Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/QBY91EFO8-eS4AUB80786UQKnE4.mft
File: QBY91EFO8-eS4AUB80786UQKnE4.mft (raw, json)
Hash identifier: KWzRtlbM6LsI4E/ivnBDGLVHi43Pc4COHMW+GGYLABE=
Subject key identifier: 1B:5E:7A:45:76:90:90:0F:F2:27:1A:EA:74:6B:F5:A1:88:92:9D:0C
Authority key identifier: 40:16:3D:D4:41:4E:F3:E7:92:E0:05:01:F3:4E:FC:E9:44:0A:9C:4E
Certificate issuer: /CN=40163dd4414ef3e792e00501f34efce9440a9c4e
Certificate serial: 019A4F62DB849A170C2CFB8D7DFBFEBFB28F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QBY91EFO8-eS4AUB80786UQKnE4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/QBY91EFO8-eS4AUB80786UQKnE4.mft
Manifest number: 170F
Signing time: Tue 04 Nov 2025 15:01:10 +0000
Manifest this update: Tue 04 Nov 2025 15:01:10 +0000
Manifest next update: Wed 05 Nov 2025 15:01:10 +0000
Files and hashes: 1: QBY91EFO8-eS4AUB80786UQKnE4.crl (hash: h4Le8gEFcmgUNAA0bTR3iJSmG6vS1x+DoF6qLgd6Wfw=)
2: gYnUiXQeHZXoU2ZAN-fbsd-Pbx0.roa (hash: V+jQPfwx3Xoa/wL9PzJ6rz+juFyDwb1B2F2Hpp1ngN4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/QBY91EFO8-eS4AUB80786UQKnE4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/QBY91EFO8-eS4AUB80786UQKnE4.mft
rsync://rpki.ripe.net/repository/DEFAULT/QBY91EFO8-eS4AUB80786UQKnE4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:62:db:84:9a:17:0c:2c:fb:8d:7d:fb:fe:bf:b2:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40163dd4414ef3e792e00501f34efce9440a9c4e
Validity
Not Before: Nov 4 15:01:10 2025 GMT
Not After : Nov 5 15:01:10 2025 GMT
Subject: CN=1b5e7a457690900ff2271aea746bf5a188929d0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:0b:3e:55:3a:5a:fc:61:d7:d4:78:8a:9d:ad:
e4:e7:ea:f8:4e:ec:c1:40:e1:66:b3:c5:1e:f1:af:
b7:51:35:5e:22:e2:b1:64:8b:5c:56:62:0d:3e:70:
ac:a9:84:3f:62:ec:68:f1:51:4c:d6:6c:d8:c3:bf:
44:b6:9f:57:c8:72:eb:ac:83:81:f0:2a:b9:5c:e9:
f0:8c:1f:55:6f:69:67:95:03:a1:76:8f:22:43:ae:
85:3d:2d:12:22:83:cd:55:92:dd:f3:56:9a:ba:bd:
4f:cb:8b:3d:3f:10:40:03:8b:94:1f:cb:81:dd:2b:
00:b8:f7:af:00:0b:61:30:49:d8:e5:02:da:ad:3a:
62:00:75:08:2b:85:ce:10:68:4c:78:37:85:ee:d1:
d3:98:6a:bb:df:ec:f6:fc:fc:10:13:83:25:83:d7:
bd:28:5e:e1:23:76:6c:5d:87:ee:11:28:d5:71:ba:
3c:e8:67:94:ca:b2:38:82:d5:40:5e:71:9c:8f:30:
53:e2:29:d5:04:6f:ad:06:ac:46:9b:16:55:ab:be:
2f:fa:d8:e1:2a:f4:d1:30:77:29:d0:1c:6b:91:e5:
12:18:0d:1a:8f:47:72:e7:c1:58:c2:9a:89:e4:e8:
29:1b:3d:29:09:a3:a6:59:61:85:a6:9e:ee:ff:77:
2c:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:5E:7A:45:76:90:90:0F:F2:27:1A:EA:74:6B:F5:A1:88:92:9D:0C
X509v3 Authority Key Identifier:
keyid:40:16:3D:D4:41:4E:F3:E7:92:E0:05:01:F3:4E:FC:E9:44:0A:9C:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QBY91EFO8-eS4AUB80786UQKnE4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/QBY91EFO8-eS4AUB80786UQKnE4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/QBY91EFO8-eS4AUB80786UQKnE4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a2:1f:df:dd:a3:47:25:e8:c6:2b:cf:b7:2f:1a:76:1d:3d:38:
69:69:cf:8f:80:55:5b:31:af:7d:e7:64:97:87:72:5e:05:f3:
af:00:cd:8a:2c:f9:bc:af:cf:bc:e9:07:3e:a1:b6:ac:bb:00:
2c:34:b9:4e:e5:11:6c:96:4d:b5:c8:3d:31:e3:8a:b5:0c:ae:
aa:00:89:c9:a4:3b:3d:ca:f8:43:d5:b7:10:33:2f:fc:88:eb:
f8:11:3d:51:fc:e5:f4:7e:90:d4:ba:2e:88:6d:da:05:47:a4:
27:71:ac:1d:ee:56:64:cc:c1:4c:56:9b:b6:26:de:97:06:a3:
55:fe:f7:a6:b7:f5:ac:c7:c8:b1:24:68:94:02:9d:49:48:6b:
71:45:c2:9b:e7:73:8b:43:d4:ac:7c:cd:8c:b2:cd:2f:1b:bf:
96:60:eb:1f:4f:2a:94:83:a4:8b:f1:6a:dd:93:2c:b5:f7:29:
cb:7d:d9:83:42:1a:b2:b2:ae:18:2d:0b:ed:43:8a:44:0f:8f:
91:19:8f:73:5b:cd:f4:4a:bb:e1:ef:e0:4e:6c:50:50:4f:32:
b1:41:05:bf:8e:c0:e0:c4:30:01:58:a7:ed:75:6c:4d:77:65:
12:ca:6b:3e:0e:2b:32:5d:97:3a:38:7e:95:36:10:5c:d0:ea:
0e:7d:58:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYtuEmhcMLPuNffv+v7KPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMTYzZGQ0NDE0ZWYzZTc5MmUwMDUwMWYzNGVmY2U5NDQw
YTljNGUwHhcNMjUxMTA0MTUwMTEwWhcNMjUxMTA1MTUwMTEwWjAzMTEwLwYDVQQD
EygxYjVlN2E0NTc2OTA5MDBmZjIyNzFhZWE3NDZiZjVhMTg4OTI5ZDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2gs+VTpa/GHX1HiKna3k5+r4TuzB
QOFms8Ue8a+3UTVeIuKxZItcVmINPnCsqYQ/Yuxo8VFM1mzYw79Etp9XyHLrrIOB
8Cq5XOnwjB9Vb2lnlQOhdo8iQ66FPS0SIoPNVZLd81aaur1Py4s9PxBAA4uUH8uB
3SsAuPevAAthMEnY5QLarTpiAHUIK4XOEGhMeDeF7tHTmGq73+z2/PwQE4Mlg9e9
KF7hI3ZsXYfuESjVcbo86GeUyrI4gtVAXnGcjzBT4inVBG+tBqxGmxZVq74v+tjh
KvTRMHcp0BxrkeUSGA0aj0dy58FYwpqJ5OgpGz0pCaOmWWGFpp7u/3cseQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBteekV2kJAP8ica6nRr9aGIkp0MMB8GA1UdIwQY
MBaAFEAWPdRBTvPnkuAFAfNO/OlECpxOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUJZOTFFRk84LWVTNEFVQjgwNzg2VVFLbkU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy81MjE0MzgtM2UwNC00ZDcyLTg4ZGUt
MzYyMmFjN2Q2NWNjLzEvUUJZOTFFRk84LWVTNEFVQjgwNzg2VVFLbkU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy81MjE0MzgtM2UwNC00ZDcyLTg4ZGUtMzYyMmFjN2Q2NWNj
LzEvUUJZOTFFRk84LWVTNEFVQjgwNzg2VVFLbkU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoh/f3aNH
JejGK8+3Lxp2HT04aWnPj4BVWzGvfedkl4dyXgXzrwDNiiz5vK/PvOkHPqG2rLsA
LDS5TuURbJZNtcg9MeOKtQyuqgCJyaQ7Pcr4Q9W3EDMv/Ijr+BE9Ufzl9H6Q1Lou
iG3aBUekJ3GsHe5WZMzBTFabtibelwajVf73prf1rMfIsSRolAKdSUhrcUXCm+dz
i0PUrHzNjLLNLxu/lmDrH08qlIOki/Fq3ZMstfcpy33Zg0IasrKuGC0L7UOKRA+P
kRmPc1vN9Eq74e/gTmxQUE8ysUEFv47A4MQwAVin7XVsTXdlEsprPg4rMl2XOjh+
lTYQXNDqDn1YyQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 17:54:26 2025 by rpki-client