Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/ba3b2f-a289-404e-aef8-4e737e06d290/1/qaBzsx2IjkQ54nLgB8lTL8MFyA0.mft
File: qaBzsx2IjkQ54nLgB8lTL8MFyA0.mft (raw, json)
Hash identifier: poyr1qk0EpIHnkJ/WdYahRMC9uCuVldNqZtZucwFfQc=
Subject key identifier: 6B:44:29:AB:F2:8A:17:DC:6D:91:12:06:3D:1C:30:E8:DB:2A:91:F4
Authority key identifier: A9:A0:73:B3:1D:88:8E:44:39:E2:72:E0:07:C9:53:2F:C3:05:C8:0D
Certificate issuer: /CN=a9a073b31d888e4439e272e007c9532fc305c80d
Certificate serial: 0199FF59452780EB4BC10AF1B219B524D8FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qaBzsx2IjkQ54nLgB8lTL8MFyA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/ba3b2f-a289-404e-aef8-4e737e06d290/1/qaBzsx2IjkQ54nLgB8lTL8MFyA0.mft
Manifest number: 0DA6
Signing time: Mon 20 Oct 2025 02:01:04 +0000
Manifest this update: Mon 20 Oct 2025 02:01:04 +0000
Manifest next update: Tue 21 Oct 2025 02:01:04 +0000
Files and hashes: 1: Q8xFmFvAPSn77NIvkdeBwz67ukY.roa (hash: 6n/TW9WGi0M+VK+cZnP9o3jAKXvSHj5b/AFgad9Qy1Y=)
2: qaBzsx2IjkQ54nLgB8lTL8MFyA0.crl (hash: pD3Nld7iQB14hqZkmrnNZhoF2IHmdcl1SI4KWcD/aWo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/ba3b2f-a289-404e-aef8-4e737e06d290/1/qaBzsx2IjkQ54nLgB8lTL8MFyA0.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/ba3b2f-a289-404e-aef8-4e737e06d290/1/qaBzsx2IjkQ54nLgB8lTL8MFyA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/qaBzsx2IjkQ54nLgB8lTL8MFyA0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ff:59:45:27:80:eb:4b:c1:0a:f1:b2:19:b5:24:d8:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9a073b31d888e4439e272e007c9532fc305c80d
Validity
Not Before: Oct 20 02:01:04 2025 GMT
Not After : Oct 21 02:01:04 2025 GMT
Subject: CN=6b4429abf28a17dc6d9112063d1c30e8db2a91f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:d8:fc:6c:f9:33:70:aa:b3:40:e7:d3:65:5e:
86:36:19:31:c4:90:ec:5e:aa:75:e0:3f:42:21:f2:
7d:f7:83:8f:50:fc:bd:5e:c3:8c:70:fc:66:d1:f2:
2f:6e:5b:9f:43:44:e5:e8:a1:d9:35:79:32:a7:e4:
b0:49:59:ea:b4:e7:0a:f4:63:43:94:50:f9:bd:f1:
d0:a8:87:cb:48:16:da:61:e6:50:c7:34:7a:71:1b:
3f:11:f3:7e:36:a5:7b:bb:13:91:41:b0:8b:80:1e:
1e:cd:ad:c7:2a:6e:a3:1d:81:4c:68:8d:71:ce:aa:
54:39:ad:c1:98:3e:c8:a3:8a:15:cb:36:80:29:ea:
58:dc:17:4e:4f:86:b1:26:8c:3f:f0:b5:d9:71:25:
31:08:64:8d:2d:6f:c8:de:f2:94:82:3b:2e:60:3d:
28:09:f2:df:e6:5d:ca:ab:17:c4:0e:44:7e:39:d3:
bc:44:10:02:1a:b2:72:d9:b7:32:e2:b4:61:c0:c8:
99:f4:30:22:ce:96:6f:8e:e9:34:d9:87:42:76:62:
49:eb:61:b8:bc:d6:ee:2d:81:0f:21:e7:61:31:6f:
3b:c4:c0:4f:31:9d:a1:1a:88:03:f8:a1:7a:4f:ae:
50:b6:96:18:3f:2f:33:05:fd:51:75:49:33:12:b4:
d8:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:44:29:AB:F2:8A:17:DC:6D:91:12:06:3D:1C:30:E8:DB:2A:91:F4
X509v3 Authority Key Identifier:
keyid:A9:A0:73:B3:1D:88:8E:44:39:E2:72:E0:07:C9:53:2F:C3:05:C8:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qaBzsx2IjkQ54nLgB8lTL8MFyA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/ba3b2f-a289-404e-aef8-4e737e06d290/1/qaBzsx2IjkQ54nLgB8lTL8MFyA0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/ba3b2f-a289-404e-aef8-4e737e06d290/1/qaBzsx2IjkQ54nLgB8lTL8MFyA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
cb:c5:7b:39:69:8c:dc:19:f6:24:f7:6f:4a:bf:a4:a2:56:eb:
5d:6a:72:62:d9:e6:8e:41:2a:06:e3:5f:7b:38:ba:a1:3f:11:
e9:23:e3:ce:e1:32:2b:dc:e8:bf:1b:48:9a:09:45:87:83:30:
86:fa:55:46:26:62:c4:57:5c:ca:62:2d:8e:e7:12:f4:e7:84:
77:1a:7c:96:38:40:03:70:91:a7:e3:42:bd:37:ce:c1:76:9d:
8b:b8:f3:a2:04:b5:c6:b5:df:1f:1d:91:7b:6c:f7:66:2c:f7:
39:c3:3f:35:80:f7:6c:fe:78:54:ec:56:34:fc:e7:dc:b3:52:
88:c5:0b:e9:5e:36:2c:2c:15:d3:65:7d:e4:c5:a4:b0:30:ca:
20:24:83:b4:54:45:44:b5:8c:90:e3:17:39:61:e3:80:0b:86:
cf:37:97:89:e7:93:b2:fe:58:85:bb:6f:9c:e2:01:a0:f4:83:
47:63:7a:c6:a8:4c:f8:9f:b2:23:0f:6b:f0:f8:b6:03:de:d3:
18:bb:6d:5d:62:a0:ca:ee:8f:cf:3a:fa:af:b1:d9:32:05:b5:
41:fc:18:8e:f5:17:47:f2:b6:f1:32:f8:df:c0:da:8e:6b:9a:
03:f3:25:d7:d1:42:48:7a:19:e2:18:6a:87:ec:2c:49:ed:71:
ff:e2:f7:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/WUUngOtLwQrxshm1JNj9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5YTA3M2IzMWQ4ODhlNDQzOWUyNzJlMDA3Yzk1MzJmYzMw
NWM4MGQwHhcNMjUxMDIwMDIwMTA0WhcNMjUxMDIxMDIwMTA0WjAzMTEwLwYDVQQD
Eyg2YjQ0MjlhYmYyOGExN2RjNmQ5MTEyMDYzZDFjMzBlOGRiMmE5MWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndj8bPkzcKqzQOfTZV6GNhkxxJDs
Xqp14D9CIfJ994OPUPy9XsOMcPxm0fIvblufQ0Tl6KHZNXkyp+SwSVnqtOcK9GND
lFD5vfHQqIfLSBbaYeZQxzR6cRs/EfN+NqV7uxORQbCLgB4eza3HKm6jHYFMaI1x
zqpUOa3BmD7Io4oVyzaAKepY3BdOT4axJow/8LXZcSUxCGSNLW/I3vKUgjsuYD0o
CfLf5l3KqxfEDkR+OdO8RBACGrJy2bcy4rRhwMiZ9DAizpZvjuk02YdCdmJJ62G4
vNbuLYEPIedhMW87xMBPMZ2hGogD+KF6T65QtpYYPy8zBf1RdUkzErTYNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGtEKavyihfcbZESBj0cMOjbKpH0MB8GA1UdIwQY
MBaAFKmgc7MdiI5EOeJy4AfJUy/DBcgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWFCenN4Mklqa1E1NG5MZ0I4bFRMOE1GeUEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9iYTNiMmYtYTI4OS00MDRlLWFlZjgt
NGU3MzdlMDZkMjkwLzEvcWFCenN4Mklqa1E1NG5MZ0I4bFRMOE1GeUEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9iYTNiMmYtYTI4OS00MDRlLWFlZjgtNGU3MzdlMDZkMjkw
LzEvcWFCenN4Mklqa1E1NG5MZ0I4bFRMOE1GeUEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAy8V7OWmM
3Bn2JPdvSr+kolbrXWpyYtnmjkEqBuNfezi6oT8R6SPjzuEyK9zovxtImglFh4Mw
hvpVRiZixFdcymItjucS9OeEdxp8ljhAA3CRp+NCvTfOwXadi7jzogS1xrXfHx2R
e2z3Ziz3OcM/NYD3bP54VOxWNPzn3LNSiMUL6V42LCwV02V95MWksDDKICSDtFRF
RLWMkOMXOWHjgAuGzzeXieeTsv5YhbtvnOIBoPSDR2N6xqhM+J+yIw9r8Pi2A97T
GLttXWKgyu6Pzzr6r7HZMgW1QfwYjvUXR/K28TL438DajmuaA/Ml19FCSHoZ4hhq
h+wsSe1x/+L3dw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 09:27:26 2025 by rpki-client