Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/42692b-a460-477c-baa0-eccdac8b6a98/1/qOeaWm0FfybaCYxi-R31ExEa7a0.mft
File: qOeaWm0FfybaCYxi-R31ExEa7a0.mft (raw, json)
Hash identifier: P8tav8m2cluxF1ohKIU7+uP93cdhJcqzB6TraIz0BgU=
Subject key identifier: C7:79:6F:73:7D:DB:48:45:BD:4D:8A:9C:90:A8:6D:7C:BD:9D:6E:88
Authority key identifier: A8:E7:9A:5A:6D:05:7F:26:DA:09:8C:62:F9:1D:F5:13:11:1A:ED:AD
Certificate issuer: /CN=a8e79a5a6d057f26da098c62f91df513111aedad
Certificate serial: 019A03A48469701A708C9FC24AD4CB421E4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qOeaWm0FfybaCYxi-R31ExEa7a0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/42692b-a460-477c-baa0-eccdac8b6a98/1/qOeaWm0FfybaCYxi-R31ExEa7a0.mft
Manifest number: 019A
Signing time: Mon 20 Oct 2025 22:01:44 +0000
Manifest this update: Mon 20 Oct 2025 22:01:44 +0000
Manifest next update: Tue 21 Oct 2025 22:01:44 +0000
Files and hashes: 1: qOeaWm0FfybaCYxi-R31ExEa7a0.crl (hash: hZX9rvdYx33e1+NsSCEhNaK7tCWC3a2oxa3cdKjccoI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/42692b-a460-477c-baa0-eccdac8b6a98/1/qOeaWm0FfybaCYxi-R31ExEa7a0.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/42692b-a460-477c-baa0-eccdac8b6a98/1/qOeaWm0FfybaCYxi-R31ExEa7a0.mft
rsync://rpki.ripe.net/repository/DEFAULT/qOeaWm0FfybaCYxi-R31ExEa7a0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 22:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:03:a4:84:69:70:1a:70:8c:9f:c2:4a:d4:cb:42:1e:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8e79a5a6d057f26da098c62f91df513111aedad
Validity
Not Before: Oct 20 22:01:44 2025 GMT
Not After : Oct 21 22:01:44 2025 GMT
Subject: CN=c7796f737ddb4845bd4d8a9c90a86d7cbd9d6e88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:96:d9:9b:1a:b2:d8:c3:51:72:48:67:51:89:
d9:b4:36:42:46:66:0d:1f:12:e1:5e:06:a4:20:73:
ec:a7:13:ea:a9:fe:68:ed:45:49:6c:71:44:22:c5:
46:ea:43:42:4b:29:3c:cf:3a:33:f5:f8:82:60:89:
c7:54:de:36:e2:03:c4:c3:aa:0f:88:d4:90:65:1f:
b7:bb:f8:43:64:74:7b:03:f5:f3:ca:14:64:07:2d:
76:ad:6d:0f:9a:ce:15:5e:ca:8b:18:27:85:ab:21:
f5:b4:d2:e2:33:dd:b2:81:4c:e2:11:e1:c0:b5:d8:
ac:d6:d5:d5:9c:a9:d7:76:ae:0a:a5:74:3b:27:5d:
ea:98:46:67:79:1a:3d:39:0e:39:a1:75:0d:88:08:
24:2f:35:63:d7:5c:54:b1:e3:1a:60:23:6b:c6:0b:
25:ea:8e:73:2c:d4:36:b0:b8:7f:90:91:a1:b7:fa:
1a:2d:d5:fa:23:48:e6:73:db:26:95:0c:f3:4f:aa:
d6:6d:01:ea:c3:93:00:ae:ff:e2:fb:17:0c:61:8d:
01:e7:09:51:d6:72:9b:f5:58:fd:82:e3:28:bf:6d:
50:03:59:52:7f:e1:7c:c5:e3:3a:62:d2:66:1a:af:
06:50:3a:c5:2b:76:65:c4:e9:b4:be:88:f9:40:e1:
2f:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:79:6F:73:7D:DB:48:45:BD:4D:8A:9C:90:A8:6D:7C:BD:9D:6E:88
X509v3 Authority Key Identifier:
keyid:A8:E7:9A:5A:6D:05:7F:26:DA:09:8C:62:F9:1D:F5:13:11:1A:ED:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qOeaWm0FfybaCYxi-R31ExEa7a0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/42692b-a460-477c-baa0-eccdac8b6a98/1/qOeaWm0FfybaCYxi-R31ExEa7a0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/42692b-a460-477c-baa0-eccdac8b6a98/1/qOeaWm0FfybaCYxi-R31ExEa7a0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
25:ac:09:c8:85:ef:de:69:55:8a:c4:d1:5f:8f:06:c7:d9:50:
0a:ac:93:33:b3:ea:71:3c:2f:d1:f4:c8:84:91:74:e6:55:82:
b8:75:3c:02:12:f2:f5:32:2d:f8:d6:b4:37:b0:53:00:1b:a1:
31:69:4c:82:a2:c9:d9:4b:8b:e7:ce:31:dd:59:0c:54:11:67:
c7:7f:c9:cf:ac:fc:5c:83:67:73:bd:7b:3e:a9:af:c7:98:e2:
88:ee:73:47:ad:57:77:b5:f0:0b:68:50:bc:ee:8f:55:ff:d7:
88:98:93:a2:02:cb:5f:1e:4e:78:78:ed:d4:a9:19:e3:7f:65:
78:c8:25:aa:9b:40:54:ae:e3:fb:63:b8:37:cb:60:07:27:a9:
51:f4:fa:df:a8:ba:32:3b:74:2d:73:00:1b:c4:52:98:93:7b:
3f:6f:d1:23:58:5c:a4:6d:f1:5f:f0:d8:96:fe:a5:ce:ce:74:
ad:21:63:5d:3e:28:a1:42:94:be:e9:55:e9:ab:d7:3a:a4:7e:
61:7b:77:95:df:5b:a2:d8:f4:0c:e0:c4:21:5c:db:ff:20:b5:
39:4b:be:d2:ce:37:15:d1:33:bf:ac:2a:23:35:3c:85:20:d5:
c0:b5:aa:03:44:89:57:3e:83:9b:8c:d0:4e:66:2c:9b:06:60:
5c:f0:86:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoDpIRpcBpwjJ/CStTLQh5LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4ZTc5YTVhNmQwNTdmMjZkYTA5OGM2MmY5MWRmNTEzMTEx
YWVkYWQwHhcNMjUxMDIwMjIwMTQ0WhcNMjUxMDIxMjIwMTQ0WjAzMTEwLwYDVQQD
EyhjNzc5NmY3MzdkZGI0ODQ1YmQ0ZDhhOWM5MGE4NmQ3Y2JkOWQ2ZTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1JbZmxqy2MNRckhnUYnZtDZCRmYN
HxLhXgakIHPspxPqqf5o7UVJbHFEIsVG6kNCSyk8zzoz9fiCYInHVN424gPEw6oP
iNSQZR+3u/hDZHR7A/XzyhRkBy12rW0Pms4VXsqLGCeFqyH1tNLiM92ygUziEeHA
tdis1tXVnKnXdq4KpXQ7J13qmEZneRo9OQ45oXUNiAgkLzVj11xUseMaYCNrxgsl
6o5zLNQ2sLh/kJGht/oaLdX6I0jmc9smlQzzT6rWbQHqw5MArv/i+xcMYY0B5wlR
1nKb9Vj9guMov21QA1lSf+F8xeM6YtJmGq8GUDrFK3ZlxOm0voj5QOEvQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMd5b3N920hFvU2KnJCobXy9nW6IMB8GA1UdIwQY
MBaAFKjnmlptBX8m2gmMYvkd9RMRGu2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcU9lYVdtMEZmeWJhQ1l4aS1SMzFFeEVhN2EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS80MjY5MmItYTQ2MC00NzdjLWJhYTAt
ZWNjZGFjOGI2YTk4LzEvcU9lYVdtMEZmeWJhQ1l4aS1SMzFFeEVhN2EwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS80MjY5MmItYTQ2MC00NzdjLWJhYTAtZWNjZGFjOGI2YTk4
LzEvcU9lYVdtMEZmeWJhQ1l4aS1SMzFFeEVhN2EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJawJyIXv
3mlVisTRX48Gx9lQCqyTM7PqcTwv0fTIhJF05lWCuHU8AhLy9TIt+Na0N7BTABuh
MWlMgqLJ2UuL584x3VkMVBFnx3/Jz6z8XINnc717Pqmvx5jiiO5zR61Xd7XwC2hQ
vO6PVf/XiJiTogLLXx5OeHjt1KkZ439leMglqptAVK7j+2O4N8tgByepUfT636i6
Mjt0LXMAG8RSmJN7P2/RI1hcpG3xX/DYlv6lzs50rSFjXT4ooUKUvulV6avXOqR+
YXt3ld9botj0DODEIVzb/yC1OUu+0s43FdEzv6wqIzU8hSDVwLWqA0SJVz6Dm4zQ
TmYsmwZgXPCGKQ==
-----END CERTIFICATE-----
Generated at Tue Oct 21 02:22:04 2025 by rpki-client