
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft
File: CQKHJW4l-jQNOvungOrGDVVq3sA.mft (raw, json)
Hash identifier: n/XFQEq/P9MAF2o1szhAkSkwgmZOgHPQShxwiziw79Q=
Subject key identifier: 0D:85:B1:55:02:4C:59:79:00:2F:1A:85:FF:C4:F0:F7:73:31:D0:5E
Authority key identifier: 09:02:87:25:6E:25:FA:34:0D:3A:FB:A7:80:EA:C6:0D:55:6A:DE:C0
Certificate issuer: /CN=090287256e25fa340d3afba780eac60d556adec0
Certificate serial: 0199FFC88D7A6694686B32261EF3319A2635
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CQKHJW4l-jQNOvungOrGDVVq3sA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft
Manifest number: 0A01
Signing time: Mon 20 Oct 2025 04:02:37 +0000
Manifest this update: Mon 20 Oct 2025 04:02:37 +0000
Manifest next update: Tue 21 Oct 2025 04:02:37 +0000
Files and hashes: 1: CQKHJW4l-jQNOvungOrGDVVq3sA.crl (hash: zYHiy4CDIuxs+HfHcQF8fidnYY4qOavcHmBaOhbQMhM=)
2: EOgnkpCGO25TfSV28ABNiElbHMI.roa (hash: xamMOb/MG2jklBJl6shRJRNZ2UW4izFBKtZBvXEcSVg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft
rsync://rpki.ripe.net/repository/DEFAULT/CQKHJW4l-jQNOvungOrGDVVq3sA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 04:02:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ff:c8:8d:7a:66:94:68:6b:32:26:1e:f3:31:9a:26:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=090287256e25fa340d3afba780eac60d556adec0
Validity
Not Before: Oct 20 04:02:37 2025 GMT
Not After : Oct 21 04:02:37 2025 GMT
Subject: CN=0d85b155024c5979002f1a85ffc4f0f77331d05e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:98:eb:03:68:8f:e8:09:6a:c3:0e:3e:55:08:
4b:0f:00:87:b4:33:04:58:95:8a:c7:88:da:73:13:
9c:4e:04:de:ba:61:ed:40:f7:4f:40:3b:59:aa:0b:
f0:f4:50:cb:f5:08:2a:91:18:b3:6d:e8:d8:66:32:
35:a6:91:1d:dd:76:f7:e0:9d:58:51:f4:67:80:14:
be:95:4e:5c:87:56:b1:4f:0b:43:97:7d:3c:11:d7:
e8:8a:17:b3:57:0e:78:1c:55:b4:51:a8:9e:e7:54:
75:37:a8:09:11:a2:76:8f:7d:ae:80:94:6a:38:f5:
91:9a:bd:e6:d9:fb:07:34:67:69:28:3d:99:14:0a:
42:6b:6e:b2:7d:5a:ee:52:92:2e:04:ce:28:3b:d1:
73:ce:a0:62:78:15:8b:7f:dd:d1:e5:b3:ac:48:8e:
25:50:f7:03:d4:dd:a6:91:12:62:08:45:20:6a:6f:
cc:7c:e6:97:d8:9b:73:a0:ee:0d:33:59:1b:c7:da:
73:d6:85:6f:77:d8:b5:e3:aa:ed:20:21:d8:f3:4c:
f5:a0:86:d0:60:87:12:1e:32:e9:28:8e:a6:0b:e0:
27:ff:ae:9f:6f:b3:06:74:b0:1e:16:07:4c:ed:b7:
2f:de:61:a4:b4:17:67:4c:ee:e9:ae:c9:d4:7d:99:
d6:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:85:B1:55:02:4C:59:79:00:2F:1A:85:FF:C4:F0:F7:73:31:D0:5E
X509v3 Authority Key Identifier:
keyid:09:02:87:25:6E:25:FA:34:0D:3A:FB:A7:80:EA:C6:0D:55:6A:DE:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CQKHJW4l-jQNOvungOrGDVVq3sA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
51:f1:57:29:2f:28:87:68:d6:d9:12:42:ca:3f:f4:bf:3e:2d:
27:8a:1f:a2:b6:5d:30:ed:21:2d:72:3c:c3:46:21:68:10:ef:
d6:a0:4a:7e:c4:f7:cf:85:f0:cc:08:28:6a:18:6f:3e:5f:86:
51:1f:99:b4:6c:c5:07:8a:cf:9a:bd:9b:d3:56:1e:b5:55:6d:
a7:ce:12:76:cf:7e:46:13:4e:39:be:1b:de:01:e6:73:94:7f:
2f:7d:50:0e:6f:3e:48:be:f7:b0:ed:af:7d:bd:48:8d:62:41:
be:64:4f:a7:f8:c9:97:48:31:a8:4f:4d:9a:d4:03:b5:17:6d:
17:9e:09:0f:8a:ed:71:0d:90:98:fa:30:9b:95:8d:0f:17:28:
6d:79:04:68:33:49:3a:65:6e:60:e4:cc:8b:da:85:b6:6e:ad:
72:b6:b0:3d:94:ce:11:a0:51:a7:2f:e6:73:c7:a3:64:17:d3:
8e:ef:c6:ff:04:10:35:95:14:8c:1c:15:c6:b7:5c:6c:28:9f:
6b:c4:ad:f4:91:29:25:e9:bd:d3:b0:9a:9e:8b:20:b4:ca:cf:
74:64:8f:01:49:8f:f3:ed:5f:06:13:cf:93:62:b9:b9:66:f0:
28:99:bb:a0:49:38:7a:49:d0:40:62:e9:37:3d:04:70:d7:c6:
12:0e:ba:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/yI16ZpRoazImHvMxmiY1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MDI4NzI1NmUyNWZhMzQwZDNhZmJhNzgwZWFjNjBkNTU2
YWRlYzAwHhcNMjUxMDIwMDQwMjM3WhcNMjUxMDIxMDQwMjM3WjAzMTEwLwYDVQQD
EygwZDg1YjE1NTAyNGM1OTc5MDAyZjFhODVmZmM0ZjBmNzczMzFkMDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA05jrA2iP6Alqww4+VQhLDwCHtDME
WJWKx4jacxOcTgTeumHtQPdPQDtZqgvw9FDL9QgqkRizbejYZjI1ppEd3Xb34J1Y
UfRngBS+lU5ch1axTwtDl308EdfoihezVw54HFW0Uaie51R1N6gJEaJ2j32ugJRq
OPWRmr3m2fsHNGdpKD2ZFApCa26yfVruUpIuBM4oO9FzzqBieBWLf93R5bOsSI4l
UPcD1N2mkRJiCEUgam/MfOaX2JtzoO4NM1kbx9pz1oVvd9i146rtICHY80z1oIbQ
YIcSHjLpKI6mC+An/66fb7MGdLAeFgdM7bcv3mGktBdnTO7prsnUfZnWfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA2FsVUCTFl5AC8ahf/E8PdzMdBeMB8GA1UdIwQY
MBaAFAkChyVuJfo0DTr7p4Dqxg1Vat7AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1FLSEpXNGwtalFOT3Z1bmdPckdEVlZxM3NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC81YjBmZjUtODRjMy00OWJiLTlmYWIt
NzdiMjFjMDRiYzdkLzEvQ1FLSEpXNGwtalFOT3Z1bmdPckdEVlZxM3NBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC81YjBmZjUtODRjMy00OWJiLTlmYWItNzdiMjFjMDRiYzdk
LzEvQ1FLSEpXNGwtalFOT3Z1bmdPckdEVlZxM3NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUfFXKS8o
h2jW2RJCyj/0vz4tJ4oforZdMO0hLXI8w0YhaBDv1qBKfsT3z4XwzAgoahhvPl+G
UR+ZtGzFB4rPmr2b01YetVVtp84Sds9+RhNOOb4b3gHmc5R/L31QDm8+SL73sO2v
fb1IjWJBvmRPp/jJl0gxqE9NmtQDtRdtF54JD4rtcQ2QmPowm5WNDxcobXkEaDNJ
OmVuYOTMi9qFtm6tcrawPZTOEaBRpy/mc8ejZBfTju/G/wQQNZUUjBwVxrdcbCif
a8St9JEpJem907CanosgtMrPdGSPAUmP8+1fBhPPk2K5uWbwKJm7oEk4eknQQGLp
Nz0EcNfGEg66hQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:26:20 2025 by rpki-client