Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ba12cd-2e7e-40dc-ae88-248b59c3696b/1/QsCVkBFifd0NBX1zHo-lpRApZZI.mft
File: QsCVkBFifd0NBX1zHo-lpRApZZI.mft (raw, json)
Hash identifier: PKYeUy4cL03EZ/lFqhvG6cNHLKrb6MVJgXebLqJq69Q=
Subject key identifier: BB:11:92:E4:4B:59:77:48:21:64:A5:80:88:31:6E:3E:E8:A7:38:BB
Authority key identifier: 42:C0:95:90:11:62:7D:DD:0D:05:7D:73:1E:8F:A5:A5:10:29:65:92
Certificate issuer: /CN=42c0959011627ddd0d057d731e8fa5a510296592
Certificate serial: 019A50E3058EE236E6FEF9305CCD6579CF4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QsCVkBFifd0NBX1zHo-lpRApZZI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ba12cd-2e7e-40dc-ae88-248b59c3696b/1/QsCVkBFifd0NBX1zHo-lpRApZZI.mft
Manifest number: 170E
Signing time: Tue 04 Nov 2025 22:00:46 +0000
Manifest this update: Tue 04 Nov 2025 22:00:46 +0000
Manifest next update: Wed 05 Nov 2025 22:00:46 +0000
Files and hashes: 1: QsCVkBFifd0NBX1zHo-lpRApZZI.crl (hash: DJ6EgNHbqVjrTToXLuLb0/vgCd7CKatdTkhgqtHUS5Q=)
2: nqDbjTD7-4bF8APAmv3q39AmNtk.roa (hash: zWbRV6cXuufmhpJUA1tayT8JP8s9Ez0NcmTuvgMXFF8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/ba12cd-2e7e-40dc-ae88-248b59c3696b/1/QsCVkBFifd0NBX1zHo-lpRApZZI.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/ba12cd-2e7e-40dc-ae88-248b59c3696b/1/QsCVkBFifd0NBX1zHo-lpRApZZI.mft
rsync://rpki.ripe.net/repository/DEFAULT/QsCVkBFifd0NBX1zHo-lpRApZZI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:50:e3:05:8e:e2:36:e6:fe:f9:30:5c:cd:65:79:cf:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42c0959011627ddd0d057d731e8fa5a510296592
Validity
Not Before: Nov 4 22:00:46 2025 GMT
Not After : Nov 5 22:00:46 2025 GMT
Subject: CN=bb1192e44b5977482164a58088316e3ee8a738bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:56:f9:b9:98:50:ea:1f:29:d6:3d:13:91:a8:
61:79:36:85:84:fb:7c:32:4a:85:fd:fd:ed:83:87:
91:aa:5b:a2:48:fc:5e:df:3f:c7:f7:c5:51:34:5f:
cc:3c:f8:41:15:88:e5:67:5f:40:1c:d1:f0:c1:c8:
11:cd:0c:e0:2e:88:ea:e7:72:6f:ed:9b:fb:0a:f0:
ca:c3:c1:8c:a9:7b:22:c3:c1:70:81:b5:01:a1:0a:
ef:21:64:24:53:2c:aa:b5:21:d5:83:84:f8:bb:5b:
47:02:ef:6a:be:c6:75:a1:2a:49:da:f2:d4:56:fb:
0f:c3:1c:5a:9b:8e:86:c4:1b:4e:1d:07:81:20:76:
5c:fb:bc:68:88:49:21:7b:5d:53:75:22:d3:8c:2e:
9a:fb:90:70:ff:65:b1:81:85:d8:79:df:2f:50:b2:
0b:6b:aa:27:7d:a3:49:44:fd:e6:56:37:f5:96:47:
cd:70:d9:d7:d0:c5:88:c0:07:02:ca:d2:01:63:a9:
2a:80:06:48:79:1e:0a:28:52:01:88:a0:3b:8d:b9:
08:d2:24:f1:eb:96:a8:5c:9f:ed:fc:a3:a0:55:a5:
e3:62:8a:10:8b:f1:ab:b6:d3:3b:6c:0a:e4:5b:5d:
e9:66:e0:70:0f:17:3b:60:f2:30:c4:f8:57:12:f1:
2a:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:11:92:E4:4B:59:77:48:21:64:A5:80:88:31:6E:3E:E8:A7:38:BB
X509v3 Authority Key Identifier:
keyid:42:C0:95:90:11:62:7D:DD:0D:05:7D:73:1E:8F:A5:A5:10:29:65:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QsCVkBFifd0NBX1zHo-lpRApZZI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ba12cd-2e7e-40dc-ae88-248b59c3696b/1/QsCVkBFifd0NBX1zHo-lpRApZZI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ba12cd-2e7e-40dc-ae88-248b59c3696b/1/QsCVkBFifd0NBX1zHo-lpRApZZI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
50:eb:c9:ba:95:87:ef:b2:cf:a5:fb:49:01:58:de:22:79:d5:
4d:ca:c2:ed:49:47:e0:35:57:4c:b5:3d:1f:43:0a:e0:38:38:
90:c6:ac:6d:c0:c2:2d:e8:f2:a7:ae:7b:c5:84:06:ae:92:e4:
6f:fa:4b:e1:cf:7f:d9:60:1e:fb:f7:44:52:25:97:12:ec:29:
bf:98:3e:6c:d5:8e:7d:77:44:ab:3d:6f:90:be:26:84:ac:d7:
e3:f8:7a:1f:dd:7c:09:36:d8:f8:6f:99:f5:98:42:5f:3d:9e:
88:cf:94:34:b2:dc:c6:ab:92:6a:9e:ec:81:fd:77:17:68:48:
80:94:0e:3d:d6:ce:e2:6b:14:20:0c:4b:b8:57:ee:24:83:c1:
40:3c:d9:21:1f:49:07:c5:c5:5e:3a:31:a1:c0:68:84:93:4b:
bd:5e:45:f7:3c:16:43:9a:3f:b8:b4:31:f0:0a:5b:70:a7:e8:
d7:bb:ab:ae:02:32:a1:dc:97:07:0c:6f:3e:99:03:59:e5:b8:
93:26:07:70:21:8e:1c:cb:97:6f:f7:8d:a2:4e:8f:16:0a:2b:
bf:42:4f:55:a9:65:02:c3:74:20:55:ff:bd:47:55:e3:8f:f1:
77:09:83:85:af:90:dc:7b:45:c1:47:8b:59:6c:7f:d1:a9:18:
3c:bf:37:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQ4wWO4jbm/vkwXM1lec9LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyYzA5NTkwMTE2MjdkZGQwZDA1N2Q3MzFlOGZhNWE1MTAy
OTY1OTIwHhcNMjUxMTA0MjIwMDQ2WhcNMjUxMTA1MjIwMDQ2WjAzMTEwLwYDVQQD
EyhiYjExOTJlNDRiNTk3NzQ4MjE2NGE1ODA4ODMxNmUzZWU4YTczOGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Fb5uZhQ6h8p1j0TkahheTaFhPt8
MkqF/f3tg4eRqluiSPxe3z/H98VRNF/MPPhBFYjlZ19AHNHwwcgRzQzgLojq53Jv
7Zv7CvDKw8GMqXsiw8FwgbUBoQrvIWQkUyyqtSHVg4T4u1tHAu9qvsZ1oSpJ2vLU
VvsPwxxam46GxBtOHQeBIHZc+7xoiEkhe11TdSLTjC6a+5Bw/2WxgYXYed8vULIL
a6onfaNJRP3mVjf1lkfNcNnX0MWIwAcCytIBY6kqgAZIeR4KKFIBiKA7jbkI0iTx
65aoXJ/t/KOgVaXjYooQi/GrttM7bArkW13pZuBwDxc7YPIwxPhXEvEqVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLsRkuRLWXdIIWSlgIgxbj7opzi7MB8GA1UdIwQY
MBaAFELAlZARYn3dDQV9cx6PpaUQKWWSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXNDVmtCRmlmZDBOQlgxekhvLWxwUkFwWlpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9iYTEyY2QtMmU3ZS00MGRjLWFlODgt
MjQ4YjU5YzM2OTZiLzEvUXNDVmtCRmlmZDBOQlgxekhvLWxwUkFwWlpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9iYTEyY2QtMmU3ZS00MGRjLWFlODgtMjQ4YjU5YzM2OTZi
LzEvUXNDVmtCRmlmZDBOQlgxekhvLWxwUkFwWlpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUOvJupWH
77LPpftJAVjeInnVTcrC7UlH4DVXTLU9H0MK4Dg4kMasbcDCLejyp657xYQGrpLk
b/pL4c9/2WAe+/dEUiWXEuwpv5g+bNWOfXdEqz1vkL4mhKzX4/h6H918CTbY+G+Z
9ZhCXz2eiM+UNLLcxquSap7sgf13F2hIgJQOPdbO4msUIAxLuFfuJIPBQDzZIR9J
B8XFXjoxocBohJNLvV5F9zwWQ5o/uLQx8ApbcKfo17urrgIyodyXBwxvPpkDWeW4
kyYHcCGOHMuXb/eNok6PFgorv0JPVallAsN0IFX/vUdV44/xdwmDha+Q3HtFwUeL
WWx/0akYPL83RA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 06:54:14 2025 by rpki-client