Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/ba94f4-8a20-4d10-927f-a882da6c0cfc/1/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.mft
File: QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.mft (raw, json)
Hash identifier: D3/bsgBGwYC/dkl/G/2bIz5uby5zboaHrU3NwqDgKME=
Subject key identifier: 68:79:5A:6B:8A:E8:32:3C:D5:38:AB:0D:1A:B9:23:3E:81:BA:C2:C9
Authority key identifier: 41:2D:AD:82:06:99:F1:53:A3:1A:66:ED:67:83:A1:DE:4E:0F:8C:F5
Certificate issuer: /CN=412dad820699f153a31a66ed6783a1de4e0f8cf5
Certificate serial: 019A52D1C1F89227E025088B69B12E512BF2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/ba94f4-8a20-4d10-927f-a882da6c0cfc/1/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.mft
Manifest number: 0CFB
Signing time: Wed 05 Nov 2025 07:01:09 +0000
Manifest this update: Wed 05 Nov 2025 07:01:09 +0000
Manifest next update: Thu 06 Nov 2025 07:01:09 +0000
Files and hashes: 1: QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.crl (hash: J14at92If2KK37uaew71iHePBUfvyTrPrJ+QYQpyRwQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/ba94f4-8a20-4d10-927f-a882da6c0cfc/1/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/ba94f4-8a20-4d10-927f-a882da6c0cfc/1/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.mft
rsync://rpki.ripe.net/repository/DEFAULT/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:52:d1:c1:f8:92:27:e0:25:08:8b:69:b1:2e:51:2b:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=412dad820699f153a31a66ed6783a1de4e0f8cf5
Validity
Not Before: Nov 5 07:01:09 2025 GMT
Not After : Nov 6 07:01:09 2025 GMT
Subject: CN=68795a6b8ae8323cd538ab0d1ab9233e81bac2c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:27:ce:a7:a7:27:c1:a7:47:57:f3:0f:eb:f9:
96:91:4a:d1:8b:9d:35:d9:dd:5e:e4:31:db:11:f0:
e2:cf:1f:26:31:49:53:14:07:3f:7a:86:41:c0:dc:
95:0e:ee:18:6b:d5:c5:f5:79:0e:95:90:ed:5c:fc:
08:6d:9d:8d:a6:27:62:a8:d8:e1:1e:aa:34:fe:61:
ea:33:4d:ad:17:df:3b:f8:d4:b7:90:ac:5c:b9:7e:
d9:cb:2a:f3:7d:a1:33:01:23:4a:33:97:8c:9e:eb:
a4:c0:a7:16:2e:aa:ae:47:a6:93:1a:0f:a6:e6:76:
e5:06:b7:8b:05:14:4e:43:56:66:96:ed:da:96:62:
62:ac:f6:a1:dd:d1:a4:e2:a4:78:58:94:8b:5f:86:
53:25:6f:4c:a7:f5:32:70:5a:31:d6:21:fc:4e:50:
63:62:5c:95:e7:26:27:92:5a:a7:ad:29:9c:e3:18:
87:de:9a:47:1e:ef:bc:56:3c:a8:d9:de:5e:59:23:
ec:34:c3:58:7c:ef:0c:23:b2:82:cf:86:ce:c3:f6:
34:41:4a:a7:d7:30:7e:7c:9b:c6:83:a7:42:a8:cd:
d0:94:10:69:8d:4b:22:08:38:75:05:ca:af:4d:65:
60:c3:f1:40:84:17:84:47:37:dc:3d:80:27:ee:a4:
fa:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:79:5A:6B:8A:E8:32:3C:D5:38:AB:0D:1A:B9:23:3E:81:BA:C2:C9
X509v3 Authority Key Identifier:
keyid:41:2D:AD:82:06:99:F1:53:A3:1A:66:ED:67:83:A1:DE:4E:0F:8C:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/ba94f4-8a20-4d10-927f-a882da6c0cfc/1/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/ba94f4-8a20-4d10-927f-a882da6c0cfc/1/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
12:11:30:99:3d:38:3c:b4:de:bb:1f:73:72:a9:bf:a5:27:3e:
93:3a:22:5e:40:ba:49:1b:68:ba:22:d6:32:63:72:56:ef:0a:
c1:b6:4b:91:69:6d:aa:f4:e9:12:05:6d:8a:86:24:7a:b1:3f:
c8:c4:99:7d:47:ca:4c:7c:6e:e9:d5:f2:22:f1:60:6c:89:8a:
d2:d8:c1:70:82:67:b1:20:95:53:d7:da:fb:2c:d8:64:fb:a4:
4a:94:a1:c8:e9:a5:0c:f3:a5:86:10:05:f4:23:95:25:81:2a:
81:45:df:c8:63:8a:96:11:6e:d5:b7:4b:58:63:ec:12:9c:56:
35:51:17:37:66:c9:d5:2e:4c:7c:41:44:20:85:98:a9:30:f8:
2f:5f:ea:fd:79:d6:70:34:06:37:d9:d6:3f:12:f3:34:a4:02:
3c:ca:9e:e2:62:ae:30:42:1e:ce:85:82:80:26:98:34:b6:e8:
41:c0:6a:59:03:27:81:f8:1d:3a:5d:22:ea:cc:4a:65:cb:ae:
14:a8:f2:aa:90:db:a6:3d:02:38:0d:37:52:e8:12:6a:ae:9c:
f7:3e:39:4c:17:9a:32:82:e8:60:2f:c8:53:9e:27:4c:a7:64:
1e:c8:c2:a9:52:84:6c:d0:d3:d2:62:f5:e9:b1:b9:72:85:9b:
32:6f:93:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpS0cH4kifgJQiLabEuUSvyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMmRhZDgyMDY5OWYxNTNhMzFhNjZlZDY3ODNhMWRlNGUw
ZjhjZjUwHhcNMjUxMTA1MDcwMTA5WhcNMjUxMTA2MDcwMTA5WjAzMTEwLwYDVQQD
Eyg2ODc5NWE2YjhhZTgzMjNjZDUzOGFiMGQxYWI5MjMzZTgxYmFjMmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSfOp6cnwadHV/MP6/mWkUrRi501
2d1e5DHbEfDizx8mMUlTFAc/eoZBwNyVDu4Ya9XF9XkOlZDtXPwIbZ2NpidiqNjh
Hqo0/mHqM02tF987+NS3kKxcuX7ZyyrzfaEzASNKM5eMnuukwKcWLqquR6aTGg+m
5nblBreLBRROQ1Zmlu3almJirPah3dGk4qR4WJSLX4ZTJW9Mp/UycFox1iH8TlBj
YlyV5yYnklqnrSmc4xiH3ppHHu+8Vjyo2d5eWSPsNMNYfO8MI7KCz4bOw/Y0QUqn
1zB+fJvGg6dCqM3QlBBpjUsiCDh1BcqvTWVgw/FAhBeERzfcPYAn7qT6EQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGh5WmuK6DI81TirDRq5Iz6BusLJMB8GA1UdIwQY
MBaAFEEtrYIGmfFToxpm7WeDod5OD4z1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVMydGdnYVo4Vk9qR21idFo0T2gzazRQalBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iYTk0ZjQtOGEyMC00ZDEwLTkyN2Yt
YTg4MmRhNmMwY2ZjLzEvUVMydGdnYVo4Vk9qR21idFo0T2gzazRQalBVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iYTk0ZjQtOGEyMC00ZDEwLTkyN2YtYTg4MmRhNmMwY2Zj
LzEvUVMydGdnYVo4Vk9qR21idFo0T2gzazRQalBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEhEwmT04
PLTeux9zcqm/pSc+kzoiXkC6SRtouiLWMmNyVu8KwbZLkWltqvTpEgVtioYkerE/
yMSZfUfKTHxu6dXyIvFgbImK0tjBcIJnsSCVU9fa+yzYZPukSpShyOmlDPOlhhAF
9COVJYEqgUXfyGOKlhFu1bdLWGPsEpxWNVEXN2bJ1S5MfEFEIIWYqTD4L1/q/XnW
cDQGN9nWPxLzNKQCPMqe4mKuMEIezoWCgCaYNLboQcBqWQMngfgdOl0i6sxKZcuu
FKjyqpDbpj0COA03UugSaq6c9z45TBeaMoLoYC/IU54nTKdkHsjCqVKEbNDT0mL1
6bG5coWbMm+Tgw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 10:39:02 2025 by rpki-client