Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/f05d0d-c1d8-47a6-9d1e-864daca6cfdf/1/QCzcwN4_54S70vviah2BZWpGfSI.mft
File: QCzcwN4_54S70vviah2BZWpGfSI.mft (raw, json)
Hash identifier: As8zdEv9vXSulKJgzxhswDQSaU8PNjYfSWi6mTCcLQg=
Subject key identifier: A1:12:CA:20:DC:76:9D:14:25:69:DB:4B:71:80:11:B6:33:A4:CD:BC
Authority key identifier: 40:2C:DC:C0:DE:3F:E7:84:BB:D2:FB:E2:6A:1D:81:65:6A:46:7D:22
Certificate issuer: /CN=402cdcc0de3fe784bbd2fbe26a1d81656a467d22
Certificate serial: 019A01B5A5F1B16BDEED276E3CF4D4734200
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QCzcwN4_54S70vviah2BZWpGfSI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/f05d0d-c1d8-47a6-9d1e-864daca6cfdf/1/QCzcwN4_54S70vviah2BZWpGfSI.mft
Manifest number: 0957
Signing time: Mon 20 Oct 2025 13:01:12 +0000
Manifest this update: Mon 20 Oct 2025 13:01:12 +0000
Manifest next update: Tue 21 Oct 2025 13:01:12 +0000
Files and hashes: 1: QCzcwN4_54S70vviah2BZWpGfSI.crl (hash: ZVpXtuhrXdky54618+Q7ivr0yAt+6LPMXIRFjXvREuI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/f05d0d-c1d8-47a6-9d1e-864daca6cfdf/1/QCzcwN4_54S70vviah2BZWpGfSI.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/f05d0d-c1d8-47a6-9d1e-864daca6cfdf/1/QCzcwN4_54S70vviah2BZWpGfSI.mft
rsync://rpki.ripe.net/repository/DEFAULT/QCzcwN4_54S70vviah2BZWpGfSI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:01:b5:a5:f1:b1:6b:de:ed:27:6e:3c:f4:d4:73:42:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=402cdcc0de3fe784bbd2fbe26a1d81656a467d22
Validity
Not Before: Oct 20 13:01:12 2025 GMT
Not After : Oct 21 13:01:12 2025 GMT
Subject: CN=a112ca20dc769d142569db4b718011b633a4cdbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:99:e2:74:95:d4:95:98:c9:d3:7c:d5:dd:a5:
d7:d9:96:8e:57:86:fb:e7:98:93:4a:0b:4f:d2:61:
33:2d:c0:05:90:59:af:c1:29:ed:29:f9:0a:15:9f:
d3:6b:f6:50:86:b9:5b:2c:c3:42:d1:0c:a1:53:7c:
31:f3:b1:46:cc:d8:eb:17:f8:8c:39:64:20:ba:b7:
fa:0a:e6:ff:c2:2b:10:00:ef:0e:f8:01:e4:0c:1c:
19:c0:90:94:40:43:2c:65:df:6f:86:be:04:c4:b1:
bb:58:8b:8a:1c:d3:29:1e:65:b2:de:f1:ae:d7:ae:
23:ed:76:66:80:27:89:27:e1:40:71:69:fe:10:b8:
74:79:7e:4b:2f:12:9f:0b:56:0a:45:36:fe:fd:92:
55:ed:c1:12:a1:81:c1:45:fc:ce:28:e1:a3:d1:25:
00:d5:e1:2f:4d:75:4a:14:2c:fd:b0:69:85:7e:cd:
20:00:b6:1a:57:9f:4e:84:57:6b:5d:9b:9b:a2:20:
96:6d:f0:11:2b:ba:2e:51:ed:b8:85:25:08:33:7d:
48:59:94:fe:e3:da:64:bb:47:ee:8c:39:4e:83:30:
56:cc:8b:55:f1:3b:99:26:d6:63:f6:86:7e:43:a5:
f9:46:15:32:35:87:83:f7:70:ba:ff:7e:79:2c:4a:
e0:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:12:CA:20:DC:76:9D:14:25:69:DB:4B:71:80:11:B6:33:A4:CD:BC
X509v3 Authority Key Identifier:
keyid:40:2C:DC:C0:DE:3F:E7:84:BB:D2:FB:E2:6A:1D:81:65:6A:46:7D:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QCzcwN4_54S70vviah2BZWpGfSI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/f05d0d-c1d8-47a6-9d1e-864daca6cfdf/1/QCzcwN4_54S70vviah2BZWpGfSI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/f05d0d-c1d8-47a6-9d1e-864daca6cfdf/1/QCzcwN4_54S70vviah2BZWpGfSI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
49:31:22:91:27:d1:9f:7d:05:a2:a1:95:98:fd:8b:00:df:9f:
c0:26:d1:04:55:ef:39:44:f6:aa:b1:33:e4:7d:3c:ca:be:e5:
f4:96:13:24:3d:b8:ac:9d:96:ee:01:81:7d:be:fb:fc:4c:24:
c0:0d:12:ad:7f:a1:34:ac:67:d4:5f:5d:88:07:d2:19:93:b6:
d6:c7:31:b8:6c:e3:05:00:6c:85:89:00:74:6a:26:5e:56:33:
4f:d3:8f:22:ce:dc:e2:3a:56:7f:49:41:1c:f0:24:ae:b9:64:
e3:98:64:9b:7f:72:27:12:66:7f:2a:fc:77:16:d3:47:6d:4d:
46:ae:05:15:b8:d1:dd:3c:fa:20:71:25:67:52:33:05:a7:a0:
f3:fd:cc:6b:25:46:f2:58:1d:ba:c1:6c:32:95:5d:91:8d:11:
3a:95:58:59:9c:08:cb:b2:cb:6b:74:f8:f1:45:51:35:28:1c:
e9:23:71:dc:2b:1a:22:27:5d:a6:4b:80:bc:b1:13:8b:30:9a:
71:13:9f:ab:db:83:dd:b7:84:0d:42:4a:90:36:c7:09:e8:f7:
9c:27:2f:70:fc:ae:19:11:82:05:3d:84:53:2e:49:cc:da:b9:
08:8a:3a:37:03:d3:c5:a6:fd:79:1a:13:7b:bf:8d:b0:c5:4a:
68:19:4c:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoBtaXxsWve7SduPPTUc0IAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMmNkY2MwZGUzZmU3ODRiYmQyZmJlMjZhMWQ4MTY1NmE0
NjdkMjIwHhcNMjUxMDIwMTMwMTEyWhcNMjUxMDIxMTMwMTEyWjAzMTEwLwYDVQQD
EyhhMTEyY2EyMGRjNzY5ZDE0MjU2OWRiNGI3MTgwMTFiNjMzYTRjZGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5nidJXUlZjJ03zV3aXX2ZaOV4b7
55iTSgtP0mEzLcAFkFmvwSntKfkKFZ/Ta/ZQhrlbLMNC0QyhU3wx87FGzNjrF/iM
OWQgurf6Cub/wisQAO8O+AHkDBwZwJCUQEMsZd9vhr4ExLG7WIuKHNMpHmWy3vGu
164j7XZmgCeJJ+FAcWn+ELh0eX5LLxKfC1YKRTb+/ZJV7cESoYHBRfzOKOGj0SUA
1eEvTXVKFCz9sGmFfs0gALYaV59OhFdrXZuboiCWbfARK7ouUe24hSUIM31IWZT+
49pku0fujDlOgzBWzItV8TuZJtZj9oZ+Q6X5RhUyNYeD93C6/355LErgpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKESyiDcdp0UJWnbS3GAEbYzpM28MB8GA1UdIwQY
MBaAFEAs3MDeP+eEu9L74modgWVqRn0iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUN6Y3dONF81NFM3MHZ2aWFoMkJaV3BHZlNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9mMDVkMGQtYzFkOC00N2E2LTlkMWUt
ODY0ZGFjYTZjZmRmLzEvUUN6Y3dONF81NFM3MHZ2aWFoMkJaV3BHZlNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9mMDVkMGQtYzFkOC00N2E2LTlkMWUtODY0ZGFjYTZjZmRm
LzEvUUN6Y3dONF81NFM3MHZ2aWFoMkJaV3BHZlNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASTEikSfR
n30FoqGVmP2LAN+fwCbRBFXvOUT2qrEz5H08yr7l9JYTJD24rJ2W7gGBfb77/Ewk
wA0SrX+hNKxn1F9diAfSGZO21scxuGzjBQBshYkAdGomXlYzT9OPIs7c4jpWf0lB
HPAkrrlk45hkm39yJxJmfyr8dxbTR21NRq4FFbjR3Tz6IHElZ1IzBaeg8/3MayVG
8lgdusFsMpVdkY0ROpVYWZwIy7LLa3T48UVRNSgc6SNx3CsaIiddpkuAvLETizCa
cROfq9uD3beEDUJKkDbHCej3nCcvcPyuGRGCBT2EUy5JzNq5CIo6NwPTxab9eRoT
e7+NsMVKaBlM0Q==
-----END CERTIFICATE-----
Generated at Mon Oct 20 15:59:01 2025 by rpki-client