Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft
File: CQKHJW4l-jQNOvungOrGDVVq3sA.mft (raw, json)
Hash identifier: DvDJkRejs675n+no5RcFBwfXqcH5R88S18+Qa29REnI=
Subject key identifier: 25:CC:A1:D5:3D:4F:A0:C0:F2:48:43:0C:CB:37:56:D6:40:1E:BA:1A
Authority key identifier: 09:02:87:25:6E:25:FA:34:0D:3A:FB:A7:80:EA:C6:0D:55:6A:DE:C0
Certificate issuer: /CN=090287256e25fa340d3afba780eac60d556adec0
Certificate serial: 019A4EF59DFD91ECC02E4BFDFE756ECE9B07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CQKHJW4l-jQNOvungOrGDVVq3sA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft
Manifest number: 0A2A
Signing time: Tue 04 Nov 2025 13:01:50 +0000
Manifest this update: Tue 04 Nov 2025 13:01:50 +0000
Manifest next update: Wed 05 Nov 2025 13:01:50 +0000
Files and hashes: 1: CQKHJW4l-jQNOvungOrGDVVq3sA.crl (hash: zdxq28U3R7jE55Q3cHTolEK+wDpdKiee+CHBg4fWwCU=)
2: EOgnkpCGO25TfSV28ABNiElbHMI.roa (hash: xamMOb/MG2jklBJl6shRJRNZ2UW4izFBKtZBvXEcSVg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft
rsync://rpki.ripe.net/repository/DEFAULT/CQKHJW4l-jQNOvungOrGDVVq3sA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f5:9d:fd:91:ec:c0:2e:4b:fd:fe:75:6e:ce:9b:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=090287256e25fa340d3afba780eac60d556adec0
Validity
Not Before: Nov 4 13:01:50 2025 GMT
Not After : Nov 5 13:01:50 2025 GMT
Subject: CN=25cca1d53d4fa0c0f248430ccb3756d6401eba1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:22:6b:41:e0:c8:c8:43:3f:6c:91:5a:23:0a:
c7:c7:1d:07:59:4e:b8:69:9e:2e:e5:12:ac:6a:ae:
29:7c:57:bd:58:ba:8d:98:f9:87:70:b3:28:c5:b8:
50:90:17:03:a4:2d:2f:3e:b5:fa:73:58:d9:c8:e0:
e6:8a:c9:1b:2c:c0:88:84:b1:1b:71:36:3a:59:be:
34:be:f8:a8:54:00:3e:50:29:36:2a:fc:5d:ed:4f:
a2:6c:1b:41:fb:51:07:37:48:79:19:34:dc:69:32:
2a:25:80:32:bd:ae:25:5e:4d:dc:80:a6:4a:6f:a2:
0a:c7:c2:aa:db:ee:b8:12:1c:3f:a8:28:74:7c:2c:
9a:8d:cf:8b:b6:2f:a1:1d:ad:c2:51:b8:10:e6:91:
75:a6:bf:a4:0b:2f:d3:38:c1:65:c9:a8:0f:d5:7c:
c0:cb:01:3c:52:4c:16:e0:25:cc:ea:ec:5e:a9:7d:
e3:4f:ab:60:05:73:38:40:39:3d:a6:66:60:60:09:
42:03:f2:14:31:17:1d:ce:3f:ab:0d:14:39:b8:cc:
ec:50:ae:c6:f4:6c:4d:ea:c7:6e:c6:6f:4e:44:42:
00:fb:fd:c8:78:9e:9c:d8:a5:f2:ba:e7:42:cf:73:
52:f6:e5:d3:8f:d1:ae:23:34:4c:40:78:7d:f9:8e:
a0:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:CC:A1:D5:3D:4F:A0:C0:F2:48:43:0C:CB:37:56:D6:40:1E:BA:1A
X509v3 Authority Key Identifier:
keyid:09:02:87:25:6E:25:FA:34:0D:3A:FB:A7:80:EA:C6:0D:55:6A:DE:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CQKHJW4l-jQNOvungOrGDVVq3sA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
41:05:de:57:e5:fd:b1:6e:57:f8:ca:cc:e9:d2:bd:a4:08:2f:
b6:77:71:4a:f1:b1:04:68:b3:ef:0f:86:5d:8e:3f:fb:3e:4c:
c0:c4:a7:44:86:60:53:30:a0:61:df:bf:8e:79:15:d0:8f:cf:
ee:e7:62:2c:9c:87:02:05:74:31:b9:4c:5e:ce:77:82:a4:99:
9a:43:2c:c4:48:b4:ba:3c:44:4f:4a:95:ab:d4:9e:f1:e5:e0:
f5:16:54:df:30:5f:60:52:14:2e:15:00:d4:03:c4:3b:58:c1:
f4:c2:44:13:8b:70:e0:82:f5:e0:21:75:62:a9:36:0a:7b:cb:
2c:51:c4:54:f6:e4:a9:46:50:c1:70:bb:1f:5d:1c:98:9d:df:
07:4f:35:76:d0:9e:78:e2:d1:47:2d:82:a9:65:1b:ba:49:d5:
a6:10:cf:4a:0a:3e:0b:1b:87:16:9e:2f:83:15:19:06:ee:b2:
e3:31:5e:53:a6:9c:ad:fa:1a:64:70:c8:47:72:d0:29:59:fb:
0f:8c:b5:22:a6:b3:8a:d9:43:ab:32:40:0f:ad:42:ea:4e:f6:
9b:a2:1d:e2:32:e6:e2:c3:3c:53:ad:69:f9:5d:c5:32:cd:88:
a0:11:99:18:66:fe:08:71:05:98:1a:8f:a4:8d:64:59:81:a6:
c4:5c:58:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9Z39kezALkv9/nVuzpsHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MDI4NzI1NmUyNWZhMzQwZDNhZmJhNzgwZWFjNjBkNTU2
YWRlYzAwHhcNMjUxMTA0MTMwMTUwWhcNMjUxMTA1MTMwMTUwWjAzMTEwLwYDVQQD
EygyNWNjYTFkNTNkNGZhMGMwZjI0ODQzMGNjYjM3NTZkNjQwMWViYTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCJrQeDIyEM/bJFaIwrHxx0HWU64
aZ4u5RKsaq4pfFe9WLqNmPmHcLMoxbhQkBcDpC0vPrX6c1jZyODmiskbLMCIhLEb
cTY6Wb40vvioVAA+UCk2Kvxd7U+ibBtB+1EHN0h5GTTcaTIqJYAyva4lXk3cgKZK
b6IKx8Kq2+64Ehw/qCh0fCyajc+Lti+hHa3CUbgQ5pF1pr+kCy/TOMFlyagP1XzA
ywE8UkwW4CXM6uxeqX3jT6tgBXM4QDk9pmZgYAlCA/IUMRcdzj+rDRQ5uMzsUK7G
9GxN6sduxm9OREIA+/3IeJ6c2KXyuudCz3NS9uXTj9GuIzRMQHh9+Y6gYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCXModU9T6DA8khDDMs3VtZAHroaMB8GA1UdIwQY
MBaAFAkChyVuJfo0DTr7p4Dqxg1Vat7AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1FLSEpXNGwtalFOT3Z1bmdPckdEVlZxM3NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC81YjBmZjUtODRjMy00OWJiLTlmYWIt
NzdiMjFjMDRiYzdkLzEvQ1FLSEpXNGwtalFOT3Z1bmdPckdEVlZxM3NBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC81YjBmZjUtODRjMy00OWJiLTlmYWItNzdiMjFjMDRiYzdk
LzEvQ1FLSEpXNGwtalFOT3Z1bmdPckdEVlZxM3NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQQXeV+X9
sW5X+MrM6dK9pAgvtndxSvGxBGiz7w+GXY4/+z5MwMSnRIZgUzCgYd+/jnkV0I/P
7udiLJyHAgV0MblMXs53gqSZmkMsxEi0ujxET0qVq9Se8eXg9RZU3zBfYFIULhUA
1APEO1jB9MJEE4tw4IL14CF1Yqk2CnvLLFHEVPbkqUZQwXC7H10cmJ3fB081dtCe
eOLRRy2CqWUbuknVphDPSgo+CxuHFp4vgxUZBu6y4zFeU6acrfoaZHDIR3LQKVn7
D4y1IqazitlDqzJAD61C6k72m6Id4jLm4sM8U61p+V3FMs2IoBGZGGb+CHEFmBqP
pI1kWYGmxFxY7Q==
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:05:38 2025 by rpki-client