Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/285ab6-0109-44e1-bb2b-7534fe0f1b83/1/QLnKyTUxHngDS0BzgwqBo897Rdk.mft
File: QLnKyTUxHngDS0BzgwqBo897Rdk.mft (raw, json)
Hash identifier: kWtFzNPmiDw9j9IsJUykJ41T3dmZNOS/K8y31ZUy1h8=
Subject key identifier: 41:9E:A0:06:EA:E4:EE:DC:4C:DF:AF:2A:8D:E5:58:C6:3F:20:04:31
Authority key identifier: 40:B9:CA:C9:35:31:1E:78:03:4B:40:73:83:0A:81:A3:CF:7B:45:D9
Certificate issuer: /CN=40b9cac935311e78034b4073830a81a3cf7b45d9
Certificate serial: 019A4EF54F1F4E83FFA21E33CE73EF5F4D69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QLnKyTUxHngDS0BzgwqBo897Rdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/285ab6-0109-44e1-bb2b-7534fe0f1b83/1/QLnKyTUxHngDS0BzgwqBo897Rdk.mft
Manifest number: 170D
Signing time: Tue 04 Nov 2025 13:01:30 +0000
Manifest this update: Tue 04 Nov 2025 13:01:30 +0000
Manifest next update: Wed 05 Nov 2025 13:01:30 +0000
Files and hashes: 1: 1q_nnAgndZaIqez5io_HHZB7TIg.roa (hash: fcE6bMGj83Q0hVMFOv0EAXM92bWkreUUh6T69N1a/Yo=)
2: QLnKyTUxHngDS0BzgwqBo897Rdk.crl (hash: uHV2Jp0JIqWFOhGi9MwgPqt9WnSbMOn5bU2UaV7KyXQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/285ab6-0109-44e1-bb2b-7534fe0f1b83/1/QLnKyTUxHngDS0BzgwqBo897Rdk.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/285ab6-0109-44e1-bb2b-7534fe0f1b83/1/QLnKyTUxHngDS0BzgwqBo897Rdk.mft
rsync://rpki.ripe.net/repository/DEFAULT/QLnKyTUxHngDS0BzgwqBo897Rdk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f5:4f:1f:4e:83:ff:a2:1e:33:ce:73:ef:5f:4d:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40b9cac935311e78034b4073830a81a3cf7b45d9
Validity
Not Before: Nov 4 13:01:30 2025 GMT
Not After : Nov 5 13:01:30 2025 GMT
Subject: CN=419ea006eae4eedc4cdfaf2a8de558c63f200431
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:8f:cc:47:4e:5a:85:b7:90:00:45:00:d9:45:
8e:73:ee:87:96:b4:b0:0d:24:55:0e:cc:56:20:eb:
59:2c:ca:c8:0c:6a:cc:1e:4e:00:e9:1a:7c:13:1d:
72:ad:ee:e5:6f:0a:25:03:8a:7c:e0:c5:25:ae:56:
9a:b4:90:6c:4a:9b:b9:3e:e5:c1:38:7f:aa:3e:51:
9f:1c:8b:b6:6f:ce:dc:1b:b7:b8:08:5b:cc:b7:ef:
ee:c8:fb:f8:c1:86:bb:95:f4:fd:4a:cd:3a:2a:44:
e3:e0:e5:7a:4e:1d:30:9f:1d:e9:a9:62:68:4f:ea:
db:a6:59:78:7a:18:45:90:c7:b9:a1:4a:a2:f1:a3:
c6:df:31:55:ce:0a:1c:51:0c:b8:8e:48:21:43:ef:
da:2a:e7:aa:bc:c4:25:d7:90:00:ea:a1:ad:49:86:
b0:66:6d:07:09:83:9d:7a:7f:bd:2b:b3:ce:2d:49:
0e:e6:1c:ec:5b:22:77:b6:31:64:ed:b8:3b:79:4c:
00:dd:b9:c7:ad:6f:76:81:04:8b:cd:8c:3f:f1:b6:
eb:8c:70:64:11:c4:d3:a1:14:c0:63:c5:0f:fe:cb:
c1:3e:5b:1f:66:85:2b:63:7e:9e:60:e0:3d:f6:46:
22:90:7d:d4:b7:6f:37:1b:9b:a3:cb:f8:35:f3:b4:
0e:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:9E:A0:06:EA:E4:EE:DC:4C:DF:AF:2A:8D:E5:58:C6:3F:20:04:31
X509v3 Authority Key Identifier:
keyid:40:B9:CA:C9:35:31:1E:78:03:4B:40:73:83:0A:81:A3:CF:7B:45:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QLnKyTUxHngDS0BzgwqBo897Rdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/285ab6-0109-44e1-bb2b-7534fe0f1b83/1/QLnKyTUxHngDS0BzgwqBo897Rdk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/285ab6-0109-44e1-bb2b-7534fe0f1b83/1/QLnKyTUxHngDS0BzgwqBo897Rdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
08:c4:58:8f:bc:74:4f:14:f9:5a:42:61:bf:dc:26:1b:b0:d6:
b0:98:b8:0e:a8:7c:b5:4d:d7:91:d7:e9:0c:74:32:3b:07:d8:
85:04:4e:bc:88:c1:20:4d:ff:7e:ea:c8:b7:5a:63:34:d8:61:
c7:3c:7c:5b:7d:59:64:48:42:41:01:b8:b5:8b:33:7f:6d:2d:
88:c9:02:e3:ce:6f:51:71:4b:9f:9d:f7:5e:c1:64:97:35:9b:
ca:87:95:d2:85:c5:08:51:19:ca:df:ac:5e:24:e8:5f:bd:e7:
2e:ea:0c:75:3f:15:64:c7:13:09:74:88:bf:2c:95:18:c0:b9:
d2:50:88:34:72:ce:52:65:6e:e7:e6:1b:99:8b:5e:45:11:e0:
dc:60:5a:98:7b:15:65:b4:3f:3e:ee:47:ac:62:94:12:b6:52:
87:84:ed:51:bd:fb:a1:ae:53:c7:1f:b7:5b:14:80:bc:f1:9c:
88:d7:09:99:4b:51:7c:5e:6d:95:87:b2:c2:a9:91:fd:07:d4:
4b:09:47:55:ad:d8:54:4c:32:43:07:68:46:a1:cf:ee:6a:25:
43:fe:58:4a:61:e7:55:bf:d1:af:45:00:cc:42:cb:43:f5:66:
25:03:68:81:6f:7e:a2:64:74:7d:72:93:84:e2:6b:4d:86:17:
81:06:f5:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9U8fToP/oh4zznPvX01pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYjljYWM5MzUzMTFlNzgwMzRiNDA3MzgzMGE4MWEzY2Y3
YjQ1ZDkwHhcNMjUxMTA0MTMwMTMwWhcNMjUxMTA1MTMwMTMwWjAzMTEwLwYDVQQD
Eyg0MTllYTAwNmVhZTRlZWRjNGNkZmFmMmE4ZGU1NThjNjNmMjAwNDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3o/MR05ahbeQAEUA2UWOc+6HlrSw
DSRVDsxWIOtZLMrIDGrMHk4A6Rp8Ex1yre7lbwolA4p84MUlrlaatJBsSpu5PuXB
OH+qPlGfHIu2b87cG7e4CFvMt+/uyPv4wYa7lfT9Ss06KkTj4OV6Th0wnx3pqWJo
T+rbpll4ehhFkMe5oUqi8aPG3zFVzgocUQy4jkghQ+/aKueqvMQl15AA6qGtSYaw
Zm0HCYOden+9K7POLUkO5hzsWyJ3tjFk7bg7eUwA3bnHrW92gQSLzYw/8bbrjHBk
EcTToRTAY8UP/svBPlsfZoUrY36eYOA99kYikH3Ut283G5ujy/g187QOZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEGeoAbq5O7cTN+vKo3lWMY/IAQxMB8GA1UdIwQY
MBaAFEC5ysk1MR54A0tAc4MKgaPPe0XZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxuS3lUVXhIbmdEUzBCemd3cUJvODk3UmRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8yODVhYjYtMDEwOS00NGUxLWJiMmIt
NzUzNGZlMGYxYjgzLzEvUUxuS3lUVXhIbmdEUzBCemd3cUJvODk3UmRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8yODVhYjYtMDEwOS00NGUxLWJiMmItNzUzNGZlMGYxYjgz
LzEvUUxuS3lUVXhIbmdEUzBCemd3cUJvODk3UmRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACMRYj7x0
TxT5WkJhv9wmG7DWsJi4Dqh8tU3XkdfpDHQyOwfYhQROvIjBIE3/furIt1pjNNhh
xzx8W31ZZEhCQQG4tYszf20tiMkC485vUXFLn533XsFklzWbyoeV0oXFCFEZyt+s
XiToX73nLuoMdT8VZMcTCXSIvyyVGMC50lCINHLOUmVu5+YbmYteRRHg3GBamHsV
ZbQ/Pu5HrGKUErZSh4TtUb37oa5Txx+3WxSAvPGciNcJmUtRfF5tlYeywqmR/QfU
SwlHVa3YVEwyQwdoRqHP7molQ/5YSmHnVb/Rr0UAzELLQ/VmJQNogW9+omR0fXKT
hOJrTYYXgQb1cg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:48:40 2025 by rpki-client