Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.mft
File: qltHHQugidnp9GwpExlnT6yBKNA.mft (raw, json)
Hash identifier: VrdjZuoVTCizyA+IQ3gFYDFM05iGyBDM5P5x6wOx7oo=
Subject key identifier: 90:7B:DA:04:B9:DE:C3:66:73:8B:D2:D3:68:F1:46:DD:4F:77:39:9B
Authority key identifier: AA:5B:47:1D:0B:A0:89:D9:E9:F4:6C:29:13:19:67:4F:AC:81:28:D0
Certificate issuer: /CN=aa5b471d0ba089d9e9f46c291319674fac8128d0
Certificate serial: 0196BECA4FC0B262DC42EF8997F5ACEFF5BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qltHHQugidnp9GwpExlnT6yBKNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.mft
Manifest number: 0B86
Signing time: Sun 11 May 2025 10:00:51 +0000
Manifest this update: Sun 11 May 2025 10:00:51 +0000
Manifest next update: Mon 12 May 2025 10:00:51 +0000
Files and hashes: 1: VNd90Fl0tWahsmhhQvhoAAT8f5U.roa (hash: U+zi8hpH0S9lksZLxaBLhZX/Hg0tdOzYwVmTSHbyaHY=)
2: oPUfgQs_gRyUUqFixo17ClnZdws.roa (hash: BRanyzZIskjVzme1gyyyKAnXC2WxzE9xAlEA/GqswiQ=)
3: qltHHQugidnp9GwpExlnT6yBKNA.crl (hash: eulj9p/6U2exWmFHxLRkxCf9IJa6iFFEtayOXqj62lI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.mft
rsync://rpki.ripe.net/repository/DEFAULT/qltHHQugidnp9GwpExlnT6yBKNA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 10:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:be:ca:4f:c0:b2:62:dc:42:ef:89:97:f5:ac:ef:f5:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa5b471d0ba089d9e9f46c291319674fac8128d0
Validity
Not Before: May 11 10:00:51 2025 GMT
Not After : May 12 10:00:51 2025 GMT
Subject: CN=907bda04b9dec366738bd2d368f146dd4f77399b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:10:cd:6e:22:9e:a6:ea:fc:8e:0f:6a:5b:b7:
ef:18:9d:82:89:3a:05:00:2b:8c:13:33:ad:20:13:
0e:0d:75:9e:2d:a8:fd:33:97:a3:2e:84:20:97:87:
21:2c:1a:3e:0f:0a:0f:07:de:c7:a9:fe:9b:4b:2f:
e6:dc:0b:e4:74:a6:05:c5:4f:09:c9:91:2b:84:5e:
c9:55:e2:f0:96:c1:e5:be:61:da:29:52:3b:b2:b4:
e7:2d:03:8c:b2:ff:ad:76:b5:fc:5a:51:b8:ce:8a:
d9:d1:01:37:d4:1c:45:1e:51:8f:75:c5:56:a7:3b:
9c:42:43:a9:3e:8c:91:48:86:21:52:a2:26:27:6f:
ac:82:4d:0f:fa:f5:f9:6b:d1:b3:61:bf:84:e1:c5:
d5:a9:ee:f5:6e:02:fd:bb:de:78:d2:e3:e5:dc:bf:
66:fa:81:47:ef:41:00:3b:a7:30:31:1e:aa:28:6a:
ff:fc:f3:7a:a3:d8:f5:de:bb:aa:83:0b:ea:a4:29:
b1:d3:e6:66:fd:29:b5:d3:55:94:af:76:dc:b4:9c:
13:ce:23:2b:f3:1a:fb:61:b6:79:7d:56:a5:9d:bd:
4e:b3:49:12:50:36:14:4d:df:ed:c3:02:20:d3:17:
e8:0e:3d:fe:14:37:ec:c3:fa:4c:17:fb:88:be:d9:
1e:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:7B:DA:04:B9:DE:C3:66:73:8B:D2:D3:68:F1:46:DD:4F:77:39:9B
X509v3 Authority Key Identifier:
keyid:AA:5B:47:1D:0B:A0:89:D9:E9:F4:6C:29:13:19:67:4F:AC:81:28:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qltHHQugidnp9GwpExlnT6yBKNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9e:3d:8b:7f:db:39:68:6c:b9:7f:d1:ff:63:76:da:7f:29:7d:
9e:1c:ea:3d:bc:19:dd:59:51:a5:4b:2b:2f:75:6d:35:8a:ea:
0c:6a:41:39:a5:af:ff:48:53:93:2f:e1:92:7c:14:4c:f6:56:
24:73:72:e1:15:ea:86:52:60:7c:2f:ce:73:55:4c:c7:f0:e1:
fa:42:b6:e3:bf:02:60:ed:bb:df:79:7a:54:58:86:ad:7e:3a:
73:a6:6d:35:f1:34:36:77:08:e3:d6:05:01:4a:47:31:2e:7b:
8a:92:44:1b:c2:c8:1e:38:ac:21:d4:cc:a8:0e:d3:9f:99:5b:
9a:9f:c1:52:4f:62:99:73:3e:dc:86:39:4e:c1:e4:94:06:bb:
82:e4:83:1f:43:c5:c2:b0:bf:89:e4:63:a2:89:a4:fc:9d:db:
56:cb:bc:49:b4:42:7c:2e:a9:20:4e:d0:6b:e6:e3:41:7d:6a:
8f:2f:18:7c:9b:3d:be:a7:73:a8:d4:4e:27:73:ae:4b:c8:ce:
57:76:b4:af:ac:a0:0a:f9:60:5e:1c:ae:5e:4c:65:d6:d8:85:
01:bf:c9:5e:2b:43:26:61:7d:07:66:ef:6e:40:6e:85:8d:ec:
2b:65:76:31:c5:48:c9:6e:c1:23:0c:27:9d:2d:ba:2d:77:ff:
a1:9d:92:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa+yk/AsmLcQu+Jl/Ws7/W6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNWI0NzFkMGJhMDg5ZDllOWY0NmMyOTEzMTk2NzRmYWM4
MTI4ZDAwHhcNMjUwNTExMTAwMDUxWhcNMjUwNTEyMTAwMDUxWjAzMTEwLwYDVQQD
Eyg5MDdiZGEwNGI5ZGVjMzY2NzM4YmQyZDM2OGYxNDZkZDRmNzczOTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhDNbiKepur8jg9qW7fvGJ2CiToF
ACuMEzOtIBMODXWeLaj9M5ejLoQgl4chLBo+DwoPB97Hqf6bSy/m3AvkdKYFxU8J
yZErhF7JVeLwlsHlvmHaKVI7srTnLQOMsv+tdrX8WlG4zorZ0QE31BxFHlGPdcVW
pzucQkOpPoyRSIYhUqImJ2+sgk0P+vX5a9GzYb+E4cXVqe71bgL9u9540uPl3L9m
+oFH70EAO6cwMR6qKGr//PN6o9j13ruqgwvqpCmx0+Zm/Sm101WUr3bctJwTziMr
8xr7YbZ5fValnb1Os0kSUDYUTd/twwIg0xfoDj3+FDfsw/pMF/uIvtkeJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJB72gS53sNmc4vS02jxRt1PdzmbMB8GA1UdIwQY
MBaAFKpbRx0LoInZ6fRsKRMZZ0+sgSjQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWx0SEhRdWdpZG5wOUd3cEV4bG5UNnlCS05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS80YmUwMjctODhlOS00N2UzLWJiODgt
NmYyZTI1MjliZTgyLzEvcWx0SEhRdWdpZG5wOUd3cEV4bG5UNnlCS05BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS80YmUwMjctODhlOS00N2UzLWJiODgtNmYyZTI1MjliZTgy
LzEvcWx0SEhRdWdpZG5wOUd3cEV4bG5UNnlCS05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnj2Lf9s5
aGy5f9H/Y3bafyl9nhzqPbwZ3VlRpUsrL3VtNYrqDGpBOaWv/0hTky/hknwUTPZW
JHNy4RXqhlJgfC/Oc1VMx/Dh+kK2478CYO2733l6VFiGrX46c6ZtNfE0NncI49YF
AUpHMS57ipJEG8LIHjisIdTMqA7Tn5lbmp/BUk9imXM+3IY5TsHklAa7guSDH0PF
wrC/ieRjoomk/J3bVsu8SbRCfC6pIE7Qa+bjQX1qjy8YfJs9vqdzqNROJ3OuS8jO
V3a0r6ygCvlgXhyuXkxl1tiFAb/JXitDJmF9B2bvbkBuhY3sK2V2McVIyW7BIwwn
nS26LXf/oZ2Sxg==
-----END CERTIFICATE-----
Generated at Sun May 11 19:05:21 2025 by rpki-client