Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft
File: QL_eNYm0RMN59zNggxsd2OovhwM.mft (raw, json)
Hash identifier: aUEF4fV1pJx/CL86SKwm7V7ZG/BkQ1y5alM7aN7svko=
Subject key identifier: C3:CE:3E:CD:CA:39:61:4E:DD:39:0A:E4:98:85:88:58:26:CA:8D:B5
Authority key identifier: 40:BF:DE:35:89:B4:44:C3:79:F7:33:60:83:1B:1D:D8:EA:2F:87:03
Certificate issuer: /CN=40bfde3589b444c379f73360831b1dd8ea2f8703
Certificate serial: 019654933328E93B57681B54B1B8178931A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QL_eNYm0RMN59zNggxsd2OovhwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft
Manifest number: 070D
Signing time: Sun 20 Apr 2025 19:00:55 +0000
Manifest this update: Sun 20 Apr 2025 19:00:55 +0000
Manifest next update: Mon 21 Apr 2025 19:00:55 +0000
Files and hashes: 1: QL_eNYm0RMN59zNggxsd2OovhwM.crl (hash: nkZG38kZA/sCWTKj9oXPYkgN+muaiiXqODkYYP1Q4qI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft
rsync://rpki.ripe.net/repository/DEFAULT/QL_eNYm0RMN59zNggxsd2OovhwM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:54:93:33:28:e9:3b:57:68:1b:54:b1:b8:17:89:31:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40bfde3589b444c379f73360831b1dd8ea2f8703
Validity
Not Before: Apr 20 19:00:55 2025 GMT
Not After : Apr 21 19:00:55 2025 GMT
Subject: CN=c3ce3ecdca39614edd390ae49885885826ca8db5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:fc:a9:50:16:cd:c3:3d:bd:c2:0e:2a:0a:77:
0c:fd:49:ac:d0:42:4c:bc:3a:95:57:de:cc:b4:bb:
b8:c0:d0:e5:ee:44:0d:87:9f:88:85:90:c2:94:4b:
f8:7b:ea:60:6d:17:ad:11:9f:69:88:83:25:4f:ed:
19:83:9a:6b:ab:e3:91:fc:e3:30:6e:09:b3:ba:f3:
31:2e:2a:ce:2e:be:da:35:68:c9:47:11:64:c2:c1:
07:1b:e6:90:57:59:16:47:37:c3:df:1d:79:34:78:
a6:fe:ad:fd:7a:c2:ce:b7:75:e3:2b:3a:e6:7b:14:
00:3e:5d:9e:8c:4b:b2:5d:c6:45:1a:bb:9a:0e:83:
ea:23:93:cc:6e:46:96:11:98:08:1b:ac:6b:28:21:
75:6d:54:b7:57:6c:6a:34:10:43:f0:ea:cc:4c:9b:
4a:62:17:ea:64:a4:d7:ce:97:0c:2e:79:a2:71:87:
e0:7e:f3:f2:dc:5b:71:38:db:8d:5e:9f:1b:86:04:
6d:65:81:8e:8e:63:26:0a:5c:91:cd:bb:b2:ca:8e:
2a:b6:39:7c:c9:db:67:fa:38:c5:c5:af:76:0d:d7:
60:1c:8b:f0:57:64:84:fc:70:87:1e:fb:d3:6b:7b:
7f:5c:6c:0f:47:1a:98:03:2c:fa:a5:87:ac:31:5e:
35:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:CE:3E:CD:CA:39:61:4E:DD:39:0A:E4:98:85:88:58:26:CA:8D:B5
X509v3 Authority Key Identifier:
keyid:40:BF:DE:35:89:B4:44:C3:79:F7:33:60:83:1B:1D:D8:EA:2F:87:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QL_eNYm0RMN59zNggxsd2OovhwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5b:ba:55:8c:66:c7:4f:89:d6:ab:3b:c6:98:b4:0d:34:ce:01:
e0:98:ba:cf:5c:1b:29:6f:93:a7:8d:33:ee:ae:cf:06:d7:38:
96:b4:5d:eb:25:b7:64:d2:a0:54:6f:db:79:d4:e1:f4:ad:a9:
03:30:70:2e:a1:36:29:7a:8e:3d:ee:9a:34:91:20:c7:f7:17:
e0:a8:4a:6f:7d:2d:fd:a2:7f:42:83:f2:44:2b:ea:71:75:b3:
f7:59:b6:27:84:a4:91:da:99:64:5e:89:c7:43:df:67:e7:d8:
37:e1:a2:85:dd:b5:eb:73:00:0e:d9:56:76:23:c9:76:c6:ca:
55:e7:21:04:d1:31:23:e2:86:75:33:bc:7f:3e:0f:2e:0e:26:
83:91:fc:14:e9:92:83:68:6c:17:c1:26:65:3c:83:0e:af:8d:
fc:92:db:3c:f1:02:5e:c8:a6:cb:0b:26:bd:91:08:56:20:ae:
d4:0f:50:21:32:97:a1:d3:d0:e7:cd:d1:51:fb:d6:fc:b4:4a:
ac:1d:41:33:ad:22:28:d4:b5:e5:3f:53:6a:71:25:45:b5:cf:
83:0b:ae:31:43:10:55:1e:3e:41:c6:e3:6c:4c:06:ea:bf:24:
22:46:81:2d:8f:a3:39:ed:ca:46:2a:7c:b4:ae:8a:b0:7f:19:
9d:a1:c5:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZUkzMo6TtXaBtUsbgXiTGiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYmZkZTM1ODliNDQ0YzM3OWY3MzM2MDgzMWIxZGQ4ZWEy
Zjg3MDMwHhcNMjUwNDIwMTkwMDU1WhcNMjUwNDIxMTkwMDU1WjAzMTEwLwYDVQQD
EyhjM2NlM2VjZGNhMzk2MTRlZGQzOTBhZTQ5ODg1ODg1ODI2Y2E4ZGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfypUBbNwz29wg4qCncM/Ums0EJM
vDqVV97MtLu4wNDl7kQNh5+IhZDClEv4e+pgbRetEZ9piIMlT+0Zg5prq+OR/OMw
bgmzuvMxLirOLr7aNWjJRxFkwsEHG+aQV1kWRzfD3x15NHim/q39esLOt3XjKzrm
exQAPl2ejEuyXcZFGruaDoPqI5PMbkaWEZgIG6xrKCF1bVS3V2xqNBBD8OrMTJtK
YhfqZKTXzpcMLnmicYfgfvPy3FtxONuNXp8bhgRtZYGOjmMmClyRzbuyyo4qtjl8
ydtn+jjFxa92DddgHIvwV2SE/HCHHvvTa3t/XGwPRxqYAyz6pYesMV41XwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMPOPs3KOWFO3TkK5JiFiFgmyo21MB8GA1UdIwQY
MBaAFEC/3jWJtETDefczYIMbHdjqL4cDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxfZU5ZbTBSTU41OXpOZ2d4c2QyT292aHdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8zYmEwMTEtZGJlZi00NTc3LTllMDAt
NTg4MDE5YTZiNWNiLzEvUUxfZU5ZbTBSTU41OXpOZ2d4c2QyT292aHdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8zYmEwMTEtZGJlZi00NTc3LTllMDAtNTg4MDE5YTZiNWNi
LzEvUUxfZU5ZbTBSTU41OXpOZ2d4c2QyT292aHdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW7pVjGbH
T4nWqzvGmLQNNM4B4Ji6z1wbKW+Tp40z7q7PBtc4lrRd6yW3ZNKgVG/bedTh9K2p
AzBwLqE2KXqOPe6aNJEgx/cX4KhKb30t/aJ/QoPyRCvqcXWz91m2J4SkkdqZZF6J
x0PfZ+fYN+Gihd2163MADtlWdiPJdsbKVechBNExI+KGdTO8fz4PLg4mg5H8FOmS
g2hsF8EmZTyDDq+N/JLbPPECXsimywsmvZEIViCu1A9QITKXodPQ583RUfvW/LRK
rB1BM60iKNS15T9TanElRbXPgwuuMUMQVR4+QcbjbEwG6r8kIkaBLY+jOe3KRip8
tK6KsH8ZnaHFUQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:30:38 2025 by rpki-client