
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/955a40-9d94-4f82-88e5-69c6298415f8/1/QukMnRAJsywZRbb45liUg8XqR0M.mft
File: QukMnRAJsywZRbb45liUg8XqR0M.mft (raw, json)
Hash identifier: iZIXNtj910qcQ38pHqwYOp8DXyj5yJfHXUC1VTjJu+o=
Subject key identifier: CB:12:6B:63:B2:8E:4A:9D:7D:96:79:6A:8A:B7:98:19:66:5D:FB:FF
Authority key identifier: 42:E9:0C:9D:10:09:B3:2C:19:45:B6:F8:E6:58:94:83:C5:EA:47:43
Certificate issuer: /CN=42e90c9d1009b32c1945b6f8e6589483c5ea4743
Certificate serial: 019A0411D75A03CD8747BE402139520298A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QukMnRAJsywZRbb45liUg8XqR0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/955a40-9d94-4f82-88e5-69c6298415f8/1/QukMnRAJsywZRbb45liUg8XqR0M.mft
Manifest number: 0ACE
Signing time: Tue 21 Oct 2025 00:01:09 +0000
Manifest this update: Tue 21 Oct 2025 00:01:09 +0000
Manifest next update: Wed 22 Oct 2025 00:01:09 +0000
Files and hashes: 1: QukMnRAJsywZRbb45liUg8XqR0M.crl (hash: lBNWn3F4a7aD8QcVzlB5ieduiRF2vjEMHiVKZxSAo1E=)
2: vdgwFbYVt8R1VSJ8o61nh0Nw_GA.roa (hash: 76jfpsJ1QF75Cjby0A7bmnFhoDcXagSAAfe9ZF5jiZQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/955a40-9d94-4f82-88e5-69c6298415f8/1/QukMnRAJsywZRbb45liUg8XqR0M.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/955a40-9d94-4f82-88e5-69c6298415f8/1/QukMnRAJsywZRbb45liUg8XqR0M.mft
rsync://rpki.ripe.net/repository/DEFAULT/QukMnRAJsywZRbb45liUg8XqR0M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 22:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:04:11:d7:5a:03:cd:87:47:be:40:21:39:52:02:98:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42e90c9d1009b32c1945b6f8e6589483c5ea4743
Validity
Not Before: Oct 21 00:01:09 2025 GMT
Not After : Oct 22 00:01:09 2025 GMT
Subject: CN=cb126b63b28e4a9d7d96796a8ab79819665dfbff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:f8:77:6f:ca:94:1d:a0:96:d7:a9:4a:23:b9:
b4:41:b6:e8:4e:39:37:40:95:2b:17:4c:3b:2d:c6:
4b:74:f1:e9:d7:ae:68:02:73:66:17:de:a7:1b:b0:
d7:13:2b:7b:d4:45:4f:e8:99:83:85:51:c7:ea:9b:
48:7a:9e:e2:2a:53:bc:52:39:92:9b:d6:0b:ee:98:
f4:b5:53:a1:23:38:ed:ee:e5:08:7f:1a:ba:f0:4e:
7e:04:5b:53:e7:ea:ee:1a:fe:bb:36:2c:46:0e:df:
a7:8e:a5:7f:0a:6a:82:cb:d5:6a:b8:80:a4:03:7e:
92:47:81:81:b0:b6:bd:b4:ac:34:97:20:10:7d:44:
d9:c8:eb:ff:60:f0:fb:89:cf:1d:75:bb:c9:64:ea:
6c:48:c4:a8:19:2c:97:59:ed:57:12:ca:57:41:33:
96:b2:49:cc:29:8a:e2:8e:b6:a7:fa:73:8f:f2:03:
aa:95:c2:69:7a:fa:08:6f:62:15:f6:95:83:00:38:
5c:b3:c8:65:ab:d1:f9:6f:33:b5:9b:92:71:32:86:
82:62:16:98:21:2a:dc:c2:26:b5:8f:db:b0:d5:dd:
03:2e:2f:a4:b0:7a:64:cf:c0:6b:84:d3:b3:83:f1:
be:29:26:4b:90:b3:00:b0:4e:8c:98:01:66:6c:f8:
3f:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:12:6B:63:B2:8E:4A:9D:7D:96:79:6A:8A:B7:98:19:66:5D:FB:FF
X509v3 Authority Key Identifier:
keyid:42:E9:0C:9D:10:09:B3:2C:19:45:B6:F8:E6:58:94:83:C5:EA:47:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QukMnRAJsywZRbb45liUg8XqR0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/955a40-9d94-4f82-88e5-69c6298415f8/1/QukMnRAJsywZRbb45liUg8XqR0M.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/955a40-9d94-4f82-88e5-69c6298415f8/1/QukMnRAJsywZRbb45liUg8XqR0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
06:39:b6:68:a6:7a:8b:40:bd:83:05:cb:e9:06:6f:b1:68:47:
7e:9e:c1:af:85:2f:8b:5c:54:80:4b:66:16:72:10:8e:28:e5:
6c:7e:76:5f:41:99:e8:f7:e5:66:a5:fd:d1:9a:5e:1b:f1:43:
a1:bd:8e:4c:9b:47:cf:a1:93:1b:22:07:c9:12:c1:78:64:93:
4a:ee:7b:d3:d2:14:5b:82:70:26:39:5e:93:45:ae:00:83:3b:
15:8a:15:00:23:6c:74:54:fc:d1:44:56:2e:51:38:3f:5b:ee:
74:51:74:43:d9:ab:3c:fa:f1:c4:f7:32:04:2e:f2:87:e7:9c:
a0:d0:10:67:0d:99:12:b6:5c:9f:91:b2:bb:df:e3:65:85:94:
15:63:87:09:f0:06:97:7b:05:1c:f8:58:01:3f:68:aa:c5:eb:
8d:f3:71:a1:e5:a7:ab:b3:d0:a3:ee:a7:e9:bc:b9:d0:05:a3:
b3:99:de:1c:51:75:c1:d0:65:72:05:9f:f3:87:d3:19:dd:19:
2f:31:a7:9d:9c:e8:34:d3:e0:09:bb:b2:24:56:c9:c1:98:43:
54:1d:ff:e0:8c:dc:f1:03:f2:9a:23:a4:b0:61:3f:bb:2f:55:
91:c2:16:00:88:35:bf:35:70:29:d5:ca:bd:1a:1e:e8:d1:09:
59:da:6b:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoEEddaA82HR75AITlSApinMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyZTkwYzlkMTAwOWIzMmMxOTQ1YjZmOGU2NTg5NDgzYzVl
YTQ3NDMwHhcNMjUxMDIxMDAwMTA5WhcNMjUxMDIyMDAwMTA5WjAzMTEwLwYDVQQD
EyhjYjEyNmI2M2IyOGU0YTlkN2Q5Njc5NmE4YWI3OTgxOTY2NWRmYmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/h3b8qUHaCW16lKI7m0QbboTjk3
QJUrF0w7LcZLdPHp165oAnNmF96nG7DXEyt71EVP6JmDhVHH6ptIep7iKlO8UjmS
m9YL7pj0tVOhIzjt7uUIfxq68E5+BFtT5+ruGv67NixGDt+njqV/CmqCy9VquICk
A36SR4GBsLa9tKw0lyAQfUTZyOv/YPD7ic8ddbvJZOpsSMSoGSyXWe1XEspXQTOW
sknMKYrijran+nOP8gOqlcJpevoIb2IV9pWDADhcs8hlq9H5bzO1m5JxMoaCYhaY
ISrcwia1j9uw1d0DLi+ksHpkz8BrhNOzg/G+KSZLkLMAsE6MmAFmbPg/9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMsSa2OyjkqdfZZ5aoq3mBlmXfv/MB8GA1UdIwQY
MBaAFELpDJ0QCbMsGUW2+OZYlIPF6kdDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXVrTW5SQUpzeXdaUmJiNDVsaVVnOFhxUjBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC85NTVhNDAtOWQ5NC00ZjgyLTg4ZTUt
NjljNjI5ODQxNWY4LzEvUXVrTW5SQUpzeXdaUmJiNDVsaVVnOFhxUjBNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC85NTVhNDAtOWQ5NC00ZjgyLTg4ZTUtNjljNjI5ODQxNWY4
LzEvUXVrTW5SQUpzeXdaUmJiNDVsaVVnOFhxUjBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABjm2aKZ6
i0C9gwXL6QZvsWhHfp7Br4Uvi1xUgEtmFnIQjijlbH52X0GZ6PflZqX90ZpeG/FD
ob2OTJtHz6GTGyIHyRLBeGSTSu5709IUW4JwJjlek0WuAIM7FYoVACNsdFT80URW
LlE4P1vudFF0Q9mrPPrxxPcyBC7yh+ecoNAQZw2ZErZcn5Gyu9/jZYWUFWOHCfAG
l3sFHPhYAT9oqsXrjfNxoeWnq7PQo+6n6by50AWjs5neHFF1wdBlcgWf84fTGd0Z
LzGnnZzoNNPgCbuyJFbJwZhDVB3/4Izc8QPymiOksGE/uy9VkcIWAIg1vzVwKdXK
vRoe6NEJWdprFQ==
-----END CERTIFICATE-----
Generated at Tue Oct 21 02:11:11 2025 by rpki-client