Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.mft
File: QkMqMZ9UsFg3L9MlKOrlH8kMFbI.mft (raw, json)
Hash identifier: X/hqB5hNTqGmG5ZPm9TQgpZ2LN45lZ0sTGL4kl7Yuzk=
Subject key identifier: F2:95:0E:A9:91:DB:74:B8:CF:63:B1:01:A4:7F:42:21:98:C8:2A:99
Authority key identifier: 42:43:2A:31:9F:54:B0:58:37:2F:D3:25:28:EA:E5:1F:C9:0C:15:B2
Certificate issuer: /CN=42432a319f54b058372fd32528eae51fc90c15b2
Certificate serial: 0199FDDA1455DD31A532C81C9EFE314913C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.mft
Manifest number: 0391
Signing time: Sun 19 Oct 2025 19:02:31 +0000
Manifest this update: Sun 19 Oct 2025 19:02:31 +0000
Manifest next update: Mon 20 Oct 2025 19:02:31 +0000
Files and hashes: 1: Fg4gfGthOyzcFXfxEYyjwrss7as.roa (hash: mWUv12QovIjIHXpuDNAMlgedx6+BQ3vMWaiHrsA7+3A=)
2: Q5e6g1WUMRG4cL4aNZtJqqD_-yo.roa (hash: T3aZ91YVxRUkDJ96e4vMqo7oCynEMTZ2Xb8h0pZbGMo=)
3: QkMqMZ9UsFg3L9MlKOrlH8kMFbI.crl (hash: O6q0zxnhClEG+qXVxkv+Ve197j1xhbh54N9Y91hSo5I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.mft
rsync://rpki.ripe.net/repository/DEFAULT/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fd:da:14:55:dd:31:a5:32:c8:1c:9e:fe:31:49:13:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42432a319f54b058372fd32528eae51fc90c15b2
Validity
Not Before: Oct 19 19:02:31 2025 GMT
Not After : Oct 20 19:02:31 2025 GMT
Subject: CN=f2950ea991db74b8cf63b101a47f422198c82a99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:87:79:70:b5:5a:80:1c:e3:57:da:8a:30:34:
71:83:dd:7d:55:eb:bd:32:37:38:6d:1c:8f:62:9e:
1f:b7:de:7d:c6:9f:97:57:79:f4:c4:07:c7:0f:49:
62:06:7b:0f:e6:02:05:f8:25:06:f3:75:ba:5b:50:
0a:17:d9:87:71:38:bd:55:bc:39:42:54:e7:a3:e7:
75:81:54:44:35:ee:aa:84:0c:ef:12:7f:82:08:91:
45:68:48:06:13:83:c9:0d:cd:b8:5f:51:48:a9:04:
6c:64:0e:f9:a7:bb:a8:1d:62:fb:03:d8:da:ed:ee:
dc:53:21:f6:59:b0:85:e9:bb:a9:fa:27:6e:06:29:
7c:e2:d2:92:6b:f6:43:d8:30:64:dd:87:cb:96:2e:
d2:ff:c1:9d:07:86:a4:a8:91:4d:f6:8c:fb:6a:0f:
f5:c1:fc:99:93:f4:4b:f5:a9:38:42:66:e9:a0:e1:
cf:12:b7:f9:8b:15:8e:c1:70:17:a2:f6:2d:ad:ea:
7a:46:0a:3e:e4:9f:bf:74:11:38:47:3b:d7:48:31:
80:8e:c8:e9:6e:bf:30:e0:c1:37:c5:9c:03:90:a4:
57:13:15:a9:02:49:e3:8d:39:35:26:0b:e1:eb:73:
59:dd:92:ee:42:46:c8:c3:85:e5:c4:a3:e3:b3:3c:
77:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:95:0E:A9:91:DB:74:B8:CF:63:B1:01:A4:7F:42:21:98:C8:2A:99
X509v3 Authority Key Identifier:
keyid:42:43:2A:31:9F:54:B0:58:37:2F:D3:25:28:EA:E5:1F:C9:0C:15:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0e:e0:93:0d:c5:82:e3:34:e1:19:d5:a1:52:6c:b2:1f:e6:95:
4d:e9:42:46:34:7e:18:d1:d5:32:29:ef:70:32:b7:f9:5a:e3:
72:20:9c:7e:44:98:b0:72:6a:93:ef:ff:03:97:7c:5e:71:ce:
f0:d1:1d:22:ae:53:f1:39:92:f3:34:9f:32:5f:b1:0c:6e:2c:
89:b9:46:82:cc:c4:8c:37:e7:7d:42:24:ab:8e:be:c1:c4:80:
a6:25:63:a4:e5:57:53:ad:c0:d3:28:58:55:df:2c:2c:e6:95:
47:45:ba:b1:c6:79:aa:60:1f:64:1a:00:32:63:c2:62:1e:fd:
b4:ca:dd:be:92:ed:b9:23:df:25:d6:f2:83:9d:95:0a:51:26:
fd:fd:94:b0:52:1a:f0:5a:88:9a:19:15:78:e7:3a:88:ba:81:
fc:60:bd:41:2c:8c:b5:35:41:8f:a4:88:5b:37:d6:a6:a5:d4:
8f:38:ed:43:9b:0d:43:cf:af:e3:dc:45:b9:b6:2c:7d:81:91:
b1:12:c6:4c:ef:ab:26:8d:27:d4:0c:a9:4a:35:f3:15:bc:34:
4f:10:00:6f:b5:02:e6:7c:b4:6f:65:57:87:00:3f:34:20:ca:
b0:a1:6c:66:4e:a9:87:dc:18:d1:3f:ab:71:ec:7a:d8:f2:97:
d5:f7:51:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92hRV3TGlMsgcnv4xSRPFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyNDMyYTMxOWY1NGIwNTgzNzJmZDMyNTI4ZWFlNTFmYzkw
YzE1YjIwHhcNMjUxMDE5MTkwMjMxWhcNMjUxMDIwMTkwMjMxWjAzMTEwLwYDVQQD
EyhmMjk1MGVhOTkxZGI3NGI4Y2Y2M2IxMDFhNDdmNDIyMTk4YzgyYTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4d5cLVagBzjV9qKMDRxg919Veu9
Mjc4bRyPYp4ft959xp+XV3n0xAfHD0liBnsP5gIF+CUG83W6W1AKF9mHcTi9Vbw5
QlTno+d1gVRENe6qhAzvEn+CCJFFaEgGE4PJDc24X1FIqQRsZA75p7uoHWL7A9ja
7e7cUyH2WbCF6bup+iduBil84tKSa/ZD2DBk3YfLli7S/8GdB4akqJFN9oz7ag/1
wfyZk/RL9ak4QmbpoOHPErf5ixWOwXAXovYtrep6Rgo+5J+/dBE4RzvXSDGAjsjp
br8w4ME3xZwDkKRXExWpAknjjTk1Jgvh63NZ3ZLuQkbIw4XlxKPjszx37QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPKVDqmR23S4z2OxAaR/QiGYyCqZMB8GA1UdIwQY
MBaAFEJDKjGfVLBYNy/TJSjq5R/JDBWyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWtNcU1aOVVzRmczTDlNbEtPcmxIOGtNRmJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS83YWI3OWMtOWRmZi00YTVkLWFlODMt
MTMxZGMyYmEyZWM4LzEvUWtNcU1aOVVzRmczTDlNbEtPcmxIOGtNRmJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS83YWI3OWMtOWRmZi00YTVkLWFlODMtMTMxZGMyYmEyZWM4
LzEvUWtNcU1aOVVzRmczTDlNbEtPcmxIOGtNRmJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADuCTDcWC
4zThGdWhUmyyH+aVTelCRjR+GNHVMinvcDK3+VrjciCcfkSYsHJqk+//A5d8XnHO
8NEdIq5T8TmS8zSfMl+xDG4siblGgszEjDfnfUIkq46+wcSApiVjpOVXU63A0yhY
Vd8sLOaVR0W6scZ5qmAfZBoAMmPCYh79tMrdvpLtuSPfJdbyg52VClEm/f2UsFIa
8FqImhkVeOc6iLqB/GC9QSyMtTVBj6SIWzfWpqXUjzjtQ5sNQ8+v49xFubYsfYGR
sRLGTO+rJo0n1AypSjXzFbw0TxAAb7UC5ny0b2VXhwA/NCDKsKFsZk6ph9wY0T+r
cex62PKX1fdRiw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:17:42 2025 by rpki-client