Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/d4e8e9-0d47-419b-b3e2-054a363115f5/1/1QliA1xelRATygZwylaeefjWPBU.mft
File: 1QliA1xelRATygZwylaeefjWPBU.mft (raw, json)
Hash identifier: t1w9e6wPQY07wpM8AzipUSs3R1dd31ji5Ymmpdqn2fM=
Subject key identifier: 1A:18:84:4B:1D:C6:41:FD:FF:EE:78:FD:C4:50:1D:37:2B:8E:AF:54
Authority key identifier: D5:09:62:03:5C:5E:95:10:13:CA:06:70:CA:56:9E:79:F8:D6:3C:15
Certificate issuer: /CN=d50962035c5e951013ca0670ca569e79f8d63c15
Certificate serial: 019A4DAAE9DC6993BD6A9E9E56DB4ADDD06D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1QliA1xelRATygZwylaeefjWPBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/d4e8e9-0d47-419b-b3e2-054a363115f5/1/1QliA1xelRATygZwylaeefjWPBU.mft
Manifest number: 11D8
Signing time: Tue 04 Nov 2025 07:00:37 +0000
Manifest this update: Tue 04 Nov 2025 07:00:37 +0000
Manifest next update: Wed 05 Nov 2025 07:00:37 +0000
Files and hashes: 1: 1QliA1xelRATygZwylaeefjWPBU.crl (hash: GfT/g8grfxGPVXNMt4wAUnUIm6CwubowNZfYZAZkqdQ=)
2: QgExJsLM6ckB_bwe9qRnk4o5HhA.roa (hash: P6xf+cz+/i4pkIjOYnliYy5pmyQWXuehaFAXXoyCR5k=)
3: fD4OezRM4UrasrKKJ10uGn5_Qug.roa (hash: +HiHjgUZa5Xei+THiDncnTXYzPCxqbbX0ahPYM7QsZE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/d4e8e9-0d47-419b-b3e2-054a363115f5/1/1QliA1xelRATygZwylaeefjWPBU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/d4e8e9-0d47-419b-b3e2-054a363115f5/1/1QliA1xelRATygZwylaeefjWPBU.mft
rsync://rpki.ripe.net/repository/DEFAULT/1QliA1xelRATygZwylaeefjWPBU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 07:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:aa:e9:dc:69:93:bd:6a:9e:9e:56:db:4a:dd:d0:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d50962035c5e951013ca0670ca569e79f8d63c15
Validity
Not Before: Nov 4 07:00:37 2025 GMT
Not After : Nov 5 07:00:37 2025 GMT
Subject: CN=1a18844b1dc641fdffee78fdc4501d372b8eaf54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:5b:5c:c5:44:a2:ce:09:91:93:93:23:84:5d:
66:8d:16:e5:ae:34:89:f3:98:83:90:c4:a0:c6:f9:
37:47:ef:53:75:0a:c1:84:15:5b:1d:68:34:bf:48:
19:2c:52:fb:a3:87:d0:c4:35:e1:01:55:db:27:be:
94:5e:89:62:46:46:db:f4:99:b4:74:28:b4:0b:44:
56:01:b7:bf:2e:25:d4:76:94:5a:09:c4:92:7d:f7:
26:0f:76:cb:5c:92:b9:a0:df:38:0c:d3:f1:cf:d0:
87:7b:12:df:70:79:8d:a7:03:12:f0:8d:49:a0:af:
44:51:d4:ab:3a:06:82:57:2c:7e:7d:fd:f6:99:23:
64:46:5c:5b:48:ec:30:71:18:27:63:d2:4f:16:32:
08:a1:81:dc:bf:4f:1f:aa:33:a0:6d:2c:a9:68:8c:
09:08:03:f9:85:55:9c:0d:7c:68:cc:c9:1a:5c:af:
6e:58:14:e4:20:d8:a8:9c:c2:d3:14:03:56:1d:6c:
de:c2:29:62:55:ec:cb:06:d5:31:3e:64:2d:2b:26:
5e:8b:83:d5:bf:5e:65:a9:db:3a:c2:7e:51:f4:9e:
cf:68:ff:74:03:d7:13:79:b6:a5:6e:be:97:57:f8:
bb:9b:ea:37:3f:a6:2a:8c:f6:e0:4b:95:12:06:c6:
4e:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:18:84:4B:1D:C6:41:FD:FF:EE:78:FD:C4:50:1D:37:2B:8E:AF:54
X509v3 Authority Key Identifier:
keyid:D5:09:62:03:5C:5E:95:10:13:CA:06:70:CA:56:9E:79:F8:D6:3C:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1QliA1xelRATygZwylaeefjWPBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/d4e8e9-0d47-419b-b3e2-054a363115f5/1/1QliA1xelRATygZwylaeefjWPBU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/d4e8e9-0d47-419b-b3e2-054a363115f5/1/1QliA1xelRATygZwylaeefjWPBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2a:a5:a1:ec:79:eb:4a:a2:c4:1f:42:48:81:50:f5:80:04:c9:
89:b1:39:8a:3e:7b:1d:54:c4:07:c3:25:90:ae:96:54:bf:27:
6e:02:15:4f:30:64:43:de:12:1f:8a:eb:42:3e:77:57:8c:3a:
7d:38:22:4f:7c:b5:0a:5e:76:cb:6a:4c:20:cb:60:11:f9:a5:
b2:cd:b0:51:54:b1:48:e1:8b:0c:e0:8b:2b:20:72:ad:37:76:
27:8b:de:22:65:fd:70:3e:a2:fa:63:39:f0:00:61:32:0d:18:
fa:8d:2c:4e:5b:c9:40:50:6a:d9:36:3c:34:d9:70:4b:13:d4:
58:40:b5:c9:f8:f5:84:09:0d:33:fe:5b:0a:d3:d8:dd:af:8d:
a9:55:db:1a:3f:69:c5:b2:7d:03:8d:fc:a9:be:5b:a6:31:ff:
ea:59:56:f9:6d:4d:fa:1b:a7:25:61:33:32:c6:82:49:fc:b8:
9b:29:1c:3d:66:b5:32:45:bf:3a:a1:2f:67:9b:31:62:e0:70:
50:31:ae:a6:84:2a:bf:6c:88:45:ca:16:c6:b9:a1:8a:ed:7a:
40:2f:8c:db:f8:d0:fa:6b:5e:d5:d5:e8:f1:40:7f:e3:54:47:
0f:e2:0d:bf:77:11:4a:64:07:fc:2b:98:c3:f2:c9:b2:fb:5d:
65:0a:e1:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNquncaZO9ap6eVttK3dBtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MDk2MjAzNWM1ZTk1MTAxM2NhMDY3MGNhNTY5ZTc5Zjhk
NjNjMTUwHhcNMjUxMTA0MDcwMDM3WhcNMjUxMTA1MDcwMDM3WjAzMTEwLwYDVQQD
EygxYTE4ODQ0YjFkYzY0MWZkZmZlZTc4ZmRjNDUwMWQzNzJiOGVhZjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1tcxUSizgmRk5MjhF1mjRblrjSJ
85iDkMSgxvk3R+9TdQrBhBVbHWg0v0gZLFL7o4fQxDXhAVXbJ76UXoliRkbb9Jm0
dCi0C0RWAbe/LiXUdpRaCcSSffcmD3bLXJK5oN84DNPxz9CHexLfcHmNpwMS8I1J
oK9EUdSrOgaCVyx+ff32mSNkRlxbSOwwcRgnY9JPFjIIoYHcv08fqjOgbSypaIwJ
CAP5hVWcDXxozMkaXK9uWBTkINionMLTFANWHWzewiliVezLBtUxPmQtKyZei4PV
v15lqds6wn5R9J7PaP90A9cTebalbr6XV/i7m+o3P6YqjPbgS5USBsZOTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBoYhEsdxkH9/+54/cRQHTcrjq9UMB8GA1UdIwQY
MBaAFNUJYgNcXpUQE8oGcMpWnnn41jwVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVFsaUExeGVsUkFUeWdad3lsYWVlZmpXUEJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9kNGU4ZTktMGQ0Ny00MTliLWIzZTIt
MDU0YTM2MzExNWY1LzEvMVFsaUExeGVsUkFUeWdad3lsYWVlZmpXUEJVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9kNGU4ZTktMGQ0Ny00MTliLWIzZTItMDU0YTM2MzExNWY1
LzEvMVFsaUExeGVsUkFUeWdad3lsYWVlZmpXUEJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKqWh7Hnr
SqLEH0JIgVD1gATJibE5ij57HVTEB8MlkK6WVL8nbgIVTzBkQ94SH4rrQj53V4w6
fTgiT3y1Cl52y2pMIMtgEfmlss2wUVSxSOGLDOCLKyByrTd2J4veImX9cD6i+mM5
8ABhMg0Y+o0sTlvJQFBq2TY8NNlwSxPUWEC1yfj1hAkNM/5bCtPY3a+NqVXbGj9p
xbJ9A438qb5bpjH/6llW+W1N+hunJWEzMsaCSfy4mykcPWa1MkW/OqEvZ5sxYuBw
UDGupoQqv2yIRcoWxrmhiu16QC+M2/jQ+mte1dXo8UB/41RHD+INv3cRSmQH/CuY
w/LJsvtdZQrh/w==
-----END CERTIFICATE-----
Generated at Tue Nov 4 10:45:07 2025 by rpki-client