Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.mft
File: QkMqMZ9UsFg3L9MlKOrlH8kMFbI.mft (raw, json)
Hash identifier: mhP+hlxHYVj30vYcV38lS2WHVlc/7PkzsoTlPJlMGII=
Subject key identifier: 1D:FB:E1:B2:9A:00:7F:73:5D:3E:00:BC:09:38:27:0B:62:B9:63:B1
Authority key identifier: 42:43:2A:31:9F:54:B0:58:37:2F:D3:25:28:EA:E5:1F:C9:0C:15:B2
Certificate issuer: /CN=42432a319f54b058372fd32528eae51fc90c15b2
Certificate serial: 0198D472804FC309C3D474927A16F3E1BF5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.mft
Manifest number: 02F7
Signing time: Sat 23 Aug 2025 01:02:10 +0000
Manifest this update: Sat 23 Aug 2025 01:02:10 +0000
Manifest next update: Sun 24 Aug 2025 01:02:10 +0000
Files and hashes: 1: Fg4gfGthOyzcFXfxEYyjwrss7as.roa (hash: mWUv12QovIjIHXpuDNAMlgedx6+BQ3vMWaiHrsA7+3A=)
2: Q5e6g1WUMRG4cL4aNZtJqqD_-yo.roa (hash: T3aZ91YVxRUkDJ96e4vMqo7oCynEMTZ2Xb8h0pZbGMo=)
3: QkMqMZ9UsFg3L9MlKOrlH8kMFbI.crl (hash: 68hfLni6rZMkjRfbpXneRk0g/HxwIH6qSwT/EvOoGks=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.mft
rsync://rpki.ripe.net/repository/DEFAULT/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d4:72:80:4f:c3:09:c3:d4:74:92:7a:16:f3:e1:bf:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42432a319f54b058372fd32528eae51fc90c15b2
Validity
Not Before: Aug 23 01:02:10 2025 GMT
Not After : Aug 24 01:02:10 2025 GMT
Subject: CN=1dfbe1b29a007f735d3e00bc0938270b62b963b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:6f:64:32:04:8f:95:f6:3b:8d:6a:f1:a0:57:
c3:ee:16:89:4c:66:3a:06:48:97:b4:e8:ad:4d:6d:
c0:35:6c:d4:ca:db:4e:b2:a8:91:dd:d7:b8:e1:9c:
43:c3:13:ba:ae:98:97:2f:e6:06:87:dd:96:a6:b9:
42:d3:e6:9e:24:98:98:2d:39:7d:97:69:65:73:7a:
8b:b5:51:0a:16:1c:80:51:24:92:19:29:67:e6:c7:
51:e7:44:10:79:51:da:de:0d:87:8d:77:96:37:ab:
79:d6:78:59:dd:a3:95:4c:f7:e6:44:81:62:7c:68:
dd:c3:60:8b:e5:26:44:48:30:7c:d2:d9:b4:18:79:
a6:ff:57:ce:8a:0a:fa:0a:7b:a2:67:01:e3:bd:d2:
68:ee:5f:83:38:89:28:dc:c7:aa:44:82:93:8d:17:
e2:d7:59:53:b4:4b:6a:5c:67:22:17:73:0c:c0:30:
7d:03:9c:e6:03:2f:55:de:46:08:56:87:c4:b5:1e:
9f:4a:62:aa:85:7c:97:e1:f8:4f:f4:32:90:12:8d:
b3:91:00:85:87:38:b7:a0:9a:be:fd:53:a3:dd:f0:
30:9a:b8:81:25:c3:36:10:ea:9b:4c:04:3b:54:ee:
73:fc:41:2c:03:12:c4:c0:c8:8e:2f:9c:1f:0d:29:
44:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:FB:E1:B2:9A:00:7F:73:5D:3E:00:BC:09:38:27:0B:62:B9:63:B1
X509v3 Authority Key Identifier:
keyid:42:43:2A:31:9F:54:B0:58:37:2F:D3:25:28:EA:E5:1F:C9:0C:15:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0b:e2:a7:be:b1:f1:87:80:a1:8d:e7:33:11:8d:03:5e:a0:3d:
7c:96:1c:90:54:ec:69:49:dc:79:63:3b:08:d7:58:87:39:7f:
41:59:59:a0:52:31:bb:98:b0:4a:d4:b3:2b:f6:6c:ad:59:4e:
24:24:8c:c0:fa:1b:69:6f:b4:88:5f:43:6c:25:e0:99:2a:fd:
e1:7a:ae:b2:1a:f3:d8:75:66:00:70:ba:6e:c1:db:a3:15:ab:
a2:ac:bf:a2:7b:d7:e2:22:da:8a:06:b6:02:2c:66:19:f9:a6:
63:46:2f:1f:a1:18:70:1c:cb:ef:68:cf:ef:26:44:02:27:cc:
0e:07:e1:40:23:18:9b:f5:b3:04:9c:b7:d0:b9:0a:5d:c1:00:
f9:b0:1b:88:af:93:e4:ac:62:78:80:0b:b8:51:3f:64:0a:74:
b2:21:a0:1a:a7:1d:e7:40:4b:fe:e1:9c:10:52:78:2d:c9:e1:
41:2f:94:27:1d:ba:6c:af:63:c8:97:3b:c9:41:b5:66:81:27:
70:19:f5:2d:f9:43:11:f6:ed:e3:ad:c5:d6:6e:f7:3c:05:eb:
a3:ec:08:5d:f2:83:43:08:d7:1e:83:33:80:95:db:f7:ed:4e:
22:be:6e:72:22:42:21:95:01:9b:aa:2a:18:3b:7f:1e:0c:cc:
e9:01:6b:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUcoBPwwnD1HSSehbz4b9dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyNDMyYTMxOWY1NGIwNTgzNzJmZDMyNTI4ZWFlNTFmYzkw
YzE1YjIwHhcNMjUwODIzMDEwMjEwWhcNMjUwODI0MDEwMjEwWjAzMTEwLwYDVQQD
EygxZGZiZTFiMjlhMDA3ZjczNWQzZTAwYmMwOTM4MjcwYjYyYjk2M2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2G9kMgSPlfY7jWrxoFfD7haJTGY6
BkiXtOitTW3ANWzUyttOsqiR3de44ZxDwxO6rpiXL+YGh92WprlC0+aeJJiYLTl9
l2llc3qLtVEKFhyAUSSSGSln5sdR50QQeVHa3g2HjXeWN6t51nhZ3aOVTPfmRIFi
fGjdw2CL5SZESDB80tm0GHmm/1fOigr6CnuiZwHjvdJo7l+DOIko3MeqRIKTjRfi
11lTtEtqXGciF3MMwDB9A5zmAy9V3kYIVofEtR6fSmKqhXyX4fhP9DKQEo2zkQCF
hzi3oJq+/VOj3fAwmriBJcM2EOqbTAQ7VO5z/EEsAxLEwMiOL5wfDSlEhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB374bKaAH9zXT4AvAk4JwtiuWOxMB8GA1UdIwQY
MBaAFEJDKjGfVLBYNy/TJSjq5R/JDBWyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWtNcU1aOVVzRmczTDlNbEtPcmxIOGtNRmJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS83YWI3OWMtOWRmZi00YTVkLWFlODMt
MTMxZGMyYmEyZWM4LzEvUWtNcU1aOVVzRmczTDlNbEtPcmxIOGtNRmJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS83YWI3OWMtOWRmZi00YTVkLWFlODMtMTMxZGMyYmEyZWM4
LzEvUWtNcU1aOVVzRmczTDlNbEtPcmxIOGtNRmJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC+KnvrHx
h4ChjeczEY0DXqA9fJYckFTsaUnceWM7CNdYhzl/QVlZoFIxu5iwStSzK/ZsrVlO
JCSMwPobaW+0iF9DbCXgmSr94Xqushrz2HVmAHC6bsHboxWroqy/onvX4iLaiga2
AixmGfmmY0YvH6EYcBzL72jP7yZEAifMDgfhQCMYm/WzBJy30LkKXcEA+bAbiK+T
5KxieIALuFE/ZAp0siGgGqcd50BL/uGcEFJ4LcnhQS+UJx26bK9jyJc7yUG1ZoEn
cBn1LflDEfbt463F1m73PAXro+wIXfKDQwjXHoMzgJXb9+1OIr5uciJCIZUBm6oq
GDt/HgzM6QFrNg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:23:24 2025 by rpki-client