Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/b43857-021c-4262-b183-1d77cf2a7100/1/QY1UtVsZKiSLhHI026US-XYMq_o.mft
File: QY1UtVsZKiSLhHI026US-XYMq_o.mft (raw, json)
Hash identifier: rsfsFmnADk6G1xF+CKu+n6iFXgz7GA9h+iRMjt1gnaI=
Subject key identifier: 11:B7:67:21:84:B3:5A:BD:BC:9D:78:95:B2:68:C6:1C:D0:29:44:7C
Authority key identifier: 41:8D:54:B5:5B:19:2A:24:8B:84:72:34:DB:A5:12:F9:76:0C:AB:FA
Certificate issuer: /CN=418d54b55b192a248b847234dba512f9760cabfa
Certificate serial: 0199FD6B55243BCFEB6761796ED5FC41051F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QY1UtVsZKiSLhHI026US-XYMq_o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/b43857-021c-4262-b183-1d77cf2a7100/1/QY1UtVsZKiSLhHI026US-XYMq_o.mft
Manifest number: 0A67
Signing time: Sun 19 Oct 2025 17:01:33 +0000
Manifest this update: Sun 19 Oct 2025 17:01:33 +0000
Manifest next update: Mon 20 Oct 2025 17:01:33 +0000
Files and hashes: 1: PTvQgS1qnjLwo9s4LdFb_Ohs-14.roa (hash: ISrdGe09G63GrIhvFHUR6KGbQ/gtnJbbuoeTtm56a1E=)
2: QY1UtVsZKiSLhHI026US-XYMq_o.crl (hash: eQVthDNcdsHM/MWYUrJVnZ59dVZDlJTV+/IGZFVonW0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/b43857-021c-4262-b183-1d77cf2a7100/1/QY1UtVsZKiSLhHI026US-XYMq_o.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/b43857-021c-4262-b183-1d77cf2a7100/1/QY1UtVsZKiSLhHI026US-XYMq_o.mft
rsync://rpki.ripe.net/repository/DEFAULT/QY1UtVsZKiSLhHI026US-XYMq_o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fd:6b:55:24:3b:cf:eb:67:61:79:6e:d5:fc:41:05:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=418d54b55b192a248b847234dba512f9760cabfa
Validity
Not Before: Oct 19 17:01:33 2025 GMT
Not After : Oct 20 17:01:33 2025 GMT
Subject: CN=11b7672184b35abdbc9d7895b268c61cd029447c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:20:b8:9d:f0:12:10:e6:b6:fe:d5:cf:33:5d:
77:39:f7:a9:72:36:27:5d:0d:ef:ac:09:1d:b0:1b:
75:5b:6b:14:90:68:ae:42:64:e2:19:84:58:c6:6b:
c6:13:2d:73:52:0d:23:37:a2:93:9c:9d:ad:bd:3b:
f8:28:e0:b2:b2:f4:00:aa:0f:6e:e7:de:70:a8:39:
3a:a6:73:90:cd:a1:7f:0c:8c:a7:2e:3d:d1:da:09:
92:2b:9c:21:64:41:8e:cb:07:15:28:82:2d:34:58:
75:c2:4b:c6:72:af:be:31:75:1c:6b:d5:29:85:06:
4a:dd:6b:84:d0:44:9a:cc:6a:c4:83:cc:27:43:f9:
ad:26:33:94:80:21:9a:cd:7b:5a:60:7d:44:2f:c0:
81:c3:66:a9:f7:67:96:1d:19:52:30:69:56:f4:c1:
14:33:f2:86:88:cf:8e:2f:b9:cf:e7:3c:2e:0b:cb:
ee:d9:82:3f:76:3d:2f:c1:59:3c:8b:0b:6a:4b:5d:
1e:26:6e:ce:e5:cd:83:5a:c6:88:78:c5:c0:14:16:
66:58:23:9d:0b:8d:d5:69:89:65:99:0a:e4:5e:f4:
63:3c:3e:22:bc:7f:49:0e:b3:95:da:9c:bf:74:76:
18:1e:16:0c:48:b3:cc:d7:79:81:12:bf:1a:53:2e:
11:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:B7:67:21:84:B3:5A:BD:BC:9D:78:95:B2:68:C6:1C:D0:29:44:7C
X509v3 Authority Key Identifier:
keyid:41:8D:54:B5:5B:19:2A:24:8B:84:72:34:DB:A5:12:F9:76:0C:AB:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QY1UtVsZKiSLhHI026US-XYMq_o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/b43857-021c-4262-b183-1d77cf2a7100/1/QY1UtVsZKiSLhHI026US-XYMq_o.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/b43857-021c-4262-b183-1d77cf2a7100/1/QY1UtVsZKiSLhHI026US-XYMq_o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
62:8e:67:2d:8e:aa:e3:2c:b2:87:f7:2e:4a:58:d7:7f:b1:f3:
d2:e1:dd:b2:d0:13:15:ae:9b:b8:fe:12:9f:c7:c2:21:51:5d:
6e:5c:b0:3a:50:14:cd:02:f0:00:e9:84:41:f8:b4:65:b4:b8:
7c:c4:4c:89:0f:57:c9:db:85:31:39:84:4e:d6:b0:6d:5e:67:
75:3d:66:a4:40:2b:c2:71:97:e5:16:41:69:80:9c:70:d5:c0:
61:60:75:c7:81:6a:f8:3f:77:9c:d7:6a:d3:fc:5e:53:de:e2:
11:32:82:1c:67:4e:9b:7f:50:c3:26:40:d0:29:6e:47:33:03:
7d:bc:21:2d:5a:3e:e3:24:58:b0:17:cd:59:13:17:19:5a:3d:
24:22:ae:bd:46:3e:39:a7:4b:cd:35:62:c1:a1:00:17:99:22:
81:02:82:b0:2e:92:d3:38:83:0a:16:8f:56:d4:1b:fd:b7:34:
44:0b:e6:79:04:bb:8c:ef:b1:65:28:ce:cb:4f:81:ea:aa:19:
87:7d:06:61:c1:a8:38:9d:88:62:56:c8:21:31:1b:9f:5b:1c:
db:b9:ae:f3:ff:0b:8a:30:f1:a9:24:b9:1c:6d:22:a9:d0:04:
12:fa:a5:45:e6:6b:07:74:a4:24:03:af:e5:d9:ea:45:d8:1b:
6c:03:da:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9a1UkO8/rZ2F5btX8QQUfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxOGQ1NGI1NWIxOTJhMjQ4Yjg0NzIzNGRiYTUxMmY5NzYw
Y2FiZmEwHhcNMjUxMDE5MTcwMTMzWhcNMjUxMDIwMTcwMTMzWjAzMTEwLwYDVQQD
EygxMWI3NjcyMTg0YjM1YWJkYmM5ZDc4OTViMjY4YzYxY2QwMjk0NDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSC4nfASEOa2/tXPM113OfepcjYn
XQ3vrAkdsBt1W2sUkGiuQmTiGYRYxmvGEy1zUg0jN6KTnJ2tvTv4KOCysvQAqg9u
595wqDk6pnOQzaF/DIynLj3R2gmSK5whZEGOywcVKIItNFh1wkvGcq++MXUca9Up
hQZK3WuE0ESazGrEg8wnQ/mtJjOUgCGazXtaYH1EL8CBw2ap92eWHRlSMGlW9MEU
M/KGiM+OL7nP5zwuC8vu2YI/dj0vwVk8iwtqS10eJm7O5c2DWsaIeMXAFBZmWCOd
C43VaYllmQrkXvRjPD4ivH9JDrOV2py/dHYYHhYMSLPM13mBEr8aUy4RgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBG3ZyGEs1q9vJ14lbJoxhzQKUR8MB8GA1UdIwQY
MBaAFEGNVLVbGSoki4RyNNulEvl2DKv6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVkxVXRWc1pLaVNMaEhJMDI2VVMtWFlNcV9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9iNDM4NTctMDIxYy00MjYyLWIxODMt
MWQ3N2NmMmE3MTAwLzEvUVkxVXRWc1pLaVNMaEhJMDI2VVMtWFlNcV9vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9iNDM4NTctMDIxYy00MjYyLWIxODMtMWQ3N2NmMmE3MTAw
LzEvUVkxVXRWc1pLaVNMaEhJMDI2VVMtWFlNcV9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYo5nLY6q
4yyyh/cuSljXf7Hz0uHdstATFa6buP4Sn8fCIVFdblywOlAUzQLwAOmEQfi0ZbS4
fMRMiQ9XyduFMTmETtawbV5ndT1mpEArwnGX5RZBaYCccNXAYWB1x4Fq+D93nNdq
0/xeU97iETKCHGdOm39QwyZA0CluRzMDfbwhLVo+4yRYsBfNWRMXGVo9JCKuvUY+
OadLzTViwaEAF5kigQKCsC6S0ziDChaPVtQb/bc0RAvmeQS7jO+xZSjOy0+B6qoZ
h30GYcGoOJ2IYlbIITEbn1sc27mu8/8LijDxqSS5HG0iqdAEEvqlReZrB3SkJAOv
5dnqRdgbbAPaNg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:30:21 2025 by rpki-client