Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft
File: KqPjBJdiCGjhestHhoLOegvRNTQ.mft (raw, json)
Hash identifier: sjoXxyNrirxAGk170+VYYa9nMZnF/rF+CHkpaE3rbV8=
Subject key identifier: 46:F1:96:7C:07:4D:18:7D:5D:9C:64:0E:25:6F:0A:A6:7E:D0:53:D8
Authority key identifier: 2A:A3:E3:04:97:62:08:68:E1:7A:CB:47:86:82:CE:7A:0B:D1:35:34
Certificate issuer: /CN=2aa3e30497620868e17acb478682ce7a0bd13534
Certificate serial: 0197B70EA281734A2A674CD0F90C678F5165
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KqPjBJdiCGjhestHhoLOegvRNTQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft
Manifest number: 15B4
Signing time: Sat 28 Jun 2025 15:01:18 +0000
Manifest this update: Sat 28 Jun 2025 15:01:18 +0000
Manifest next update: Sun 29 Jun 2025 15:01:18 +0000
Files and hashes: 1: KqPjBJdiCGjhestHhoLOegvRNTQ.crl (hash: i1a9Sl9wovL32yFAxqUS9u0DcOsxhug9Hv1FYHyM77k=)
2: _F5YjzIp4N7IiS5lXnJMJsPMLEU.roa (hash: HX+68oJeKBQGUaK3TL3s9cs53fsCINCeh8CnxLw+JsM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/KqPjBJdiCGjhestHhoLOegvRNTQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:0e:a2:81:73:4a:2a:67:4c:d0:f9:0c:67:8f:51:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2aa3e30497620868e17acb478682ce7a0bd13534
Validity
Not Before: Jun 28 15:01:18 2025 GMT
Not After : Jun 29 15:01:18 2025 GMT
Subject: CN=46f1967c074d187d5d9c640e256f0aa67ed053d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:94:7f:31:d4:8e:e4:6c:a2:7b:f6:39:b2:57:
39:a0:55:9c:1e:6f:b9:d8:f0:74:e1:50:08:1b:07:
58:b3:b7:db:5f:53:6d:f8:ef:55:99:9e:b9:cb:07:
88:7d:98:99:d8:74:f8:85:b8:13:3c:84:68:9b:f1:
ea:91:24:59:12:bf:04:23:37:7f:83:9d:32:dd:bc:
50:f0:40:8f:3f:f1:f4:dd:19:6d:07:e0:9a:e5:ed:
e8:ba:0f:3c:f4:5e:b5:00:69:a1:0c:25:0f:f4:5d:
bd:66:73:cf:88:1c:c6:99:63:e0:58:65:4c:b8:ee:
9b:82:35:6e:9b:c9:bf:5d:42:88:3c:aa:ea:17:70:
99:fd:cb:5c:4d:07:9a:d5:2a:57:e3:80:66:ad:36:
49:ff:bc:e0:54:75:41:de:36:64:bb:86:54:b1:af:
77:2b:a9:02:ba:39:a2:7a:4e:ce:dd:fd:01:f9:3f:
2b:42:c7:0c:02:d3:5b:ba:a1:f5:3c:68:82:42:71:
74:e5:bf:b6:26:49:6e:30:ca:fb:b0:a8:6e:da:47:
55:9b:93:7d:fe:dc:9a:4f:6d:ce:b4:8e:e8:b1:10:
10:dc:55:71:4a:cf:c3:76:b8:bd:5d:33:ef:4d:53:
35:f5:c6:71:de:ec:2c:1c:ec:5d:77:a7:d2:2e:21:
d3:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:F1:96:7C:07:4D:18:7D:5D:9C:64:0E:25:6F:0A:A6:7E:D0:53:D8
X509v3 Authority Key Identifier:
keyid:2A:A3:E3:04:97:62:08:68:E1:7A:CB:47:86:82:CE:7A:0B:D1:35:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KqPjBJdiCGjhestHhoLOegvRNTQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3b:14:58:04:16:64:49:06:b9:78:e2:19:5e:a9:ce:bc:30:b5:
ce:63:bb:38:0a:9d:e4:13:f9:f4:41:1b:7f:ad:12:99:ec:ba:
8c:df:09:d3:4c:c4:29:72:8b:58:1b:ad:42:8d:30:28:00:b4:
4a:60:32:16:46:fd:77:b3:d9:69:55:7d:ab:a8:a8:bc:85:1c:
ef:c4:c7:67:15:7f:f0:e9:21:40:80:ea:5b:ba:56:38:9b:ec:
82:16:27:0f:75:a7:fd:2e:bb:7f:8d:46:88:7f:e2:2a:cf:96:
4f:9e:fd:62:f7:40:0e:0b:8f:4d:8e:fd:a5:8d:65:60:91:ee:
a5:92:9d:3f:e0:6f:31:7e:04:f3:cd:81:5a:bd:34:68:09:83:
9e:7a:c6:fa:9a:d7:20:c0:5f:0c:58:b1:5d:a5:1d:b3:c2:94:
e8:80:9a:67:01:be:ff:a1:f5:75:76:70:f4:e9:e1:a0:10:64:
d2:03:32:de:fb:88:db:9d:20:a0:94:b3:95:4a:b4:d7:d0:84:
64:da:74:6f:6c:cd:f0:e3:72:9b:8f:4e:6e:20:e9:db:13:a3:
a0:70:13:a8:b0:18:3f:21:81:d7:16:3a:4d:79:d0:e1:8f:23:
35:36:3a:a9:64:f9:65:9d:40:a8:7a:13:92:84:9a:d4:6d:fd:
bd:cb:3b:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3DqKBc0oqZ0zQ+Qxnj1FlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYTNlMzA0OTc2MjA4NjhlMTdhY2I0Nzg2ODJjZTdhMGJk
MTM1MzQwHhcNMjUwNjI4MTUwMTE4WhcNMjUwNjI5MTUwMTE4WjAzMTEwLwYDVQQD
Eyg0NmYxOTY3YzA3NGQxODdkNWQ5YzY0MGUyNTZmMGFhNjdlZDA1M2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0JR/MdSO5Gyie/Y5slc5oFWcHm+5
2PB04VAIGwdYs7fbX1Nt+O9VmZ65yweIfZiZ2HT4hbgTPIRom/HqkSRZEr8EIzd/
g50y3bxQ8ECPP/H03RltB+Ca5e3oug889F61AGmhDCUP9F29ZnPPiBzGmWPgWGVM
uO6bgjVum8m/XUKIPKrqF3CZ/ctcTQea1SpX44BmrTZJ/7zgVHVB3jZku4ZUsa93
K6kCujmiek7O3f0B+T8rQscMAtNbuqH1PGiCQnF05b+2JkluMMr7sKhu2kdVm5N9
/tyaT23OtI7osRAQ3FVxSs/Ddri9XTPvTVM19cZx3uwsHOxdd6fSLiHT5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEbxlnwHTRh9XZxkDiVvCqZ+0FPYMB8GA1UdIwQY
MBaAFCqj4wSXYgho4XrLR4aCznoL0TU0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3FQakJKZGlDR2poZXN0SGhvTE9lZ3ZSTlRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS85ODdiM2MtZjM0NS00MTEyLTkyNDAt
YTRjMGFiYTliYmViLzEvS3FQakJKZGlDR2poZXN0SGhvTE9lZ3ZSTlRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS85ODdiM2MtZjM0NS00MTEyLTkyNDAtYTRjMGFiYTliYmVi
LzEvS3FQakJKZGlDR2poZXN0SGhvTE9lZ3ZSTlRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOxRYBBZk
SQa5eOIZXqnOvDC1zmO7OAqd5BP59EEbf60Smey6jN8J00zEKXKLWButQo0wKAC0
SmAyFkb9d7PZaVV9q6iovIUc78THZxV/8OkhQIDqW7pWOJvsghYnD3Wn/S67f41G
iH/iKs+WT579YvdADguPTY79pY1lYJHupZKdP+BvMX4E882BWr00aAmDnnrG+prX
IMBfDFixXaUds8KU6ICaZwG+/6H1dXZw9OnhoBBk0gMy3vuI250goJSzlUq019CE
ZNp0b2zN8ONym49ObiDp2xOjoHATqLAYPyGB1xY6TXnQ4Y8jNTY6qWT5ZZ1AqHoT
koSa1G39vcs7jQ==
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:21:02 2025 by rpki-client