Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/aa31cf-bb31-497c-a577-09b969d160fe/1/Q89BYZOhwu0wVrZH5aRlAxSOOCQ.mft
File: Q89BYZOhwu0wVrZH5aRlAxSOOCQ.mft (raw, json)
Hash identifier: V6ePdiUb8EobUnQKMvmRwArWyllmrh4F9pGlhEEoKTo=
Subject key identifier: C2:06:32:E3:1D:6D:BF:38:A5:D4:64:AE:36:A3:FB:84:CD:C2:5F:01
Authority key identifier: 43:CF:41:61:93:A1:C2:ED:30:56:B6:47:E5:A4:65:03:14:8E:38:24
Certificate issuer: /CN=43cf416193a1c2ed3056b647e5a46503148e3824
Certificate serial: 0198D515749EC7FEA74B33CF703101C3D91C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q89BYZOhwu0wVrZH5aRlAxSOOCQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/aa31cf-bb31-497c-a577-09b969d160fe/1/Q89BYZOhwu0wVrZH5aRlAxSOOCQ.mft
Manifest number: 0709
Signing time: Sat 23 Aug 2025 04:00:09 +0000
Manifest this update: Sat 23 Aug 2025 04:00:09 +0000
Manifest next update: Sun 24 Aug 2025 04:00:09 +0000
Files and hashes: 1: EVfs3Ty5us2kONM9lNbKxeOpQy4.roa (hash: XNAy20rJW1bN/SCZtyAydEWkC3qMnBorsPnV2qCqZ6A=)
2: Q89BYZOhwu0wVrZH5aRlAxSOOCQ.crl (hash: NqGJmplcLqbo2DyS2XSBTzBQu+Gs3zdX6ZPkzHy1CsE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/aa31cf-bb31-497c-a577-09b969d160fe/1/Q89BYZOhwu0wVrZH5aRlAxSOOCQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/aa31cf-bb31-497c-a577-09b969d160fe/1/Q89BYZOhwu0wVrZH5aRlAxSOOCQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q89BYZOhwu0wVrZH5aRlAxSOOCQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 04:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:15:74:9e:c7:fe:a7:4b:33:cf:70:31:01:c3:d9:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43cf416193a1c2ed3056b647e5a46503148e3824
Validity
Not Before: Aug 23 04:00:09 2025 GMT
Not After : Aug 24 04:00:09 2025 GMT
Subject: CN=c20632e31d6dbf38a5d464ae36a3fb84cdc25f01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b9:ec:3e:36:ae:6a:af:3f:ef:3d:47:7e:73:
81:e7:e7:6f:a8:5d:e9:ca:e3:85:64:72:fe:fb:de:
56:c1:5e:2c:1b:b1:3f:a7:0b:db:d0:15:68:4a:a4:
c8:66:fa:b3:f9:64:11:65:a1:8e:95:8b:a2:7d:7c:
26:1b:80:14:ff:22:d2:1f:cc:ab:db:b7:31:88:13:
9c:b4:df:15:bc:01:2b:4b:68:06:97:42:f8:58:ff:
88:e4:d4:a8:d1:41:3b:9d:de:04:0d:5e:4b:8e:97:
7b:10:96:58:15:8b:a4:98:17:7c:30:22:ad:25:74:
2d:6a:33:41:6e:24:62:e1:27:3e:ac:ce:37:cd:f5:
b8:7f:1a:47:3f:6b:e9:41:1b:d8:01:c4:6e:e8:82:
be:14:00:54:2b:76:d0:63:d1:63:85:50:c7:19:c8:
95:4c:e2:16:44:a8:3a:56:c3:ff:5d:3a:8c:bc:3b:
49:9e:ff:d1:95:ec:0d:0b:b8:40:b5:58:fe:52:ae:
24:76:23:89:a5:b6:4c:d6:ee:8f:73:4b:00:99:9b:
b5:b6:a8:e1:3c:ab:c7:67:dc:07:a7:b8:33:61:60:
28:74:5d:9a:8e:59:bb:c3:c5:71:2e:40:c7:2c:bf:
a9:1d:e4:87:37:5a:dc:ee:a2:f4:e6:36:bd:4a:d3:
b9:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:06:32:E3:1D:6D:BF:38:A5:D4:64:AE:36:A3:FB:84:CD:C2:5F:01
X509v3 Authority Key Identifier:
keyid:43:CF:41:61:93:A1:C2:ED:30:56:B6:47:E5:A4:65:03:14:8E:38:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q89BYZOhwu0wVrZH5aRlAxSOOCQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/aa31cf-bb31-497c-a577-09b969d160fe/1/Q89BYZOhwu0wVrZH5aRlAxSOOCQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/aa31cf-bb31-497c-a577-09b969d160fe/1/Q89BYZOhwu0wVrZH5aRlAxSOOCQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
52:cc:d3:53:ff:7d:f2:89:e5:89:29:a4:65:bc:03:ff:d5:eb:
b6:39:5d:21:55:7d:c7:8a:21:d3:27:92:98:cd:9c:8b:2a:62:
09:7a:8a:01:0f:bf:27:a4:fa:4f:f3:cb:dd:38:72:f9:a0:e0:
92:84:0b:2f:13:56:1b:8e:7d:ef:97:eb:3b:d2:8f:59:a8:47:
1a:51:0f:80:c1:fc:2e:8d:fb:e1:75:a9:79:9c:5a:4a:d0:d9:
f2:cf:44:c0:ff:cc:95:e6:9f:74:fe:b3:e7:b0:0c:68:88:63:
d5:83:a2:c5:8d:17:1e:41:6e:cb:4e:55:51:dd:33:65:5f:c0:
12:74:5e:26:e5:cd:1b:29:8b:43:97:b9:d4:17:0b:e2:67:59:
d4:e3:d3:2d:43:d2:62:11:aa:1e:5f:b7:95:ae:8b:e6:6e:42:
4b:83:02:ec:c1:39:ef:8d:f9:67:05:f4:41:2d:3e:25:88:2b:
57:76:1a:49:00:fe:05:a0:6e:d5:09:81:17:18:e4:73:80:e5:
1f:b2:7e:d3:42:57:07:f1:ab:a5:aa:f9:7d:ff:06:15:68:ba:
e7:aa:56:61:d1:c3:5f:4e:f4:1d:65:67:09:0d:c7:fc:94:70:
94:3c:98:4c:d8:d4:5f:ff:1e:fd:84:1e:19:2e:5b:d5:36:6c:
eb:3b:3a:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVFXSex/6nSzPPcDEBw9kcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzY2Y0MTYxOTNhMWMyZWQzMDU2YjY0N2U1YTQ2NTAzMTQ4
ZTM4MjQwHhcNMjUwODIzMDQwMDA5WhcNMjUwODI0MDQwMDA5WjAzMTEwLwYDVQQD
EyhjMjA2MzJlMzFkNmRiZjM4YTVkNDY0YWUzNmEzZmI4NGNkYzI1ZjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7nsPjauaq8/7z1HfnOB5+dvqF3p
yuOFZHL++95WwV4sG7E/pwvb0BVoSqTIZvqz+WQRZaGOlYuifXwmG4AU/yLSH8yr
27cxiBOctN8VvAErS2gGl0L4WP+I5NSo0UE7nd4EDV5Ljpd7EJZYFYukmBd8MCKt
JXQtajNBbiRi4Sc+rM43zfW4fxpHP2vpQRvYAcRu6IK+FABUK3bQY9FjhVDHGciV
TOIWRKg6VsP/XTqMvDtJnv/RlewNC7hAtVj+Uq4kdiOJpbZM1u6Pc0sAmZu1tqjh
PKvHZ9wHp7gzYWAodF2ajlm7w8VxLkDHLL+pHeSHN1rc7qL05ja9StO5wwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMIGMuMdbb84pdRkrjaj+4TNwl8BMB8GA1UdIwQY
MBaAFEPPQWGTocLtMFa2R+WkZQMUjjgkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTg5QllaT2h3dTB3VnJaSDVhUmxBeFNPT0NRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9hYTMxY2YtYmIzMS00OTdjLWE1Nzct
MDliOTY5ZDE2MGZlLzEvUTg5QllaT2h3dTB3VnJaSDVhUmxBeFNPT0NRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9hYTMxY2YtYmIzMS00OTdjLWE1NzctMDliOTY5ZDE2MGZl
LzEvUTg5QllaT2h3dTB3VnJaSDVhUmxBeFNPT0NRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUszTU/99
8onliSmkZbwD/9XrtjldIVV9x4oh0yeSmM2ciypiCXqKAQ+/J6T6T/PL3Thy+aDg
koQLLxNWG45975frO9KPWahHGlEPgMH8Lo374XWpeZxaStDZ8s9EwP/MleafdP6z
57AMaIhj1YOixY0XHkFuy05VUd0zZV/AEnReJuXNGymLQ5e51BcL4mdZ1OPTLUPS
YhGqHl+3la6L5m5CS4MC7ME57435ZwX0QS0+JYgrV3YaSQD+BaBu1QmBFxjkc4Dl
H7J+00JXB/Grpar5ff8GFWi656pWYdHDX070HWVnCQ3H/JRwlDyYTNjUX/8e/YQe
GS5b1TZs6zs6OA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:06:52 2025 by rpki-client