Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/Q0Qhz2oCs4r1trvKbb03ZESLbLc.mft
File: Q0Qhz2oCs4r1trvKbb03ZESLbLc.mft (raw, json)
Hash identifier: 3INeEVScg5TBUmSrhg5WKRC6nFOQ6F+Yy5I3n8wNVZY=
Subject key identifier: D4:84:88:6E:DE:7B:DD:0D:FE:86:85:60:AD:F6:60:0F:57:CC:0A:6A
Authority key identifier: 43:44:21:CF:6A:02:B3:8A:F5:B6:BB:CA:6D:BD:37:64:44:8B:6C:B7
Certificate issuer: /CN=434421cf6a02b38af5b6bbca6dbd3764448b6cb7
Certificate serial: 0196C0EF853CBCF0A598491FD47C481CDF3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q0Qhz2oCs4r1trvKbb03ZESLbLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/Q0Qhz2oCs4r1trvKbb03ZESLbLc.mft
Manifest number: 1537
Signing time: Sun 11 May 2025 20:00:44 +0000
Manifest this update: Sun 11 May 2025 20:00:44 +0000
Manifest next update: Mon 12 May 2025 20:00:44 +0000
Files and hashes: 1: Q0Qhz2oCs4r1trvKbb03ZESLbLc.crl (hash: hyhNb5VuoIpHMdfQ/OX1RSsbwgQ+icw1ySjph+a+nC8=)
2: tBcUVtef6rZ0kSSzgGFNQ0aGmXk.roa (hash: axGcXX34atfoTeccVW4HcK4Aoj164U97BqMvxhWQBsY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/Q0Qhz2oCs4r1trvKbb03ZESLbLc.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/Q0Qhz2oCs4r1trvKbb03ZESLbLc.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q0Qhz2oCs4r1trvKbb03ZESLbLc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 20:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c0:ef:85:3c:bc:f0:a5:98:49:1f:d4:7c:48:1c:df:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=434421cf6a02b38af5b6bbca6dbd3764448b6cb7
Validity
Not Before: May 11 20:00:44 2025 GMT
Not After : May 12 20:00:44 2025 GMT
Subject: CN=d484886ede7bdd0dfe868560adf6600f57cc0a6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:80:4d:67:f9:d7:d0:d5:ea:36:2a:55:63:36:
bf:e5:5e:ec:69:f7:e4:63:73:bc:a8:9c:ae:59:4e:
ee:b2:98:c1:46:1f:50:ca:59:b9:23:cd:6d:46:67:
8a:a0:f8:06:70:c6:5e:94:5b:84:f2:27:18:01:9c:
b1:3f:67:53:82:05:c9:4e:7a:0f:25:2b:95:c3:8a:
f7:86:da:e8:8f:e7:b2:d0:79:6d:f4:0f:59:38:79:
63:64:24:23:b0:07:bc:bd:de:7e:9d:e9:f0:f7:c9:
2e:f9:5d:b1:e7:4f:f5:f3:2b:25:e5:7e:8e:e0:6b:
11:b3:f2:0d:09:bc:f7:7c:3d:90:61:f3:ee:f5:14:
6c:5a:b2:bf:ac:db:f1:86:4f:c6:ba:01:8d:02:fb:
62:bf:b9:d9:a2:76:94:b8:69:2d:0a:cd:9f:ec:d4:
46:46:16:3a:56:03:b8:5e:a1:cb:d8:c5:b2:41:bd:
d0:74:2f:af:1a:22:bd:31:2d:d3:ac:95:61:54:2d:
c6:e1:a0:fe:a8:fb:ac:84:69:53:b6:19:99:35:ed:
2e:44:8e:b7:fc:52:05:ee:83:e0:cb:4f:24:5f:6e:
c4:21:82:df:b0:ca:0f:7e:3b:26:57:bd:40:43:56:
f2:4b:d6:ed:1d:2b:cb:18:fe:1b:74:79:6d:72:ec:
88:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:84:88:6E:DE:7B:DD:0D:FE:86:85:60:AD:F6:60:0F:57:CC:0A:6A
X509v3 Authority Key Identifier:
keyid:43:44:21:CF:6A:02:B3:8A:F5:B6:BB:CA:6D:BD:37:64:44:8B:6C:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q0Qhz2oCs4r1trvKbb03ZESLbLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/Q0Qhz2oCs4r1trvKbb03ZESLbLc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/Q0Qhz2oCs4r1trvKbb03ZESLbLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
42:3a:04:3b:36:50:07:cd:00:26:26:dd:5f:41:82:ac:fd:f0:
a6:89:78:88:38:f3:36:ba:f8:43:51:80:e4:f9:56:a8:69:8a:
b7:24:2f:d8:9c:a3:ac:12:0e:85:24:2b:05:b6:f9:25:c0:20:
d2:9b:c6:5e:66:76:19:65:56:e1:31:43:02:e8:b3:ae:55:f5:
6c:8c:5f:09:44:92:c9:68:9e:84:c3:a6:37:2e:6c:40:22:58:
d6:22:8d:6e:6a:bc:45:ac:db:c5:01:f9:ca:3c:10:3d:36:cc:
de:c5:93:d6:3f:65:e5:20:cd:a1:60:62:d3:94:82:f7:98:00:
4c:61:0c:86:23:b1:09:25:2f:69:2a:f2:51:57:08:1b:83:f5:
35:07:fe:16:b5:13:e2:1d:4c:71:a7:63:c4:8a:ae:45:c6:d5:
e3:1f:f4:e1:c6:61:a9:95:1b:ca:46:e8:77:8d:b7:08:ca:f2:
84:ab:e3:41:c0:36:67:3e:a0:d3:39:a5:68:5b:e5:35:60:2c:
fa:08:46:ff:9a:19:e9:25:da:35:e4:29:2f:a0:d6:95:54:81:
3f:04:84:03:88:9c:00:97:5a:10:72:89:05:38:55:37:9c:b5:
88:38:aa:74:d3:af:ea:e9:df:70:73:e1:3b:27:27:98:97:9f:
82:de:ed:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbA74U8vPClmEkf1HxIHN88MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNDQyMWNmNmEwMmIzOGFmNWI2YmJjYTZkYmQzNzY0NDQ4
YjZjYjcwHhcNMjUwNTExMjAwMDQ0WhcNMjUwNTEyMjAwMDQ0WjAzMTEwLwYDVQQD
EyhkNDg0ODg2ZWRlN2JkZDBkZmU4Njg1NjBhZGY2NjAwZjU3Y2MwYTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIBNZ/nX0NXqNipVYza/5V7saffk
Y3O8qJyuWU7uspjBRh9Qylm5I81tRmeKoPgGcMZelFuE8icYAZyxP2dTggXJTnoP
JSuVw4r3htroj+ey0Hlt9A9ZOHljZCQjsAe8vd5+nenw98ku+V2x50/18ysl5X6O
4GsRs/INCbz3fD2QYfPu9RRsWrK/rNvxhk/GugGNAvtiv7nZonaUuGktCs2f7NRG
RhY6VgO4XqHL2MWyQb3QdC+vGiK9MS3TrJVhVC3G4aD+qPushGlTthmZNe0uRI63
/FIF7oPgy08kX27EIYLfsMoPfjsmV71AQ1byS9btHSvLGP4bdHltcuyI2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNSEiG7ee90N/oaFYK32YA9XzApqMB8GA1UdIwQY
MBaAFENEIc9qArOK9ba7ym29N2REi2y3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTBRaHoyb0NzNHIxdHJ2S2JiMDNaRVNMYkxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zZjE1MWItZmI3MS00ZjFiLWJiMDkt
NTM5YjMyOWY5OTVjLzEvUTBRaHoyb0NzNHIxdHJ2S2JiMDNaRVNMYkxjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zZjE1MWItZmI3MS00ZjFiLWJiMDktNTM5YjMyOWY5OTVj
LzEvUTBRaHoyb0NzNHIxdHJ2S2JiMDNaRVNMYkxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQjoEOzZQ
B80AJibdX0GCrP3wpol4iDjzNrr4Q1GA5PlWqGmKtyQv2JyjrBIOhSQrBbb5JcAg
0pvGXmZ2GWVW4TFDAuizrlX1bIxfCUSSyWiehMOmNy5sQCJY1iKNbmq8RazbxQH5
yjwQPTbM3sWT1j9l5SDNoWBi05SC95gATGEMhiOxCSUvaSryUVcIG4P1NQf+FrUT
4h1McadjxIquRcbV4x/04cZhqZUbykbod423CMryhKvjQcA2Zz6g0zmlaFvlNWAs
+ghG/5oZ6SXaNeQpL6DWlVSBPwSEA4icAJdaEHKJBThVN5y1iDiqdNOv6unfcHPh
OycnmJefgt7tZg==
-----END CERTIFICATE-----
Generated at Mon May 12 04:38:56 2025 by rpki-client