Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/60eb48-279d-4afe-8d8a-1daa951c71b7/1/qsIj-xlCEV5IqXVCByktAKCC7N8.mft
File: qsIj-xlCEV5IqXVCByktAKCC7N8.mft (raw, json)
Hash identifier: bCh1AatVbOS5mnoPv+p+76Hb9MAnt6tq5+iosA4Pylk=
Subject key identifier: 63:50:76:91:21:9C:43:1A:7C:E0:E7:E4:BD:16:A3:13:52:FB:C2:E8
Authority key identifier: AA:C2:23:FB:19:42:11:5E:48:A9:75:42:07:29:2D:00:A0:82:EC:DF
Certificate issuer: /CN=aac223fb1942115e48a9754207292d00a082ecdf
Certificate serial: 0199FC21C4FA1C7B3D1B381ECF705F2BB046
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qsIj-xlCEV5IqXVCByktAKCC7N8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/60eb48-279d-4afe-8d8a-1daa951c71b7/1/qsIj-xlCEV5IqXVCByktAKCC7N8.mft
Manifest number: 0933
Signing time: Sun 19 Oct 2025 11:01:35 +0000
Manifest this update: Sun 19 Oct 2025 11:01:35 +0000
Manifest next update: Mon 20 Oct 2025 11:01:35 +0000
Files and hashes: 1: f7H4NvJn5XG9ZEVLvo3rzyryem0.roa (hash: FIvnUTIH/WyzVRn7SNngTErOpdYKzvrkMjSyoAbXEio=)
2: qsIj-xlCEV5IqXVCByktAKCC7N8.crl (hash: Rfn96PP8Shd3lvYmZcerh900yikU/8nInEgwLV9176A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/60eb48-279d-4afe-8d8a-1daa951c71b7/1/qsIj-xlCEV5IqXVCByktAKCC7N8.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/60eb48-279d-4afe-8d8a-1daa951c71b7/1/qsIj-xlCEV5IqXVCByktAKCC7N8.mft
rsync://rpki.ripe.net/repository/DEFAULT/qsIj-xlCEV5IqXVCByktAKCC7N8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:01:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:21:c4:fa:1c:7b:3d:1b:38:1e:cf:70:5f:2b:b0:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aac223fb1942115e48a9754207292d00a082ecdf
Validity
Not Before: Oct 19 11:01:35 2025 GMT
Not After : Oct 20 11:01:35 2025 GMT
Subject: CN=63507691219c431a7ce0e7e4bd16a31352fbc2e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c8:7b:ea:74:8a:e3:45:62:ec:db:35:34:f2:
d7:c6:c9:12:2c:d1:5d:e9:a2:b3:ce:f2:d3:7d:d9:
db:2c:9c:04:b9:c1:1d:d9:08:34:d2:0c:31:de:58:
3a:f8:08:92:8c:f2:ef:69:35:ab:ed:be:22:52:93:
c6:c5:20:72:ad:a3:e7:31:b5:30:e2:95:f9:5d:5e:
7a:3f:f6:79:65:12:7b:95:5e:35:7e:74:16:c7:42:
5d:7e:d9:06:6e:7f:dd:71:7e:fa:c5:16:93:61:db:
74:d7:69:5a:ed:fd:05:d4:99:2a:1b:d1:fd:f3:cc:
28:8b:7d:8c:46:bf:24:2c:7b:8e:1c:d1:e6:44:b2:
13:0d:f9:40:20:df:77:7e:77:d9:31:1d:9d:28:b3:
fe:fb:dd:79:41:d9:4a:ed:1f:a7:a8:95:6b:ea:c9:
e9:22:b7:cb:41:9a:9a:5b:44:d7:90:6b:b9:80:fe:
88:e5:0d:2a:45:c1:00:bc:c2:4d:2b:62:9e:5f:7c:
e5:0f:81:f6:a9:09:db:30:88:eb:ca:ba:35:a8:61:
f3:c9:a8:fc:4c:c0:27:2e:e6:d3:b9:83:44:6f:76:
7e:97:8d:37:a4:ca:1c:ae:d1:47:b2:9e:f2:c3:d0:
e7:a2:37:7e:cd:7e:1c:c5:02:ff:54:2d:55:e7:f7:
98:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:50:76:91:21:9C:43:1A:7C:E0:E7:E4:BD:16:A3:13:52:FB:C2:E8
X509v3 Authority Key Identifier:
keyid:AA:C2:23:FB:19:42:11:5E:48:A9:75:42:07:29:2D:00:A0:82:EC:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qsIj-xlCEV5IqXVCByktAKCC7N8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/60eb48-279d-4afe-8d8a-1daa951c71b7/1/qsIj-xlCEV5IqXVCByktAKCC7N8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/60eb48-279d-4afe-8d8a-1daa951c71b7/1/qsIj-xlCEV5IqXVCByktAKCC7N8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
10:09:cf:7b:f9:5c:2f:70:66:ef:a7:60:09:b1:f5:e8:8f:c4:
d1:d2:19:f2:e9:91:2c:53:4b:c9:d2:96:b9:d3:e3:94:8b:e4:
9a:38:fe:f8:eb:11:78:a2:8f:95:d7:d2:dc:10:c0:ad:18:30:
49:c2:eb:60:dc:67:6d:d4:24:8a:5e:26:38:c9:0a:48:05:16:
d4:79:57:9a:8a:f4:c4:a6:8c:71:9b:98:40:fb:c8:2d:b0:10:
ed:02:f2:9d:c8:4e:a7:b4:3c:b7:4f:41:a9:c2:9b:39:46:32:
b3:fc:2f:d2:5f:f7:cb:72:dc:05:fe:98:50:26:38:64:58:96:
ee:59:55:b3:a1:30:e3:b7:66:fc:81:a8:70:29:15:ac:92:79:
7f:a4:fa:90:71:a4:bb:de:1a:a6:ad:74:79:18:bc:1b:16:5a:
9b:09:d0:e5:78:27:7f:65:db:4c:a2:f6:e7:90:44:f6:56:f6:
70:0c:b1:01:43:80:be:7a:1e:77:b6:d3:f5:f0:15:f6:3d:21:
6c:30:96:6e:e2:1c:c7:a4:41:f4:e2:79:af:dd:20:06:be:7f:
46:40:06:84:c0:8b:04:42:f8:dd:91:d1:f8:86:ce:c8:21:75:
30:f8:0f:05:88:05:03:4a:4e:6f:9b:4a:22:43:c4:60:ec:24:
f2:7a:c8:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8IcT6HHs9Gzgez3BfK7BGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhYzIyM2ZiMTk0MjExNWU0OGE5NzU0MjA3MjkyZDAwYTA4
MmVjZGYwHhcNMjUxMDE5MTEwMTM1WhcNMjUxMDIwMTEwMTM1WjAzMTEwLwYDVQQD
Eyg2MzUwNzY5MTIxOWM0MzFhN2NlMGU3ZTRiZDE2YTMxMzUyZmJjMmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtch76nSK40Vi7Ns1NPLXxskSLNFd
6aKzzvLTfdnbLJwEucEd2Qg00gwx3lg6+AiSjPLvaTWr7b4iUpPGxSByraPnMbUw
4pX5XV56P/Z5ZRJ7lV41fnQWx0JdftkGbn/dcX76xRaTYdt012la7f0F1JkqG9H9
88woi32MRr8kLHuOHNHmRLITDflAIN93fnfZMR2dKLP++915QdlK7R+nqJVr6snp
IrfLQZqaW0TXkGu5gP6I5Q0qRcEAvMJNK2KeX3zlD4H2qQnbMIjryro1qGHzyaj8
TMAnLubTuYNEb3Z+l403pMocrtFHsp7yw9Dnojd+zX4cxQL/VC1V5/eYtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGNQdpEhnEMafODn5L0WoxNS+8LoMB8GA1UdIwQY
MBaAFKrCI/sZQhFeSKl1QgcpLQCgguzfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXNJai14bENFVjVJcVhWQ0J5a3RBS0NDN044LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy82MGViNDgtMjc5ZC00YWZlLThkOGEt
MWRhYTk1MWM3MWI3LzEvcXNJai14bENFVjVJcVhWQ0J5a3RBS0NDN044Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy82MGViNDgtMjc5ZC00YWZlLThkOGEtMWRhYTk1MWM3MWI3
LzEvcXNJai14bENFVjVJcVhWQ0J5a3RBS0NDN044LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEAnPe/lc
L3Bm76dgCbH16I/E0dIZ8umRLFNLydKWudPjlIvkmjj++OsReKKPldfS3BDArRgw
ScLrYNxnbdQkil4mOMkKSAUW1HlXmor0xKaMcZuYQPvILbAQ7QLynchOp7Q8t09B
qcKbOUYys/wv0l/3y3LcBf6YUCY4ZFiW7llVs6Ew47dm/IGocCkVrJJ5f6T6kHGk
u94apq10eRi8GxZamwnQ5Xgnf2XbTKL255BE9lb2cAyxAUOAvnoed7bT9fAV9j0h
bDCWbuIcx6RB9OJ5r90gBr5/RkAGhMCLBEL43ZHR+IbOyCF1MPgPBYgFA0pOb5tK
IkPEYOwk8nrIbg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:53:17 2025 by rpki-client