Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/438008-338d-4c31-97c5-4cb97076cff2/1/QwPxM011rEMsDKp404mnDAnBLKY.mft
File: QwPxM011rEMsDKp404mnDAnBLKY.mft (raw, json)
Hash identifier: Ji9eVk4kmOT/xEkOddkP+0eCMHypTqCZELAZw+DaqLI=
Subject key identifier: DC:92:C3:9D:B4:D9:40:ED:EE:9B:9E:72:26:F6:A3:A2:17:00:C6:6A
Authority key identifier: 43:03:F1:33:4D:75:AC:43:2C:0C:AA:78:D3:89:A7:0C:09:C1:2C:A6
Certificate issuer: /CN=4303f1334d75ac432c0caa78d389a70c09c12ca6
Certificate serial: 0199FD3472FCE3D544B413073F49E4B934B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwPxM011rEMsDKp404mnDAnBLKY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/438008-338d-4c31-97c5-4cb97076cff2/1/QwPxM011rEMsDKp404mnDAnBLKY.mft
Manifest number: 0238
Signing time: Sun 19 Oct 2025 16:01:36 +0000
Manifest this update: Sun 19 Oct 2025 16:01:36 +0000
Manifest next update: Mon 20 Oct 2025 16:01:36 +0000
Files and hashes: 1: QwPxM011rEMsDKp404mnDAnBLKY.crl (hash: gNRZaaCi1JKou9zbD3Xm+ZDckl3AkMqjASW/TRXxxFU=)
2: etqHJp94mEXyM-mZRNVFRO7Kziw.roa (hash: Y6iOU/XBP66s91SGzXjQj2BEKS4QjWa/buoOF4uhFqg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/438008-338d-4c31-97c5-4cb97076cff2/1/QwPxM011rEMsDKp404mnDAnBLKY.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/438008-338d-4c31-97c5-4cb97076cff2/1/QwPxM011rEMsDKp404mnDAnBLKY.mft
rsync://rpki.ripe.net/repository/DEFAULT/QwPxM011rEMsDKp404mnDAnBLKY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fd:34:72:fc:e3:d5:44:b4:13:07:3f:49:e4:b9:34:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4303f1334d75ac432c0caa78d389a70c09c12ca6
Validity
Not Before: Oct 19 16:01:36 2025 GMT
Not After : Oct 20 16:01:36 2025 GMT
Subject: CN=dc92c39db4d940edee9b9e7226f6a3a21700c66a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:2b:8f:fe:d6:42:52:75:fc:f2:2d:5d:8e:ad:
39:11:d3:51:ec:66:7a:c1:dd:e4:09:c1:02:fd:cd:
40:74:56:47:f7:a7:98:86:63:69:5d:14:fb:99:42:
c5:08:63:a7:b8:7c:22:46:4e:f5:02:a7:bb:8f:2d:
ba:42:d0:be:46:79:de:c7:11:78:e2:7a:a3:b1:b4:
13:23:a5:2d:b7:4b:e6:ee:b9:2c:a5:5f:a3:3f:91:
32:cc:37:dd:84:fc:e1:7b:98:0c:f8:0f:bb:a3:89:
76:83:e7:0d:73:02:72:fe:2e:93:32:e8:ac:98:67:
ef:c2:f1:d5:0a:4b:34:85:ac:78:4b:87:92:5f:6a:
75:83:33:92:e4:eb:0e:3d:c0:e1:d0:8e:ec:61:fe:
9c:60:b4:ae:c1:47:ac:f9:5b:62:c8:e5:ac:64:8c:
cb:5f:21:63:3f:ac:2f:1a:40:c1:ff:f1:de:c1:83:
e1:cb:02:7e:6e:46:b5:0d:c8:3f:cc:65:f2:25:49:
36:22:4d:c7:24:2e:76:56:41:fe:a1:9b:09:77:c2:
bc:fd:50:b6:89:87:62:ce:5d:e2:7f:2a:a7:2f:5c:
2c:d6:cc:ce:0c:08:8b:c5:eb:72:b3:0b:21:d4:ae:
69:04:59:71:ce:07:fa:9c:64:5a:14:47:d3:ef:79:
3a:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:92:C3:9D:B4:D9:40:ED:EE:9B:9E:72:26:F6:A3:A2:17:00:C6:6A
X509v3 Authority Key Identifier:
keyid:43:03:F1:33:4D:75:AC:43:2C:0C:AA:78:D3:89:A7:0C:09:C1:2C:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwPxM011rEMsDKp404mnDAnBLKY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/438008-338d-4c31-97c5-4cb97076cff2/1/QwPxM011rEMsDKp404mnDAnBLKY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/438008-338d-4c31-97c5-4cb97076cff2/1/QwPxM011rEMsDKp404mnDAnBLKY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
95:f9:04:79:08:a9:5f:fb:35:fb:b8:be:db:c6:89:d9:0e:c4:
8f:06:f9:f5:b4:47:31:73:b3:c9:bd:bb:64:70:0e:bb:ed:dd:
7c:ab:2c:43:5d:31:be:3d:93:a7:bd:eb:4f:70:6b:4b:d0:9c:
03:ac:b6:00:99:d2:0f:54:1d:42:61:d1:e8:81:ed:a5:42:ab:
7e:9f:6b:65:af:4f:df:b0:c5:cd:3d:ce:7b:8f:70:1e:75:e5:
fc:b9:f0:8d:26:ed:37:ff:b0:8e:f7:4b:4b:3b:f1:67:e3:00:
27:0f:9b:b3:cb:c1:73:18:70:9c:d9:93:7b:dd:d9:1f:9d:d7:
29:e5:26:60:2d:77:5d:12:5b:82:ca:af:a6:81:a6:ff:54:a1:
25:db:d5:f1:2f:35:d7:a6:aa:94:98:e6:e9:77:f4:59:ad:f3:
3b:99:a5:a1:39:42:66:a8:19:15:54:09:49:ca:cf:21:62:b4:
16:4b:50:22:93:9c:2f:6f:a4:a2:b4:ca:90:62:0a:bf:55:4c:
4c:74:03:ba:b8:e4:76:d9:c3:47:1c:52:30:e4:a5:78:f0:f0:
09:99:46:e3:b6:02:38:95:38:26:6b:e8:8c:83:89:2e:fa:31:
88:c0:27:a2:80:b4:7a:ed:8d:75:e4:c7:a7:7f:42:f1:77:19:
b4:03:8d:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9NHL849VEtBMHP0nkuTSyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDNmMTMzNGQ3NWFjNDMyYzBjYWE3OGQzODlhNzBjMDlj
MTJjYTYwHhcNMjUxMDE5MTYwMTM2WhcNMjUxMDIwMTYwMTM2WjAzMTEwLwYDVQQD
EyhkYzkyYzM5ZGI0ZDk0MGVkZWU5YjllNzIyNmY2YTNhMjE3MDBjNjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriuP/tZCUnX88i1djq05EdNR7GZ6
wd3kCcEC/c1AdFZH96eYhmNpXRT7mULFCGOnuHwiRk71Aqe7jy26QtC+RnnexxF4
4nqjsbQTI6Utt0vm7rkspV+jP5EyzDfdhPzhe5gM+A+7o4l2g+cNcwJy/i6TMuis
mGfvwvHVCks0hax4S4eSX2p1gzOS5OsOPcDh0I7sYf6cYLSuwUes+VtiyOWsZIzL
XyFjP6wvGkDB//HewYPhywJ+bka1Dcg/zGXyJUk2Ik3HJC52VkH+oZsJd8K8/VC2
iYdizl3ifyqnL1ws1szODAiLxetyswsh1K5pBFlxzgf6nGRaFEfT73k6SQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNySw5202UDt7puecib2o6IXAMZqMB8GA1UdIwQY
MBaAFEMD8TNNdaxDLAyqeNOJpwwJwSymMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdQeE0wMTFyRU1zREtwNDA0bW5EQW5CTEtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS80MzgwMDgtMzM4ZC00YzMxLTk3YzUt
NGNiOTcwNzZjZmYyLzEvUXdQeE0wMTFyRU1zREtwNDA0bW5EQW5CTEtZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS80MzgwMDgtMzM4ZC00YzMxLTk3YzUtNGNiOTcwNzZjZmYy
LzEvUXdQeE0wMTFyRU1zREtwNDA0bW5EQW5CTEtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlfkEeQip
X/s1+7i+28aJ2Q7Ejwb59bRHMXOzyb27ZHAOu+3dfKssQ10xvj2Tp73rT3BrS9Cc
A6y2AJnSD1QdQmHR6IHtpUKrfp9rZa9P37DFzT3Oe49wHnXl/LnwjSbtN/+wjvdL
SzvxZ+MAJw+bs8vBcxhwnNmTe93ZH53XKeUmYC13XRJbgsqvpoGm/1ShJdvV8S81
16aqlJjm6Xf0Wa3zO5mloTlCZqgZFVQJScrPIWK0FktQIpOcL2+korTKkGIKv1VM
THQDurjkdtnDRxxSMOSlePDwCZlG47YCOJU4JmvojIOJLvoxiMAnooC0eu2NdeTH
p39C8XcZtAONoA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:20:03 2025 by rpki-client