Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/3c7f83-bc28-4282-aa02-969f2a00ede0/1/QpXD7wDP_s4vcbYZkcbG09pJwRA.mft
File: QpXD7wDP_s4vcbYZkcbG09pJwRA.mft (raw, json)
Hash identifier: 3/+lUm6UMondiR7kZ4xhCGIBYNs7app1gkKs322FgKg=
Subject key identifier: B4:0C:84:61:AA:86:E0:6D:4A:40:71:24:DD:E0:B9:9C:7E:40:08:9E
Authority key identifier: 42:95:C3:EF:00:CF:FE:CE:2F:71:B6:19:91:C6:C6:D3:DA:49:C1:10
Certificate issuer: /CN=4295c3ef00cffece2f71b61991c6c6d3da49c110
Certificate serial: 0199FF22B676222237DC0BE93B5E448422E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QpXD7wDP_s4vcbYZkcbG09pJwRA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/3c7f83-bc28-4282-aa02-969f2a00ede0/1/QpXD7wDP_s4vcbYZkcbG09pJwRA.mft
Manifest number: 03CD
Signing time: Mon 20 Oct 2025 01:01:28 +0000
Manifest this update: Mon 20 Oct 2025 01:01:28 +0000
Manifest next update: Tue 21 Oct 2025 01:01:28 +0000
Files and hashes: 1: QpXD7wDP_s4vcbYZkcbG09pJwRA.crl (hash: Eol0lRnn4KRSgS+XE77kbHEAvAHgcU87iZUvQ09VxJw=)
2: SGxwV5wEplv2xVzvW6jMMH0Hi4k.roa (hash: p0OjWToBEfnkzQw/yjz+AdE3+kwiUg0q1pmwBXRywUk=)
3: eC0FosjTUlbZcnWZVWIH359Lcd8.roa (hash: qDWdvtB5VIYnR+iPBmUfW1ayU92Br+j2BjK1vo1fUg0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/3c7f83-bc28-4282-aa02-969f2a00ede0/1/QpXD7wDP_s4vcbYZkcbG09pJwRA.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/3c7f83-bc28-4282-aa02-969f2a00ede0/1/QpXD7wDP_s4vcbYZkcbG09pJwRA.mft
rsync://rpki.ripe.net/repository/DEFAULT/QpXD7wDP_s4vcbYZkcbG09pJwRA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ff:22:b6:76:22:22:37:dc:0b:e9:3b:5e:44:84:22:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4295c3ef00cffece2f71b61991c6c6d3da49c110
Validity
Not Before: Oct 20 01:01:28 2025 GMT
Not After : Oct 21 01:01:28 2025 GMT
Subject: CN=b40c8461aa86e06d4a407124dde0b99c7e40089e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:e4:a3:7c:33:02:92:b9:84:8d:95:7b:9e:d6:
3d:31:55:ab:ee:d9:23:3b:e0:0e:61:41:f0:c6:8a:
4d:2e:04:0e:29:a4:38:b3:cd:57:6e:7b:8d:ef:8c:
f3:02:a7:f6:d5:4f:84:54:1b:c3:be:77:ec:41:64:
f6:b6:2a:56:7c:ee:c7:bc:92:a1:1b:77:3d:67:36:
d4:d4:59:ca:21:20:f6:47:e5:fd:ae:01:04:45:f3:
39:7b:83:04:11:55:50:9c:6b:5a:18:18:e1:97:16:
c3:e1:98:fd:0f:01:c1:4f:46:f5:25:a3:0e:5e:60:
38:53:0b:38:87:6f:d5:9b:f7:ed:cc:a0:c0:7a:c8:
9d:6c:b5:3d:5b:50:f9:75:98:57:e0:b5:01:b4:d4:
b4:28:b4:de:81:e3:ac:5e:32:1b:41:de:12:6e:53:
96:6a:c5:d5:05:6a:b7:b9:44:f2:57:b7:f0:28:2b:
c1:3a:1b:08:f0:9b:39:15:3f:c6:f9:b5:63:3e:ea:
19:72:2d:34:e5:09:33:ab:50:66:4a:aa:5d:8b:e0:
0b:eb:b3:44:dd:f7:74:e7:ae:39:bf:f4:d2:cb:94:
b8:ab:59:07:63:b5:50:e7:08:a7:5e:6a:60:19:b7:
f3:fe:e1:71:6e:e0:76:7b:a9:ce:6c:55:9a:3a:7e:
a6:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:0C:84:61:AA:86:E0:6D:4A:40:71:24:DD:E0:B9:9C:7E:40:08:9E
X509v3 Authority Key Identifier:
keyid:42:95:C3:EF:00:CF:FE:CE:2F:71:B6:19:91:C6:C6:D3:DA:49:C1:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpXD7wDP_s4vcbYZkcbG09pJwRA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/3c7f83-bc28-4282-aa02-969f2a00ede0/1/QpXD7wDP_s4vcbYZkcbG09pJwRA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/3c7f83-bc28-4282-aa02-969f2a00ede0/1/QpXD7wDP_s4vcbYZkcbG09pJwRA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
11:3f:33:fe:39:c8:9a:31:83:09:b3:93:5a:6f:64:df:a4:8f:
d4:49:2b:bb:31:fd:66:6a:fa:a9:45:bd:82:7a:a5:f1:c9:64:
c4:7a:15:5e:26:4b:a2:a9:2a:c4:a8:dc:8a:9a:28:15:e3:13:
77:17:41:f4:61:9f:54:1c:f1:11:30:61:9f:12:7c:17:fd:dd:
ee:6d:97:10:10:a6:10:93:f7:36:41:8f:6d:22:72:c2:f5:a2:
1a:c4:3c:47:64:ac:10:bf:7a:e4:b6:52:e1:e8:7b:19:bd:d6:
ee:e4:46:ab:0d:33:fd:69:d3:0e:08:ea:c9:c7:ab:79:c4:c4:
da:eb:06:e1:ab:56:c6:24:c8:72:35:ae:42:fe:0a:37:5b:19:
72:a7:84:b6:77:8f:9c:d8:60:f6:2a:92:64:9c:7c:02:c0:d9:
6a:8c:8b:6a:96:b9:cf:cf:80:22:b5:98:92:28:0b:0e:18:12:
46:23:ab:7a:88:7d:49:76:f0:d9:d0:03:1e:e8:53:65:09:c5:
1f:c6:7b:56:ea:81:34:df:c8:25:d1:dc:63:1b:0f:ca:7f:5d:
c2:aa:6c:8d:ad:dc:50:08:e0:7d:dc:56:82:93:ee:8f:bc:ec:
7b:d9:fa:07:8a:19:39:7d:40:3e:7c:fc:cb:fe:bc:0c:96:68:
7f:76:ae:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/IrZ2IiI33AvpO15EhCLhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTVjM2VmMDBjZmZlY2UyZjcxYjYxOTkxYzZjNmQzZGE0
OWMxMTAwHhcNMjUxMDIwMDEwMTI4WhcNMjUxMDIxMDEwMTI4WjAzMTEwLwYDVQQD
EyhiNDBjODQ2MWFhODZlMDZkNGE0MDcxMjRkZGUwYjk5YzdlNDAwODllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkuSjfDMCkrmEjZV7ntY9MVWr7tkj
O+AOYUHwxopNLgQOKaQ4s81XbnuN74zzAqf21U+EVBvDvnfsQWT2tipWfO7HvJKh
G3c9ZzbU1FnKISD2R+X9rgEERfM5e4MEEVVQnGtaGBjhlxbD4Zj9DwHBT0b1JaMO
XmA4Uws4h2/Vm/ftzKDAesidbLU9W1D5dZhX4LUBtNS0KLTegeOsXjIbQd4SblOW
asXVBWq3uUTyV7fwKCvBOhsI8Js5FT/G+bVjPuoZci005Qkzq1BmSqpdi+AL67NE
3fd05645v/TSy5S4q1kHY7VQ5winXmpgGbfz/uFxbuB2e6nObFWaOn6mTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLQMhGGqhuBtSkBxJN3guZx+QAieMB8GA1UdIwQY
MBaAFEKVw+8Az/7OL3G2GZHGxtPaScEQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBYRDd3RFBfczR2Y2JZWmtjYkcwOXBKd1JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8zYzdmODMtYmMyOC00MjgyLWFhMDIt
OTY5ZjJhMDBlZGUwLzEvUXBYRDd3RFBfczR2Y2JZWmtjYkcwOXBKd1JBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8zYzdmODMtYmMyOC00MjgyLWFhMDItOTY5ZjJhMDBlZGUw
LzEvUXBYRDd3RFBfczR2Y2JZWmtjYkcwOXBKd1JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAET8z/jnI
mjGDCbOTWm9k36SP1EkruzH9Zmr6qUW9gnql8clkxHoVXiZLoqkqxKjcipooFeMT
dxdB9GGfVBzxETBhnxJ8F/3d7m2XEBCmEJP3NkGPbSJywvWiGsQ8R2SsEL965LZS
4eh7Gb3W7uRGqw0z/WnTDgjqycerecTE2usG4atWxiTIcjWuQv4KN1sZcqeEtneP
nNhg9iqSZJx8AsDZaoyLapa5z8+AIrWYkigLDhgSRiOreoh9SXbw2dADHuhTZQnF
H8Z7VuqBNN/IJdHcYxsPyn9dwqpsja3cUAjgfdxWgpPuj7zse9n6B4oZOX1APnz8
y/68DJZof3auvQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:03:57 2025 by rpki-client