Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft
File: CQKHJW4l-jQNOvungOrGDVVq3sA.mft (raw, json)
Hash identifier: HjpALyeXFFR6daVF2LQa7P6Ab6tQU72Mp9yfLUE0Rkk=
Subject key identifier: 2A:09:C3:72:75:14:9E:31:7C:41:B0:31:87:CB:B5:31:F5:BC:2D:F3
Authority key identifier: 09:02:87:25:6E:25:FA:34:0D:3A:FB:A7:80:EA:C6:0D:55:6A:DE:C0
Certificate issuer: /CN=090287256e25fa340d3afba780eac60d556adec0
Certificate serial: 0198D47306A3329F09856D4AFA9BCB62FB47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CQKHJW4l-jQNOvungOrGDVVq3sA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft
Manifest number: 0966
Signing time: Sat 23 Aug 2025 01:02:44 +0000
Manifest this update: Sat 23 Aug 2025 01:02:44 +0000
Manifest next update: Sun 24 Aug 2025 01:02:44 +0000
Files and hashes: 1: CQKHJW4l-jQNOvungOrGDVVq3sA.crl (hash: Hu3NynnXX4W0fPABJCGOr9yVeFgGN8fUoqQY908vS3k=)
2: EOgnkpCGO25TfSV28ABNiElbHMI.roa (hash: xamMOb/MG2jklBJl6shRJRNZ2UW4izFBKtZBvXEcSVg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft
rsync://rpki.ripe.net/repository/DEFAULT/CQKHJW4l-jQNOvungOrGDVVq3sA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d4:73:06:a3:32:9f:09:85:6d:4a:fa:9b:cb:62:fb:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=090287256e25fa340d3afba780eac60d556adec0
Validity
Not Before: Aug 23 01:02:44 2025 GMT
Not After : Aug 24 01:02:44 2025 GMT
Subject: CN=2a09c37275149e317c41b03187cbb531f5bc2df3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:dc:a5:71:fd:72:74:fb:e0:d5:ce:01:77:8a:
2b:c7:08:fa:33:b1:e3:21:1e:de:59:b7:d1:fa:6f:
ef:f4:5c:02:0c:0c:7f:4a:6b:aa:0a:b8:36:05:88:
75:ad:9a:c8:ee:a3:3d:8a:0c:5d:70:b6:2c:21:fe:
60:b8:0d:ad:47:07:b9:db:dc:a8:2f:84:3d:f2:cf:
51:21:0b:63:9b:66:11:63:00:0a:1c:79:51:4e:c5:
5c:58:7e:e9:3b:36:ea:09:d0:de:66:7e:ed:31:6b:
f7:4c:af:37:30:69:18:6c:a7:c7:9c:b5:1f:23:d5:
39:da:f1:6d:04:52:43:48:86:29:39:5c:d7:73:bc:
f9:70:a6:98:a4:a4:0e:b6:2a:81:8a:29:8a:f0:75:
e4:38:02:98:2c:e1:44:de:62:7e:48:2f:57:a1:35:
bb:c7:06:0b:f9:f5:99:04:f7:fb:42:70:b8:30:61:
50:88:7e:7b:9c:0d:a9:51:0d:51:fe:10:68:09:29:
fc:54:18:c8:37:ef:00:ac:19:0c:0e:b6:ee:ef:29:
02:c6:2a:4b:ce:11:2a:53:cc:04:78:12:9e:1f:58:
ae:bd:a6:62:6a:a7:9f:ed:92:e6:a6:86:d3:08:7a:
05:6a:c8:71:5d:b9:05:b5:89:71:14:16:76:cd:e3:
ca:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:09:C3:72:75:14:9E:31:7C:41:B0:31:87:CB:B5:31:F5:BC:2D:F3
X509v3 Authority Key Identifier:
keyid:09:02:87:25:6E:25:FA:34:0D:3A:FB:A7:80:EA:C6:0D:55:6A:DE:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CQKHJW4l-jQNOvungOrGDVVq3sA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
68:7f:86:1b:4a:82:c5:4d:82:4f:c1:0a:48:94:77:52:74:c7:
d6:74:72:1d:de:89:4a:36:ab:a6:67:9f:c2:4f:96:ed:7b:15:
c5:3a:d9:25:59:36:8a:31:0c:70:4d:88:b8:f0:05:9c:cb:38:
c7:77:90:6f:f9:47:44:96:8d:78:cb:27:23:cf:b6:f1:32:c3:
12:2e:4e:e8:c6:ed:f1:60:30:27:bb:05:aa:10:df:2b:e0:ae:
56:7b:62:15:fb:05:73:07:7d:a8:31:ac:48:2d:33:3c:0b:a2:
bd:da:2e:70:31:27:77:88:67:43:65:67:ca:fe:ca:ee:49:c5:
de:04:c6:88:59:3e:22:07:5c:f8:10:dd:b1:0c:02:cb:03:93:
e4:7a:7d:ba:af:e7:30:41:0d:d2:4e:7f:6b:73:21:0e:aa:f3:
b1:b2:7c:29:78:74:bb:a3:11:b2:c1:61:2c:e1:05:fc:c0:cd:
3e:22:ae:0f:11:71:77:34:9c:f6:42:0e:86:c6:e6:1d:58:ee:
c7:ee:9e:bf:90:df:88:07:80:64:79:ff:5a:2b:16:b2:ce:81:
0f:fa:1a:7b:e1:3d:cd:5e:2f:0d:4b:05:41:17:86:3a:83:be:
05:2c:c3:fd:4a:07:81:59:de:4f:e8:4e:93:6d:66:a0:be:4d:
33:ba:c5:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUcwajMp8JhW1K+pvLYvtHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MDI4NzI1NmUyNWZhMzQwZDNhZmJhNzgwZWFjNjBkNTU2
YWRlYzAwHhcNMjUwODIzMDEwMjQ0WhcNMjUwODI0MDEwMjQ0WjAzMTEwLwYDVQQD
EygyYTA5YzM3Mjc1MTQ5ZTMxN2M0MWIwMzE4N2NiYjUzMWY1YmMyZGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Nylcf1ydPvg1c4Bd4orxwj6M7Hj
IR7eWbfR+m/v9FwCDAx/SmuqCrg2BYh1rZrI7qM9igxdcLYsIf5guA2tRwe529yo
L4Q98s9RIQtjm2YRYwAKHHlRTsVcWH7pOzbqCdDeZn7tMWv3TK83MGkYbKfHnLUf
I9U52vFtBFJDSIYpOVzXc7z5cKaYpKQOtiqBiimK8HXkOAKYLOFE3mJ+SC9XoTW7
xwYL+fWZBPf7QnC4MGFQiH57nA2pUQ1R/hBoCSn8VBjIN+8ArBkMDrbu7ykCxipL
zhEqU8wEeBKeH1iuvaZiaqef7ZLmpobTCHoFashxXbkFtYlxFBZ2zePK9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCoJw3J1FJ4xfEGwMYfLtTH1vC3zMB8GA1UdIwQY
MBaAFAkChyVuJfo0DTr7p4Dqxg1Vat7AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1FLSEpXNGwtalFOT3Z1bmdPckdEVlZxM3NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC81YjBmZjUtODRjMy00OWJiLTlmYWIt
NzdiMjFjMDRiYzdkLzEvQ1FLSEpXNGwtalFOT3Z1bmdPckdEVlZxM3NBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC81YjBmZjUtODRjMy00OWJiLTlmYWItNzdiMjFjMDRiYzdk
LzEvQ1FLSEpXNGwtalFOT3Z1bmdPckdEVlZxM3NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaH+GG0qC
xU2CT8EKSJR3UnTH1nRyHd6JSjarpmefwk+W7XsVxTrZJVk2ijEMcE2IuPAFnMs4
x3eQb/lHRJaNeMsnI8+28TLDEi5O6Mbt8WAwJ7sFqhDfK+CuVntiFfsFcwd9qDGs
SC0zPAuivdoucDEnd4hnQ2Vnyv7K7knF3gTGiFk+Igdc+BDdsQwCywOT5Hp9uq/n
MEEN0k5/a3MhDqrzsbJ8KXh0u6MRssFhLOEF/MDNPiKuDxFxdzSc9kIOhsbmHVju
x+6ev5DfiAeAZHn/WisWss6BD/oae+E9zV4vDUsFQReGOoO+BSzD/UoHgVneT+hO
k21moL5NM7rFSw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 09:36:30 2025 by rpki-client