWQ1NDE2YjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtL0jdrQkIWgbifeWXtmDo8uGC/AH
2wxLph1kuxnFgG+sUfr7em2GAAtCD3bvv7JY3UTvPrmLdg1c+Jaxq0MNHZLC5H7d
QuS99x2dMHGGts2UURXscFOGOtPN/zlQgwRF9Sf8BlkH7YvvIiXOPFelXCv+lfN7
xBdGIaYCo6A7eLUu9C/kRVqL1QLGmCR3dmiJw9FWh6qQ6+N1oKM8CVtxB7Y//DAP
G3xbceWQ1AXTFvpW6foQMPV5Oo4KafP5iIGEQ2ZOoe9+6zBwLk3AVl68leG8mbc1
O1mG+mvF/GcIiUgGFOXAvNns1JRAQLq0KJ9sE/qUt5cLTZPM2H6qr8wpEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFESrJU9ZHSDnsaudp9fS7g7VQWsCMB8GA1UdIwQY
MBaAFEAdGWFaziu7z6CRaQgICHYqZLF+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUIwWllWck9LN3ZQb0pGcENBZ0lkaXBrc1g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9iNWRhNzAtNDIxMC00NjNlLTlkYzYt
OTc5OTcyYTAwMTRkLzEvUUIwWllWck9LN3ZQb0pGcENBZ0lkaXBrc1g0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9iNWRhNzAtNDIxMC00NjNlLTlkYzYtOTc5OTcyYTAwMTRk
LzEvUUIwWllWck9LN3ZQb0pGcENBZ0lkaXBrc1g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqW4/91fc
JJKM19wytB6+p6T+PHvmeZA8MHyo/2c0klN/jdaDWZqTw/a9dBTTNtbi8wthL3ys
6VP33AhOck6a7ct0GY9QG2r5f4p1G07Sx0G8QPPLCf13VwAFjtYZoPQQzVjI8vRG
+9XM6AJsJnzsNfmapIDftFHL2CND0cFOGHV4wPqmwFRLnj+eEocrG/6jkf87q4eF
QjNNJeQcL7RLOIdirckjkoeLSr2lzVzZDOj5jgpMYjT9dt3U3AhJ3yVAxKtbOGdl
h5rBKfWq+wP4Gf5z2Pqorb9fqb1Cpl3z/xLfQroTv6Z0ZkrZG5OnxwbiE873R9k3
vCgjdsCP7h6kLw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 03:53:34 2025 by rpki-client