Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/297f1e-922b-45b4-893f-fb98fe3dbc14/1/QtzU0b098prdQHW2jymvkHBHRDw.mft
File: QtzU0b098prdQHW2jymvkHBHRDw.mft (raw, json)
Hash identifier: gNxULGWwYvKO5+nqe5x/uF8LnTl2fTH8CUvstQ0q0GY=
Subject key identifier: DC:68:42:94:C6:C5:2B:2E:CE:05:2B:7F:3A:F8:F7:F6:CC:4D:8A:E2
Authority key identifier: 42:DC:D4:D1:BD:3D:F2:9A:DD:40:75:B6:8F:29:AF:90:70:47:44:3C
Certificate issuer: /CN=42dcd4d1bd3df29add4075b68f29af907047443c
Certificate serial: 019A4F61F348FD9B8FCD36BEA3AECE88B141
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QtzU0b098prdQHW2jymvkHBHRDw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/297f1e-922b-45b4-893f-fb98fe3dbc14/1/QtzU0b098prdQHW2jymvkHBHRDw.mft
Manifest number: 043B
Signing time: Tue 04 Nov 2025 15:00:10 +0000
Manifest this update: Tue 04 Nov 2025 15:00:10 +0000
Manifest next update: Wed 05 Nov 2025 15:00:10 +0000
Files and hashes: 1: 21zXl1VT2wOLl9fEbNkRa053DOE.roa (hash: 5emuQVjcm3y58xrRXNGECOspFNylmBXZoEALIIh48B4=)
2: QtzU0b098prdQHW2jymvkHBHRDw.crl (hash: LFaFDxqNhZENnnuWCLdPTnXKsGBDsdSv4sMDfnS6l8A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/297f1e-922b-45b4-893f-fb98fe3dbc14/1/QtzU0b098prdQHW2jymvkHBHRDw.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/297f1e-922b-45b4-893f-fb98fe3dbc14/1/QtzU0b098prdQHW2jymvkHBHRDw.mft
rsync://rpki.ripe.net/repository/DEFAULT/QtzU0b098prdQHW2jymvkHBHRDw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:61:f3:48:fd:9b:8f:cd:36:be:a3:ae:ce:88:b1:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42dcd4d1bd3df29add4075b68f29af907047443c
Validity
Not Before: Nov 4 15:00:10 2025 GMT
Not After : Nov 5 15:00:10 2025 GMT
Subject: CN=dc684294c6c52b2ece052b7f3af8f7f6cc4d8ae2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:21:64:c6:0c:d3:0e:34:7c:19:d6:7d:ba:ab:
fb:a9:d5:29:ab:6f:54:af:49:98:6c:42:32:c4:3f:
96:5a:85:55:37:46:94:00:6b:77:c8:83:3c:fa:d6:
8f:1d:a1:5d:af:f9:52:da:0c:cc:2f:47:7d:91:0a:
48:28:e3:7d:04:2d:5d:ff:c4:d9:5a:79:ac:d6:e5:
ca:32:f8:b4:6a:31:e1:a1:fc:ef:75:c6:a7:d2:7b:
a4:b1:ad:8c:97:cf:47:3c:ea:ea:54:26:05:44:ca:
ca:5d:2c:85:ab:0f:c0:9b:6c:c9:ad:0d:95:9a:3d:
11:58:28:5f:c2:c0:d0:5d:86:5b:29:fc:33:38:7e:
be:69:02:08:e6:7b:82:9b:2b:ff:36:76:69:bc:0c:
c2:74:f2:d9:bd:94:bb:1e:2d:2c:31:11:12:6f:f1:
f3:88:cb:43:80:b3:eb:eb:39:84:3c:ce:e5:16:99:
5f:66:71:d5:73:fa:8f:24:aa:4b:ae:07:7c:bf:3e:
2a:64:93:f2:c4:8c:6a:c5:ab:2d:2b:51:6b:3a:ba:
53:66:9a:e8:84:36:92:8c:ea:e4:ee:b7:17:b1:68:
f8:77:87:42:57:00:e4:1f:51:69:97:90:01:4d:0b:
97:8f:6b:95:ea:ee:e3:4b:f4:e7:36:46:ae:81:4a:
65:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:68:42:94:C6:C5:2B:2E:CE:05:2B:7F:3A:F8:F7:F6:CC:4D:8A:E2
X509v3 Authority Key Identifier:
keyid:42:DC:D4:D1:BD:3D:F2:9A:DD:40:75:B6:8F:29:AF:90:70:47:44:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QtzU0b098prdQHW2jymvkHBHRDw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/297f1e-922b-45b4-893f-fb98fe3dbc14/1/QtzU0b098prdQHW2jymvkHBHRDw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/297f1e-922b-45b4-893f-fb98fe3dbc14/1/QtzU0b098prdQHW2jymvkHBHRDw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5b:46:a9:6b:01:f9:d6:fc:40:8b:fd:3c:43:a3:1a:6f:4d:5e:
17:bf:f3:05:29:b5:5e:bd:7a:ee:e6:7f:87:1e:4f:26:54:1a:
38:87:9d:53:12:fa:48:59:97:35:5a:c5:58:83:4e:55:94:9a:
c4:d6:1d:03:9c:9b:72:5d:c9:12:1b:ec:01:e4:67:d1:19:53:
4a:06:70:f7:e9:99:d8:f4:82:91:f2:15:f6:10:c6:bd:5f:b8:
01:92:89:68:f6:03:e1:29:43:db:62:f3:c2:cd:75:d6:e6:cc:
82:8c:19:9d:7f:7d:9a:f0:9a:9c:55:e2:2c:7b:92:be:fa:4d:
be:cf:fa:86:89:6b:05:61:1e:35:e8:f8:1f:96:8c:6f:7b:b9:
28:e2:c3:69:c9:27:9e:4d:cf:43:48:92:d2:e3:ef:4f:2f:52:
10:c2:c8:7c:57:10:38:5e:e1:db:f3:a0:be:db:d3:8a:39:15:
9a:8f:79:8a:0c:7d:85:fc:be:c4:9e:96:e1:e6:9c:63:a4:34:
71:3d:1b:a7:24:79:57:a8:32:d1:e6:fa:10:66:d5:88:36:c5:
86:28:36:c9:da:4a:ed:a7:d3:e7:bd:c6:6e:02:a5:2c:45:b8:
37:a0:e5:c2:48:3d:36:eb:c6:9a:8c:70:7d:6d:43:0a:ff:d2:
a7:20:f2:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYfNI/ZuPzTa+o67OiLFBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyZGNkNGQxYmQzZGYyOWFkZDQwNzViNjhmMjlhZjkwNzA0
NzQ0M2MwHhcNMjUxMTA0MTUwMDEwWhcNMjUxMTA1MTUwMDEwWjAzMTEwLwYDVQQD
EyhkYzY4NDI5NGM2YzUyYjJlY2UwNTJiN2YzYWY4ZjdmNmNjNGQ4YWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAviFkxgzTDjR8GdZ9uqv7qdUpq29U
r0mYbEIyxD+WWoVVN0aUAGt3yIM8+taPHaFdr/lS2gzML0d9kQpIKON9BC1d/8TZ
Wnms1uXKMvi0ajHhofzvdcan0nuksa2Ml89HPOrqVCYFRMrKXSyFqw/Am2zJrQ2V
mj0RWChfwsDQXYZbKfwzOH6+aQII5nuCmyv/NnZpvAzCdPLZvZS7Hi0sMRESb/Hz
iMtDgLPr6zmEPM7lFplfZnHVc/qPJKpLrgd8vz4qZJPyxIxqxastK1FrOrpTZpro
hDaSjOrk7rcXsWj4d4dCVwDkH1Fpl5ABTQuXj2uV6u7jS/TnNkaugUplewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNxoQpTGxSsuzgUrfzr49/bMTYriMB8GA1UdIwQY
MBaAFELc1NG9PfKa3UB1to8pr5BwR0Q8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXR6VTBiMDk4cHJkUUhXMmp5bXZrSEJIUkR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8yOTdmMWUtOTIyYi00NWI0LTg5M2Yt
ZmI5OGZlM2RiYzE0LzEvUXR6VTBiMDk4cHJkUUhXMmp5bXZrSEJIUkR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8yOTdmMWUtOTIyYi00NWI0LTg5M2YtZmI5OGZlM2RiYzE0
LzEvUXR6VTBiMDk4cHJkUUhXMmp5bXZrSEJIUkR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW0apawH5
1vxAi/08Q6Mab01eF7/zBSm1Xr167uZ/hx5PJlQaOIedUxL6SFmXNVrFWINOVZSa
xNYdA5ybcl3JEhvsAeRn0RlTSgZw9+mZ2PSCkfIV9hDGvV+4AZKJaPYD4SlD22Lz
ws111ubMgowZnX99mvCanFXiLHuSvvpNvs/6holrBWEeNej4H5aMb3u5KOLDackn
nk3PQ0iS0uPvTy9SEMLIfFcQOF7h2/OgvtvTijkVmo95igx9hfy+xJ6W4eacY6Q0
cT0bpyR5V6gy0eb6EGbViDbFhig2ydpK7afT573GbgKlLEW4N6Dlwkg9NuvGmoxw
fW1DCv/SpyDyKw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 20:47:31 2025 by rpki-client