Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.mft
File: qltHHQugidnp9GwpExlnT6yBKNA.mft (raw, json)
Hash identifier: Vv2sEEwq3qpM+iXF27yuIfQ7gAJkjUgxRydK6kakTPU=
Subject key identifier: 65:43:93:1D:33:5C:B7:7C:EB:D8:00:1A:B8:73:09:B5:8D:C5:AF:88
Authority key identifier: AA:5B:47:1D:0B:A0:89:D9:E9:F4:6C:29:13:19:67:4F:AC:81:28:D0
Certificate issuer: /CN=aa5b471d0ba089d9e9f46c291319674fac8128d0
Certificate serial: 0197B88F12928BFEF9A24F34D90DFDEC6534
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qltHHQugidnp9GwpExlnT6yBKNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.mft
Manifest number: 0C08
Signing time: Sat 28 Jun 2025 22:01:13 +0000
Manifest this update: Sat 28 Jun 2025 22:01:13 +0000
Manifest next update: Sun 29 Jun 2025 22:01:13 +0000
Files and hashes: 1: 2K6387yyM5gxakFjGUcn1KUMQ58.roa (hash: KwEJI06hkpRX+nj9eXMKKI3vC9xa4ElKQ9FhYTbVyds=)
2: VNd90Fl0tWahsmhhQvhoAAT8f5U.roa (hash: U+zi8hpH0S9lksZLxaBLhZX/Hg0tdOzYwVmTSHbyaHY=)
3: qltHHQugidnp9GwpExlnT6yBKNA.crl (hash: ax8eddYiAcvXwcw7FQYEi2t8jy+HP/Dsw8TJNqaodtk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.mft
rsync://rpki.ripe.net/repository/DEFAULT/qltHHQugidnp9GwpExlnT6yBKNA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b8:8f:12:92:8b:fe:f9:a2:4f:34:d9:0d:fd:ec:65:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa5b471d0ba089d9e9f46c291319674fac8128d0
Validity
Not Before: Jun 28 22:01:13 2025 GMT
Not After : Jun 29 22:01:13 2025 GMT
Subject: CN=6543931d335cb77cebd8001ab87309b58dc5af88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:1f:fb:2b:b9:28:85:a0:85:25:0c:da:80:0a:
24:9e:cf:6d:eb:6f:6f:42:d0:79:b8:6f:17:7d:99:
71:40:9f:a0:39:57:29:e3:06:63:07:f5:c5:0c:be:
4e:45:be:15:49:69:e7:46:66:b9:c8:7d:63:13:ec:
8f:f0:60:41:4e:72:10:90:51:7a:b1:97:70:39:f5:
1e:da:8a:48:1f:fd:4b:45:2a:09:87:22:e7:4b:e3:
82:73:df:f9:c3:2c:14:f5:cf:27:8a:24:2d:49:0f:
0c:ca:d9:ac:12:b6:b1:4b:7c:d9:bc:27:a2:00:f2:
5d:1a:a1:e4:96:a1:df:ae:46:44:8b:ee:ff:d0:78:
09:22:88:06:72:27:33:cf:53:ba:66:a3:9f:1a:6d:
6b:5e:51:a0:29:34:03:13:51:e8:2e:75:14:34:68:
67:52:01:1e:f6:c5:68:f9:30:d7:15:46:cc:ce:8a:
29:e8:72:16:b8:6d:ad:28:a9:2b:8f:e0:3b:8c:23:
fb:2a:78:71:f4:5e:e2:05:bb:00:ad:a4:3a:bc:fe:
41:cc:06:e7:d7:8c:dc:7d:02:e2:cf:67:90:38:b7:
2d:d7:d5:b3:78:bd:90:0e:5d:da:bf:b7:66:e1:25:
7d:2a:bc:4f:8d:a6:9b:78:f7:0c:cc:2b:db:4e:96:
52:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:43:93:1D:33:5C:B7:7C:EB:D8:00:1A:B8:73:09:B5:8D:C5:AF:88
X509v3 Authority Key Identifier:
keyid:AA:5B:47:1D:0B:A0:89:D9:E9:F4:6C:29:13:19:67:4F:AC:81:28:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qltHHQugidnp9GwpExlnT6yBKNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1a:2e:bf:70:a8:6a:07:96:27:9a:54:7d:68:1a:45:df:be:61:
15:16:8c:85:78:c0:27:74:fb:d3:a9:95:97:ae:1d:e3:4c:59:
59:a2:59:8e:5a:cc:25:48:78:d2:bf:fe:9e:71:dc:ed:36:66:
71:f6:57:5d:42:bc:e9:7a:ae:c5:45:b2:c2:c8:1c:57:f6:05:
71:e1:7b:1c:87:9c:41:85:18:3c:2a:51:4b:49:af:b4:97:b6:
8d:9a:c7:07:a3:12:67:8d:7b:1d:9d:bb:43:2c:14:cf:88:64:
08:36:7d:c0:4b:21:d1:9f:31:ed:4e:6c:7a:e1:4b:fc:90:27:
78:4e:9f:88:ed:57:b2:d9:d2:b9:3f:d2:c4:2b:cc:2c:ca:a0:
6d:9d:94:d2:14:9f:8a:b4:73:69:2e:77:ab:20:24:82:a7:90:
5e:e6:49:bd:f1:07:52:66:c4:25:23:bf:bf:c3:49:0b:31:93:
c4:5e:a4:5a:d0:63:6a:cf:68:a4:0c:9b:e9:cb:49:68:c7:bd:
27:40:9f:c4:47:36:4e:b9:c8:6b:72:52:61:21:ac:5d:ba:3c:
42:00:b9:14:c2:4a:dd:24:b4:44:6d:60:43:da:c8:1a:dd:d7:
e6:a3:5c:c0:af:f5:32:58:b6:9c:b6:84:87:cb:bc:98:19:bc:
1c:64:26:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4jxKSi/75ok802Q397GU0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNWI0NzFkMGJhMDg5ZDllOWY0NmMyOTEzMTk2NzRmYWM4
MTI4ZDAwHhcNMjUwNjI4MjIwMTEzWhcNMjUwNjI5MjIwMTEzWjAzMTEwLwYDVQQD
Eyg2NTQzOTMxZDMzNWNiNzdjZWJkODAwMWFiODczMDliNThkYzVhZjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqx/7K7kohaCFJQzagAokns9t629v
QtB5uG8XfZlxQJ+gOVcp4wZjB/XFDL5ORb4VSWnnRma5yH1jE+yP8GBBTnIQkFF6
sZdwOfUe2opIH/1LRSoJhyLnS+OCc9/5wywU9c8niiQtSQ8MytmsEraxS3zZvCei
APJdGqHklqHfrkZEi+7/0HgJIogGciczz1O6ZqOfGm1rXlGgKTQDE1HoLnUUNGhn
UgEe9sVo+TDXFUbMzoop6HIWuG2tKKkrj+A7jCP7Knhx9F7iBbsAraQ6vP5BzAbn
14zcfQLiz2eQOLct19WzeL2QDl3av7dm4SV9KrxPjaabePcMzCvbTpZSYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGVDkx0zXLd869gAGrhzCbWNxa+IMB8GA1UdIwQY
MBaAFKpbRx0LoInZ6fRsKRMZZ0+sgSjQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWx0SEhRdWdpZG5wOUd3cEV4bG5UNnlCS05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS80YmUwMjctODhlOS00N2UzLWJiODgt
NmYyZTI1MjliZTgyLzEvcWx0SEhRdWdpZG5wOUd3cEV4bG5UNnlCS05BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS80YmUwMjctODhlOS00N2UzLWJiODgtNmYyZTI1MjliZTgy
LzEvcWx0SEhRdWdpZG5wOUd3cEV4bG5UNnlCS05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGi6/cKhq
B5YnmlR9aBpF375hFRaMhXjAJ3T706mVl64d40xZWaJZjlrMJUh40r/+nnHc7TZm
cfZXXUK86XquxUWywsgcV/YFceF7HIecQYUYPCpRS0mvtJe2jZrHB6MSZ417HZ27
QywUz4hkCDZ9wEsh0Z8x7U5seuFL/JAneE6fiO1XstnSuT/SxCvMLMqgbZ2U0hSf
irRzaS53qyAkgqeQXuZJvfEHUmbEJSO/v8NJCzGTxF6kWtBjas9opAyb6ctJaMe9
J0CfxEc2TrnIa3JSYSGsXbo8QgC5FMJK3SS0RG1gQ9rIGt3X5qNcwK/1Mli2nLaE
h8u8mBm8HGQmYQ==
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:24:23 2025 by rpki-client