Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/05b1e3-24c0-4668-9f40-fe77473e3dcf/1/qwJca7PczxsWUUnChzwEsabH2no.mft
File: qwJca7PczxsWUUnChzwEsabH2no.mft (raw, json)
Hash identifier: KhBJMJBDrunVDejAa8jXDtAhj5nyvS9pDcFakLeB4zo=
Subject key identifier: 00:8C:03:87:D2:3C:61:38:91:81:12:7A:2A:52:59:EC:A4:E2:53:31
Authority key identifier: AB:02:5C:6B:B3:DC:CF:1B:16:51:49:C2:87:3C:04:B1:A6:C7:DA:7A
Certificate issuer: /CN=ab025c6bb3dccf1b165149c2873c04b1a6c7da7a
Certificate serial: 019A52D1EC1A186156BAB51E3FD4DED6EA28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwJca7PczxsWUUnChzwEsabH2no.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/05b1e3-24c0-4668-9f40-fe77473e3dcf/1/qwJca7PczxsWUUnChzwEsabH2no.mft
Manifest number: 0BCB
Signing time: Wed 05 Nov 2025 07:01:20 +0000
Manifest this update: Wed 05 Nov 2025 07:01:20 +0000
Manifest next update: Thu 06 Nov 2025 07:01:20 +0000
Files and hashes: 1: qwJca7PczxsWUUnChzwEsabH2no.crl (hash: hr7J9gxrl4z4Czy//KOzK+IdTmQAxo1SNzc35Rryj/E=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/05b1e3-24c0-4668-9f40-fe77473e3dcf/1/qwJca7PczxsWUUnChzwEsabH2no.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/05b1e3-24c0-4668-9f40-fe77473e3dcf/1/qwJca7PczxsWUUnChzwEsabH2no.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwJca7PczxsWUUnChzwEsabH2no.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:52:d1:ec:1a:18:61:56:ba:b5:1e:3f:d4:de:d6:ea:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab025c6bb3dccf1b165149c2873c04b1a6c7da7a
Validity
Not Before: Nov 5 07:01:20 2025 GMT
Not After : Nov 6 07:01:20 2025 GMT
Subject: CN=008c0387d23c61389181127a2a5259eca4e25331
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:f6:42:84:66:bc:ae:29:fe:3e:cd:0b:b1:fc:
11:d1:ed:dd:f5:3c:4a:c4:44:60:b7:4f:fe:a5:a2:
58:13:ba:14:9b:59:05:3c:cf:21:ca:eb:87:e6:22:
a4:24:2c:d0:37:dc:ab:9a:5f:bd:67:bd:62:8d:e9:
27:cc:32:63:c6:35:31:a3:e5:eb:c2:eb:e5:87:6a:
80:e2:f9:4d:81:fe:d0:86:e5:78:65:2d:be:b9:7a:
cb:fc:ea:81:71:6b:5f:95:d0:03:19:f3:69:1a:cb:
5d:8d:90:c3:71:68:bd:a9:68:d6:93:e8:fd:a4:80:
49:6b:7b:37:a2:48:b1:1b:8f:c8:a8:43:03:ac:58:
57:af:0c:a5:08:d6:3f:49:3e:98:9b:f5:44:97:da:
b1:73:31:1f:cc:54:53:52:c9:49:47:2c:94:75:e6:
10:ba:1a:9e:4d:88:9a:3f:c1:41:ab:9d:0b:ad:c0:
5b:af:ad:68:2f:e0:33:e5:d7:4a:d7:02:ad:3e:89:
52:bc:3a:7f:b0:0e:82:c7:55:e7:e7:f2:c2:e7:81:
09:b7:02:c3:c4:0e:4f:f5:79:ce:4b:da:0f:da:39:
6f:96:cf:32:aa:31:a9:2c:c2:19:19:81:21:74:79:
44:70:e3:30:9e:90:d2:d4:ed:7d:e8:23:5a:5d:de:
3e:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:8C:03:87:D2:3C:61:38:91:81:12:7A:2A:52:59:EC:A4:E2:53:31
X509v3 Authority Key Identifier:
keyid:AB:02:5C:6B:B3:DC:CF:1B:16:51:49:C2:87:3C:04:B1:A6:C7:DA:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwJca7PczxsWUUnChzwEsabH2no.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/05b1e3-24c0-4668-9f40-fe77473e3dcf/1/qwJca7PczxsWUUnChzwEsabH2no.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/05b1e3-24c0-4668-9f40-fe77473e3dcf/1/qwJca7PczxsWUUnChzwEsabH2no.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a0:ea:4f:9d:01:44:d9:82:ed:31:b2:0c:a6:a3:3c:65:f8:d9:
79:a3:50:48:a6:ae:2f:79:2f:54:8e:54:4b:a2:03:4f:f0:f0:
2b:38:5c:99:2e:46:9c:1a:0b:94:c6:be:9e:42:93:8b:3d:48:
22:d2:7f:07:b7:d0:37:7d:90:b9:bc:cc:96:7b:79:3e:0c:a0:
a3:60:81:58:2c:82:6c:14:31:4b:a7:23:db:a2:a4:99:d5:ab:
bd:38:24:18:ad:1d:68:e0:be:0f:af:ec:2b:e7:4c:20:88:d3:
7c:b9:61:18:7f:c0:23:5a:24:25:e2:c6:8f:e4:34:9b:1b:2c:
33:fb:93:33:d5:3f:1f:86:de:15:87:9c:76:a1:16:7e:95:0d:
9f:13:da:b1:ce:84:16:75:31:a6:78:04:7a:c8:58:fd:9a:a1:
cf:e0:84:ec:08:09:bb:bf:cd:c2:cc:1d:07:3c:9b:cc:f8:e5:
ee:6f:bf:e8:bc:f0:36:e2:4a:e4:33:03:00:82:25:3e:66:d2:
4b:de:f0:4e:70:29:80:06:02:61:6d:b4:22:b4:66:87:ae:2c:
cb:f7:b9:a5:4d:d8:6f:ae:36:49:fe:e4:a6:1d:cd:13:bc:01:
ed:88:20:1e:3e:f8:62:90:5c:b6:15:71:24:48:e7:8b:19:58:
24:1f:30:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpS0ewaGGFWurUeP9Te1uooMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDI1YzZiYjNkY2NmMWIxNjUxNDljMjg3M2MwNGIxYTZj
N2RhN2EwHhcNMjUxMTA1MDcwMTIwWhcNMjUxMTA2MDcwMTIwWjAzMTEwLwYDVQQD
EygwMDhjMDM4N2QyM2M2MTM4OTE4MTEyN2EyYTUyNTllY2E0ZTI1MzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/ZChGa8rin+Ps0LsfwR0e3d9TxK
xERgt0/+paJYE7oUm1kFPM8hyuuH5iKkJCzQN9yrml+9Z71ijeknzDJjxjUxo+Xr
wuvlh2qA4vlNgf7QhuV4ZS2+uXrL/OqBcWtfldADGfNpGstdjZDDcWi9qWjWk+j9
pIBJa3s3okixG4/IqEMDrFhXrwylCNY/ST6Ym/VEl9qxczEfzFRTUslJRyyUdeYQ
uhqeTYiaP8FBq50LrcBbr61oL+Az5ddK1wKtPolSvDp/sA6Cx1Xn5/LC54EJtwLD
xA5P9XnOS9oP2jlvls8yqjGpLMIZGYEhdHlEcOMwnpDS1O196CNaXd4+tQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFACMA4fSPGE4kYESeipSWeyk4lMxMB8GA1UdIwQY
MBaAFKsCXGuz3M8bFlFJwoc8BLGmx9p6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdKY2E3UGN6eHNXVVVuQ2h6d0VzYWJIMm5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8wNWIxZTMtMjRjMC00NjY4LTlmNDAt
ZmU3NzQ3M2UzZGNmLzEvcXdKY2E3UGN6eHNXVVVuQ2h6d0VzYWJIMm5vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8wNWIxZTMtMjRjMC00NjY4LTlmNDAtZmU3NzQ3M2UzZGNm
LzEvcXdKY2E3UGN6eHNXVVVuQ2h6d0VzYWJIMm5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoOpPnQFE
2YLtMbIMpqM8ZfjZeaNQSKauL3kvVI5US6IDT/DwKzhcmS5GnBoLlMa+nkKTiz1I
ItJ/B7fQN32QubzMlnt5Pgygo2CBWCyCbBQxS6cj26KkmdWrvTgkGK0daOC+D6/s
K+dMIIjTfLlhGH/AI1okJeLGj+Q0mxssM/uTM9U/H4beFYecdqEWfpUNnxPasc6E
FnUxpngEeshY/Zqhz+CE7AgJu7/NwswdBzybzPjl7m+/6LzwNuJK5DMDAIIlPmbS
S97wTnApgAYCYW20IrRmh64sy/e5pU3Yb642Sf7kph3NE7wB7YggHj74YpBcthVx
JEjnixlYJB8whg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:59:57 2025 by rpki-client