Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.mft
File: QB0ZYVrOK7vPoJFpCAgIdipksX4.mft (raw, json)
Hash identifier: AYhL68TbZXwZpZe99dvlXrm4o85zmkrqhLz9Z6qmymI=
Subject key identifier: AE:F3:CB:46:00:A8:10:3D:06:00:C1:2D:21:86:08:69:4A:40:B1:ED
Authority key identifier: 40:1D:19:61:5A:CE:2B:BB:CF:A0:91:69:08:08:08:76:2A:64:B1:7E
Certificate issuer: /CN=401d19615ace2bbbcfa09169080808762a64b17e
Certificate serial: 0199FCFDB050047278A74503A9FD0711C0AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QB0ZYVrOK7vPoJFpCAgIdipksX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.mft
Manifest number: 05B1
Signing time: Sun 19 Oct 2025 15:01:48 +0000
Manifest this update: Sun 19 Oct 2025 15:01:48 +0000
Manifest next update: Mon 20 Oct 2025 15:01:48 +0000
Files and hashes: 1: KrtTh6gsfptfdAcGq3CmJjqfV2o.roa (hash: eRRAdGSdFwP7Zvo2rxHWeAe37W0cOjnKNlia+tVBb+M=)
2: QB0ZYVrOK7vPoJFpCAgIdipksX4.crl (hash: kGqkEbgc4Wi3HjFcyGPY//dG3NLyqnywoDsuGux30EE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.mft
rsync://rpki.ripe.net/repository/DEFAULT/QB0ZYVrOK7vPoJFpCAgIdipksX4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:fd:b0:50:04:72:78:a7:45:03:a9:fd:07:11:c0:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=401d19615ace2bbbcfa09169080808762a64b17e
Validity
Not Before: Oct 19 15:01:48 2025 GMT
Not After : Oct 20 15:01:48 2025 GMT
Subject: CN=aef3cb4600a8103d0600c12d218608694a40b1ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:a8:5b:2f:f6:da:13:f5:05:65:f4:9a:ab:28:
42:77:82:c1:fb:d9:4c:a7:e6:18:e4:6e:a1:7f:d9:
ef:3e:1a:e5:31:5f:66:33:47:8d:c0:c8:08:07:b9:
ac:5a:ac:c8:20:c6:a2:ae:2a:01:d8:2f:e6:a4:81:
f6:c6:9c:9b:3c:c9:05:f4:b6:8e:2f:65:dd:8f:c0:
7d:b2:77:9e:d5:63:0a:48:74:93:b2:cd:5f:aa:ea:
95:52:17:5d:35:f8:6b:86:68:c8:7f:c1:f0:9d:81:
d7:1d:1f:43:15:8c:a7:02:92:38:8e:76:51:63:53:
d1:2c:d8:81:2f:de:77:13:60:40:2c:ad:5b:d3:ed:
cd:fa:d8:c6:a7:d0:f0:a0:78:22:d7:6a:11:b2:68:
fc:9f:af:fe:17:a0:24:9e:3a:ca:36:d6:52:61:8a:
16:85:07:17:06:30:2c:a4:cd:0c:de:67:fe:54:0d:
2b:59:53:29:78:ec:4c:ae:a9:5a:3f:27:f4:cd:82:
e4:79:0d:fa:db:cd:40:b3:4f:86:18:d5:28:38:1a:
95:24:06:20:47:90:aa:f8:e7:ea:46:da:52:82:fe:
97:3b:e9:99:cb:5a:97:ad:28:bc:ef:e3:eb:68:85:
6a:a7:94:16:11:d4:8d:61:0b:cc:e2:37:b2:81:70:
18:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:F3:CB:46:00:A8:10:3D:06:00:C1:2D:21:86:08:69:4A:40:B1:ED
X509v3 Authority Key Identifier:
keyid:40:1D:19:61:5A:CE:2B:BB:CF:A0:91:69:08:08:08:76:2A:64:B1:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QB0ZYVrOK7vPoJFpCAgIdipksX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c5:f0:09:ca:4e:76:cf:9a:ac:1a:5d:42:f2:c5:65:f4:4d:05:
0e:6e:aa:25:1a:e3:8e:87:2e:62:a8:5d:9c:d9:a3:1c:d2:33:
e9:96:56:8a:2e:b2:c0:8e:a7:bb:81:bc:ed:f7:f9:0b:e8:61:
9a:e7:03:fe:27:6d:b8:3b:94:d2:48:87:b0:5e:db:eb:ec:ec:
c6:91:95:89:b9:94:a9:2b:55:3b:14:81:6d:87:5d:19:cc:e0:
b3:12:41:83:77:ce:d3:83:22:bc:7d:81:a3:fb:23:cb:ea:0a:
41:90:00:de:f5:80:ff:2e:2d:56:b8:c4:10:cf:19:fe:bf:b9:
a2:db:db:71:31:22:f5:80:87:cd:cc:da:eb:4e:74:7d:b6:06:
f7:ac:34:ec:3e:8b:cf:20:54:89:ff:81:79:06:00:c4:4a:90:
4c:64:5a:3e:0c:09:0f:10:c7:51:66:8c:cf:40:e5:e9:4a:c7:
71:34:15:02:aa:e3:55:47:94:2e:9b:63:da:eb:23:f0:85:6c:
5d:ea:cf:42:4d:98:71:fc:84:07:36:18:36:98:b9:80:95:c1:
6d:5e:7e:38:1f:85:08:aa:d0:24:aa:cb:11:46:98:fb:fc:79:
4d:2c:2b:da:85:c7:2d:f3:cf:ad:ed:f6:16:b4:bd:23:4f:fd:
6e:73:33:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8/bBQBHJ4p0UDqf0HEcCsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMWQxOTYxNWFjZTJiYmJjZmEwOTE2OTA4MDgwODc2MmE2
NGIxN2UwHhcNMjUxMDE5MTUwMTQ4WhcNMjUxMDIwMTUwMTQ4WjAzMTEwLwYDVQQD
EyhhZWYzY2I0NjAwYTgxMDNkMDYwMGMxMmQyMTg2MDg2OTRhNDBiMWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlqhbL/baE/UFZfSaqyhCd4LB+9lM
p+YY5G6hf9nvPhrlMV9mM0eNwMgIB7msWqzIIMairioB2C/mpIH2xpybPMkF9LaO
L2Xdj8B9snee1WMKSHSTss1fquqVUhddNfhrhmjIf8HwnYHXHR9DFYynApI4jnZR
Y1PRLNiBL953E2BALK1b0+3N+tjGp9DwoHgi12oRsmj8n6/+F6AknjrKNtZSYYoW
hQcXBjAspM0M3mf+VA0rWVMpeOxMrqlaPyf0zYLkeQ36281As0+GGNUoOBqVJAYg
R5Cq+OfqRtpSgv6XO+mZy1qXrSi87+PraIVqp5QWEdSNYQvM4jeygXAYtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK7zy0YAqBA9BgDBLSGGCGlKQLHtMB8GA1UdIwQY
MBaAFEAdGWFaziu7z6CRaQgICHYqZLF+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUIwWllWck9LN3ZQb0pGcENBZ0lkaXBrc1g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9iNWRhNzAtNDIxMC00NjNlLTlkYzYt
OTc5OTcyYTAwMTRkLzEvUUIwWllWck9LN3ZQb0pGcENBZ0lkaXBrc1g0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9iNWRhNzAtNDIxMC00NjNlLTlkYzYtOTc5OTcyYTAwMTRk
LzEvUUIwWllWck9LN3ZQb0pGcENBZ0lkaXBrc1g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxfAJyk52
z5qsGl1C8sVl9E0FDm6qJRrjjocuYqhdnNmjHNIz6ZZWii6ywI6nu4G87ff5C+hh
mucD/idtuDuU0kiHsF7b6+zsxpGVibmUqStVOxSBbYddGczgsxJBg3fO04MivH2B
o/sjy+oKQZAA3vWA/y4tVrjEEM8Z/r+5otvbcTEi9YCHzcza6050fbYG96w07D6L
zyBUif+BeQYAxEqQTGRaPgwJDxDHUWaMz0Dl6UrHcTQVAqrjVUeULptj2usj8IVs
XerPQk2YcfyEBzYYNpi5gJXBbV5+OB+FCKrQJKrLEUaY+/x5TSwr2oXHLfPPre32
FrS9I0/9bnMzsA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:39:17 2025 by rpki-client