Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft
File: KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft (raw, json)
Hash identifier: 6IwqBBCJPzIUICwhKDLsf2KN0S1zpK3j3cvuy3ZqCY0=
Subject key identifier: EC:24:25:B2:53:B8:8D:B2:13:3F:BF:ED:ED:62:03:80:A9:7B:31:73
Authority key identifier: 29:01:F5:01:9A:97:0B:A5:BE:0C:75:4D:20:F7:86:71:81:8F:4A:2E
Certificate issuer: /CN=2901f5019a970ba5be0c754d20f78671818f4a2e
Certificate serial: 0196C427764CBF0259BA0EDB276745893F07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQH1AZqXC6W-DHVNIPeGcYGPSi4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft
Manifest number: 1539
Signing time: Mon 12 May 2025 11:00:42 +0000
Manifest this update: Mon 12 May 2025 11:00:42 +0000
Manifest next update: Tue 13 May 2025 11:00:42 +0000
Files and hashes: 1: 8U2ACQzYPSPV3L5sSEkKCsB8pBA.roa (hash: ZbH4IgJyW8KkApU2bDE8XFDW+P9+bjUQNudFm1PbyTE=)
2: KQH1AZqXC6W-DHVNIPeGcYGPSi4.crl (hash: davmqfvuqy3KzaYgqq8Rr62Gg0v3NNEnFNGT4sG1T0A=)
3: Ra0sgLWf3JdJbcM4jauXm0fPx4g.roa (hash: ymRkXWhwSlWVwmfkCY22bMBdImNrCEWfsZ+bTko6SjM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft
rsync://rpki.ripe.net/repository/DEFAULT/KQH1AZqXC6W-DHVNIPeGcYGPSi4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 11:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c4:27:76:4c:bf:02:59:ba:0e:db:27:67:45:89:3f:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2901f5019a970ba5be0c754d20f78671818f4a2e
Validity
Not Before: May 12 11:00:42 2025 GMT
Not After : May 13 11:00:42 2025 GMT
Subject: CN=ec2425b253b88db2133fbfeded620380a97b3173
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f5:a1:38:e1:f7:ae:42:f0:1b:00:a4:66:b6:
32:69:e6:26:0b:c0:ab:4b:d2:de:94:3e:7e:62:0c:
50:11:52:a8:bc:ce:8d:d5:a2:b3:4c:45:a9:70:ac:
06:97:49:6d:49:b5:90:0c:be:11:65:65:e6:40:78:
22:0b:58:97:36:83:60:90:22:eb:98:d1:54:13:21:
1b:17:ec:fb:a1:2d:67:d5:44:68:74:ae:b5:e9:d7:
9d:50:b9:77:5f:a3:bf:b9:37:dd:dc:f1:d0:97:30:
07:6d:4f:ab:48:f3:22:0f:ca:e9:8f:ae:8d:b0:a2:
ca:d7:e2:41:13:5d:27:e0:3a:11:8f:52:90:4e:f9:
55:21:6a:af:a4:23:25:72:37:91:40:0c:19:d4:20:
00:80:da:83:9b:c7:44:c6:2c:5a:b4:36:7c:6a:dd:
d5:9b:9b:c8:98:67:ab:f9:05:5f:fc:e4:35:7e:c9:
b6:cd:eb:38:c6:b1:6b:69:94:03:4c:8d:15:e1:a1:
4d:39:c7:dd:16:4b:87:82:2a:ed:a4:53:49:ad:1a:
66:f2:44:9c:b6:47:8b:b5:c6:57:09:9a:e4:27:b6:
b4:aa:54:0c:ae:20:46:ef:c4:8c:fe:96:60:24:a9:
8f:da:45:eb:1d:92:16:e2:bd:45:31:b9:e2:db:06:
2e:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:24:25:B2:53:B8:8D:B2:13:3F:BF:ED:ED:62:03:80:A9:7B:31:73
X509v3 Authority Key Identifier:
keyid:29:01:F5:01:9A:97:0B:A5:BE:0C:75:4D:20:F7:86:71:81:8F:4A:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQH1AZqXC6W-DHVNIPeGcYGPSi4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
98:45:b9:86:c5:62:dc:ac:8f:d8:9d:b1:45:70:52:5b:89:cc:
18:9a:71:2e:7a:ea:cf:a3:17:20:85:b2:fe:1b:4c:a9:81:71:
99:cc:32:cd:99:3b:ef:ea:44:8c:1e:aa:11:15:20:fe:f2:dc:
d2:c3:c3:03:5e:6b:31:44:4a:52:f7:25:6b:71:e8:5f:b9:d4:
14:cd:16:f5:ed:d8:68:51:b4:7f:47:dd:11:0b:44:4a:4c:50:
ab:18:db:ff:c7:ff:41:7c:ce:7c:07:50:21:08:6a:1a:c1:bc:
ac:56:a7:ef:3f:da:26:6b:bd:14:e7:22:4c:b7:a1:cb:1a:11:
4e:fb:93:b4:8a:a1:50:29:e5:76:33:90:4d:a2:c5:7c:d2:52:
f1:7d:a4:16:ab:ed:7c:65:a4:86:e7:6c:d7:a8:87:a8:08:25:
50:3d:9a:bb:32:8e:bb:c5:4b:25:3e:21:48:de:84:45:c4:c2:
21:e8:e8:c3:c2:cf:b2:64:60:dc:f1:e2:0f:27:d5:0e:3b:7c:
37:c4:87:76:65:13:61:e8:bd:33:14:3e:39:fc:be:9d:68:c3:
86:54:8a:8b:18:c2:a7:8a:8e:28:df:fa:89:48:9e:7b:60:17:
2a:58:9a:c2:1e:07:5d:29:7e:8e:56:89:d0:7e:05:1a:f5:60:
b6:06:94:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbEJ3ZMvwJZug7bJ2dFiT8HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDFmNTAxOWE5NzBiYTViZTBjNzU0ZDIwZjc4NjcxODE4
ZjRhMmUwHhcNMjUwNTEyMTEwMDQyWhcNMjUwNTEzMTEwMDQyWjAzMTEwLwYDVQQD
EyhlYzI0MjViMjUzYjg4ZGIyMTMzZmJmZWRlZDYyMDM4MGE5N2IzMTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/WhOOH3rkLwGwCkZrYyaeYmC8Cr
S9LelD5+YgxQEVKovM6N1aKzTEWpcKwGl0ltSbWQDL4RZWXmQHgiC1iXNoNgkCLr
mNFUEyEbF+z7oS1n1URodK616dedULl3X6O/uTfd3PHQlzAHbU+rSPMiD8rpj66N
sKLK1+JBE10n4DoRj1KQTvlVIWqvpCMlcjeRQAwZ1CAAgNqDm8dExixatDZ8at3V
m5vImGer+QVf/OQ1fsm2zes4xrFraZQDTI0V4aFNOcfdFkuHgirtpFNJrRpm8kSc
tkeLtcZXCZrkJ7a0qlQMriBG78SM/pZgJKmP2kXrHZIW4r1FMbni2wYuWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOwkJbJTuI2yEz+/7e1iA4CpezFzMB8GA1UdIwQY
MBaAFCkB9QGalwulvgx1TSD3hnGBj0ouMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FIMUFacVhDNlctREhWTklQZUdjWUdQU2k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8yN2I2MmUtMzYzOS00ZTc0LWFmZmUt
MmIyZjJiODkwOGNjLzEvS1FIMUFacVhDNlctREhWTklQZUdjWUdQU2k0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8yN2I2MmUtMzYzOS00ZTc0LWFmZmUtMmIyZjJiODkwOGNj
LzEvS1FIMUFacVhDNlctREhWTklQZUdjWUdQU2k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmEW5hsVi
3KyP2J2xRXBSW4nMGJpxLnrqz6MXIIWy/htMqYFxmcwyzZk77+pEjB6qERUg/vLc
0sPDA15rMURKUvcla3HoX7nUFM0W9e3YaFG0f0fdEQtESkxQqxjb/8f/QXzOfAdQ
IQhqGsG8rFan7z/aJmu9FOciTLehyxoRTvuTtIqhUCnldjOQTaLFfNJS8X2kFqvt
fGWkhuds16iHqAglUD2auzKOu8VLJT4hSN6ERcTCIejow8LPsmRg3PHiDyfVDjt8
N8SHdmUTYei9MxQ+Ofy+nWjDhlSKixjCp4qOKN/6iUiee2AXKliawh4HXSl+jlaJ
0H4FGvVgtgaUAQ==
-----END CERTIFICATE-----
Generated at Mon May 12 19:31:24 2025 by rpki-client