Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/QHznj0rDupAqDDjcAaDF8hJlGbA.mft
File: QHznj0rDupAqDDjcAaDF8hJlGbA.mft (raw, json)
Hash identifier: XZDokIoI0APIrNFJTFUAQhZ6YqIwVeb+0q+PuWDKf3k=
Subject key identifier: EC:7A:B0:FA:AF:30:8A:4C:5E:72:64:4A:09:CA:42:66:77:30:36:AD
Authority key identifier: 40:7C:E7:8F:4A:C3:BA:90:2A:0C:38:DC:01:A0:C5:F2:12:65:19:B0
Certificate issuer: /CN=407ce78f4ac3ba902a0c38dc01a0c5f2126519b0
Certificate serial: 0198D65F370493E748F58C1B5B488A02FD86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QHznj0rDupAqDDjcAaDF8hJlGbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/QHznj0rDupAqDDjcAaDF8hJlGbA.mft
Manifest number: 0AB8
Signing time: Sat 23 Aug 2025 10:00:20 +0000
Manifest this update: Sat 23 Aug 2025 10:00:20 +0000
Manifest next update: Sun 24 Aug 2025 10:00:20 +0000
Files and hashes: 1: QHznj0rDupAqDDjcAaDF8hJlGbA.crl (hash: I+w6I+axUdrtAHTIINdVZrXT2sp3dNWfsKmIb7Sg7w0=)
2: UJVJt5_Arh5oP7MnvKcbCGODOc4.roa (hash: cSJe9mPxkDM+ny/+GoKSWRH8dkU4qbTNsxlZ1deFGeo=)
3: epRoE1oSS28-kMoVUvbovqDaftI.roa (hash: vf7QEJn0ywPdqhUagZXAfAdq0fp3vefGorgZKG9IKIg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/QHznj0rDupAqDDjcAaDF8hJlGbA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/QHznj0rDupAqDDjcAaDF8hJlGbA.mft
rsync://rpki.ripe.net/repository/DEFAULT/QHznj0rDupAqDDjcAaDF8hJlGbA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d6:5f:37:04:93:e7:48:f5:8c:1b:5b:48:8a:02:fd:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=407ce78f4ac3ba902a0c38dc01a0c5f2126519b0
Validity
Not Before: Aug 23 10:00:20 2025 GMT
Not After : Aug 24 10:00:20 2025 GMT
Subject: CN=ec7ab0faaf308a4c5e72644a09ca4266773036ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:38:c3:ac:e4:65:62:3f:4b:0f:1c:bd:6a:5e:
da:f7:05:c0:b0:61:c4:5d:4b:ad:65:f5:13:1c:65:
e8:0f:84:5d:94:c5:ea:4c:10:cb:49:78:77:de:ac:
82:3e:45:68:9a:76:41:b2:1a:e1:69:fd:2b:a1:b1:
5f:41:97:aa:c9:1e:9b:89:9e:0f:cd:73:2c:c0:ed:
35:2d:07:5b:32:4d:af:2e:07:58:35:53:ef:41:31:
ee:c4:a1:36:21:5f:0f:a2:6e:e2:a3:40:5d:26:4d:
a6:67:22:49:b3:74:9f:ef:6c:5a:49:5d:cf:30:a1:
26:56:7c:4d:8d:6c:89:a4:17:e6:26:c9:ce:87:97:
c1:6a:b4:d7:5a:51:af:e4:56:23:aa:29:b1:92:0e:
93:c9:36:1b:c6:18:56:90:9b:cc:80:44:f9:7e:01:
24:84:c2:3a:77:60:cc:70:e0:f0:d8:03:48:3b:d2:
1e:73:0d:ce:fb:44:ab:c8:ce:38:f7:88:e4:bc:24:
e1:67:f3:31:36:dd:e5:3a:f1:a4:0d:58:ed:e5:75:
b7:ea:fc:8f:df:be:51:72:fb:f8:98:e7:13:82:8d:
4a:b5:d8:09:82:be:38:4d:c7:fb:c4:8a:07:2e:3a:
91:bd:91:20:69:86:8e:0d:2a:d6:c9:e2:fe:e5:cc:
93:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:7A:B0:FA:AF:30:8A:4C:5E:72:64:4A:09:CA:42:66:77:30:36:AD
X509v3 Authority Key Identifier:
keyid:40:7C:E7:8F:4A:C3:BA:90:2A:0C:38:DC:01:A0:C5:F2:12:65:19:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QHznj0rDupAqDDjcAaDF8hJlGbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/QHznj0rDupAqDDjcAaDF8hJlGbA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/QHznj0rDupAqDDjcAaDF8hJlGbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6e:a9:76:25:5c:b4:a2:ff:4c:60:16:8a:6f:4f:8a:3a:63:d0:
b8:af:b2:b6:68:ec:2d:0f:7d:de:ff:f0:cb:ae:4c:fa:72:d3:
39:21:5b:cc:85:91:82:87:78:f0:09:ea:9c:06:e3:5f:18:75:
12:f1:b5:2b:d7:7c:ce:f1:e5:39:a0:c4:67:66:d1:6b:71:f2:
ea:fe:a0:61:58:c8:9a:0d:ac:f8:9e:e9:8d:31:cd:e3:89:af:
af:36:7f:d3:7b:21:33:8e:2e:62:b8:83:e6:66:14:fb:b5:7b:
f6:98:41:5c:b5:d3:25:f4:d6:ef:4a:46:28:4c:cd:99:6a:9d:
24:27:60:28:98:d2:2e:fe:de:e9:b3:84:4e:66:54:1c:5f:c3:
c1:16:d8:22:34:29:03:ad:07:f6:02:39:6e:7b:85:34:a3:d6:
82:8b:64:66:cd:69:ff:f4:4b:e2:94:d5:a3:30:40:a5:4d:b3:
54:cb:14:9e:18:d9:e1:89:24:5f:79:f6:75:ad:b4:32:a4:39:
ba:6f:6e:b3:04:96:84:b5:ff:9a:14:3e:b6:41:9d:60:75:20:
e8:fd:72:40:60:51:15:9b:18:d7:4e:45:bb:62:45:4e:da:3b:
65:98:5b:e4:f1:41:f8:b0:d8:62:42:a5:26:f7:35:70:b8:9c:
f7:e4:07:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWXzcEk+dI9YwbW0iKAv2GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwN2NlNzhmNGFjM2JhOTAyYTBjMzhkYzAxYTBjNWYyMTI2
NTE5YjAwHhcNMjUwODIzMTAwMDIwWhcNMjUwODI0MTAwMDIwWjAzMTEwLwYDVQQD
EyhlYzdhYjBmYWFmMzA4YTRjNWU3MjY0NGEwOWNhNDI2Njc3MzAzNmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDjDrORlYj9LDxy9al7a9wXAsGHE
XUutZfUTHGXoD4RdlMXqTBDLSXh33qyCPkVomnZBshrhaf0robFfQZeqyR6biZ4P
zXMswO01LQdbMk2vLgdYNVPvQTHuxKE2IV8Pom7io0BdJk2mZyJJs3Sf72xaSV3P
MKEmVnxNjWyJpBfmJsnOh5fBarTXWlGv5FYjqimxkg6TyTYbxhhWkJvMgET5fgEk
hMI6d2DMcODw2ANIO9Iecw3O+0SryM4494jkvCThZ/MxNt3lOvGkDVjt5XW36vyP
375Rcvv4mOcTgo1KtdgJgr44Tcf7xIoHLjqRvZEgaYaODSrWyeL+5cyTtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOx6sPqvMIpMXnJkSgnKQmZ3MDatMB8GA1UdIwQY
MBaAFEB8549Kw7qQKgw43AGgxfISZRmwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUh6bmowckR1cEFxRERqY0FhREY4aEpsR2JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9hODdlYTgtYzNiNi00NzJkLWE5NmMt
YTk3MWEzMzRmYWE0LzEvUUh6bmowckR1cEFxRERqY0FhREY4aEpsR2JBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9hODdlYTgtYzNiNi00NzJkLWE5NmMtYTk3MWEzMzRmYWE0
LzEvUUh6bmowckR1cEFxRERqY0FhREY4aEpsR2JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbql2JVy0
ov9MYBaKb0+KOmPQuK+ytmjsLQ993v/wy65M+nLTOSFbzIWRgod48AnqnAbjXxh1
EvG1K9d8zvHlOaDEZ2bRa3Hy6v6gYVjImg2s+J7pjTHN44mvrzZ/03shM44uYriD
5mYU+7V79phBXLXTJfTW70pGKEzNmWqdJCdgKJjSLv7e6bOETmZUHF/DwRbYIjQp
A60H9gI5bnuFNKPWgotkZs1p//RL4pTVozBApU2zVMsUnhjZ4YkkX3n2da20MqQ5
um9uswSWhLX/mhQ+tkGdYHUg6P1yQGBRFZsY105Fu2JFTto7ZZhb5PFB+LDYYkKl
Jvc1cLic9+QHIQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:21:00 2025 by rpki-client