Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/5f179a-7b86-4c79-9339-d1b648a4fd0e/1/QIS7AapYrpSxMg_UvkIT-TFOkFY.mft
File: QIS7AapYrpSxMg_UvkIT-TFOkFY.mft (raw, json)
Hash identifier: gymcycoEzE+LlDxzL5X3uYHvClujBxL3srBoEu6cNw8=
Subject key identifier: 16:12:C2:DB:75:04:9D:35:B7:56:22:98:79:7F:C1:B1:17:53:12:D0
Authority key identifier: 40:84:BB:01:AA:58:AE:94:B1:32:0F:D4:BE:42:13:F9:31:4E:90:56
Certificate issuer: /CN=4084bb01aa58ae94b1320fd4be4213f9314e9056
Certificate serial: 019A01114C705B53FA049A01DE518788683F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QIS7AapYrpSxMg_UvkIT-TFOkFY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/5f179a-7b86-4c79-9339-d1b648a4fd0e/1/QIS7AapYrpSxMg_UvkIT-TFOkFY.mft
Manifest number: 06D3
Signing time: Mon 20 Oct 2025 10:01:42 +0000
Manifest this update: Mon 20 Oct 2025 10:01:42 +0000
Manifest next update: Tue 21 Oct 2025 10:01:42 +0000
Files and hashes: 1: QIS7AapYrpSxMg_UvkIT-TFOkFY.crl (hash: t74AP0aT/UfmIUxJAhBgegJogLSIY5rRRDj/bQOBZGA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/5f179a-7b86-4c79-9339-d1b648a4fd0e/1/QIS7AapYrpSxMg_UvkIT-TFOkFY.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/5f179a-7b86-4c79-9339-d1b648a4fd0e/1/QIS7AapYrpSxMg_UvkIT-TFOkFY.mft
rsync://rpki.ripe.net/repository/DEFAULT/QIS7AapYrpSxMg_UvkIT-TFOkFY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:01:11:4c:70:5b:53:fa:04:9a:01:de:51:87:88:68:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4084bb01aa58ae94b1320fd4be4213f9314e9056
Validity
Not Before: Oct 20 10:01:42 2025 GMT
Not After : Oct 21 10:01:42 2025 GMT
Subject: CN=1612c2db75049d35b7562298797fc1b1175312d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:7f:61:bd:31:a1:ac:51:c5:46:7f:79:61:83:
56:03:43:07:46:ba:e1:28:a2:a8:76:ca:70:60:80:
76:27:9c:fb:ae:4b:b8:b5:df:5e:ed:17:f1:b0:c6:
5a:15:dd:c3:a6:f3:56:49:c2:e8:d4:cc:0d:02:7f:
8e:13:8e:f0:79:20:0b:89:75:8e:dd:96:d8:85:52:
19:dc:57:f8:ea:77:4f:73:a7:b0:89:7b:9f:2f:77:
04:bb:87:e6:0c:f3:dc:3f:b9:6f:38:3f:66:a6:cd:
80:d6:da:a5:08:d7:59:bf:bc:86:58:70:50:cd:e7:
49:eb:73:a7:4b:54:11:bb:fa:aa:77:9c:d0:9a:54:
ee:87:fd:89:86:31:5c:18:83:1c:92:6c:d2:58:7d:
2d:e4:15:ca:72:c8:e7:c2:4d:3b:31:77:8a:83:1d:
d9:12:a2:8c:79:eb:c7:e6:64:27:f2:5c:dc:7d:ea:
ae:b8:4e:f8:7a:41:c1:bd:fe:1a:d1:d8:27:4b:f1:
19:4f:47:69:67:1e:36:ee:9d:3a:90:59:f8:a2:d6:
78:db:fd:b6:55:3b:20:0e:86:dc:2d:99:ae:b6:61:
12:68:95:df:f8:5f:05:fd:31:77:d9:ff:fd:c7:4e:
e5:5b:7e:81:2c:7f:88:ae:4d:d9:65:71:a5:8e:7e:
62:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:12:C2:DB:75:04:9D:35:B7:56:22:98:79:7F:C1:B1:17:53:12:D0
X509v3 Authority Key Identifier:
keyid:40:84:BB:01:AA:58:AE:94:B1:32:0F:D4:BE:42:13:F9:31:4E:90:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIS7AapYrpSxMg_UvkIT-TFOkFY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/5f179a-7b86-4c79-9339-d1b648a4fd0e/1/QIS7AapYrpSxMg_UvkIT-TFOkFY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/5f179a-7b86-4c79-9339-d1b648a4fd0e/1/QIS7AapYrpSxMg_UvkIT-TFOkFY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1b:cf:72:e9:82:f7:23:7a:bf:c8:ed:f9:42:68:4a:9a:7c:14:
be:19:e1:58:88:1e:c5:68:4c:dc:ae:5e:3f:2c:24:99:a2:17:
7e:9a:1e:8e:8b:f7:cd:7f:88:b3:80:9c:c8:ba:47:c4:ab:3a:
f9:c1:07:fd:47:46:bd:da:38:cf:fe:27:ee:14:3b:4c:45:0e:
19:7d:ca:58:59:10:32:cd:32:0d:80:be:5b:23:4a:32:20:a3:
f8:42:dc:ba:8f:52:f0:16:61:3a:80:04:59:48:b2:13:c5:0f:
5c:2e:e0:5f:5a:2e:a4:67:4c:b1:2c:c7:5c:28:f1:cc:4d:9d:
03:ea:ae:cf:67:16:4e:c9:e7:3e:65:50:bb:52:80:17:08:b6:
5e:7d:ba:3b:24:33:fb:b1:f3:03:17:a9:52:41:d1:da:0c:d0:
c9:8b:11:87:a1:d3:e5:ac:cf:58:92:cf:04:39:13:92:29:92:
6f:8b:eb:ab:01:d7:15:c8:a7:da:30:05:e4:50:35:2c:13:31:
ab:a0:bc:47:98:d3:8e:48:ca:c1:e9:dc:a0:18:8f:f4:af:a0:
53:00:ac:e4:5e:25:d5:c9:19:f8:47:bb:2a:f4:e6:15:ca:29:
9e:24:de:34:f1:1d:86:a9:67:d8:03:cb:cf:0d:26:e6:cc:02:
bf:a7:92:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoBEUxwW1P6BJoB3lGHiGg/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwODRiYjAxYWE1OGFlOTRiMTMyMGZkNGJlNDIxM2Y5MzE0
ZTkwNTYwHhcNMjUxMDIwMTAwMTQyWhcNMjUxMDIxMTAwMTQyWjAzMTEwLwYDVQQD
EygxNjEyYzJkYjc1MDQ5ZDM1Yjc1NjIyOTg3OTdmYzFiMTE3NTMxMmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1X9hvTGhrFHFRn95YYNWA0MHRrrh
KKKodspwYIB2J5z7rku4td9e7RfxsMZaFd3DpvNWScLo1MwNAn+OE47weSALiXWO
3ZbYhVIZ3Ff46ndPc6ewiXufL3cEu4fmDPPcP7lvOD9mps2A1tqlCNdZv7yGWHBQ
zedJ63OnS1QRu/qqd5zQmlTuh/2JhjFcGIMckmzSWH0t5BXKcsjnwk07MXeKgx3Z
EqKMeevH5mQn8lzcfequuE74ekHBvf4a0dgnS/EZT0dpZx427p06kFn4otZ42/22
VTsgDobcLZmutmESaJXf+F8F/TF32f/9x07lW36BLH+Irk3ZZXGljn5ipwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBYSwtt1BJ01t1YimHl/wbEXUxLQMB8GA1UdIwQY
MBaAFECEuwGqWK6UsTIP1L5CE/kxTpBWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUlTN0FhcFlycFN4TWdfVXZrSVQtVEZPa0ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My81ZjE3OWEtN2I4Ni00Yzc5LTkzMzkt
ZDFiNjQ4YTRmZDBlLzEvUUlTN0FhcFlycFN4TWdfVXZrSVQtVEZPa0ZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My81ZjE3OWEtN2I4Ni00Yzc5LTkzMzktZDFiNjQ4YTRmZDBl
LzEvUUlTN0FhcFlycFN4TWdfVXZrSVQtVEZPa0ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG89y6YL3
I3q/yO35QmhKmnwUvhnhWIgexWhM3K5ePywkmaIXfpoejov3zX+Is4CcyLpHxKs6
+cEH/UdGvdo4z/4n7hQ7TEUOGX3KWFkQMs0yDYC+WyNKMiCj+ELcuo9S8BZhOoAE
WUiyE8UPXC7gX1oupGdMsSzHXCjxzE2dA+quz2cWTsnnPmVQu1KAFwi2Xn26OyQz
+7HzAxepUkHR2gzQyYsRh6HT5azPWJLPBDkTkimSb4vrqwHXFcin2jAF5FA1LBMx
q6C8R5jTjkjKwencoBiP9K+gUwCs5F4l1ckZ+Ee7KvTmFcopniTeNPEdhqln2APL
zw0m5swCv6eS6Q==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:42:50 2025 by rpki-client