Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/ba94f4-8a20-4d10-927f-a882da6c0cfc/1/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.mft
File: QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.mft (raw, json)
Hash identifier: Q9/9w6nQcgFuvNYakjLAY8hithmbyN1+WNPGr9J3QGU=
Subject key identifier: FC:DF:98:88:6A:C9:6E:39:61:D9:B4:6F:7E:DC:E4:60:CA:26:4C:6C
Authority key identifier: 41:2D:AD:82:06:99:F1:53:A3:1A:66:ED:67:83:A1:DE:4E:0F:8C:F5
Certificate issuer: /CN=412dad820699f153a31a66ed6783a1de4e0f8cf5
Certificate serial: 0197B6A039404729D51C53DA417F54A37BD9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/ba94f4-8a20-4d10-927f-a882da6c0cfc/1/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.mft
Manifest number: 0BA1
Signing time: Sat 28 Jun 2025 13:00:43 +0000
Manifest this update: Sat 28 Jun 2025 13:00:43 +0000
Manifest next update: Sun 29 Jun 2025 13:00:43 +0000
Files and hashes: 1: QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.crl (hash: QyCCo1BCLBxNXCm59K9xFVtZQ0yiGIAjXmwxooRxsyM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/ba94f4-8a20-4d10-927f-a882da6c0cfc/1/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/ba94f4-8a20-4d10-927f-a882da6c0cfc/1/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.mft
rsync://rpki.ripe.net/repository/DEFAULT/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 13:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b6:a0:39:40:47:29:d5:1c:53:da:41:7f:54:a3:7b:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=412dad820699f153a31a66ed6783a1de4e0f8cf5
Validity
Not Before: Jun 28 13:00:43 2025 GMT
Not After : Jun 29 13:00:43 2025 GMT
Subject: CN=fcdf98886ac96e3961d9b46f7edce460ca264c6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:91:d8:49:63:7a:a4:9b:f7:1d:72:90:ab:7f:
9f:f5:eb:95:52:70:e3:71:b6:80:5f:cc:6e:a7:27:
af:e8:f3:a6:11:48:f8:6a:e0:f4:d1:32:2e:22:18:
6b:c2:1b:6d:69:a0:21:b4:7c:2c:86:f8:78:1b:cc:
61:d0:34:50:b8:4a:5d:52:c9:91:d2:76:00:63:63:
7b:a7:8e:98:4c:6f:dd:59:2a:be:87:3b:2f:d7:65:
85:93:72:60:82:b3:2d:b3:b9:0c:09:89:a7:0d:4f:
3d:57:70:f2:5d:0f:e6:62:a8:61:35:5b:43:d7:ff:
fe:8b:6d:d3:b4:32:d6:2b:9a:5b:88:70:19:b5:45:
f5:00:d2:03:f0:5e:06:86:e2:d3:9e:09:f9:69:7b:
6e:2b:5c:a3:fe:23:3f:da:fa:2f:8d:b3:9e:f4:d6:
c4:32:03:68:2c:a6:a2:14:f5:5c:f6:ef:59:31:cc:
0b:f1:c1:6c:0f:ac:fb:12:5e:4c:a6:92:f2:c1:0c:
2c:90:b4:84:b7:c5:ec:93:e7:71:83:c1:98:36:48:
b9:2a:17:c6:2f:14:d0:04:bc:6b:30:0f:b5:c1:ef:
83:4e:8d:05:95:e8:b4:4e:b8:a7:70:5c:46:6c:91:
43:7b:72:d3:97:d0:55:82:31:7a:dd:93:60:05:bd:
17:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:DF:98:88:6A:C9:6E:39:61:D9:B4:6F:7E:DC:E4:60:CA:26:4C:6C
X509v3 Authority Key Identifier:
keyid:41:2D:AD:82:06:99:F1:53:A3:1A:66:ED:67:83:A1:DE:4E:0F:8C:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/ba94f4-8a20-4d10-927f-a882da6c0cfc/1/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/ba94f4-8a20-4d10-927f-a882da6c0cfc/1/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
21:40:e5:e9:db:bc:cf:76:45:11:5b:7b:75:ca:03:2e:b9:54:
4b:36:ef:6b:12:90:3f:cc:14:70:7e:5a:45:ab:28:66:d1:a9:
74:a3:8b:76:0a:79:89:f3:33:8e:e0:f6:54:35:bb:4b:12:bd:
bd:5a:1b:8d:73:66:9c:64:0c:d5:86:7e:3d:09:b3:df:8a:cf:
cb:97:2b:ca:bf:69:ff:da:52:69:bb:42:a8:f8:e7:80:f5:a0:
59:96:7b:d6:78:64:02:1f:f2:e6:82:20:d5:37:03:fa:92:e4:
16:e9:dc:93:23:0b:90:18:e7:cd:44:b7:55:45:b4:3d:df:84:
30:9d:cb:23:25:6b:5a:bd:1b:db:da:e4:75:ba:19:79:0e:8a:
ea:59:67:e4:56:87:cc:b1:91:ca:79:4b:fa:46:f5:55:f4:f1:
03:90:f0:40:68:f3:e2:52:7c:d6:a4:1e:11:8f:49:64:5f:de:
ad:7c:54:0e:88:30:df:da:b3:e9:f5:93:14:99:8c:36:1d:13:
89:16:d6:53:94:fb:cc:de:fb:32:0f:0a:61:46:f7:c0:97:d1:
d6:7b:b8:3b:2e:95:fb:b5:cd:0b:e3:b4:16:54:27:6e:1a:2a:
05:a4:3a:a6:25:b7:d3:65:9c:7a:b3:89:5f:47:74:5d:24:79:
dc:c5:f7:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oDlARynVHFPaQX9Uo3vZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMmRhZDgyMDY5OWYxNTNhMzFhNjZlZDY3ODNhMWRlNGUw
ZjhjZjUwHhcNMjUwNjI4MTMwMDQzWhcNMjUwNjI5MTMwMDQzWjAzMTEwLwYDVQQD
EyhmY2RmOTg4ODZhYzk2ZTM5NjFkOWI0NmY3ZWRjZTQ2MGNhMjY0YzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxpHYSWN6pJv3HXKQq3+f9euVUnDj
cbaAX8xupyev6POmEUj4auD00TIuIhhrwhttaaAhtHwshvh4G8xh0DRQuEpdUsmR
0nYAY2N7p46YTG/dWSq+hzsv12WFk3JggrMts7kMCYmnDU89V3DyXQ/mYqhhNVtD
1//+i23TtDLWK5pbiHAZtUX1ANID8F4GhuLTngn5aXtuK1yj/iM/2vovjbOe9NbE
MgNoLKaiFPVc9u9ZMcwL8cFsD6z7El5MppLywQwskLSEt8Xsk+dxg8GYNki5KhfG
LxTQBLxrMA+1we+DTo0Flei0TrincFxGbJFDe3LTl9BVgjF63ZNgBb0X8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPzfmIhqyW45Ydm0b37c5GDKJkxsMB8GA1UdIwQY
MBaAFEEtrYIGmfFToxpm7WeDod5OD4z1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVMydGdnYVo4Vk9qR21idFo0T2gzazRQalBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iYTk0ZjQtOGEyMC00ZDEwLTkyN2Yt
YTg4MmRhNmMwY2ZjLzEvUVMydGdnYVo4Vk9qR21idFo0T2gzazRQalBVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iYTk0ZjQtOGEyMC00ZDEwLTkyN2YtYTg4MmRhNmMwY2Zj
LzEvUVMydGdnYVo4Vk9qR21idFo0T2gzazRQalBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIUDl6du8
z3ZFEVt7dcoDLrlUSzbvaxKQP8wUcH5aRasoZtGpdKOLdgp5ifMzjuD2VDW7SxK9
vVobjXNmnGQM1YZ+PQmz34rPy5cryr9p/9pSabtCqPjngPWgWZZ71nhkAh/y5oIg
1TcD+pLkFunckyMLkBjnzUS3VUW0Pd+EMJ3LIyVrWr0b29rkdboZeQ6K6lln5FaH
zLGRynlL+kb1VfTxA5DwQGjz4lJ81qQeEY9JZF/erXxUDogw39qz6fWTFJmMNh0T
iRbWU5T7zN77Mg8KYUb3wJfR1nu4Oy6V+7XNC+O0FlQnbhoqBaQ6piW302WcerOJ
X0d0XSR53MX3cg==
-----END CERTIFICATE-----
Generated at Sat Jun 28 22:49:33 2025 by rpki-client