Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/qvHI3UCIS0nwiAZNPBANKhiahHQ.mft
File: qvHI3UCIS0nwiAZNPBANKhiahHQ.mft (raw, json)
Hash identifier: I+0CNM96jzvxBZwt8FU+knmES3feU5muJItTmn0xJPI=
Subject key identifier: 27:6E:D1:37:AC:1A:87:DD:02:39:F5:48:ED:E2:2E:24:8C:95:16:9E
Authority key identifier: AA:F1:C8:DD:40:88:4B:49:F0:88:06:4D:3C:10:0D:2A:18:9A:84:74
Certificate issuer: /CN=aaf1c8dd40884b49f088064d3c100d2a189a8474
Certificate serial: 0199FB7CE12EA57DB8355FC08D41AF219E38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qvHI3UCIS0nwiAZNPBANKhiahHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/qvHI3UCIS0nwiAZNPBANKhiahHQ.mft
Manifest number: 033E
Signing time: Sun 19 Oct 2025 08:01:29 +0000
Manifest this update: Sun 19 Oct 2025 08:01:29 +0000
Manifest next update: Mon 20 Oct 2025 08:01:29 +0000
Files and hashes: 1: UGApytPJPEIPFbzs4L0oU_KIdHM.roa (hash: cf5ZtJTmEf4eW9FhhtNmIkoS04da9/P7WQkJtlas3+0=)
2: qvHI3UCIS0nwiAZNPBANKhiahHQ.crl (hash: RrKHoz/7ighag7jZVYM9sGk4WdrArHFtGb/SH8For08=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/qvHI3UCIS0nwiAZNPBANKhiahHQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/qvHI3UCIS0nwiAZNPBANKhiahHQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/qvHI3UCIS0nwiAZNPBANKhiahHQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:7c:e1:2e:a5:7d:b8:35:5f:c0:8d:41:af:21:9e:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aaf1c8dd40884b49f088064d3c100d2a189a8474
Validity
Not Before: Oct 19 08:01:29 2025 GMT
Not After : Oct 20 08:01:29 2025 GMT
Subject: CN=276ed137ac1a87dd0239f548ede22e248c95169e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:58:ac:63:33:a8:84:34:2b:b0:e9:5f:6a:02:
af:60:36:a0:e5:5c:d8:7c:7b:3d:fe:d3:dd:e1:99:
4a:c8:b7:6c:93:97:22:89:a1:60:35:97:ce:12:25:
e4:2e:52:5d:c4:d8:4a:a5:4d:4e:0f:7e:81:9a:1e:
c6:44:4a:d8:0c:9a:f4:1a:8c:63:99:3d:70:e1:b5:
83:ac:bf:58:4f:fd:b4:78:9a:fa:59:16:bf:8d:e8:
79:1d:2a:06:50:a6:8d:25:dc:02:a7:89:50:a5:78:
7f:ad:7a:0e:48:4a:fe:8e:24:62:d9:c5:b1:49:14:
87:d0:1f:ce:de:f6:da:a3:82:29:44:b6:dc:ec:53:
b4:ad:fb:06:e3:5d:9f:ba:a3:76:ac:d6:11:c6:bb:
bd:e1:8e:10:dc:63:ec:d0:1e:8f:b0:83:dd:54:fc:
58:7b:13:86:28:64:c5:da:c2:03:31:1c:46:7f:a6:
0b:d3:09:57:81:44:94:03:5d:db:fd:44:c8:93:e0:
7c:b9:cf:fb:09:78:6d:68:6d:da:47:29:d7:73:8c:
72:8f:77:1e:1c:d5:d1:48:2e:1b:91:b3:50:25:ec:
21:6a:b5:89:ba:5f:fd:53:03:ff:79:dd:92:60:ca:
43:67:94:0b:6b:23:df:1a:e9:4c:17:6f:a2:94:df:
38:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:6E:D1:37:AC:1A:87:DD:02:39:F5:48:ED:E2:2E:24:8C:95:16:9E
X509v3 Authority Key Identifier:
keyid:AA:F1:C8:DD:40:88:4B:49:F0:88:06:4D:3C:10:0D:2A:18:9A:84:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qvHI3UCIS0nwiAZNPBANKhiahHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/qvHI3UCIS0nwiAZNPBANKhiahHQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/qvHI3UCIS0nwiAZNPBANKhiahHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9a:a9:ba:ce:3d:21:3e:8b:28:45:3a:c5:c2:46:25:0b:03:2e:
e6:7f:cf:9d:51:9d:fc:d7:24:dd:86:0d:0e:d2:c1:1c:3f:a0:
90:3f:82:db:20:57:74:bd:b6:ab:3a:a3:8a:af:da:28:24:ba:
52:78:4b:31:1d:30:25:35:50:e4:51:98:d3:82:59:b4:24:ff:
d6:ce:19:48:22:32:d6:b9:cb:3f:c8:a6:b1:48:23:3f:87:c4:
b1:f8:f2:85:de:b1:a6:89:5f:ca:0f:d5:25:d6:53:57:a4:c0:
a6:cd:21:c0:e2:19:4f:f1:64:ff:74:39:62:98:5c:43:60:20:
5e:f8:ae:2e:c3:45:f8:ad:b8:4c:14:2a:41:ef:0f:82:a5:9c:
c2:d2:68:07:75:40:28:20:96:34:60:58:cd:da:1b:56:09:09:
28:ab:e2:eb:8d:b8:92:57:38:22:c9:3b:3c:1a:a1:a0:54:80:
22:c2:3a:07:fe:da:bb:61:15:d8:ff:68:9f:f6:e8:8f:60:50:
f1:b5:ef:ef:e9:5a:26:ba:2d:31:e9:16:f5:7b:55:cd:12:b5:
9e:0d:63:9b:86:3b:6a:d6:6d:54:63:4a:a8:c2:a7:58:e0:7b:
de:33:8f:45:37:88:6b:48:c4:f5:92:0f:5e:76:52:bf:ff:b7:
66:aa:31:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7fOEupX24NV/AjUGvIZ44MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhZjFjOGRkNDA4ODRiNDlmMDg4MDY0ZDNjMTAwZDJhMTg5
YTg0NzQwHhcNMjUxMDE5MDgwMTI5WhcNMjUxMDIwMDgwMTI5WjAzMTEwLwYDVQQD
EygyNzZlZDEzN2FjMWE4N2RkMDIzOWY1NDhlZGUyMmUyNDhjOTUxNjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFisYzOohDQrsOlfagKvYDag5VzY
fHs9/tPd4ZlKyLdsk5ciiaFgNZfOEiXkLlJdxNhKpU1OD36Bmh7GRErYDJr0Goxj
mT1w4bWDrL9YT/20eJr6WRa/jeh5HSoGUKaNJdwCp4lQpXh/rXoOSEr+jiRi2cWx
SRSH0B/O3vbao4IpRLbc7FO0rfsG412fuqN2rNYRxru94Y4Q3GPs0B6PsIPdVPxY
exOGKGTF2sIDMRxGf6YL0wlXgUSUA13b/UTIk+B8uc/7CXhtaG3aRynXc4xyj3ce
HNXRSC4bkbNQJewharWJul/9UwP/ed2SYMpDZ5QLayPfGulMF2+ilN84NwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCdu0TesGofdAjn1SO3iLiSMlRaeMB8GA1UdIwQY
MBaAFKrxyN1AiEtJ8IgGTTwQDSoYmoR0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXZISTNVQ0lTMG53aUFaTlBCQU5LaGlhaEhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8zMzkwMGMtZTZjZS00NDRlLWJjOTYt
M2IzMzlkMDgxZjgzLzEvcXZISTNVQ0lTMG53aUFaTlBCQU5LaGlhaEhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8zMzkwMGMtZTZjZS00NDRlLWJjOTYtM2IzMzlkMDgxZjgz
LzEvcXZISTNVQ0lTMG53aUFaTlBCQU5LaGlhaEhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmqm6zj0h
PosoRTrFwkYlCwMu5n/PnVGd/Nck3YYNDtLBHD+gkD+C2yBXdL22qzqjiq/aKCS6
UnhLMR0wJTVQ5FGY04JZtCT/1s4ZSCIy1rnLP8imsUgjP4fEsfjyhd6xpolfyg/V
JdZTV6TAps0hwOIZT/Fk/3Q5YphcQ2AgXviuLsNF+K24TBQqQe8PgqWcwtJoB3VA
KCCWNGBYzdobVgkJKKvi6424klc4Isk7PBqhoFSAIsI6B/7au2EV2P9on/boj2BQ
8bXv7+laJrotMekW9XtVzRK1ng1jm4Y7atZtVGNKqMKnWOB73jOPRTeIa0jE9ZIP
XnZSv/+3ZqoxvA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:09:56 2025 by rpki-client