Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/7bb038-01bc-4d85-9f04-d22274bba713/1/qklDGDthG-Ogd1OCUJSQBIsK1zg.mft
File: qklDGDthG-Ogd1OCUJSQBIsK1zg.mft (raw, json)
Hash identifier: pthAkqN44REqNw/NNMXP8EC/G2pPNi+oZBhseg8O1Hk=
Subject key identifier: 56:72:AD:27:F3:FE:5E:40:C4:6D:7F:DF:D4:B2:2D:17:45:0F:33:0F
Authority key identifier: AA:49:43:18:3B:61:1B:E3:A0:77:53:82:50:94:90:04:8B:0A:D7:38
Certificate issuer: /CN=aa4943183b611be3a0775382509490048b0ad738
Certificate serial: 019A4E18937737069389F42A28B93C2F8E4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qklDGDthG-Ogd1OCUJSQBIsK1zg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/7bb038-01bc-4d85-9f04-d22274bba713/1/qklDGDthG-Ogd1OCUJSQBIsK1zg.mft
Manifest number: 170F
Signing time: Tue 04 Nov 2025 09:00:24 +0000
Manifest this update: Tue 04 Nov 2025 09:00:24 +0000
Manifest next update: Wed 05 Nov 2025 09:00:24 +0000
Files and hashes: 1: _b9uzDBnaBhrr4RiKYd-HrjhIyY.roa (hash: zuVo5YCjE6oxIWEPlMV6dA4fTWapSfHiFlgPsUG/qhk=)
2: qklDGDthG-Ogd1OCUJSQBIsK1zg.crl (hash: k6O03T8ZPRYGA6POG0gd8uNJj1Gswkkuc+8Re0oliso=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/7bb038-01bc-4d85-9f04-d22274bba713/1/qklDGDthG-Ogd1OCUJSQBIsK1zg.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/7bb038-01bc-4d85-9f04-d22274bba713/1/qklDGDthG-Ogd1OCUJSQBIsK1zg.mft
rsync://rpki.ripe.net/repository/DEFAULT/qklDGDthG-Ogd1OCUJSQBIsK1zg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:18:93:77:37:06:93:89:f4:2a:28:b9:3c:2f:8e:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa4943183b611be3a0775382509490048b0ad738
Validity
Not Before: Nov 4 09:00:24 2025 GMT
Not After : Nov 5 09:00:24 2025 GMT
Subject: CN=5672ad27f3fe5e40c46d7fdfd4b22d17450f330f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d0:07:4c:fc:e9:5a:2e:49:45:1f:dc:3c:2b:
d5:a7:d3:75:a5:7a:1c:a0:52:38:9d:6e:39:cc:eb:
49:2a:c0:db:41:01:95:55:a2:9e:0b:fb:ed:a6:30:
79:ca:aa:b0:6d:a3:c5:0f:b2:6a:22:97:ff:40:2e:
43:cb:fd:ce:69:2a:c6:26:39:ca:46:fb:c7:bd:3e:
c1:f5:d3:f0:e7:61:6b:af:0f:16:e5:9c:13:91:c5:
81:54:b8:c3:f2:c2:97:a9:31:89:2c:f0:3b:5a:7c:
98:63:f4:a3:65:81:4e:72:e4:b5:6c:8e:38:cc:5b:
4d:e9:b3:7b:e1:57:ab:66:13:bf:ae:fa:33:be:c7:
ae:66:fc:f9:66:25:2b:79:7f:d2:02:64:1b:6a:5b:
76:7a:80:d3:d6:8a:ed:c0:a1:4c:93:51:e8:3e:92:
e9:98:d7:34:7d:ea:10:66:fb:93:44:d0:db:b5:ae:
b3:5d:1f:b9:30:83:d5:13:39:45:46:7b:d3:97:92:
83:0d:d2:0c:0e:d9:e8:2a:67:c1:cb:9d:02:30:7a:
2a:84:27:24:55:b2:e4:99:51:7d:80:61:eb:18:7b:
09:f3:a5:ac:23:23:f3:6a:0b:79:7b:32:14:c4:56:
a1:72:cf:02:e3:28:5e:5a:ba:9d:ec:3f:14:4b:e2:
28:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:72:AD:27:F3:FE:5E:40:C4:6D:7F:DF:D4:B2:2D:17:45:0F:33:0F
X509v3 Authority Key Identifier:
keyid:AA:49:43:18:3B:61:1B:E3:A0:77:53:82:50:94:90:04:8B:0A:D7:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qklDGDthG-Ogd1OCUJSQBIsK1zg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/7bb038-01bc-4d85-9f04-d22274bba713/1/qklDGDthG-Ogd1OCUJSQBIsK1zg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/7bb038-01bc-4d85-9f04-d22274bba713/1/qklDGDthG-Ogd1OCUJSQBIsK1zg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6e:55:d5:d3:38:2d:eb:67:16:d6:2a:88:c6:e2:02:c1:dc:19:
c1:66:08:b5:69:37:4c:d5:f0:e7:ab:7e:be:6d:99:32:68:73:
76:00:c9:55:87:a6:ed:00:29:6b:d6:b7:b4:df:cc:22:b9:e1:
75:e4:7a:ee:b5:84:5a:1f:9a:43:1a:08:8a:11:89:db:e9:b3:
c8:97:2c:3d:9d:77:87:2e:ab:d1:60:75:c8:10:4f:18:73:e4:
a9:e9:97:58:e9:e4:db:4f:ec:9d:3c:6e:fb:62:70:b0:a8:38:
0d:ce:b7:a2:b6:8f:86:9c:56:f8:64:7a:a2:2f:bc:a1:3f:b0:
a2:fb:51:77:8e:03:b8:fa:09:e7:bd:bf:db:8d:f0:80:ca:29:
b7:89:93:3f:b9:ba:72:64:3d:2f:e0:33:57:d1:66:78:60:63:
71:bb:3c:54:d4:40:a4:ed:ca:04:53:9d:d9:38:ec:6e:ae:85:
8b:5d:5d:7a:9e:a3:e9:c8:57:14:2d:b8:00:31:be:fa:92:56:
41:33:cd:0b:87:6e:9b:a1:f9:73:35:10:7d:1b:f0:a3:ad:e3:
5e:ac:90:8c:94:e0:d3:93:b0:60:17:15:35:dd:f0:38:92:64:
67:0b:ae:ba:48:90:62:46:14:87:58:e8:b5:db:5f:6c:32:96:
cb:fe:47:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOGJN3NwaTifQqKLk8L45KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNDk0MzE4M2I2MTFiZTNhMDc3NTM4MjUwOTQ5MDA0OGIw
YWQ3MzgwHhcNMjUxMTA0MDkwMDI0WhcNMjUxMTA1MDkwMDI0WjAzMTEwLwYDVQQD
Eyg1NjcyYWQyN2YzZmU1ZTQwYzQ2ZDdmZGZkNGIyMmQxNzQ1MGYzMzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdAHTPzpWi5JRR/cPCvVp9N1pXoc
oFI4nW45zOtJKsDbQQGVVaKeC/vtpjB5yqqwbaPFD7JqIpf/QC5Dy/3OaSrGJjnK
RvvHvT7B9dPw52Frrw8W5ZwTkcWBVLjD8sKXqTGJLPA7WnyYY/SjZYFOcuS1bI44
zFtN6bN74VerZhO/rvozvseuZvz5ZiUreX/SAmQbalt2eoDT1ortwKFMk1HoPpLp
mNc0feoQZvuTRNDbta6zXR+5MIPVEzlFRnvTl5KDDdIMDtnoKmfBy50CMHoqhCck
VbLkmVF9gGHrGHsJ86WsIyPzagt5ezIUxFahcs8C4yheWrqd7D8US+Io6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFZyrSfz/l5AxG1/39SyLRdFDzMPMB8GA1UdIwQY
MBaAFKpJQxg7YRvjoHdTglCUkASLCtc4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWtsREdEdGhHLU9nZDFPQ1VKU1FCSXNLMXpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS83YmIwMzgtMDFiYy00ZDg1LTlmMDQt
ZDIyMjc0YmJhNzEzLzEvcWtsREdEdGhHLU9nZDFPQ1VKU1FCSXNLMXpnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS83YmIwMzgtMDFiYy00ZDg1LTlmMDQtZDIyMjc0YmJhNzEz
LzEvcWtsREdEdGhHLU9nZDFPQ1VKU1FCSXNLMXpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAblXV0zgt
62cW1iqIxuICwdwZwWYItWk3TNXw56t+vm2ZMmhzdgDJVYem7QApa9a3tN/MIrnh
deR67rWEWh+aQxoIihGJ2+mzyJcsPZ13hy6r0WB1yBBPGHPkqemXWOnk20/snTxu
+2JwsKg4Dc63oraPhpxW+GR6oi+8oT+wovtRd44DuPoJ572/243wgMopt4mTP7m6
cmQ9L+AzV9FmeGBjcbs8VNRApO3KBFOd2Tjsbq6Fi11dep6j6chXFC24ADG++pJW
QTPNC4dum6H5czUQfRvwo63jXqyQjJTg05OwYBcVNd3wOJJkZwuuukiQYkYUh1jo
tdtfbDKWy/5HDA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:07:38 2025 by rpki-client