Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/2b136f-0041-4dc4-ac7b-43ecdc3f4bef/1/QAlHG9muvWlFaoNaP7CjUbBSZgI.mft
File: QAlHG9muvWlFaoNaP7CjUbBSZgI.mft (raw, json)
Hash identifier: v+2QVaxbsYHvENz2ydplHLGVC+6yCtRtV660d11pgLY=
Subject key identifier: D8:50:39:9C:B5:E4:C4:AA:86:06:DF:46:0B:94:F7:B9:D3:F1:32:33
Authority key identifier: 40:09:47:1B:D9:AE:BD:69:45:6A:83:5A:3F:B0:A3:51:B0:52:66:02
Certificate issuer: /CN=4009471bd9aebd69456a835a3fb0a351b0526602
Certificate serial: 019826D9BADE87B62AB75343ED98162AA87E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QAlHG9muvWlFaoNaP7CjUbBSZgI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/2b136f-0041-4dc4-ac7b-43ecdc3f4bef/1/QAlHG9muvWlFaoNaP7CjUbBSZgI.mft
Manifest number: 0B
Signing time: Sun 20 Jul 2025 08:01:00 +0000
Manifest this update: Sun 20 Jul 2025 08:01:00 +0000
Manifest next update: Mon 21 Jul 2025 08:01:00 +0000
Files and hashes: 1: QAlHG9muvWlFaoNaP7CjUbBSZgI.crl (hash: xZL0LaMQSHJH/VgcKAdE/5QO8ZcMkgmd+Tsa9JujYyk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/2b136f-0041-4dc4-ac7b-43ecdc3f4bef/1/QAlHG9muvWlFaoNaP7CjUbBSZgI.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/2b136f-0041-4dc4-ac7b-43ecdc3f4bef/1/QAlHG9muvWlFaoNaP7CjUbBSZgI.mft
rsync://rpki.ripe.net/repository/DEFAULT/QAlHG9muvWlFaoNaP7CjUbBSZgI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:26:d9:ba:de:87:b6:2a:b7:53:43:ed:98:16:2a:a8:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4009471bd9aebd69456a835a3fb0a351b0526602
Validity
Not Before: Jul 20 08:01:00 2025 GMT
Not After : Jul 21 08:01:00 2025 GMT
Subject: CN=d850399cb5e4c4aa8606df460b94f7b9d3f13233
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e8:6c:49:26:0d:b0:9c:82:1e:14:ea:31:cd:
52:ce:c8:0f:f8:13:a4:d1:fe:d8:92:3b:32:9f:c0:
f1:09:fc:eb:fc:5b:a7:45:9f:48:9d:f6:cd:5e:e8:
2c:58:58:82:64:d6:3e:fd:1a:d5:01:76:5d:19:83:
74:03:2b:e3:3d:ac:98:48:07:8d:69:f5:fb:8d:fe:
95:96:8a:f5:dd:d8:f8:f6:8d:23:e0:4d:18:2f:44:
85:aa:d9:3d:59:09:34:67:6b:07:72:95:4d:12:a4:
64:40:12:3b:8d:36:b1:13:87:7a:24:6d:bb:29:ac:
5d:f3:a1:92:e7:4d:2f:b8:b2:1d:55:d7:49:4e:f6:
e9:62:5c:3a:92:52:ce:25:86:fc:7a:b6:15:40:ab:
6a:43:3d:d6:22:18:31:eb:bc:8e:d2:39:55:ad:6e:
de:64:e0:71:bf:b5:68:cd:64:bf:18:4b:3e:5e:0e:
42:f7:be:ba:c2:bd:1e:38:cc:d9:a4:04:71:c4:7c:
d3:b2:dc:62:f8:eb:c0:ea:10:fc:f7:cb:d3:80:bb:
9f:0c:35:b9:8d:fb:74:d3:b2:82:00:89:b6:dc:06:
c0:75:ab:f0:9f:96:b3:20:95:70:32:f2:4e:6c:5c:
b2:2e:5f:65:78:07:a4:da:64:c3:89:39:3a:e7:c9:
b7:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:50:39:9C:B5:E4:C4:AA:86:06:DF:46:0B:94:F7:B9:D3:F1:32:33
X509v3 Authority Key Identifier:
keyid:40:09:47:1B:D9:AE:BD:69:45:6A:83:5A:3F:B0:A3:51:B0:52:66:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QAlHG9muvWlFaoNaP7CjUbBSZgI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/2b136f-0041-4dc4-ac7b-43ecdc3f4bef/1/QAlHG9muvWlFaoNaP7CjUbBSZgI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/2b136f-0041-4dc4-ac7b-43ecdc3f4bef/1/QAlHG9muvWlFaoNaP7CjUbBSZgI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7d:6e:f3:b1:24:46:ca:80:9b:7c:93:ee:de:d1:b9:36:f1:a6:
22:11:7c:0e:31:00:7b:a3:85:4d:82:c7:04:04:da:2b:88:8d:
9d:09:3b:07:f5:e6:16:0c:d4:57:82:bd:34:00:88:84:a6:75:
f2:1d:b0:5d:9a:54:e2:de:d2:4a:b5:2a:c5:ba:fa:7a:00:e2:
99:fa:2e:4e:72:c4:91:56:d2:38:1f:68:c0:4e:af:d6:d2:13:
28:58:3d:10:b6:53:92:e8:c2:88:69:0e:8c:3d:35:1e:86:19:
4b:28:53:af:08:9a:b2:5e:bf:a3:35:21:96:18:a4:8f:45:83:
c7:d2:c3:0d:c7:27:a8:06:02:0e:22:8b:de:4b:c6:89:e5:19:
20:08:bc:cc:49:c7:7e:ce:f7:2b:02:74:0b:72:ee:1b:51:cf:
ab:02:1e:26:07:06:07:e7:26:64:fd:4e:04:cd:f9:90:77:c0:
5c:28:2f:a1:d7:84:0d:d7:d1:a4:fa:fc:b2:86:a7:08:9d:d8:
2d:30:83:a6:5c:db:26:0e:f4:12:11:ed:49:66:4e:03:09:a6:
b3:f2:c5:89:44:9d:72:3d:6a:90:35:8d:b5:d5:84:56:bd:66:
aa:28:40:6d:bb:e4:f7:66:2d:fe:3a:48:c5:b8:b8:ab:e3:ef:
4a:e0:d8:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZgm2breh7Yqt1ND7ZgWKqh+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMDk0NzFiZDlhZWJkNjk0NTZhODM1YTNmYjBhMzUxYjA1
MjY2MDIwHhcNMjUwNzIwMDgwMTAwWhcNMjUwNzIxMDgwMTAwWjAzMTEwLwYDVQQD
EyhkODUwMzk5Y2I1ZTRjNGFhODYwNmRmNDYwYjk0ZjdiOWQzZjEzMjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+hsSSYNsJyCHhTqMc1SzsgP+BOk
0f7Ykjsyn8DxCfzr/FunRZ9InfbNXugsWFiCZNY+/RrVAXZdGYN0AyvjPayYSAeN
afX7jf6Vlor13dj49o0j4E0YL0SFqtk9WQk0Z2sHcpVNEqRkQBI7jTaxE4d6JG27
Kaxd86GS500vuLIdVddJTvbpYlw6klLOJYb8erYVQKtqQz3WIhgx67yO0jlVrW7e
ZOBxv7VozWS/GEs+Xg5C9766wr0eOMzZpARxxHzTstxi+OvA6hD898vTgLufDDW5
jft007KCAIm23AbAdavwn5azIJVwMvJObFyyLl9leAek2mTDiTk658m31wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNhQOZy15MSqhgbfRguU97nT8TIzMB8GA1UdIwQY
MBaAFEAJRxvZrr1pRWqDWj+wo1GwUmYCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUFsSEc5bXV2V2xGYW9OYVA3Q2pVYkJTWmdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8yYjEzNmYtMDA0MS00ZGM0LWFjN2It
NDNlY2RjM2Y0YmVmLzEvUUFsSEc5bXV2V2xGYW9OYVA3Q2pVYkJTWmdJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8yYjEzNmYtMDA0MS00ZGM0LWFjN2ItNDNlY2RjM2Y0YmVm
LzEvUUFsSEc5bXV2V2xGYW9OYVA3Q2pVYkJTWmdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfW7zsSRG
yoCbfJPu3tG5NvGmIhF8DjEAe6OFTYLHBATaK4iNnQk7B/XmFgzUV4K9NACIhKZ1
8h2wXZpU4t7SSrUqxbr6egDimfouTnLEkVbSOB9owE6v1tITKFg9ELZTkujCiGkO
jD01HoYZSyhTrwiasl6/ozUhlhikj0WDx9LDDccnqAYCDiKL3kvGieUZIAi8zEnH
fs73KwJ0C3LuG1HPqwIeJgcGB+cmZP1OBM35kHfAXCgvodeEDdfRpPr8soanCJ3Y
LTCDplzbJg70EhHtSWZOAwmms/LFiUSdcj1qkDWNtdWEVr1mqihAbbvk92Yt/jpI
xbi4q+PvSuDYWQ==
-----END CERTIFICATE-----
Generated at Sun Jul 20 16:23:33 2025 by rpki-client