Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/aa31cf-bb31-497c-a577-09b969d160fe/1/Q89BYZOhwu0wVrZH5aRlAxSOOCQ.mft
File: Q89BYZOhwu0wVrZH5aRlAxSOOCQ.mft (raw, json)
Hash identifier: 0YGu88M30m68gPNWHl5xA6S5dVRj4gSoOUlVX9cSnds=
Subject key identifier: C1:7A:4A:23:DC:81:3C:FE:D4:64:AB:CC:84:41:49:10:02:1F:02:80
Authority key identifier: 43:CF:41:61:93:A1:C2:ED:30:56:B6:47:E5:A4:65:03:14:8E:38:24
Certificate issuer: /CN=43cf416193a1c2ed3056b647e5a46503148e3824
Certificate serial: 0197B7457E78E958BED1B5E407EE6A3AE582
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q89BYZOhwu0wVrZH5aRlAxSOOCQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/aa31cf-bb31-497c-a577-09b969d160fe/1/Q89BYZOhwu0wVrZH5aRlAxSOOCQ.mft
Manifest number: 0675
Signing time: Sat 28 Jun 2025 16:01:14 +0000
Manifest this update: Sat 28 Jun 2025 16:01:14 +0000
Manifest next update: Sun 29 Jun 2025 16:01:14 +0000
Files and hashes: 1: EVfs3Ty5us2kONM9lNbKxeOpQy4.roa (hash: XNAy20rJW1bN/SCZtyAydEWkC3qMnBorsPnV2qCqZ6A=)
2: Q89BYZOhwu0wVrZH5aRlAxSOOCQ.crl (hash: 1f7RaiUQ9XXk/AWVbokYBJEYvT3a2bcEGmpP/zbfFRQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/aa31cf-bb31-497c-a577-09b969d160fe/1/Q89BYZOhwu0wVrZH5aRlAxSOOCQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/aa31cf-bb31-497c-a577-09b969d160fe/1/Q89BYZOhwu0wVrZH5aRlAxSOOCQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q89BYZOhwu0wVrZH5aRlAxSOOCQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:45:7e:78:e9:58:be:d1:b5:e4:07:ee:6a:3a:e5:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43cf416193a1c2ed3056b647e5a46503148e3824
Validity
Not Before: Jun 28 16:01:14 2025 GMT
Not After : Jun 29 16:01:14 2025 GMT
Subject: CN=c17a4a23dc813cfed464abcc84414910021f0280
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:61:00:db:4c:39:fc:16:63:0e:68:3a:de:2f:
74:b4:d2:ee:37:b6:d1:fd:ef:da:f5:a0:b9:17:ff:
ef:0e:0e:07:26:86:a7:ef:2f:9a:d3:13:9c:53:73:
fb:71:2b:7a:fa:6f:99:0f:32:0c:b7:08:f2:59:63:
e2:a9:35:b7:a8:91:be:19:c1:aa:e7:b5:fe:a1:64:
ac:90:ef:3a:99:e5:7e:7d:e3:35:36:ab:5e:23:8b:
6e:7c:d1:2a:c2:82:b9:3f:c1:8e:ac:8a:19:f1:00:
51:43:2c:9f:bd:43:dc:ab:b2:ae:bd:05:66:20:7e:
8a:e9:e7:a1:c4:aa:57:cd:65:00:31:ad:e0:e8:2c:
d4:73:70:3a:dd:0e:db:b7:d3:6d:fd:45:b7:bf:c9:
be:a4:6e:49:52:30:bf:04:55:9e:97:19:ca:92:f8:
40:12:7a:39:d9:f6:e6:e7:7b:e2:a5:9a:e6:e4:e4:
d2:8f:df:0f:fd:13:6f:4e:e8:64:3a:08:05:ba:e6:
2a:96:1a:33:df:1d:c2:7f:26:01:2d:ba:af:ef:4c:
6c:6e:fa:25:d0:3f:e9:00:f0:8a:14:e9:aa:aa:9d:
58:a3:e7:34:40:c5:9e:a4:bc:e3:1a:11:56:e3:d9:
09:92:f3:55:ef:ab:9b:71:06:3b:11:dd:29:47:d0:
22:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:7A:4A:23:DC:81:3C:FE:D4:64:AB:CC:84:41:49:10:02:1F:02:80
X509v3 Authority Key Identifier:
keyid:43:CF:41:61:93:A1:C2:ED:30:56:B6:47:E5:A4:65:03:14:8E:38:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q89BYZOhwu0wVrZH5aRlAxSOOCQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/aa31cf-bb31-497c-a577-09b969d160fe/1/Q89BYZOhwu0wVrZH5aRlAxSOOCQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/aa31cf-bb31-497c-a577-09b969d160fe/1/Q89BYZOhwu0wVrZH5aRlAxSOOCQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7a:65:52:49:5a:74:e0:75:a2:d9:5a:78:bb:f7:68:a1:8e:73:
51:3b:20:05:7a:8a:49:42:a7:59:75:66:da:f6:09:06:18:63:
61:8a:fd:81:83:12:4d:8e:2a:f0:31:ba:4b:c7:cc:b1:dc:e5:
c6:02:9a:21:0b:2f:6f:be:38:53:53:9e:d8:39:f6:cd:a0:70:
42:88:ed:e3:1b:19:49:c0:a0:6d:44:e2:f0:e7:9a:69:60:d8:
f5:22:b0:30:e7:78:71:88:63:49:24:45:15:02:71:1c:05:24:
f6:04:7b:96:39:ea:f8:fa:57:4a:63:9c:d2:17:db:de:ee:b7:
79:11:2d:8f:64:ff:be:54:e2:43:a9:dd:11:87:38:4d:40:35:
aa:3d:57:56:9d:a9:ca:ef:b3:99:cc:1c:bd:65:5a:11:e0:ed:
33:42:0f:52:db:75:87:c5:18:20:c7:bb:e9:20:ef:96:a1:b4:
0f:cb:4b:b1:68:a6:b4:29:5f:e2:0a:3a:58:8f:52:ce:c7:ab:
84:0c:5e:76:dc:9e:09:57:a3:8c:d6:9c:0a:b9:37:dc:39:1a:
5a:fd:6b:91:1a:d8:54:5f:d9:75:88:69:33:a8:33:89:b0:8a:
0d:1a:4e:a8:9a:d3:25:20:3c:ad:15:7d:78:73:4e:e0:55:a4:
c6:ff:2d:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RX546Vi+0bXkB+5qOuWCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzY2Y0MTYxOTNhMWMyZWQzMDU2YjY0N2U1YTQ2NTAzMTQ4
ZTM4MjQwHhcNMjUwNjI4MTYwMTE0WhcNMjUwNjI5MTYwMTE0WjAzMTEwLwYDVQQD
EyhjMTdhNGEyM2RjODEzY2ZlZDQ2NGFiY2M4NDQxNDkxMDAyMWYwMjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmEA20w5/BZjDmg63i90tNLuN7bR
/e/a9aC5F//vDg4HJoan7y+a0xOcU3P7cSt6+m+ZDzIMtwjyWWPiqTW3qJG+GcGq
57X+oWSskO86meV+feM1NqteI4tufNEqwoK5P8GOrIoZ8QBRQyyfvUPcq7KuvQVm
IH6K6eehxKpXzWUAMa3g6CzUc3A63Q7bt9Nt/UW3v8m+pG5JUjC/BFWelxnKkvhA
Eno52fbm53vipZrm5OTSj98P/RNvTuhkOggFuuYqlhoz3x3CfyYBLbqv70xsbvol
0D/pAPCKFOmqqp1Yo+c0QMWepLzjGhFW49kJkvNV76ubcQY7Ed0pR9Ai1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMF6SiPcgTz+1GSrzIRBSRACHwKAMB8GA1UdIwQY
MBaAFEPPQWGTocLtMFa2R+WkZQMUjjgkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTg5QllaT2h3dTB3VnJaSDVhUmxBeFNPT0NRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9hYTMxY2YtYmIzMS00OTdjLWE1Nzct
MDliOTY5ZDE2MGZlLzEvUTg5QllaT2h3dTB3VnJaSDVhUmxBeFNPT0NRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9hYTMxY2YtYmIzMS00OTdjLWE1NzctMDliOTY5ZDE2MGZl
LzEvUTg5QllaT2h3dTB3VnJaSDVhUmxBeFNPT0NRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAemVSSVp0
4HWi2Vp4u/dooY5zUTsgBXqKSUKnWXVm2vYJBhhjYYr9gYMSTY4q8DG6S8fMsdzl
xgKaIQsvb744U1Oe2Dn2zaBwQojt4xsZScCgbUTi8OeaaWDY9SKwMOd4cYhjSSRF
FQJxHAUk9gR7ljnq+PpXSmOc0hfb3u63eREtj2T/vlTiQ6ndEYc4TUA1qj1XVp2p
yu+zmcwcvWVaEeDtM0IPUtt1h8UYIMe76SDvlqG0D8tLsWimtClf4go6WI9Szser
hAxedtyeCVejjNacCrk33DkaWv1rkRrYVF/ZdYhpM6gzibCKDRpOqJrTJSA8rRV9
eHNO4FWkxv8tRA==
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:07:13 2025 by rpki-client