Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft
File: KqPjBJdiCGjhestHhoLOegvRNTQ.mft (raw, json)
Hash identifier: zEYKaC2XV+YDxb+FQR2XPniYCPfVtWCtdLWaS1w8feo=
Subject key identifier: A0:12:68:C3:84:8A:3D:7E:7B:60:5A:5C:10:A3:16:34:65:26:3B:6D
Authority key identifier: 2A:A3:E3:04:97:62:08:68:E1:7A:CB:47:86:82:CE:7A:0B:D1:35:34
Certificate issuer: /CN=2aa3e30497620868e17acb478682ce7a0bd13534
Certificate serial: 0198D6CD4F418FA06AB520BCA9FFE17B1305
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KqPjBJdiCGjhestHhoLOegvRNTQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft
Manifest number: 1649
Signing time: Sat 23 Aug 2025 12:00:35 +0000
Manifest this update: Sat 23 Aug 2025 12:00:35 +0000
Manifest next update: Sun 24 Aug 2025 12:00:35 +0000
Files and hashes: 1: KqPjBJdiCGjhestHhoLOegvRNTQ.crl (hash: lz8LTcFS0ZLTbp8VZ3jUNn+RW/s9LJEeC41+/z65dbM=)
2: _F5YjzIp4N7IiS5lXnJMJsPMLEU.roa (hash: HX+68oJeKBQGUaK3TL3s9cs53fsCINCeh8CnxLw+JsM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/KqPjBJdiCGjhestHhoLOegvRNTQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d6:cd:4f:41:8f:a0:6a:b5:20:bc:a9:ff:e1:7b:13:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2aa3e30497620868e17acb478682ce7a0bd13534
Validity
Not Before: Aug 23 12:00:35 2025 GMT
Not After : Aug 24 12:00:35 2025 GMT
Subject: CN=a01268c3848a3d7e7b605a5c10a3163465263b6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ee:aa:f4:45:e2:17:c9:f7:63:e9:c2:2e:f1:
8a:35:ff:f2:ca:87:ab:97:7b:aa:35:11:53:76:bb:
44:09:de:95:12:40:59:8f:aa:d6:2a:20:0b:85:aa:
46:ea:09:bc:c3:cd:c5:3a:df:73:fc:e3:b3:6f:df:
3c:78:e0:6c:94:a4:2b:21:57:74:86:cc:bb:76:73:
0d:06:bc:84:fa:c0:dc:74:1e:69:bd:45:6b:43:a5:
4e:32:13:e0:2c:10:7b:aa:f5:95:06:31:b3:0c:60:
52:74:a2:70:c0:2f:48:50:c9:ae:13:57:2f:e7:1f:
a5:31:4b:f2:08:c8:12:26:07:a2:f2:44:72:99:22:
2c:fe:6c:0c:8e:6b:d5:b3:bd:6f:9a:fb:c2:5f:d9:
0f:6d:ee:2c:e1:30:e0:e7:34:d4:72:d1:66:b7:a3:
cd:90:8f:e3:b4:b8:73:36:ab:d3:b1:69:de:ff:91:
97:aa:18:f0:12:83:1e:a6:9f:08:6c:10:34:00:f3:
d4:02:f0:3e:86:2a:8f:85:03:71:b3:d0:3c:b8:97:
1e:89:68:51:cd:2b:60:6d:6e:f1:2f:9b:0a:57:60:
48:62:f4:b0:72:0e:62:ea:6e:6e:db:fb:a9:c2:b0:
34:29:46:5c:e3:cc:4e:a8:ae:21:c0:2f:4f:dd:c0:
5b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:12:68:C3:84:8A:3D:7E:7B:60:5A:5C:10:A3:16:34:65:26:3B:6D
X509v3 Authority Key Identifier:
keyid:2A:A3:E3:04:97:62:08:68:E1:7A:CB:47:86:82:CE:7A:0B:D1:35:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KqPjBJdiCGjhestHhoLOegvRNTQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4b:84:06:9d:b4:3a:09:60:6c:09:1c:fb:10:ea:9e:85:77:d5:
3f:02:b6:a3:ac:eb:63:2c:c9:18:46:83:13:28:9c:e7:94:a1:
1c:e0:0a:ae:99:bb:14:dc:2c:1b:5a:91:ed:34:c5:00:78:22:
5d:b1:a0:56:c1:fc:75:67:0d:c1:01:24:28:b5:6c:7a:62:5a:
6b:37:4c:c2:ca:78:ce:82:a6:fe:7e:f3:ed:e8:35:05:e5:01:
be:4c:40:c0:64:78:97:22:bf:93:94:19:11:4a:6d:df:28:8a:
d4:46:63:3f:78:c5:4d:96:6e:ed:2b:72:56:5a:2f:b5:81:d6:
d1:e3:67:67:f1:66:ef:e8:7a:f9:29:dc:11:7c:a4:01:30:f3:
92:cb:ed:1a:8d:09:75:eb:51:b7:4e:37:ee:5a:75:8b:3d:58:
eb:b6:a7:e5:f0:8b:d9:82:5a:e0:bc:1c:f7:d1:19:bf:c9:2b:
ea:15:91:5f:d9:f4:e4:dc:f0:1f:39:24:9e:83:99:a2:42:7f:
b7:f0:6c:13:8b:e4:e9:b8:f9:42:07:fa:48:66:b4:9b:e7:f0:
14:a1:21:93:0f:41:38:d8:77:e9:e8:3d:c5:3a:2e:99:03:78:
d4:83:27:99:d4:7c:cd:7c:3d:40:2b:ab:1e:72:fa:29:cc:8d:
e4:b5:8f:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzU9Bj6BqtSC8qf/hexMFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYTNlMzA0OTc2MjA4NjhlMTdhY2I0Nzg2ODJjZTdhMGJk
MTM1MzQwHhcNMjUwODIzMTIwMDM1WhcNMjUwODI0MTIwMDM1WjAzMTEwLwYDVQQD
EyhhMDEyNjhjMzg0OGEzZDdlN2I2MDVhNWMxMGEzMTYzNDY1MjYzYjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+6q9EXiF8n3Y+nCLvGKNf/yyoer
l3uqNRFTdrtECd6VEkBZj6rWKiALhapG6gm8w83FOt9z/OOzb988eOBslKQrIVd0
hsy7dnMNBryE+sDcdB5pvUVrQ6VOMhPgLBB7qvWVBjGzDGBSdKJwwC9IUMmuE1cv
5x+lMUvyCMgSJgei8kRymSIs/mwMjmvVs71vmvvCX9kPbe4s4TDg5zTUctFmt6PN
kI/jtLhzNqvTsWne/5GXqhjwEoMepp8IbBA0APPUAvA+hiqPhQNxs9A8uJceiWhR
zStgbW7xL5sKV2BIYvSwcg5i6m5u2/upwrA0KUZc48xOqK4hwC9P3cBbDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKASaMOEij1+e2BaXBCjFjRlJjttMB8GA1UdIwQY
MBaAFCqj4wSXYgho4XrLR4aCznoL0TU0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3FQakJKZGlDR2poZXN0SGhvTE9lZ3ZSTlRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS85ODdiM2MtZjM0NS00MTEyLTkyNDAt
YTRjMGFiYTliYmViLzEvS3FQakJKZGlDR2poZXN0SGhvTE9lZ3ZSTlRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS85ODdiM2MtZjM0NS00MTEyLTkyNDAtYTRjMGFiYTliYmVi
LzEvS3FQakJKZGlDR2poZXN0SGhvTE9lZ3ZSTlRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS4QGnbQ6
CWBsCRz7EOqehXfVPwK2o6zrYyzJGEaDEyic55ShHOAKrpm7FNwsG1qR7TTFAHgi
XbGgVsH8dWcNwQEkKLVsemJaazdMwsp4zoKm/n7z7eg1BeUBvkxAwGR4lyK/k5QZ
EUpt3yiK1EZjP3jFTZZu7StyVlovtYHW0eNnZ/Fm7+h6+SncEXykATDzksvtGo0J
detRt0437lp1iz1Y67an5fCL2YJa4Lwc99EZv8kr6hWRX9n05NzwHzkknoOZokJ/
t/BsE4vk6bj5Qgf6SGa0m+fwFKEhkw9BONh36eg9xToumQN41IMnmdR8zXw9QCur
HnL6KcyN5LWPZA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:21:58 2025 by rpki-client