Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.mft
File: QkMqMZ9UsFg3L9MlKOrlH8kMFbI.mft (raw, json)
Hash identifier: /nX5YhDrwBq6MozVtWXVfvl7VvXPXbWgAOw0OTJHyPM=
Subject key identifier: CE:41:B5:4F:78:1E:CA:F0:4A:7A:0D:0B:6D:12:35:95:ED:E9:E1:8D
Authority key identifier: 42:43:2A:31:9F:54:B0:58:37:2F:D3:25:28:EA:E5:1F:C9:0C:15:B2
Certificate issuer: /CN=42432a319f54b058372fd32528eae51fc90c15b2
Certificate serial: 0197C6146D47FFF4705A58C497A4FFF269AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.mft
Manifest number: 026B
Signing time: Tue 01 Jul 2025 13:01:56 +0000
Manifest this update: Tue 01 Jul 2025 13:01:56 +0000
Manifest next update: Wed 02 Jul 2025 13:01:56 +0000
Files and hashes: 1: Fg4gfGthOyzcFXfxEYyjwrss7as.roa (hash: mWUv12QovIjIHXpuDNAMlgedx6+BQ3vMWaiHrsA7+3A=)
2: Q5e6g1WUMRG4cL4aNZtJqqD_-yo.roa (hash: T3aZ91YVxRUkDJ96e4vMqo7oCynEMTZ2Xb8h0pZbGMo=)
3: QkMqMZ9UsFg3L9MlKOrlH8kMFbI.crl (hash: WGVyEa0peVfX2aaC+cL7v8CY7f9nZlVbgoNw9aeumqI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.mft
rsync://rpki.ripe.net/repository/DEFAULT/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c6:14:6d:47:ff:f4:70:5a:58:c4:97:a4:ff:f2:69:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42432a319f54b058372fd32528eae51fc90c15b2
Validity
Not Before: Jul 1 13:01:56 2025 GMT
Not After : Jul 2 13:01:56 2025 GMT
Subject: CN=ce41b54f781ecaf04a7a0d0b6d123595ede9e18d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:44:f8:e9:50:22:ab:c1:cb:53:05:58:dc:fa:
13:1f:8c:02:64:28:ed:12:fa:3c:7f:7a:27:a0:e4:
7b:cf:a1:6e:67:f8:97:1e:5e:0a:51:71:89:c2:3e:
7e:01:6b:c8:3b:d5:e3:ff:8f:32:33:0a:bc:aa:31:
cf:5b:9f:90:7b:b4:fc:21:c8:a6:4b:b4:98:c4:f2:
16:64:b4:94:01:fc:1e:d1:74:1e:30:6a:50:66:22:
c3:19:1b:44:dc:fe:90:bd:97:0b:9e:71:8e:ff:9f:
f1:ca:6c:3e:04:fd:fe:91:7b:ba:4e:28:25:46:4a:
fb:97:53:12:08:67:1d:40:fc:86:8d:ff:50:6f:5d:
63:04:cc:fc:fe:86:8d:ec:cb:1b:4d:27:94:a0:d0:
33:90:e7:9f:9a:8f:51:0b:cf:72:75:a0:53:26:93:
9c:27:41:40:90:c7:28:b7:7a:c8:ce:c4:4d:6e:6c:
13:36:8a:47:bd:dc:fc:16:2d:24:af:b8:eb:e2:20:
11:47:d0:9a:ff:44:36:1f:21:0a:fe:f7:22:36:b3:
bd:70:e4:de:2c:ac:86:a0:79:40:12:d8:b9:ac:89:
51:f5:06:90:62:7f:8c:a7:28:d4:04:cd:ac:10:03:
e1:e5:80:3c:03:31:2a:9e:2a:0d:52:61:fe:3f:73:
73:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:41:B5:4F:78:1E:CA:F0:4A:7A:0D:0B:6D:12:35:95:ED:E9:E1:8D
X509v3 Authority Key Identifier:
keyid:42:43:2A:31:9F:54:B0:58:37:2F:D3:25:28:EA:E5:1F:C9:0C:15:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
31:ab:0b:6d:af:d7:e3:5a:63:f2:00:57:a2:5f:19:72:c2:d0:
e7:e6:b3:de:6c:37:03:fe:13:a1:65:7c:9e:c0:98:be:45:cb:
02:fc:12:da:92:06:e7:26:c5:88:de:f4:d6:a0:43:f3:97:62:
90:19:a9:49:1b:8e:ca:67:67:e5:17:a5:45:d7:c8:0f:76:60:
8e:0c:f2:33:4f:27:7d:0d:7c:f0:7b:09:18:2d:b5:69:b7:a5:
ce:01:75:48:8e:21:70:67:52:87:d5:1b:f4:46:53:1f:51:42:
81:b6:4e:cd:b9:c6:1b:99:e7:17:a4:fa:ab:69:fc:62:a3:8c:
4c:5c:d8:d8:79:4d:cd:c8:d3:1a:33:87:04:30:2c:52:83:05:
fe:de:ea:ec:d8:9e:d3:f0:cc:bf:a9:cd:e8:4a:0c:df:ae:45:
ec:a1:25:c6:d2:64:58:74:6d:59:0c:36:db:65:14:48:ae:08:
cd:25:ab:52:3f:bc:ac:99:8d:68:19:e8:e2:f4:7e:9f:a3:e1:
36:48:03:bf:f4:1d:29:c0:c1:05:fb:d0:07:7c:9b:61:89:9c:
86:38:78:21:6f:6b:d7:00:21:10:72:cb:6a:27:f5:65:16:15:
57:b5:7a:48:6c:af:22:e2:72:f0:2e:e7:08:4e:af:49:8f:d6:
01:b2:3d:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfGFG1H//RwWljEl6T/8mmrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyNDMyYTMxOWY1NGIwNTgzNzJmZDMyNTI4ZWFlNTFmYzkw
YzE1YjIwHhcNMjUwNzAxMTMwMTU2WhcNMjUwNzAyMTMwMTU2WjAzMTEwLwYDVQQD
EyhjZTQxYjU0Zjc4MWVjYWYwNGE3YTBkMGI2ZDEyMzU5NWVkZTllMThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAykT46VAiq8HLUwVY3PoTH4wCZCjt
Evo8f3onoOR7z6FuZ/iXHl4KUXGJwj5+AWvIO9Xj/48yMwq8qjHPW5+Qe7T8Icim
S7SYxPIWZLSUAfwe0XQeMGpQZiLDGRtE3P6QvZcLnnGO/5/xymw+BP3+kXu6Tigl
Rkr7l1MSCGcdQPyGjf9Qb11jBMz8/oaN7MsbTSeUoNAzkOefmo9RC89ydaBTJpOc
J0FAkMcot3rIzsRNbmwTNopHvdz8Fi0kr7jr4iARR9Ca/0Q2HyEK/vciNrO9cOTe
LKyGoHlAEti5rIlR9QaQYn+MpyjUBM2sEAPh5YA8AzEqnioNUmH+P3NzIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM5BtU94HsrwSnoNC20SNZXt6eGNMB8GA1UdIwQY
MBaAFEJDKjGfVLBYNy/TJSjq5R/JDBWyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWtNcU1aOVVzRmczTDlNbEtPcmxIOGtNRmJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS83YWI3OWMtOWRmZi00YTVkLWFlODMt
MTMxZGMyYmEyZWM4LzEvUWtNcU1aOVVzRmczTDlNbEtPcmxIOGtNRmJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS83YWI3OWMtOWRmZi00YTVkLWFlODMtMTMxZGMyYmEyZWM4
LzEvUWtNcU1aOVVzRmczTDlNbEtPcmxIOGtNRmJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMasLba/X
41pj8gBXol8ZcsLQ5+az3mw3A/4ToWV8nsCYvkXLAvwS2pIG5ybFiN701qBD85di
kBmpSRuOymdn5RelRdfID3ZgjgzyM08nfQ188HsJGC21abelzgF1SI4hcGdSh9Ub
9EZTH1FCgbZOzbnGG5nnF6T6q2n8YqOMTFzY2HlNzcjTGjOHBDAsUoMF/t7q7Nie
0/DMv6nN6EoM365F7KElxtJkWHRtWQw222UUSK4IzSWrUj+8rJmNaBno4vR+n6Ph
NkgDv/QdKcDBBfvQB3ybYYmchjh4IW9r1wAhEHLLaif1ZRYVV7V6SGyvIuJy8C7n
CE6vSY/WAbI9MA==
-----END CERTIFICATE-----
Generated at Tue Jul 1 15:58:20 2025 by rpki-client