Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/QHznj0rDupAqDDjcAaDF8hJlGbA.mft
File: QHznj0rDupAqDDjcAaDF8hJlGbA.mft (raw, json)
Hash identifier: qoXB4jQI0KvSYu+n31XDuvBLzjs8m6+5uQbnbbda4K8=
Subject key identifier: 1A:BB:CF:58:C1:7E:0D:3E:D0:7C:3B:E2:96:78:5A:9E:4E:98:FA:83
Authority key identifier: 40:7C:E7:8F:4A:C3:BA:90:2A:0C:38:DC:01:A0:C5:F2:12:65:19:B0
Certificate issuer: /CN=407ce78f4ac3ba902a0c38dc01a0c5f2126519b0
Certificate serial: 0197B6A095BDE2BABA087375E3BAF84889B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QHznj0rDupAqDDjcAaDF8hJlGbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/QHznj0rDupAqDDjcAaDF8hJlGbA.mft
Manifest number: 0A23
Signing time: Sat 28 Jun 2025 13:01:06 +0000
Manifest this update: Sat 28 Jun 2025 13:01:06 +0000
Manifest next update: Sun 29 Jun 2025 13:01:06 +0000
Files and hashes: 1: QHznj0rDupAqDDjcAaDF8hJlGbA.crl (hash: KJI9GNk2ta2ETekFoBM/jVMTF/h5KgW6+4rxoyGLO7g=)
2: UJVJt5_Arh5oP7MnvKcbCGODOc4.roa (hash: cSJe9mPxkDM+ny/+GoKSWRH8dkU4qbTNsxlZ1deFGeo=)
3: epRoE1oSS28-kMoVUvbovqDaftI.roa (hash: vf7QEJn0ywPdqhUagZXAfAdq0fp3vefGorgZKG9IKIg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/QHznj0rDupAqDDjcAaDF8hJlGbA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/QHznj0rDupAqDDjcAaDF8hJlGbA.mft
rsync://rpki.ripe.net/repository/DEFAULT/QHznj0rDupAqDDjcAaDF8hJlGbA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 10:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b6:a0:95:bd:e2:ba:ba:08:73:75:e3:ba:f8:48:89:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=407ce78f4ac3ba902a0c38dc01a0c5f2126519b0
Validity
Not Before: Jun 28 13:01:06 2025 GMT
Not After : Jun 29 13:01:06 2025 GMT
Subject: CN=1abbcf58c17e0d3ed07c3be296785a9e4e98fa83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:af:fb:fd:76:d1:2f:de:b2:95:fd:85:ff:f5:
20:88:47:6c:7b:9e:b9:69:5e:fc:8f:9e:68:06:69:
2e:1d:1c:73:fc:0f:d2:ff:aa:01:4a:65:a2:81:b0:
ee:43:ff:64:2c:b7:f7:9c:18:9c:6b:d8:bc:31:5a:
e3:60:01:55:a3:a4:6d:34:c2:5d:59:c0:8b:0e:1f:
e4:b7:f3:c4:be:60:70:bb:11:7f:17:a9:95:b4:ab:
e4:a7:5e:93:ac:ee:39:2f:ab:a0:e2:e3:3a:56:64:
03:a4:85:67:3e:63:75:23:ef:46:9f:8b:84:d7:ea:
cc:f0:ed:a4:9d:23:2b:35:8f:1f:c4:e0:b3:fb:fc:
85:26:5a:53:c4:3d:36:30:05:e5:51:c5:78:11:98:
dc:d7:c5:b9:70:7f:4a:8c:49:04:86:06:4f:cc:9b:
49:99:df:ab:11:cd:4e:01:f3:9e:70:fd:b8:a9:63:
b9:4c:da:cd:31:9f:aa:3a:19:b7:1b:90:fc:23:9c:
eb:fd:c5:cf:63:9c:61:0f:99:7e:06:cf:3f:eb:b1:
55:23:10:6b:92:e1:27:28:5c:59:b4:07:a3:be:ff:
6f:e1:45:94:6f:12:e9:43:ce:99:38:b7:90:9b:73:
86:97:f6:9b:86:61:f5:db:0f:75:a4:ae:63:3a:5c:
27:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:BB:CF:58:C1:7E:0D:3E:D0:7C:3B:E2:96:78:5A:9E:4E:98:FA:83
X509v3 Authority Key Identifier:
keyid:40:7C:E7:8F:4A:C3:BA:90:2A:0C:38:DC:01:A0:C5:F2:12:65:19:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QHznj0rDupAqDDjcAaDF8hJlGbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/QHznj0rDupAqDDjcAaDF8hJlGbA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/QHznj0rDupAqDDjcAaDF8hJlGbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
73:2e:0d:69:a3:c7:32:36:d1:e2:2d:f0:e2:de:95:af:58:e2:
43:6f:b8:34:b9:e2:1d:21:9a:b0:82:5d:96:6d:56:47:ff:70:
f2:6d:ed:66:18:da:6c:41:d8:f8:94:44:09:0b:de:a8:82:e7:
62:b2:35:cb:01:aa:42:ba:bb:4f:d7:9c:a2:8d:fc:c4:9e:b6:
9b:7d:85:bc:bf:65:66:dc:5e:c5:cf:ce:ca:bd:1a:00:0b:92:
80:02:27:f6:8b:7a:74:00:66:85:2f:e5:81:38:c1:13:99:d5:
39:c8:41:9b:b2:08:e9:cb:78:0c:f7:07:26:4d:cf:76:d8:42:
25:95:17:1c:22:f9:06:d3:e4:84:38:4c:1d:d9:4b:3c:cc:54:
02:c6:73:09:eb:b8:08:37:cf:c7:08:32:53:71:2b:f9:77:aa:
70:2b:47:50:b8:8d:99:88:a2:df:84:00:1f:40:10:f5:65:85:
95:f6:93:e5:6b:e7:7d:da:4b:af:83:4a:ea:ee:37:12:0c:ab:
44:65:6b:34:7a:7b:f1:7e:cc:6f:d2:8d:f1:ce:a2:71:9a:77:
80:22:a3:26:a4:03:be:31:72:2c:63:ff:a7:10:00:59:a7:59:
c4:c5:6f:f1:8c:80:bf:c0:4e:53:62:7e:33:19:6f:d7:79:57:
a0:e0:26:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oJW94rq6CHN147r4SIm2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwN2NlNzhmNGFjM2JhOTAyYTBjMzhkYzAxYTBjNWYyMTI2
NTE5YjAwHhcNMjUwNjI4MTMwMTA2WhcNMjUwNjI5MTMwMTA2WjAzMTEwLwYDVQQD
EygxYWJiY2Y1OGMxN2UwZDNlZDA3YzNiZTI5Njc4NWE5ZTRlOThmYTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7q/7/XbRL96ylf2F//UgiEdse565
aV78j55oBmkuHRxz/A/S/6oBSmWigbDuQ/9kLLf3nBica9i8MVrjYAFVo6RtNMJd
WcCLDh/kt/PEvmBwuxF/F6mVtKvkp16TrO45L6ug4uM6VmQDpIVnPmN1I+9Gn4uE
1+rM8O2knSMrNY8fxOCz+/yFJlpTxD02MAXlUcV4EZjc18W5cH9KjEkEhgZPzJtJ
md+rEc1OAfOecP24qWO5TNrNMZ+qOhm3G5D8I5zr/cXPY5xhD5l+Bs8/67FVIxBr
kuEnKFxZtAejvv9v4UWUbxLpQ86ZOLeQm3OGl/abhmH12w91pK5jOlwnZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBq7z1jBfg0+0Hw74pZ4Wp5OmPqDMB8GA1UdIwQY
MBaAFEB8549Kw7qQKgw43AGgxfISZRmwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUh6bmowckR1cEFxRERqY0FhREY4aEpsR2JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9hODdlYTgtYzNiNi00NzJkLWE5NmMt
YTk3MWEzMzRmYWE0LzEvUUh6bmowckR1cEFxRERqY0FhREY4aEpsR2JBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9hODdlYTgtYzNiNi00NzJkLWE5NmMtYTk3MWEzMzRmYWE0
LzEvUUh6bmowckR1cEFxRERqY0FhREY4aEpsR2JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcy4NaaPH
MjbR4i3w4t6Vr1jiQ2+4NLniHSGasIJdlm1WR/9w8m3tZhjabEHY+JRECQveqILn
YrI1ywGqQrq7T9ecoo38xJ62m32FvL9lZtxexc/Oyr0aAAuSgAIn9ot6dABmhS/l
gTjBE5nVOchBm7II6ct4DPcHJk3PdthCJZUXHCL5BtPkhDhMHdlLPMxUAsZzCeu4
CDfPxwgyU3Er+XeqcCtHULiNmYii34QAH0AQ9WWFlfaT5WvnfdpLr4NK6u43Egyr
RGVrNHp78X7Mb9KN8c6icZp3gCKjJqQDvjFyLGP/pxAAWadZxMVv8YyAv8BOU2J+
Mxlv13lXoOAmoQ==
-----END CERTIFICATE-----
Generated at Sat Jun 28 18:54:51 2025 by rpki-client