Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/qvHI3UCIS0nwiAZNPBANKhiahHQ.mft
File: qvHI3UCIS0nwiAZNPBANKhiahHQ.mft (raw, json)
Hash identifier: IrI+7Wczj77xVdXl/pPGkRMlw1RhH95I56xGFGRxdz8=
Subject key identifier: 4D:08:78:60:F8:44:58:6F:22:C0:02:8A:DF:AD:95:7C:C6:05:1D:B5
Authority key identifier: AA:F1:C8:DD:40:88:4B:49:F0:88:06:4D:3C:10:0D:2A:18:9A:84:74
Certificate issuer: /CN=aaf1c8dd40884b49f088064d3c100d2a189a8474
Certificate serial: 0197BFDA9ACDB95836712146E8ECABB75C60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qvHI3UCIS0nwiAZNPBANKhiahHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/qvHI3UCIS0nwiAZNPBANKhiahHQ.mft
Manifest number: 0216
Signing time: Mon 30 Jun 2025 08:01:04 +0000
Manifest this update: Mon 30 Jun 2025 08:01:04 +0000
Manifest next update: Tue 01 Jul 2025 08:01:04 +0000
Files and hashes: 1: UGApytPJPEIPFbzs4L0oU_KIdHM.roa (hash: cf5ZtJTmEf4eW9FhhtNmIkoS04da9/P7WQkJtlas3+0=)
2: qvHI3UCIS0nwiAZNPBANKhiahHQ.crl (hash: 37296Shw6zJyrQimfT8vwLEaZnARu31UQlSQjfSJD9g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/qvHI3UCIS0nwiAZNPBANKhiahHQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/qvHI3UCIS0nwiAZNPBANKhiahHQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/qvHI3UCIS0nwiAZNPBANKhiahHQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 08:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:bf:da:9a:cd:b9:58:36:71:21:46:e8:ec:ab:b7:5c:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aaf1c8dd40884b49f088064d3c100d2a189a8474
Validity
Not Before: Jun 30 08:01:04 2025 GMT
Not After : Jul 1 08:01:04 2025 GMT
Subject: CN=4d087860f844586f22c0028adfad957cc6051db5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:2a:9f:91:e5:e5:f4:69:58:23:48:d7:23:e2:
2f:e6:ff:0f:fe:74:1a:03:fb:f1:1d:94:1a:4a:4a:
7e:25:f7:f4:4e:a2:fe:6c:a3:e5:a3:de:9d:02:bf:
18:1a:b1:2e:9d:60:70:6b:1f:fa:2d:51:d4:e9:01:
4a:52:f9:c5:51:ba:26:de:83:2b:f9:d0:8b:c8:5b:
1c:54:10:03:56:46:2c:e6:76:44:30:34:df:de:c8:
1a:c4:ac:77:57:88:83:bc:6d:2e:4c:28:af:5b:d4:
5e:72:3a:06:4e:4d:5d:51:af:52:27:0a:91:cf:a7:
8c:10:e1:f8:26:61:91:f0:13:84:8d:35:da:18:3c:
87:dc:8f:82:52:22:90:23:87:dd:4e:98:86:95:8c:
f9:51:2a:a6:a1:53:57:cf:7a:85:85:a0:e9:a5:cc:
ca:26:7a:38:74:76:87:f6:8a:94:77:90:ae:a1:fc:
b0:86:17:48:6a:82:d3:ea:75:5a:79:2c:07:57:a7:
50:a0:d9:bc:b3:9e:3b:d1:b2:9b:82:ca:ce:77:d2:
8f:58:a3:c7:02:b3:61:e3:bc:92:f5:67:f4:cc:72:
42:98:43:3f:ab:d8:ba:1c:28:7a:67:12:4b:1d:d0:
61:ec:8f:90:40:66:06:e0:b4:80:38:c2:d7:a9:43:
db:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:08:78:60:F8:44:58:6F:22:C0:02:8A:DF:AD:95:7C:C6:05:1D:B5
X509v3 Authority Key Identifier:
keyid:AA:F1:C8:DD:40:88:4B:49:F0:88:06:4D:3C:10:0D:2A:18:9A:84:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qvHI3UCIS0nwiAZNPBANKhiahHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/qvHI3UCIS0nwiAZNPBANKhiahHQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/qvHI3UCIS0nwiAZNPBANKhiahHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0f:90:0f:a2:46:1b:50:04:a4:e5:dc:6a:00:6e:38:25:9e:39:
4e:3d:de:b8:2a:27:a4:60:c3:3d:69:3b:19:db:3e:5e:4b:9b:
95:75:e0:df:e5:0a:69:5a:83:a3:eb:13:57:bb:3d:8e:8d:9a:
5c:73:36:e0:9d:04:14:fc:77:c7:84:8d:e8:0e:f9:bb:a0:f2:
06:e6:73:82:6f:cd:23:f3:6b:c9:ae:3c:a5:c3:25:68:e1:8d:
1e:e5:35:2b:9c:59:95:89:b5:d0:45:2a:ea:28:46:ca:bf:56:
39:21:e6:6c:8f:d8:b4:61:8b:3c:6d:fe:d5:9d:cc:15:2f:ab:
10:c9:d2:06:ec:db:bf:16:96:21:5c:d3:fb:b8:1c:6e:68:6e:
42:15:9a:78:f4:be:0e:2f:fe:52:4e:54:43:d8:94:b2:ec:dc:
69:87:3c:4c:d9:58:78:60:ac:12:46:34:e9:15:ae:52:27:83:
40:94:e8:21:0d:7a:b6:32:b5:3e:66:34:fb:0d:2a:8d:49:8e:
30:28:1f:3d:98:1c:3d:2d:80:df:87:67:82:43:8d:f5:91:1c:
fd:03:c0:1c:72:8e:f2:5d:46:89:fb:92:24:0e:74:f9:f4:1f:
dc:ee:77:24:51:3a:2e:cd:6b:8c:46:cf:a8:01:39:89:a3:34:
0d:2b:fe:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe/2prNuVg2cSFG6Oyrt1xgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhZjFjOGRkNDA4ODRiNDlmMDg4MDY0ZDNjMTAwZDJhMTg5
YTg0NzQwHhcNMjUwNjMwMDgwMTA0WhcNMjUwNzAxMDgwMTA0WjAzMTEwLwYDVQQD
Eyg0ZDA4Nzg2MGY4NDQ1ODZmMjJjMDAyOGFkZmFkOTU3Y2M2MDUxZGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1CqfkeXl9GlYI0jXI+Iv5v8P/nQa
A/vxHZQaSkp+Jff0TqL+bKPlo96dAr8YGrEunWBwax/6LVHU6QFKUvnFUbom3oMr
+dCLyFscVBADVkYs5nZEMDTf3sgaxKx3V4iDvG0uTCivW9RecjoGTk1dUa9SJwqR
z6eMEOH4JmGR8BOEjTXaGDyH3I+CUiKQI4fdTpiGlYz5USqmoVNXz3qFhaDppczK
Jno4dHaH9oqUd5CuofywhhdIaoLT6nVaeSwHV6dQoNm8s5470bKbgsrOd9KPWKPH
ArNh47yS9Wf0zHJCmEM/q9i6HCh6ZxJLHdBh7I+QQGYG4LSAOMLXqUPbIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE0IeGD4RFhvIsACit+tlXzGBR21MB8GA1UdIwQY
MBaAFKrxyN1AiEtJ8IgGTTwQDSoYmoR0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXZISTNVQ0lTMG53aUFaTlBCQU5LaGlhaEhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8zMzkwMGMtZTZjZS00NDRlLWJjOTYt
M2IzMzlkMDgxZjgzLzEvcXZISTNVQ0lTMG53aUFaTlBCQU5LaGlhaEhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8zMzkwMGMtZTZjZS00NDRlLWJjOTYtM2IzMzlkMDgxZjgz
LzEvcXZISTNVQ0lTMG53aUFaTlBCQU5LaGlhaEhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD5APokYb
UASk5dxqAG44JZ45Tj3euConpGDDPWk7Gds+XkublXXg3+UKaVqDo+sTV7s9jo2a
XHM24J0EFPx3x4SN6A75u6DyBuZzgm/NI/Nrya48pcMlaOGNHuU1K5xZlYm10EUq
6ihGyr9WOSHmbI/YtGGLPG3+1Z3MFS+rEMnSBuzbvxaWIVzT+7gcbmhuQhWaePS+
Di/+Uk5UQ9iUsuzcaYc8TNlYeGCsEkY06RWuUieDQJToIQ16tjK1PmY0+w0qjUmO
MCgfPZgcPS2A34dngkON9ZEc/QPAHHKO8l1GifuSJA50+fQf3O53JFE6Ls1rjEbP
qAE5iaM0DSv+2w==
-----END CERTIFICATE-----
Generated at Mon Jun 30 15:17:41 2025 by rpki-client