Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft
File: CQKHJW4l-jQNOvungOrGDVVq3sA.mft (raw, json)
Hash identifier: JSoNbjXWMvPhWoP1S7WCyOPNCmRrJpnjQSZ+8aDmmvo=
Subject key identifier: 33:9E:8A:F3:1A:DA:ED:45:94:01:C6:BC:67:68:81:13:A3:CF:B0:AB
Authority key identifier: 09:02:87:25:6E:25:FA:34:0D:3A:FB:A7:80:EA:C6:0D:55:6A:DE:C0
Certificate issuer: /CN=090287256e25fa340d3afba780eac60d556adec0
Certificate serial: 019847777D6F568C2F67B83AF6AC8D30AF8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CQKHJW4l-jQNOvungOrGDVVq3sA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft
Manifest number: 091D
Signing time: Sat 26 Jul 2025 16:01:09 +0000
Manifest this update: Sat 26 Jul 2025 16:01:09 +0000
Manifest next update: Sun 27 Jul 2025 16:01:09 +0000
Files and hashes: 1: CQKHJW4l-jQNOvungOrGDVVq3sA.crl (hash: 5CHYCO22EpwQGU+LBYJOHGL+5SzTnhyjIsytv3TgbCU=)
2: EOgnkpCGO25TfSV28ABNiElbHMI.roa (hash: xamMOb/MG2jklBJl6shRJRNZ2UW4izFBKtZBvXEcSVg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft
rsync://rpki.ripe.net/repository/DEFAULT/CQKHJW4l-jQNOvungOrGDVVq3sA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 11:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:47:77:7d:6f:56:8c:2f:67:b8:3a:f6:ac:8d:30:af:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=090287256e25fa340d3afba780eac60d556adec0
Validity
Not Before: Jul 26 16:01:09 2025 GMT
Not After : Jul 27 16:01:09 2025 GMT
Subject: CN=339e8af31adaed459401c6bc67688113a3cfb0ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:4e:53:7e:8e:35:59:8b:3d:a4:52:6d:ea:05:
34:39:aa:75:d7:b3:f5:ad:04:69:33:cf:4f:83:3e:
e6:b0:0f:01:f0:a4:62:29:f6:fb:d0:0c:91:37:48:
05:4e:93:db:16:9c:a2:d8:d8:7c:b5:b3:d1:c3:7f:
87:64:a1:77:3e:f7:68:c2:1d:18:c2:e0:69:fe:27:
21:e8:c4:3a:50:1e:dc:ca:e8:ae:1d:b7:45:bb:ba:
06:9c:1c:4a:5b:1b:6d:27:6e:c0:31:af:b8:39:04:
1f:50:6a:34:1e:9e:75:a2:4c:57:2f:9f:b3:86:8a:
ad:91:3d:33:f8:f9:4f:fc:03:36:4f:55:4f:7c:2b:
c3:e7:2c:90:8b:2e:7b:35:4c:98:10:2f:01:03:05:
f8:20:93:31:55:d5:bb:4b:da:d4:2c:0d:48:66:0c:
fd:f5:fe:76:1b:06:e8:9b:66:bb:c2:2a:7e:69:21:
b0:f8:54:3e:05:9e:13:73:9c:6e:2f:90:0d:e3:ee:
bf:2d:53:d3:ba:e5:ab:65:e2:7c:91:e5:08:d5:d3:
9c:b0:21:fe:24:ae:ea:7e:0b:04:d9:d0:75:5c:e1:
86:df:c5:4d:8a:2d:ef:30:1b:93:f9:bd:aa:85:50:
45:c0:35:e7:a7:39:12:71:a8:99:44:ed:57:a4:f7:
0d:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:9E:8A:F3:1A:DA:ED:45:94:01:C6:BC:67:68:81:13:A3:CF:B0:AB
X509v3 Authority Key Identifier:
keyid:09:02:87:25:6E:25:FA:34:0D:3A:FB:A7:80:EA:C6:0D:55:6A:DE:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CQKHJW4l-jQNOvungOrGDVVq3sA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1c:60:eb:f7:5d:b3:44:2e:c4:c5:66:1c:27:58:85:76:cb:ed:
d6:eb:7e:15:98:04:53:7e:09:5a:18:fc:ea:7f:7c:47:3a:f9:
5d:b4:47:ae:3b:d4:8a:29:ed:26:04:8e:67:1f:af:3a:08:07:
dc:26:66:73:e7:9d:2c:6f:97:b2:7a:47:95:f4:23:99:8d:ac:
b6:ed:58:6d:87:b5:ed:31:f1:a3:aa:3a:6a:48:66:77:27:56:
4c:fa:f2:cd:90:1c:4c:db:05:c7:5e:3a:63:5f:37:eb:53:2d:
b1:9b:2d:16:e8:f6:09:48:16:2f:a8:17:38:d1:15:05:55:9b:
13:d8:5b:27:9d:5f:0f:3f:7e:75:b4:2a:20:23:fb:88:dc:05:
ae:df:63:69:35:b6:d6:90:9f:52:b3:fa:d2:ba:43:e0:d7:7f:
96:9e:a4:90:6d:e6:6c:56:13:3c:b5:57:40:48:3c:5c:62:c0:
34:d7:02:c1:f8:6c:be:01:63:12:bd:92:cc:c0:81:e8:34:ef:
10:a5:15:20:21:3f:2f:84:d2:0b:e9:15:ee:27:ee:ec:3e:3d:
23:c3:ff:86:40:73:81:da:05:a8:7d:5a:20:8d:dd:94:1c:39:
00:8f:61:75:0c:a2:e4:42:13:c3:19:44:f9:35:46:f2:07:7f:
1c:aa:5d:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhHd31vVowvZ7g69qyNMK+NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MDI4NzI1NmUyNWZhMzQwZDNhZmJhNzgwZWFjNjBkNTU2
YWRlYzAwHhcNMjUwNzI2MTYwMTA5WhcNMjUwNzI3MTYwMTA5WjAzMTEwLwYDVQQD
EygzMzllOGFmMzFhZGFlZDQ1OTQwMWM2YmM2NzY4ODExM2EzY2ZiMGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmE5Tfo41WYs9pFJt6gU0Oap117P1
rQRpM89Pgz7msA8B8KRiKfb70AyRN0gFTpPbFpyi2Nh8tbPRw3+HZKF3Pvdowh0Y
wuBp/ich6MQ6UB7cyuiuHbdFu7oGnBxKWxttJ27AMa+4OQQfUGo0Hp51okxXL5+z
hoqtkT0z+PlP/AM2T1VPfCvD5yyQiy57NUyYEC8BAwX4IJMxVdW7S9rULA1IZgz9
9f52Gwbom2a7wip+aSGw+FQ+BZ4Tc5xuL5AN4+6/LVPTuuWrZeJ8keUI1dOcsCH+
JK7qfgsE2dB1XOGG38VNii3vMBuT+b2qhVBFwDXnpzkScaiZRO1XpPcNgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDOeivMa2u1FlAHGvGdogROjz7CrMB8GA1UdIwQY
MBaAFAkChyVuJfo0DTr7p4Dqxg1Vat7AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1FLSEpXNGwtalFOT3Z1bmdPckdEVlZxM3NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC81YjBmZjUtODRjMy00OWJiLTlmYWIt
NzdiMjFjMDRiYzdkLzEvQ1FLSEpXNGwtalFOT3Z1bmdPckdEVlZxM3NBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC81YjBmZjUtODRjMy00OWJiLTlmYWItNzdiMjFjMDRiYzdk
LzEvQ1FLSEpXNGwtalFOT3Z1bmdPckdEVlZxM3NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHGDr912z
RC7ExWYcJ1iFdsvt1ut+FZgEU34JWhj86n98Rzr5XbRHrjvUiintJgSOZx+vOggH
3CZmc+edLG+XsnpHlfQjmY2stu1YbYe17THxo6o6akhmdydWTPryzZAcTNsFx146
Y18361MtsZstFuj2CUgWL6gXONEVBVWbE9hbJ51fDz9+dbQqICP7iNwFrt9jaTW2
1pCfUrP60rpD4Nd/lp6kkG3mbFYTPLVXQEg8XGLANNcCwfhsvgFjEr2SzMCB6DTv
EKUVICE/L4TSC+kV7ifu7D49I8P/hkBzgdoFqH1aII3dlBw5AI9hdQyi5EITwxlE
+TVG8gd/HKpdmw==
-----END CERTIFICATE-----
Generated at Sat Jul 26 20:22:04 2025 by rpki-client