Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.mft
File: QB0ZYVrOK7vPoJFpCAgIdipksX4.mft (raw, json)
Hash identifier: A+ILRJhLyoYA7Ilnay/jb1htJ6a0TUtuaKzCTcbrm2k=
Subject key identifier: F5:88:E9:B4:C0:3D:4C:14:F6:F1:DE:E3:02:B2:64:E7:12:7B:8A:25
Authority key identifier: 40:1D:19:61:5A:CE:2B:BB:CF:A0:91:69:08:08:08:76:2A:64:B1:7E
Certificate issuer: /CN=401d19615ace2bbbcfa09169080808762a64b17e
Certificate serial: 0196BCA4C23E7B4828F9DDC0425CAC35AECF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QB0ZYVrOK7vPoJFpCAgIdipksX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.mft
Manifest number: 0402
Signing time: Sun 11 May 2025 00:00:36 +0000
Manifest this update: Sun 11 May 2025 00:00:36 +0000
Manifest next update: Mon 12 May 2025 00:00:36 +0000
Files and hashes: 1: KrtTh6gsfptfdAcGq3CmJjqfV2o.roa (hash: eRRAdGSdFwP7Zvo2rxHWeAe37W0cOjnKNlia+tVBb+M=)
2: QB0ZYVrOK7vPoJFpCAgIdipksX4.crl (hash: pQSpY0ARtFs9+szXNogn3YUwhlKyAWwYm1uQ1+IJuOQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.mft
rsync://rpki.ripe.net/repository/DEFAULT/QB0ZYVrOK7vPoJFpCAgIdipksX4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 00:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:bc:a4:c2:3e:7b:48:28:f9:dd:c0:42:5c:ac:35:ae:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=401d19615ace2bbbcfa09169080808762a64b17e
Validity
Not Before: May 11 00:00:36 2025 GMT
Not After : May 12 00:00:36 2025 GMT
Subject: CN=f588e9b4c03d4c14f6f1dee302b264e7127b8a25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:9b:26:d4:69:f2:d9:a1:1e:4e:39:3d:2e:b9:
f1:8c:1e:13:32:6f:5a:b1:8b:da:d3:8e:78:09:33:
20:bf:8b:78:7d:e0:20:ae:9f:9e:ae:5d:bb:ef:7c:
fc:e4:e5:b7:2a:f1:70:b7:88:a1:76:36:dd:cf:10:
df:4d:e7:a9:94:b4:49:5c:66:5f:a5:76:ca:cf:f5:
7f:1a:e0:5d:9c:a8:44:3b:b8:3c:68:9b:cc:e3:88:
52:a7:45:26:3f:bb:cc:33:ce:f4:87:98:69:30:7a:
15:e9:0a:b4:fc:97:1d:2e:23:25:c5:67:b1:b9:3f:
2b:e8:17:a0:48:af:62:c1:37:2c:5f:96:5f:a7:3e:
45:55:8e:6b:2f:ac:bf:95:e9:ac:4d:41:89:fb:62:
6a:4b:f9:21:83:64:81:8b:93:34:3c:a0:19:0a:39:
47:da:8d:b1:3d:68:7b:d6:94:a4:ee:75:05:03:63:
35:77:95:98:5d:95:46:a1:ab:30:11:e9:a4:d6:ce:
a5:21:20:55:08:f9:fa:dd:ed:f5:36:9f:31:38:cc:
21:cd:8d:9d:de:07:43:ce:af:ac:43:3f:b2:50:59:
a3:15:1f:e2:78:ef:98:9d:50:96:ea:7b:ad:f4:9b:
ee:e1:63:c7:f5:ab:2a:5b:dc:4f:52:ba:c9:2a:31:
de:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:88:E9:B4:C0:3D:4C:14:F6:F1:DE:E3:02:B2:64:E7:12:7B:8A:25
X509v3 Authority Key Identifier:
keyid:40:1D:19:61:5A:CE:2B:BB:CF:A0:91:69:08:08:08:76:2A:64:B1:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QB0ZYVrOK7vPoJFpCAgIdipksX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
56:5b:22:76:d5:26:4c:dd:c4:85:40:43:01:f5:a5:59:ae:55:
ea:3b:b5:41:34:0e:8e:3f:5b:14:ba:34:e7:b2:31:f2:44:d1:
fe:35:cf:b6:cf:0b:e7:6b:c8:98:ac:c7:47:92:9e:25:4f:6c:
66:a0:de:b6:de:63:b4:28:5a:8c:10:54:d2:c3:4c:85:26:56:
92:7a:c1:f1:69:52:81:d4:52:ca:c8:dd:5a:c0:67:be:94:1a:
9c:5d:5f:1e:2d:68:c9:a9:08:6f:94:af:60:0e:a4:eb:a7:ce:
7f:7e:c3:dd:f2:cf:62:ce:af:a2:fa:b2:59:2a:dd:7c:46:12:
42:10:59:9c:c5:af:82:81:c5:13:6c:d5:b7:2f:2d:8b:d7:8f:
e7:59:48:34:d1:1a:3b:17:9c:63:fe:37:2d:32:7a:ac:1a:bd:
f9:26:65:80:63:6d:eb:fc:10:b4:7e:89:2d:d1:a3:78:01:0e:
08:0d:5c:7f:9f:78:79:53:0d:90:03:0e:b4:34:0c:21:e1:ca:
cf:96:0a:4a:7e:1a:f6:88:c5:46:65:a4:09:a0:c3:01:6e:d7:
fb:8d:33:7c:65:a3:6d:f0:26:80:06:3e:5d:2f:50:14:4b:9c:
ab:b1:50:fe:89:9e:91:07:b9:ca:50:63:5d:86:27:b9:1e:d6:
0c:6f:d8:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa8pMI+e0go+d3AQlysNa7PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMWQxOTYxNWFjZTJiYmJjZmEwOTE2OTA4MDgwODc2MmE2
NGIxN2UwHhcNMjUwNTExMDAwMDM2WhcNMjUwNTEyMDAwMDM2WjAzMTEwLwYDVQQD
EyhmNTg4ZTliNGMwM2Q0YzE0ZjZmMWRlZTMwMmIyNjRlNzEyN2I4YTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzpsm1Gny2aEeTjk9LrnxjB4TMm9a
sYva0454CTMgv4t4feAgrp+erl2773z85OW3KvFwt4ihdjbdzxDfTeeplLRJXGZf
pXbKz/V/GuBdnKhEO7g8aJvM44hSp0UmP7vMM870h5hpMHoV6Qq0/JcdLiMlxWex
uT8r6BegSK9iwTcsX5Zfpz5FVY5rL6y/lemsTUGJ+2JqS/khg2SBi5M0PKAZCjlH
2o2xPWh71pSk7nUFA2M1d5WYXZVGoaswEemk1s6lISBVCPn63e31Np8xOMwhzY2d
3gdDzq+sQz+yUFmjFR/ieO+YnVCW6nut9Jvu4WPH9asqW9xPUrrJKjHe4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPWI6bTAPUwU9vHe4wKyZOcSe4olMB8GA1UdIwQY
MBaAFEAdGWFaziu7z6CRaQgICHYqZLF+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUIwWllWck9LN3ZQb0pGcENBZ0lkaXBrc1g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9iNWRhNzAtNDIxMC00NjNlLTlkYzYt
OTc5OTcyYTAwMTRkLzEvUUIwWllWck9LN3ZQb0pGcENBZ0lkaXBrc1g0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9iNWRhNzAtNDIxMC00NjNlLTlkYzYtOTc5OTcyYTAwMTRk
LzEvUUIwWllWck9LN3ZQb0pGcENBZ0lkaXBrc1g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVlsidtUm
TN3EhUBDAfWlWa5V6ju1QTQOjj9bFLo057Ix8kTR/jXPts8L52vImKzHR5KeJU9s
ZqDett5jtChajBBU0sNMhSZWknrB8WlSgdRSysjdWsBnvpQanF1fHi1oyakIb5Sv
YA6k66fOf37D3fLPYs6vovqyWSrdfEYSQhBZnMWvgoHFE2zVty8ti9eP51lINNEa
OxecY/43LTJ6rBq9+SZlgGNt6/wQtH6JLdGjeAEOCA1cf594eVMNkAMOtDQMIeHK
z5YKSn4a9ojFRmWkCaDDAW7X+40zfGWjbfAmgAY+XS9QFEucq7FQ/omekQe5ylBj
XYYnuR7WDG/YXA==
-----END CERTIFICATE-----
Generated at Sun May 11 10:42:02 2025 by rpki-client