Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/60eb48-279d-4afe-8d8a-1daa951c71b7/1/qsIj-xlCEV5IqXVCByktAKCC7N8.mft
File: qsIj-xlCEV5IqXVCByktAKCC7N8.mft (raw, json)
Hash identifier: 3CUF9LbAjpZkNL+t0KUOvaJDBmw+GQ1cfragYf0CzzI=
Subject key identifier: 67:90:91:4C:A4:75:05:86:58:32:4D:19:B7:A7:5B:51:94:D2:52:82
Authority key identifier: AA:C2:23:FB:19:42:11:5E:48:A9:75:42:07:29:2D:00:A0:82:EC:DF
Certificate issuer: /CN=aac223fb1942115e48a9754207292d00a082ecdf
Certificate serial: 0196BFDD2E145087A5C5ADDD1BA4FFA60DD8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qsIj-xlCEV5IqXVCByktAKCC7N8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/60eb48-279d-4afe-8d8a-1daa951c71b7/1/qsIj-xlCEV5IqXVCByktAKCC7N8.mft
Manifest number: 0786
Signing time: Sun 11 May 2025 15:01:05 +0000
Manifest this update: Sun 11 May 2025 15:01:05 +0000
Manifest next update: Mon 12 May 2025 15:01:05 +0000
Files and hashes: 1: f7H4NvJn5XG9ZEVLvo3rzyryem0.roa (hash: FIvnUTIH/WyzVRn7SNngTErOpdYKzvrkMjSyoAbXEio=)
2: qsIj-xlCEV5IqXVCByktAKCC7N8.crl (hash: Lm8FN8nbeRfKPdl6Q9Ct6BOB0001GYK1FW4uB9AgNRg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/60eb48-279d-4afe-8d8a-1daa951c71b7/1/qsIj-xlCEV5IqXVCByktAKCC7N8.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/60eb48-279d-4afe-8d8a-1daa951c71b7/1/qsIj-xlCEV5IqXVCByktAKCC7N8.mft
rsync://rpki.ripe.net/repository/DEFAULT/qsIj-xlCEV5IqXVCByktAKCC7N8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 15:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:bf:dd:2e:14:50:87:a5:c5:ad:dd:1b:a4:ff:a6:0d:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aac223fb1942115e48a9754207292d00a082ecdf
Validity
Not Before: May 11 15:01:05 2025 GMT
Not After : May 12 15:01:05 2025 GMT
Subject: CN=6790914ca475058658324d19b7a75b5194d25282
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:10:1f:5c:ce:b4:d6:68:5d:d6:e6:0e:23:50:
5a:c9:f5:9b:81:89:21:76:83:6b:60:62:d1:dd:f9:
11:40:3a:a1:0f:cc:78:8c:88:3f:80:20:7d:1b:f3:
1d:40:58:34:6f:5a:82:a7:86:20:08:db:ab:dc:da:
07:32:f7:f3:06:cc:2f:0a:15:14:8b:84:96:6f:4f:
61:37:9d:df:1f:56:6c:e3:69:c7:15:91:34:fd:a0:
61:af:35:d7:c0:32:dc:9d:76:e2:37:78:cc:9a:f0:
51:79:69:fe:dc:7c:0d:3a:c5:ee:60:15:8f:e9:95:
21:85:59:3c:9f:bc:24:01:b7:69:2d:ac:4f:62:3b:
20:d6:4c:7c:e3:b3:88:26:e1:5d:d3:5f:dc:f2:7d:
ae:78:48:2d:bf:ba:6e:58:18:7f:37:2a:0a:74:4e:
8a:a4:79:3a:db:f5:c9:ac:8f:47:6e:15:58:1f:67:
e1:f0:6a:f5:51:87:6d:a4:22:9c:fa:48:35:96:f2:
d5:4f:81:e9:59:95:c0:bd:87:5a:dd:dc:c2:ed:9d:
0d:b3:02:26:0c:d7:5f:f6:47:6f:02:a9:df:ca:4f:
95:99:fd:ec:a8:df:82:e1:02:a8:70:0f:95:db:a2:
55:8f:89:4d:ce:70:ee:c5:1d:f0:11:24:72:9e:6e:
99:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:90:91:4C:A4:75:05:86:58:32:4D:19:B7:A7:5B:51:94:D2:52:82
X509v3 Authority Key Identifier:
keyid:AA:C2:23:FB:19:42:11:5E:48:A9:75:42:07:29:2D:00:A0:82:EC:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qsIj-xlCEV5IqXVCByktAKCC7N8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/60eb48-279d-4afe-8d8a-1daa951c71b7/1/qsIj-xlCEV5IqXVCByktAKCC7N8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/60eb48-279d-4afe-8d8a-1daa951c71b7/1/qsIj-xlCEV5IqXVCByktAKCC7N8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
09:ea:c4:48:f3:f3:8a:24:b1:e1:60:8f:ca:3b:50:4d:11:ca:
bc:2d:c0:c7:f0:41:b9:2e:b3:a6:f1:d6:88:8a:aa:22:f3:92:
12:a2:ff:b0:64:da:d0:6d:39:bd:48:ab:65:fc:37:5a:2c:ae:
be:46:5c:3c:e6:87:1c:42:32:72:49:62:45:c4:c8:ef:6f:30:
97:07:11:44:48:70:e0:f4:ae:dc:51:de:fa:b9:a0:b1:3d:0a:
75:4f:99:d4:b2:61:cf:9a:55:7e:e5:9c:21:5c:33:fb:42:9c:
9b:80:c5:77:ae:39:c1:dd:2c:24:44:48:08:6b:e0:50:15:32:
97:9b:d8:5f:ff:5f:cf:54:40:4a:b0:21:ca:be:6e:9c:55:0b:
15:1c:ea:60:14:9b:51:51:a8:00:76:3e:44:85:cc:06:c2:ea:
89:f7:db:09:7c:10:9c:15:23:60:d9:53:4c:53:8d:23:ac:5d:
6d:bf:47:5c:d5:96:a2:49:de:c9:19:5e:e7:56:94:25:38:86:
3d:b6:0e:61:db:2e:f4:d9:22:56:7c:43:64:85:85:25:22:f3:
06:7f:73:70:79:27:07:26:6f:c9:66:17:cd:14:c4:94:86:00:
75:06:c0:40:c1:43:3c:6d:9e:fa:57:62:b5:8d:19:ec:c4:c8:
0f:32:9f:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa/3S4UUIelxa3dG6T/pg3YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhYzIyM2ZiMTk0MjExNWU0OGE5NzU0MjA3MjkyZDAwYTA4
MmVjZGYwHhcNMjUwNTExMTUwMTA1WhcNMjUwNTEyMTUwMTA1WjAzMTEwLwYDVQQD
Eyg2NzkwOTE0Y2E0NzUwNTg2NTgzMjRkMTliN2E3NWI1MTk0ZDI1MjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7xAfXM601mhd1uYOI1BayfWbgYkh
doNrYGLR3fkRQDqhD8x4jIg/gCB9G/MdQFg0b1qCp4YgCNur3NoHMvfzBswvChUU
i4SWb09hN53fH1Zs42nHFZE0/aBhrzXXwDLcnXbiN3jMmvBReWn+3HwNOsXuYBWP
6ZUhhVk8n7wkAbdpLaxPYjsg1kx847OIJuFd01/c8n2ueEgtv7puWBh/NyoKdE6K
pHk62/XJrI9HbhVYH2fh8Gr1UYdtpCKc+kg1lvLVT4HpWZXAvYda3dzC7Z0NswIm
DNdf9kdvAqnfyk+Vmf3sqN+C4QKocA+V26JVj4lNznDuxR3wESRynm6ZbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGeQkUykdQWGWDJNGbenW1GU0lKCMB8GA1UdIwQY
MBaAFKrCI/sZQhFeSKl1QgcpLQCgguzfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXNJai14bENFVjVJcVhWQ0J5a3RBS0NDN044LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy82MGViNDgtMjc5ZC00YWZlLThkOGEt
MWRhYTk1MWM3MWI3LzEvcXNJai14bENFVjVJcVhWQ0J5a3RBS0NDN044Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy82MGViNDgtMjc5ZC00YWZlLThkOGEtMWRhYTk1MWM3MWI3
LzEvcXNJai14bENFVjVJcVhWQ0J5a3RBS0NDN044LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACerESPPz
iiSx4WCPyjtQTRHKvC3Ax/BBuS6zpvHWiIqqIvOSEqL/sGTa0G05vUirZfw3Wiyu
vkZcPOaHHEIyckliRcTI728wlwcRREhw4PSu3FHe+rmgsT0KdU+Z1LJhz5pVfuWc
IVwz+0Kcm4DFd645wd0sJERICGvgUBUyl5vYX/9fz1RASrAhyr5unFULFRzqYBSb
UVGoAHY+RIXMBsLqiffbCXwQnBUjYNlTTFONI6xdbb9HXNWWokneyRle51aUJTiG
PbYOYdsu9NkiVnxDZIWFJSLzBn9zcHknByZvyWYXzRTElIYAdQbAQMFDPG2e+ldi
tY0Z7MTIDzKfhQ==
-----END CERTIFICATE-----
Generated at Mon May 12 00:32:50 2025 by rpki-client