Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft
File: q53IX5TKZH3g22TXTTE5lHzESbo.mft (raw, json)
Hash identifier: Btx4FNWKUu9llsT7vbIhvdWpjArNjM90gtNQ6uJ0Cp8=
Subject key identifier: CC:9C:76:6F:BE:3B:26:8E:54:A8:04:EB:CB:E7:32:6C:15:E7:11:28
Authority key identifier: AB:9D:C8:5F:94:CA:64:7D:E0:DB:64:D7:4D:31:39:94:7C:C4:49:BA
Certificate issuer: /CN=ab9dc85f94ca647de0db64d74d3139947cc449ba
Certificate serial: 019A003554253B1F6A72B89FE5995277B46A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q53IX5TKZH3g22TXTTE5lHzESbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft
Manifest number: 13D1
Signing time: Mon 20 Oct 2025 06:01:26 +0000
Manifest this update: Mon 20 Oct 2025 06:01:26 +0000
Manifest next update: Tue 21 Oct 2025 06:01:26 +0000
Files and hashes: 1: 3U4MivbAgZFFTzpri9v9qzr-9Dg.roa (hash: OpxoqQJPTPV/7nPesTeS09o0jfmFmQcqEJLqODzVTIM=)
2: q53IX5TKZH3g22TXTTE5lHzESbo.crl (hash: APRok7nwmlrY4hLU7It74HvFM1HY5A4Au+KhUg0G+T4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft
rsync://rpki.ripe.net/repository/DEFAULT/q53IX5TKZH3g22TXTTE5lHzESbo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:00:35:54:25:3b:1f:6a:72:b8:9f:e5:99:52:77:b4:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab9dc85f94ca647de0db64d74d3139947cc449ba
Validity
Not Before: Oct 20 06:01:26 2025 GMT
Not After : Oct 21 06:01:26 2025 GMT
Subject: CN=cc9c766fbe3b268e54a804ebcbe7326c15e71128
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:53:59:94:17:2a:16:5d:3c:cc:b3:4e:58:00:
ed:1c:81:0e:d2:30:10:05:7a:3d:e9:13:8e:48:1d:
e3:10:2e:1c:f1:45:5c:3f:00:ce:9e:99:8a:90:84:
c7:c1:bf:50:b0:e3:03:98:b5:00:c7:90:f6:11:ed:
dd:cf:10:ac:09:f3:f6:12:d9:60:83:55:31:bc:92:
f1:7b:60:e8:af:75:91:c1:40:1d:5d:ca:88:24:6e:
73:f0:f0:08:d9:4f:33:6b:47:9b:7c:75:a4:12:de:
0d:03:f1:dc:a7:8b:48:3d:38:ab:9b:c9:db:a4:2d:
a7:99:57:9e:f5:03:be:cc:41:4f:a8:a2:87:a7:8c:
90:41:98:fc:80:cb:73:56:af:08:ba:e1:ad:e5:18:
17:e6:f0:d6:33:a0:f3:c4:2b:92:63:df:ee:b4:1d:
96:24:26:9a:42:26:93:7c:83:80:f5:9c:16:41:9c:
90:c4:00:49:f7:03:fe:3d:c4:5c:b8:6f:19:5e:a5:
34:62:c8:12:e0:fd:6b:e1:4b:81:8d:6e:42:5c:f0:
c0:32:69:35:10:ac:fa:e5:52:60:32:63:4a:1f:16:
82:52:38:a4:18:fb:20:d5:6a:b0:6d:5c:78:2d:5b:
1f:f3:25:ce:8e:4a:b1:4b:e8:b2:59:3f:21:64:ce:
b8:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:9C:76:6F:BE:3B:26:8E:54:A8:04:EB:CB:E7:32:6C:15:E7:11:28
X509v3 Authority Key Identifier:
keyid:AB:9D:C8:5F:94:CA:64:7D:E0:DB:64:D7:4D:31:39:94:7C:C4:49:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q53IX5TKZH3g22TXTTE5lHzESbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a6:ae:4a:6c:2e:f9:dc:4c:d1:32:81:9f:fd:2d:87:e4:48:fb:
67:f0:d8:bb:4e:9d:20:11:49:54:cf:0c:dd:99:b7:4d:76:0e:
4a:3f:ae:16:d6:10:2e:2b:99:e5:dd:3e:96:10:96:a0:12:ed:
77:38:00:3c:f4:d3:52:54:6c:1b:7f:0c:25:ee:07:23:2b:31:
03:c6:86:00:8d:9d:bc:c2:0d:c1:83:d5:2c:d3:38:df:db:8f:
cc:49:7d:b8:32:62:e6:db:41:74:5f:32:9d:ef:19:dd:7f:f4:
4d:f2:ee:8b:06:a0:40:b7:d4:bf:6f:2f:be:bf:0e:bb:d9:3d:
a4:08:10:76:8f:bf:a0:3c:fc:90:ce:36:9e:0f:07:a2:10:0c:
35:b3:dc:93:e7:94:3d:0c:ba:97:79:7c:13:03:14:8c:e1:43:
04:c2:82:22:94:08:94:e3:59:92:da:49:0f:bb:bd:a9:8d:95:
63:8a:6c:5f:3a:0b:96:25:30:1d:f5:c5:19:a8:85:ed:ab:65:
e6:f4:31:28:16:5a:99:aa:a6:63:fb:b3:54:59:c4:24:5f:1f:
e4:75:81:1f:aa:7a:2b:69:85:07:86:d7:9b:d9:5a:a0:f5:fa:
a9:7f:10:47:43:31:dc:91:36:d1:aa:db:93:bc:d3:52:07:c5:
1e:65:6b:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoANVQlOx9qcrif5ZlSd7RqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiOWRjODVmOTRjYTY0N2RlMGRiNjRkNzRkMzEzOTk0N2Nj
NDQ5YmEwHhcNMjUxMDIwMDYwMTI2WhcNMjUxMDIxMDYwMTI2WjAzMTEwLwYDVQQD
EyhjYzljNzY2ZmJlM2IyNjhlNTRhODA0ZWJjYmU3MzI2YzE1ZTcxMTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2FNZlBcqFl08zLNOWADtHIEO0jAQ
BXo96ROOSB3jEC4c8UVcPwDOnpmKkITHwb9QsOMDmLUAx5D2Ee3dzxCsCfP2Etlg
g1UxvJLxe2Dor3WRwUAdXcqIJG5z8PAI2U8za0ebfHWkEt4NA/Hcp4tIPTirm8nb
pC2nmVee9QO+zEFPqKKHp4yQQZj8gMtzVq8IuuGt5RgX5vDWM6DzxCuSY9/utB2W
JCaaQiaTfIOA9ZwWQZyQxABJ9wP+PcRcuG8ZXqU0YsgS4P1r4UuBjW5CXPDAMmk1
EKz65VJgMmNKHxaCUjikGPsg1WqwbVx4LVsf8yXOjkqxS+iyWT8hZM647QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMycdm++OyaOVKgE68vnMmwV5xEoMB8GA1UdIwQY
MBaAFKudyF+UymR94Ntk100xOZR8xEm6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTUzSVg1VEtaSDNnMjJUWFRURTVsSHpFU2JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy85YzgzYTUtM2E5YS00NzE1LTliMTYt
NDA0NjMyNDk3MGFmLzEvcTUzSVg1VEtaSDNnMjJUWFRURTVsSHpFU2JvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy85YzgzYTUtM2E5YS00NzE1LTliMTYtNDA0NjMyNDk3MGFm
LzEvcTUzSVg1VEtaSDNnMjJUWFRURTVsSHpFU2JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApq5KbC75
3EzRMoGf/S2H5Ej7Z/DYu06dIBFJVM8M3Zm3TXYOSj+uFtYQLiuZ5d0+lhCWoBLt
dzgAPPTTUlRsG38MJe4HIysxA8aGAI2dvMINwYPVLNM439uPzEl9uDJi5ttBdF8y
ne8Z3X/0TfLuiwagQLfUv28vvr8Ou9k9pAgQdo+/oDz8kM42ng8HohAMNbPck+eU
PQy6l3l8EwMUjOFDBMKCIpQIlONZktpJD7u9qY2VY4psXzoLliUwHfXFGaiF7atl
5vQxKBZamaqmY/uzVFnEJF8f5HWBH6p6K2mFB4bXm9laoPX6qX8QR0Mx3JE20arb
k7zTUgfFHmVrsA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:58:48 2025 by rpki-client