Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/a38a87-0159-490e-b69c-376f4b4d9da6/1/QgOHyUE02aCP_TJjCWdwOtxYK2w.mft
File: QgOHyUE02aCP_TJjCWdwOtxYK2w.mft (raw, json)
Hash identifier: hfG+wAXN4so4IOEp0B0m8fzu7xX+4pmpE/dpDE0wB1M=
Subject key identifier: F3:3D:8F:66:ED:E8:53:C2:A8:BD:6F:0D:0D:DC:9D:24:E5:67:81:57
Authority key identifier: 42:03:87:C9:41:34:D9:A0:8F:FD:32:63:09:67:70:3A:DC:58:2B:6C
Certificate issuer: /CN=420387c94134d9a08ffd32630967703adc582b6c
Certificate serial: 019A4EF4E0A5FB1F737C4D0E29746E0E4ABB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QgOHyUE02aCP_TJjCWdwOtxYK2w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/a38a87-0159-490e-b69c-376f4b4d9da6/1/QgOHyUE02aCP_TJjCWdwOtxYK2w.mft
Manifest number: 0E2E
Signing time: Tue 04 Nov 2025 13:01:02 +0000
Manifest this update: Tue 04 Nov 2025 13:01:02 +0000
Manifest next update: Wed 05 Nov 2025 13:01:02 +0000
Files and hashes: 1: LYrINpBkGiqMBKci7kDEkT4clMM.roa (hash: rpmajg0c6Lkm2tGH4aWf1gD3QwFb6C9vHxZey3xWrlo=)
2: QgOHyUE02aCP_TJjCWdwOtxYK2w.crl (hash: RlkuJhpC7G2vWdOuHImXTw+Ddk3t7kzBIFfA7NaEhNo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/a38a87-0159-490e-b69c-376f4b4d9da6/1/QgOHyUE02aCP_TJjCWdwOtxYK2w.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/a38a87-0159-490e-b69c-376f4b4d9da6/1/QgOHyUE02aCP_TJjCWdwOtxYK2w.mft
rsync://rpki.ripe.net/repository/DEFAULT/QgOHyUE02aCP_TJjCWdwOtxYK2w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f4:e0:a5:fb:1f:73:7c:4d:0e:29:74:6e:0e:4a:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=420387c94134d9a08ffd32630967703adc582b6c
Validity
Not Before: Nov 4 13:01:02 2025 GMT
Not After : Nov 5 13:01:02 2025 GMT
Subject: CN=f33d8f66ede853c2a8bd6f0d0ddc9d24e5678157
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:21:b4:f9:a3:23:87:fd:b5:13:ce:76:76:4a:
b4:6d:49:ed:02:8b:71:23:9d:37:98:a6:bc:9a:60:
13:3d:25:b4:ab:3c:dd:f7:c5:79:ab:60:ee:37:0a:
ac:61:08:34:c2:01:9d:10:ae:e5:1d:5b:57:7d:42:
73:83:31:9f:15:86:78:41:7c:b9:e4:b7:11:51:49:
03:84:e0:df:99:82:00:d3:25:e8:05:24:bf:b1:9a:
60:33:04:4c:31:a6:5d:4c:45:fe:f4:8e:e7:f7:b9:
74:d7:73:46:f7:64:9b:27:20:bb:f2:0c:3f:00:86:
a6:82:60:ca:51:bb:70:9a:89:16:79:57:e5:66:7b:
27:fc:a9:65:89:34:46:6d:52:63:99:4f:63:09:de:
32:e8:c7:72:7a:4e:e6:b9:6e:c1:de:68:3a:0b:1e:
5e:0b:76:f6:fb:60:ce:a2:68:cd:18:68:95:64:e9:
cc:46:13:e6:e8:a6:4d:1a:74:42:d5:db:a8:ad:38:
6d:97:d6:e4:fc:b2:dc:52:2b:db:9e:ac:0f:74:c6:
30:8b:ec:db:df:f4:d0:5b:73:2d:94:ed:89:bd:24:
a4:f2:57:6b:9a:27:34:e9:49:0e:8f:37:60:7c:d7:
27:85:2f:ac:43:ca:ca:ac:06:b5:1b:2a:99:02:9b:
ed:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:3D:8F:66:ED:E8:53:C2:A8:BD:6F:0D:0D:DC:9D:24:E5:67:81:57
X509v3 Authority Key Identifier:
keyid:42:03:87:C9:41:34:D9:A0:8F:FD:32:63:09:67:70:3A:DC:58:2B:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QgOHyUE02aCP_TJjCWdwOtxYK2w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/a38a87-0159-490e-b69c-376f4b4d9da6/1/QgOHyUE02aCP_TJjCWdwOtxYK2w.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/a38a87-0159-490e-b69c-376f4b4d9da6/1/QgOHyUE02aCP_TJjCWdwOtxYK2w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
56:9a:38:77:f4:02:e7:95:5a:83:c8:1d:da:17:e8:13:60:ad:
b6:bd:f6:12:59:40:01:ba:30:5f:fc:ee:04:d3:8d:1c:2c:e8:
56:1c:b0:cd:04:ec:66:1e:dd:77:60:8a:8d:69:8f:9f:a7:53:
30:83:10:ac:c1:b6:ab:09:d2:f0:55:4a:06:53:bf:f6:cc:9d:
1f:58:92:71:40:5a:8d:36:a6:ca:5b:63:cc:72:1c:dc:0c:e4:
d5:58:10:65:83:52:b0:54:2d:1c:39:df:07:98:ce:6a:0f:04:
bb:cd:69:83:a7:c5:53:2b:99:65:f5:88:7d:5f:28:08:80:e3:
91:86:da:45:71:04:f1:e7:30:43:30:80:d1:e9:3b:41:0e:32:
d3:3c:a5:8d:2c:96:00:2c:c7:16:22:e1:6d:17:44:02:77:fa:
5c:1f:29:5f:26:05:af:bf:42:3d:c3:20:1f:9a:32:53:cd:6d:
d2:a6:58:ff:b4:cd:95:d3:dd:37:fe:e1:8d:1c:ed:37:00:fe:
7a:44:bd:bb:0d:5d:e3:d8:f1:fc:6a:b6:2a:97:51:fd:ad:2e:
e3:3a:4f:67:e1:64:85:89:f7:8f:5d:3c:f1:ab:bc:54:64:53:
43:6a:ed:f1:1d:e4:d0:86:37:80:b5:37:61:98:f8:06:3e:e0:
33:a6:7c:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9OCl+x9zfE0OKXRuDkq7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMDM4N2M5NDEzNGQ5YTA4ZmZkMzI2MzA5Njc3MDNhZGM1
ODJiNmMwHhcNMjUxMTA0MTMwMTAyWhcNMjUxMTA1MTMwMTAyWjAzMTEwLwYDVQQD
EyhmMzNkOGY2NmVkZTg1M2MyYThiZDZmMGQwZGRjOWQyNGU1Njc4MTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCG0+aMjh/21E852dkq0bUntAotx
I503mKa8mmATPSW0qzzd98V5q2DuNwqsYQg0wgGdEK7lHVtXfUJzgzGfFYZ4QXy5
5LcRUUkDhODfmYIA0yXoBSS/sZpgMwRMMaZdTEX+9I7n97l013NG92SbJyC78gw/
AIamgmDKUbtwmokWeVflZnsn/KlliTRGbVJjmU9jCd4y6Mdyek7muW7B3mg6Cx5e
C3b2+2DOomjNGGiVZOnMRhPm6KZNGnRC1duorThtl9bk/LLcUivbnqwPdMYwi+zb
3/TQW3MtlO2JvSSk8ldrmic06UkOjzdgfNcnhS+sQ8rKrAa1GyqZApvtrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPM9j2bt6FPCqL1vDQ3cnSTlZ4FXMB8GA1UdIwQY
MBaAFEIDh8lBNNmgj/0yYwlncDrcWCtsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWdPSHlVRTAyYUNQX1RKakNXZHdPdHhZSzJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9hMzhhODctMDE1OS00OTBlLWI2OWMt
Mzc2ZjRiNGQ5ZGE2LzEvUWdPSHlVRTAyYUNQX1RKakNXZHdPdHhZSzJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9hMzhhODctMDE1OS00OTBlLWI2OWMtMzc2ZjRiNGQ5ZGE2
LzEvUWdPSHlVRTAyYUNQX1RKakNXZHdPdHhZSzJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVpo4d/QC
55Vag8gd2hfoE2Cttr32EllAAbowX/zuBNONHCzoVhywzQTsZh7dd2CKjWmPn6dT
MIMQrMG2qwnS8FVKBlO/9sydH1iScUBajTamyltjzHIc3Azk1VgQZYNSsFQtHDnf
B5jOag8Eu81pg6fFUyuZZfWIfV8oCIDjkYbaRXEE8ecwQzCA0ek7QQ4y0zyljSyW
ACzHFiLhbRdEAnf6XB8pXyYFr79CPcMgH5oyU81t0qZY/7TNldPdN/7hjRztNwD+
ekS9uw1d49jx/Gq2KpdR/a0u4zpPZ+FkhYn3j1088au8VGRTQ2rt8R3k0IY3gLU3
YZj4Bj7gM6Z8+Q==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:52:28 2025 by rpki-client