Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/ffdaf5-acaa-4df3-9e6c-c21409442fac/1/QYHCLrezLZAdElcA4UDrYAncxto.mft
File: QYHCLrezLZAdElcA4UDrYAncxto.mft (raw, json)
Hash identifier: hnAw4qi23NL+eYeKAV/iLnpby+hCtSphJ7hV6Q5A1Dg=
Subject key identifier: 2C:3D:96:E8:A1:A9:75:83:DA:7E:82:64:DD:AD:3A:D5:AE:A9:49:AF
Authority key identifier: 41:81:C2:2E:B7:B3:2D:90:1D:12:57:00:E1:40:EB:60:09:DC:C6:DA
Certificate issuer: /CN=4181c22eb7b32d901d125700e140eb6009dcc6da
Certificate serial: 0196B8916435B0E925CD16A879E691CBE7D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QYHCLrezLZAdElcA4UDrYAncxto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/ffdaf5-acaa-4df3-9e6c-c21409442fac/1/QYHCLrezLZAdElcA4UDrYAncxto.mft
Manifest number: 1536
Signing time: Sat 10 May 2025 05:00:58 +0000
Manifest this update: Sat 10 May 2025 05:00:58 +0000
Manifest next update: Sun 11 May 2025 05:00:58 +0000
Files and hashes: 1: HitPQyHhpEoVidVOwqr2ddK23LE.roa (hash: UNtTyCfc7GR1gxgfjG0Y/XLw7gBd/DnSW8H0cz2SvrM=)
2: QYHCLrezLZAdElcA4UDrYAncxto.crl (hash: EJmdXoKADzcF4mGUw8y5ZzzM4Mlhfj6ZyKagDj5JKWQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/ffdaf5-acaa-4df3-9e6c-c21409442fac/1/QYHCLrezLZAdElcA4UDrYAncxto.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/ffdaf5-acaa-4df3-9e6c-c21409442fac/1/QYHCLrezLZAdElcA4UDrYAncxto.mft
rsync://rpki.ripe.net/repository/DEFAULT/QYHCLrezLZAdElcA4UDrYAncxto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b8:91:64:35:b0:e9:25:cd:16:a8:79:e6:91:cb:e7:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4181c22eb7b32d901d125700e140eb6009dcc6da
Validity
Not Before: May 10 05:00:58 2025 GMT
Not After : May 11 05:00:58 2025 GMT
Subject: CN=2c3d96e8a1a97583da7e8264ddad3ad5aea949af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:a6:c8:66:37:f3:f6:f8:c8:8a:b9:ec:32:f1:
4e:ed:c2:0c:48:b0:10:72:2e:b3:6b:93:01:8f:0b:
dd:ad:73:04:04:16:98:9e:a4:ad:08:ae:3d:10:a0:
90:f5:b8:9a:9a:9f:ee:64:8d:90:6e:94:32:a3:c4:
66:30:bb:dd:48:60:c4:0d:76:9d:eb:13:1e:b5:aa:
18:97:b4:c4:17:59:34:88:a6:dd:5b:57:40:d4:2c:
33:e0:fa:f8:d2:6e:60:23:e3:53:3b:30:d4:45:ec:
3b:b2:d9:41:13:be:0f:c6:37:89:10:fe:28:f7:27:
db:fd:41:dc:8d:fd:78:f3:89:dd:47:e1:39:20:da:
bf:c1:a2:9f:4f:c9:af:ed:39:fa:21:e8:26:c2:da:
5d:67:70:cc:ac:95:0b:21:33:3d:44:eb:a3:ba:e3:
9a:fe:ec:f5:a9:e6:93:a3:c2:da:72:e9:d4:6d:71:
89:fd:e0:ef:79:21:92:af:f2:d1:ce:cd:81:ad:fa:
e6:ac:4f:98:9e:a4:96:25:44:a7:62:eb:50:be:8a:
98:2b:d6:31:d3:01:99:28:dc:49:24:9e:cf:4e:4e:
32:df:ac:1a:f0:bf:de:30:cb:57:62:78:4f:25:06:
6b:be:29:e4:07:fd:49:f7:4b:95:98:5f:a2:25:1e:
01:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:3D:96:E8:A1:A9:75:83:DA:7E:82:64:DD:AD:3A:D5:AE:A9:49:AF
X509v3 Authority Key Identifier:
keyid:41:81:C2:2E:B7:B3:2D:90:1D:12:57:00:E1:40:EB:60:09:DC:C6:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QYHCLrezLZAdElcA4UDrYAncxto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/ffdaf5-acaa-4df3-9e6c-c21409442fac/1/QYHCLrezLZAdElcA4UDrYAncxto.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/ffdaf5-acaa-4df3-9e6c-c21409442fac/1/QYHCLrezLZAdElcA4UDrYAncxto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
16:dc:b7:d5:1e:9e:67:84:0a:ae:62:79:ca:de:de:38:8b:cd:
9f:51:c5:2c:a8:96:85:60:24:0d:36:3b:0e:85:30:b0:50:42:
4e:3b:b3:75:6d:31:09:06:1b:6f:04:f9:2a:42:cd:1a:e9:ce:
c2:91:40:c4:78:f7:44:9f:75:aa:12:88:ca:2c:46:c0:b9:ae:
9f:19:11:af:d6:20:72:89:fa:b8:88:e9:52:f9:59:20:29:f7:
f2:0e:f9:51:a1:ef:37:12:d2:b7:53:74:f6:89:f5:2e:00:14:
c0:7a:49:d8:9f:fc:da:be:95:8e:1d:9b:35:b8:60:c4:b4:87:
17:ae:4d:09:21:d9:f0:21:1a:87:ed:fa:bb:97:ba:c1:4f:d0:
52:bb:81:e6:79:02:d5:5f:18:50:fc:b9:d9:45:57:58:92:f0:
01:78:65:17:9d:89:b0:5b:87:2a:44:80:9a:d0:11:31:f4:3c:
41:dc:34:13:00:75:9e:af:9a:29:e0:5d:71:1e:cf:60:6b:e6:
e6:3e:59:e2:91:4d:d1:71:cc:f4:7f:e5:e1:66:26:87:b4:42:
74:2d:0c:eb:80:f9:a7:4d:ac:bc:6b:91:45:4e:b3:a7:d2:fa:
a6:e3:b6:bb:fc:bb:7c:a4:90:35:00:ca:da:1c:4f:64:70:eb:
8a:fe:bc:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa4kWQ1sOklzRaoeeaRy+fSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxODFjMjJlYjdiMzJkOTAxZDEyNTcwMGUxNDBlYjYwMDlk
Y2M2ZGEwHhcNMjUwNTEwMDUwMDU4WhcNMjUwNTExMDUwMDU4WjAzMTEwLwYDVQQD
EygyYzNkOTZlOGExYTk3NTgzZGE3ZTgyNjRkZGFkM2FkNWFlYTk0OWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6bIZjfz9vjIirnsMvFO7cIMSLAQ
ci6za5MBjwvdrXMEBBaYnqStCK49EKCQ9biamp/uZI2QbpQyo8RmMLvdSGDEDXad
6xMetaoYl7TEF1k0iKbdW1dA1Cwz4Pr40m5gI+NTOzDURew7stlBE74PxjeJEP4o
9yfb/UHcjf1484ndR+E5INq/waKfT8mv7Tn6IegmwtpdZ3DMrJULITM9ROujuuOa
/uz1qeaTo8LacunUbXGJ/eDveSGSr/LRzs2BrfrmrE+YnqSWJUSnYutQvoqYK9Yx
0wGZKNxJJJ7PTk4y36wa8L/eMMtXYnhPJQZrvinkB/1J90uVmF+iJR4BuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCw9luihqXWD2n6CZN2tOtWuqUmvMB8GA1UdIwQY
MBaAFEGBwi63sy2QHRJXAOFA62AJ3MbaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVlIQ0xyZXpMWkFkRWxjQTRVRHJZQW5jeHRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9mZmRhZjUtYWNhYS00ZGYzLTllNmMt
YzIxNDA5NDQyZmFjLzEvUVlIQ0xyZXpMWkFkRWxjQTRVRHJZQW5jeHRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9mZmRhZjUtYWNhYS00ZGYzLTllNmMtYzIxNDA5NDQyZmFj
LzEvUVlIQ0xyZXpMWkFkRWxjQTRVRHJZQW5jeHRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFty31R6e
Z4QKrmJ5yt7eOIvNn1HFLKiWhWAkDTY7DoUwsFBCTjuzdW0xCQYbbwT5KkLNGunO
wpFAxHj3RJ91qhKIyixGwLmunxkRr9Ygcon6uIjpUvlZICn38g75UaHvNxLSt1N0
9on1LgAUwHpJ2J/82r6Vjh2bNbhgxLSHF65NCSHZ8CEah+36u5e6wU/QUruB5nkC
1V8YUPy52UVXWJLwAXhlF52JsFuHKkSAmtARMfQ8Qdw0EwB1nq+aKeBdcR7PYGvm
5j5Z4pFN0XHM9H/l4WYmh7RCdC0M64D5p02svGuRRU6zp9L6puO2u/y7fKSQNQDK
2hxPZHDriv68Gw==
-----END CERTIFICATE-----
Generated at Sat May 10 13:38:59 2025 by rpki-client