Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft
File: q53IX5TKZH3g22TXTTE5lHzESbo.mft (raw, json)
Hash identifier: YcChLq+89sAIic3S/lx8+CqD8582ABLUhHcXOR8jezA=
Subject key identifier: 68:66:0C:40:74:35:0C:A2:F9:1C:77:C2:8E:13:6C:11:37:E4:9D:1B
Authority key identifier: AB:9D:C8:5F:94:CA:64:7D:E0:DB:64:D7:4D:31:39:94:7C:C4:49:BA
Certificate issuer: /CN=ab9dc85f94ca647de0db64d74d3139947cc449ba
Certificate serial: 0198D4E0D2B3BB1985EB56BE1B92C9EADFE3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q53IX5TKZH3g22TXTTE5lHzESbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft
Manifest number: 1336
Signing time: Sat 23 Aug 2025 03:02:40 +0000
Manifest this update: Sat 23 Aug 2025 03:02:40 +0000
Manifest next update: Sun 24 Aug 2025 03:02:40 +0000
Files and hashes: 1: 3U4MivbAgZFFTzpri9v9qzr-9Dg.roa (hash: OpxoqQJPTPV/7nPesTeS09o0jfmFmQcqEJLqODzVTIM=)
2: q53IX5TKZH3g22TXTTE5lHzESbo.crl (hash: bGqOk9JoGBv15Or8q93BgMr/FW2ho3aOB6PyZMaszNY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft
rsync://rpki.ripe.net/repository/DEFAULT/q53IX5TKZH3g22TXTTE5lHzESbo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 03:02:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d4:e0:d2:b3:bb:19:85:eb:56:be:1b:92:c9:ea:df:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab9dc85f94ca647de0db64d74d3139947cc449ba
Validity
Not Before: Aug 23 03:02:40 2025 GMT
Not After : Aug 24 03:02:40 2025 GMT
Subject: CN=68660c4074350ca2f91c77c28e136c1137e49d1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:eb:94:53:60:4c:db:ce:3d:cf:90:08:6c:c8:
3f:a6:62:a1:23:58:be:28:b8:71:77:98:66:6e:38:
0d:32:bc:ab:9d:97:85:4c:d0:28:59:4b:0b:82:c5:
6b:a4:a6:74:ac:4d:6c:6d:c6:fd:ad:71:71:90:b0:
92:6f:a5:a0:1a:b6:65:b4:78:c9:9e:0e:62:e9:92:
79:bb:74:15:4a:8a:87:01:d0:bc:20:c5:80:9c:83:
02:eb:1f:c2:98:9e:4e:2d:c9:4b:95:2d:ef:ec:a2:
77:d1:ef:e1:ec:ef:66:d4:08:28:8d:25:4c:2d:77:
7c:a7:e7:94:d6:a6:9c:f0:43:84:13:1e:7a:95:33:
6a:dd:b9:95:14:b2:18:51:1a:2a:8b:a9:ea:50:97:
c3:1f:65:e2:16:c0:f9:2c:2d:32:4c:0a:80:14:f1:
5c:f1:f6:d9:cc:fb:b3:e7:3d:aa:3b:cd:f7:58:9a:
5a:13:07:1e:9b:66:24:0b:3f:0b:26:9e:34:c6:1c:
2d:44:dc:96:f7:d3:34:ce:61:99:33:5f:9f:5d:30:
9b:75:17:56:be:49:c1:8f:3c:fb:90:54:8f:ad:85:
e1:2e:33:03:7b:7b:8e:65:8c:61:7f:df:c4:95:74:
6d:0a:f8:50:60:f9:81:3a:f6:38:f9:82:5d:9f:83:
04:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:66:0C:40:74:35:0C:A2:F9:1C:77:C2:8E:13:6C:11:37:E4:9D:1B
X509v3 Authority Key Identifier:
keyid:AB:9D:C8:5F:94:CA:64:7D:E0:DB:64:D7:4D:31:39:94:7C:C4:49:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q53IX5TKZH3g22TXTTE5lHzESbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a4:2f:9b:f5:4a:b3:7b:85:da:af:e2:66:03:78:20:67:27:e1:
a3:09:00:0d:e6:fe:9a:93:2b:f4:80:5e:50:3f:17:32:48:82:
ba:0a:48:78:8f:a3:69:be:cc:52:68:b9:c3:11:22:c3:05:36:
74:2d:cb:56:2d:c2:e5:ac:94:3b:bb:74:49:01:53:12:da:91:
31:e1:ad:89:98:40:7e:c8:27:8c:ea:92:4c:54:b2:f7:75:e6:
c9:d3:8c:1e:7c:ba:94:c8:d0:97:13:44:2d:4c:85:dd:c8:6a:
01:d1:16:c2:9e:10:5b:9e:62:e4:0d:4f:87:ab:ae:90:df:d7:
67:00:38:f3:64:c9:f9:b0:64:ea:0c:eb:8c:4c:90:7c:8b:cb:
e9:a5:ac:64:b2:fa:74:1b:4e:bc:24:43:a3:0b:f9:1a:e3:6b:
79:7d:6d:b0:5b:fc:72:23:0b:e5:88:90:e0:4d:b3:6d:e2:cf:
6e:f9:97:c5:7c:49:3f:01:53:8f:06:33:bd:4f:6b:ff:9a:99:
a3:a9:8a:0f:e2:45:dd:35:17:6e:b0:e1:f6:06:52:0e:89:0f:
c4:85:f6:01:bd:2c:4a:b9:38:c6:a9:e7:a2:68:67:1e:43:26:
0e:72:e5:b7:a5:d8:31:a4:d7:b7:2e:64:34:1a:8f:dc:60:07:
17:8d:22:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4NKzuxmF61a+G5LJ6t/jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiOWRjODVmOTRjYTY0N2RlMGRiNjRkNzRkMzEzOTk0N2Nj
NDQ5YmEwHhcNMjUwODIzMDMwMjQwWhcNMjUwODI0MDMwMjQwWjAzMTEwLwYDVQQD
Eyg2ODY2MGM0MDc0MzUwY2EyZjkxYzc3YzI4ZTEzNmMxMTM3ZTQ5ZDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3uuUU2BM2849z5AIbMg/pmKhI1i+
KLhxd5hmbjgNMryrnZeFTNAoWUsLgsVrpKZ0rE1sbcb9rXFxkLCSb6WgGrZltHjJ
ng5i6ZJ5u3QVSoqHAdC8IMWAnIMC6x/CmJ5OLclLlS3v7KJ30e/h7O9m1AgojSVM
LXd8p+eU1qac8EOEEx56lTNq3bmVFLIYURoqi6nqUJfDH2XiFsD5LC0yTAqAFPFc
8fbZzPuz5z2qO833WJpaEwcem2YkCz8LJp40xhwtRNyW99M0zmGZM1+fXTCbdRdW
vknBjzz7kFSPrYXhLjMDe3uOZYxhf9/ElXRtCvhQYPmBOvY4+YJdn4MEFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGhmDEB0NQyi+Rx3wo4TbBE35J0bMB8GA1UdIwQY
MBaAFKudyF+UymR94Ntk100xOZR8xEm6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTUzSVg1VEtaSDNnMjJUWFRURTVsSHpFU2JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy85YzgzYTUtM2E5YS00NzE1LTliMTYt
NDA0NjMyNDk3MGFmLzEvcTUzSVg1VEtaSDNnMjJUWFRURTVsSHpFU2JvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy85YzgzYTUtM2E5YS00NzE1LTliMTYtNDA0NjMyNDk3MGFm
LzEvcTUzSVg1VEtaSDNnMjJUWFRURTVsSHpFU2JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApC+b9Uqz
e4Xar+JmA3ggZyfhowkADeb+mpMr9IBeUD8XMkiCugpIeI+jab7MUmi5wxEiwwU2
dC3LVi3C5ayUO7t0SQFTEtqRMeGtiZhAfsgnjOqSTFSy93XmydOMHny6lMjQlxNE
LUyF3chqAdEWwp4QW55i5A1Ph6uukN/XZwA482TJ+bBk6gzrjEyQfIvL6aWsZLL6
dBtOvCRDowv5GuNreX1tsFv8ciML5YiQ4E2zbeLPbvmXxXxJPwFTjwYzvU9r/5qZ
o6mKD+JF3TUXbrDh9gZSDokPxIX2Ab0sSrk4xqnnomhnHkMmDnLlt6XYMaTXty5k
NBqP3GAHF40ipQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:41:11 2025 by rpki-client