Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.mft
File: qltHHQugidnp9GwpExlnT6yBKNA.mft (raw, json)
Hash identifier: H+yHiuLoEBBrrNqpr+1E2DW840cDQ0V/1erChTZWhR0=
Subject key identifier: DC:00:B4:1D:D4:81:85:3D:40:93:35:A1:E8:01:B7:03:8B:0C:0F:1D
Authority key identifier: AA:5B:47:1D:0B:A0:89:D9:E9:F4:6C:29:13:19:67:4F:AC:81:28:D0
Certificate issuer: /CN=aa5b471d0ba089d9e9f46c291319674fac8128d0
Certificate serial: 0199FBEA9366515564C90A19BFFBC9EDB8F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qltHHQugidnp9GwpExlnT6yBKNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.mft
Manifest number: 0D34
Signing time: Sun 19 Oct 2025 10:01:18 +0000
Manifest this update: Sun 19 Oct 2025 10:01:18 +0000
Manifest next update: Mon 20 Oct 2025 10:01:18 +0000
Files and hashes: 1: 2K6387yyM5gxakFjGUcn1KUMQ58.roa (hash: KwEJI06hkpRX+nj9eXMKKI3vC9xa4ElKQ9FhYTbVyds=)
2: VNd90Fl0tWahsmhhQvhoAAT8f5U.roa (hash: U+zi8hpH0S9lksZLxaBLhZX/Hg0tdOzYwVmTSHbyaHY=)
3: qltHHQugidnp9GwpExlnT6yBKNA.crl (hash: zfya2QhdUVRWfmPXLIKWeBxiFcpbi2aQkQI2XHeG0Ss=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.mft
rsync://rpki.ripe.net/repository/DEFAULT/qltHHQugidnp9GwpExlnT6yBKNA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 10:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:ea:93:66:51:55:64:c9:0a:19:bf:fb:c9:ed:b8:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa5b471d0ba089d9e9f46c291319674fac8128d0
Validity
Not Before: Oct 19 10:01:18 2025 GMT
Not After : Oct 20 10:01:18 2025 GMT
Subject: CN=dc00b41dd481853d409335a1e801b7038b0c0f1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:1a:6c:98:43:b5:d1:c6:6f:26:dc:83:42:10:
9e:c5:02:d5:6d:27:02:39:47:3a:b6:c9:cd:6d:af:
8b:7a:11:c7:9e:96:54:00:86:7c:db:8e:91:1a:83:
72:ad:0e:29:40:8d:73:c9:cf:2b:69:6a:56:4b:19:
9c:c4:1e:ac:1b:f2:a0:63:b2:22:4f:f3:7d:90:51:
d0:af:42:52:1b:a9:13:d3:90:0e:5f:8e:b6:01:57:
59:d9:78:6a:8e:75:96:c9:63:e4:49:70:42:8b:a0:
f6:9d:22:d0:01:15:d1:0a:37:4e:39:94:df:06:98:
81:79:80:46:6b:ed:1b:08:ca:9b:62:4c:10:20:c1:
bc:2e:90:99:6c:91:95:e6:85:43:17:15:9e:44:45:
c7:bf:8a:50:65:1d:f1:90:3c:3e:96:cb:e9:c1:3d:
d5:fd:9c:99:61:6a:50:68:95:77:5b:fb:54:48:de:
25:f9:cb:05:e1:53:74:c6:e5:e2:d8:4e:c8:93:11:
80:06:72:88:fd:25:5a:6e:ed:b9:03:ec:00:58:6e:
e0:4e:08:54:56:71:a4:cd:68:4a:e0:59:7a:16:28:
5c:0a:0b:91:14:80:2f:24:3f:4a:f0:fd:f1:aa:89:
b8:f1:b1:74:33:6c:f3:d1:5b:a8:47:66:68:da:68:
51:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:00:B4:1D:D4:81:85:3D:40:93:35:A1:E8:01:B7:03:8B:0C:0F:1D
X509v3 Authority Key Identifier:
keyid:AA:5B:47:1D:0B:A0:89:D9:E9:F4:6C:29:13:19:67:4F:AC:81:28:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qltHHQugidnp9GwpExlnT6yBKNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
65:3b:78:a8:46:17:46:0f:c4:c4:d2:d2:65:20:18:59:7f:cd:
5e:bd:9a:b3:46:82:42:d0:96:1a:3d:64:e8:0e:e5:af:32:c7:
d3:fa:d7:fe:12:ce:86:61:00:9e:a5:61:ee:81:1e:7d:39:53:
b2:c9:dc:d1:ce:0e:e7:c3:18:18:2c:f6:a8:3f:b8:02:bc:65:
70:73:c0:2b:a9:07:02:21:3f:37:40:ff:c1:62:bc:ae:d1:5f:
da:82:46:37:b5:53:8d:18:1f:08:20:81:55:7e:06:fe:73:ff:
a6:00:70:fe:5c:6d:1d:79:ab:75:5c:8d:17:d6:c1:c2:55:81:
c1:ad:ae:36:5e:86:2d:0b:63:0a:a0:6b:f5:fd:99:7f:a6:05:
6c:5c:c0:97:aa:3f:43:ce:96:27:64:1a:8a:de:e4:0f:85:3f:
0a:ca:04:3a:ca:a7:f7:bc:1d:77:80:ff:0c:21:1f:6e:df:54:
de:62:6a:4e:4e:8b:01:44:ba:ab:27:b0:a7:e9:fe:72:e1:d4:
b6:fe:7e:eb:e6:f3:89:90:7c:64:6c:82:ad:f7:13:c5:f2:5d:
d8:f1:02:49:73:53:c4:4a:a0:4d:12:4f:fc:3d:0c:39:68:64:
d4:e0:5c:ec:a3:3e:f7:04:d2:4c:74:a4:d4:2f:7b:9c:34:2a:
3c:54:c9:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76pNmUVVkyQoZv/vJ7bjwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNWI0NzFkMGJhMDg5ZDllOWY0NmMyOTEzMTk2NzRmYWM4
MTI4ZDAwHhcNMjUxMDE5MTAwMTE4WhcNMjUxMDIwMTAwMTE4WjAzMTEwLwYDVQQD
EyhkYzAwYjQxZGQ0ODE4NTNkNDA5MzM1YTFlODAxYjcwMzhiMGMwZjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0hpsmEO10cZvJtyDQhCexQLVbScC
OUc6tsnNba+LehHHnpZUAIZ8246RGoNyrQ4pQI1zyc8raWpWSxmcxB6sG/KgY7Ii
T/N9kFHQr0JSG6kT05AOX462AVdZ2XhqjnWWyWPkSXBCi6D2nSLQARXRCjdOOZTf
BpiBeYBGa+0bCMqbYkwQIMG8LpCZbJGV5oVDFxWeREXHv4pQZR3xkDw+lsvpwT3V
/ZyZYWpQaJV3W/tUSN4l+csF4VN0xuXi2E7IkxGABnKI/SVabu25A+wAWG7gTghU
VnGkzWhK4Fl6FihcCguRFIAvJD9K8P3xqom48bF0M2zz0VuoR2Zo2mhR6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNwAtB3UgYU9QJM1oegBtwOLDA8dMB8GA1UdIwQY
MBaAFKpbRx0LoInZ6fRsKRMZZ0+sgSjQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWx0SEhRdWdpZG5wOUd3cEV4bG5UNnlCS05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS80YmUwMjctODhlOS00N2UzLWJiODgt
NmYyZTI1MjliZTgyLzEvcWx0SEhRdWdpZG5wOUd3cEV4bG5UNnlCS05BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS80YmUwMjctODhlOS00N2UzLWJiODgtNmYyZTI1MjliZTgy
LzEvcWx0SEhRdWdpZG5wOUd3cEV4bG5UNnlCS05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZTt4qEYX
Rg/ExNLSZSAYWX/NXr2as0aCQtCWGj1k6A7lrzLH0/rX/hLOhmEAnqVh7oEefTlT
ssnc0c4O58MYGCz2qD+4ArxlcHPAK6kHAiE/N0D/wWK8rtFf2oJGN7VTjRgfCCCB
VX4G/nP/pgBw/lxtHXmrdVyNF9bBwlWBwa2uNl6GLQtjCqBr9f2Zf6YFbFzAl6o/
Q86WJ2Qait7kD4U/CsoEOsqn97wdd4D/DCEfbt9U3mJqTk6LAUS6qyewp+n+cuHU
tv5+6+bziZB8ZGyCrfcTxfJd2PECSXNTxEqgTRJP/D0MOWhk1OBc7KM+9wTSTHSk
1C97nDQqPFTJyw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:03:20 2025 by rpki-client