Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft
File: q53IX5TKZH3g22TXTTE5lHzESbo.mft (raw, json)
Hash identifier: unTSnCW8tAP358u3WMtifgd7FUO3GSOI8SGOr757oVg=
Subject key identifier: 5B:FA:22:A3:0F:15:50:49:79:E0:3C:C6:5C:5C:EA:48:8C:FB:D0:E4
Authority key identifier: AB:9D:C8:5F:94:CA:64:7D:E0:DB:64:D7:4D:31:39:94:7C:C4:49:BA
Certificate issuer: /CN=ab9dc85f94ca647de0db64d74d3139947cc449ba
Certificate serial: 0197CC4C6378AFE8D2C64AB6FB5E95365A8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q53IX5TKZH3g22TXTTE5lHzESbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft
Manifest number: 12AD
Signing time: Wed 02 Jul 2025 18:00:47 +0000
Manifest this update: Wed 02 Jul 2025 18:00:47 +0000
Manifest next update: Thu 03 Jul 2025 18:00:47 +0000
Files and hashes: 1: 3U4MivbAgZFFTzpri9v9qzr-9Dg.roa (hash: OpxoqQJPTPV/7nPesTeS09o0jfmFmQcqEJLqODzVTIM=)
2: q53IX5TKZH3g22TXTTE5lHzESbo.crl (hash: WzLnDBhc50gA57L3SPtJDGOD7yir4gBe93awTwlgD5U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft
rsync://rpki.ripe.net/repository/DEFAULT/q53IX5TKZH3g22TXTTE5lHzESbo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 18:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:cc:4c:63:78:af:e8:d2:c6:4a:b6:fb:5e:95:36:5a:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab9dc85f94ca647de0db64d74d3139947cc449ba
Validity
Not Before: Jul 2 18:00:47 2025 GMT
Not After : Jul 3 18:00:47 2025 GMT
Subject: CN=5bfa22a30f15504979e03cc65c5cea488cfbd0e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e9:c1:fa:f3:af:a3:01:8a:6d:2f:f3:8a:a1:
64:7d:5d:48:09:28:9d:5d:f4:4f:2c:a7:d9:a8:46:
4e:b1:70:b0:b8:58:96:9d:f6:0b:55:7f:bf:8c:1a:
ac:60:e7:5c:fb:e2:b0:46:f0:e2:90:a9:7b:45:05:
28:24:e5:31:51:39:15:b0:36:f4:60:d4:81:a5:e8:
b4:10:be:f6:78:7f:9a:e7:44:9b:4e:2d:4d:4b:61:
fc:f8:d2:ae:63:f6:f0:d5:2a:8a:1d:a8:31:c0:d3:
9c:c6:e1:99:80:78:86:df:8e:22:37:97:99:0b:24:
7e:1e:1b:e2:eb:0c:2f:4f:47:e8:48:79:3b:95:1b:
da:cd:0a:c6:28:04:44:ed:f1:5f:e7:2c:63:75:d8:
4e:b9:4c:44:92:b5:6a:cf:1d:16:ed:d2:bf:db:0f:
dc:42:e6:14:00:a2:2b:95:ee:d8:1a:12:08:61:74:
cb:1f:ba:fa:fe:90:23:45:9d:5c:41:7f:cb:60:5f:
d3:1f:18:7b:39:f3:31:d0:a8:9d:ea:ff:99:cb:a6:
0b:29:19:81:ab:a1:8d:ab:b6:bb:bf:c3:88:29:11:
a3:c1:db:c9:ae:72:af:d9:74:71:23:43:30:c1:b0:
aa:2d:83:f7:aa:a3:0c:76:fd:25:77:60:9e:82:95:
fb:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:FA:22:A3:0F:15:50:49:79:E0:3C:C6:5C:5C:EA:48:8C:FB:D0:E4
X509v3 Authority Key Identifier:
keyid:AB:9D:C8:5F:94:CA:64:7D:E0:DB:64:D7:4D:31:39:94:7C:C4:49:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q53IX5TKZH3g22TXTTE5lHzESbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
99:a1:2b:d4:03:59:7f:c1:8c:ad:11:00:33:7a:2c:50:f1:a7:
eb:62:61:d0:d3:34:10:60:61:22:b3:43:9f:b0:a4:85:93:95:
74:75:51:b6:e2:13:c5:c8:72:ff:bb:c7:80:a8:2a:55:b7:0b:
b0:3b:cc:b1:2a:98:0c:cb:8c:d7:45:b5:cc:37:24:41:c8:39:
22:e6:62:66:93:de:30:5d:be:fe:dc:14:e3:f3:24:1f:d0:3f:
50:a2:d1:b7:49:77:7c:da:1d:f8:de:a5:0c:a7:bd:0b:d5:7d:
cc:f6:5d:6f:ea:da:da:47:c4:fa:47:d7:4f:f5:1e:b3:10:ce:
97:c7:00:bf:91:d6:b8:a9:50:dc:f6:39:27:74:f3:a6:ef:6d:
5b:bd:9e:8e:67:80:f4:74:af:cf:c4:e2:60:a2:47:49:d4:95:
55:a3:c5:88:c9:e6:b0:27:fd:97:41:71:74:f4:0c:f6:6b:7e:
89:f6:cd:11:e1:32:7f:28:d5:b7:cc:31:e3:f5:f8:d1:d1:b1:
54:01:12:81:1c:44:b3:4c:f0:f5:fb:c2:18:23:09:b7:c7:f1:
46:8b:a2:a5:b7:fa:0c:6a:26:04:7f:a8:8e:5a:2c:cc:fa:2d:
1a:00:d2:59:91:8b:bf:d2:83:0e:49:9e:25:ca:2c:49:38:52:
d1:36:fc:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfMTGN4r+jSxkq2+16VNlqOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiOWRjODVmOTRjYTY0N2RlMGRiNjRkNzRkMzEzOTk0N2Nj
NDQ5YmEwHhcNMjUwNzAyMTgwMDQ3WhcNMjUwNzAzMTgwMDQ3WjAzMTEwLwYDVQQD
Eyg1YmZhMjJhMzBmMTU1MDQ5NzllMDNjYzY1YzVjZWE0ODhjZmJkMGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+nB+vOvowGKbS/ziqFkfV1ICSid
XfRPLKfZqEZOsXCwuFiWnfYLVX+/jBqsYOdc++KwRvDikKl7RQUoJOUxUTkVsDb0
YNSBpei0EL72eH+a50SbTi1NS2H8+NKuY/bw1SqKHagxwNOcxuGZgHiG344iN5eZ
CyR+Hhvi6wwvT0foSHk7lRvazQrGKARE7fFf5yxjddhOuUxEkrVqzx0W7dK/2w/c
QuYUAKIrle7YGhIIYXTLH7r6/pAjRZ1cQX/LYF/THxh7OfMx0Kid6v+Zy6YLKRmB
q6GNq7a7v8OIKRGjwdvJrnKv2XRxI0MwwbCqLYP3qqMMdv0ld2CegpX7JwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFv6IqMPFVBJeeA8xlxc6kiM+9DkMB8GA1UdIwQY
MBaAFKudyF+UymR94Ntk100xOZR8xEm6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTUzSVg1VEtaSDNnMjJUWFRURTVsSHpFU2JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy85YzgzYTUtM2E5YS00NzE1LTliMTYt
NDA0NjMyNDk3MGFmLzEvcTUzSVg1VEtaSDNnMjJUWFRURTVsSHpFU2JvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy85YzgzYTUtM2E5YS00NzE1LTliMTYtNDA0NjMyNDk3MGFm
LzEvcTUzSVg1VEtaSDNnMjJUWFRURTVsSHpFU2JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmaEr1ANZ
f8GMrREAM3osUPGn62Jh0NM0EGBhIrNDn7CkhZOVdHVRtuITxchy/7vHgKgqVbcL
sDvMsSqYDMuM10W1zDckQcg5IuZiZpPeMF2+/twU4/MkH9A/UKLRt0l3fNod+N6l
DKe9C9V9zPZdb+ra2kfE+kfXT/UesxDOl8cAv5HWuKlQ3PY5J3Tzpu9tW72ejmeA
9HSvz8TiYKJHSdSVVaPFiMnmsCf9l0FxdPQM9mt+ifbNEeEyfyjVt8wx4/X40dGx
VAESgRxEs0zw9fvCGCMJt8fxRouipbf6DGomBH+ojloszPotGgDSWZGLv9KDDkme
JcosSThS0Tb8ng==
-----END CERTIFICATE-----
Generated at Wed Jul 2 22:29:23 2025 by rpki-client