
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft
File: KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft (raw, json)
Hash identifier: kUNndFPuJDj8XdqA4QXdPLhZTdmXZMyNQ+040jGTwpM=
Subject key identifier: C2:2E:A1:32:0F:ED:E9:29:40:91:94:18:15:14:2D:BD:0A:F8:A4:64
Authority key identifier: 29:01:F5:01:9A:97:0B:A5:BE:0C:75:4D:20:F7:86:71:81:8F:4A:2E
Certificate issuer: /CN=2901f5019a970ba5be0c754d20f78671818f4a2e
Certificate serial: 01975AC93208E7AD894063A83E9FF6A7E161
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQH1AZqXC6W-DHVNIPeGcYGPSi4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft
Manifest number: 1587
Signing time: Tue 10 Jun 2025 17:00:24 +0000
Manifest this update: Tue 10 Jun 2025 17:00:24 +0000
Manifest next update: Wed 11 Jun 2025 17:00:24 +0000
Files and hashes: 1: 8U2ACQzYPSPV3L5sSEkKCsB8pBA.roa (hash: ZbH4IgJyW8KkApU2bDE8XFDW+P9+bjUQNudFm1PbyTE=)
2: KQH1AZqXC6W-DHVNIPeGcYGPSi4.crl (hash: MlBLnTmjwi4l3S8D/Tm0iYg6wMYnkfjmYhlfl/vo65A=)
3: Ra0sgLWf3JdJbcM4jauXm0fPx4g.roa (hash: ymRkXWhwSlWVwmfkCY22bMBdImNrCEWfsZ+bTko6SjM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft
rsync://rpki.ripe.net/repository/DEFAULT/KQH1AZqXC6W-DHVNIPeGcYGPSi4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Jun 2025 14:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5a:c9:32:08:e7:ad:89:40:63:a8:3e:9f:f6:a7:e1:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2901f5019a970ba5be0c754d20f78671818f4a2e
Validity
Not Before: Jun 10 17:00:24 2025 GMT
Not After : Jun 11 17:00:24 2025 GMT
Subject: CN=c22ea1320fede9294091941815142dbd0af8a464
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:fd:f5:90:46:30:ef:0c:ad:49:fc:cb:12:fa:
d8:64:17:da:f4:34:1a:03:20:85:d5:5d:eb:2c:dc:
ee:f3:2f:00:60:b5:fe:01:47:92:fd:ac:5b:74:61:
cf:85:b7:bb:f6:ac:a3:d7:0e:3d:6a:a1:d3:51:d1:
8e:77:5c:a5:83:f1:76:70:ff:cb:c3:50:46:1b:9b:
b3:b6:61:6c:7d:1b:92:bd:80:8a:84:e2:8e:ba:0c:
0b:91:bc:54:82:d5:d3:05:37:86:b0:73:d1:41:14:
71:79:ea:9f:19:e8:c9:5c:29:f8:43:d8:e2:6e:81:
01:9c:d8:85:8b:44:82:33:ce:3e:03:6e:7b:0b:15:
d4:52:c7:be:a7:7e:d1:cb:db:5a:99:64:9a:94:ae:
31:28:c9:60:9d:59:aa:15:c3:11:16:9e:6b:9a:1f:
b2:0a:1c:ac:a4:68:d2:db:d3:50:0c:d1:b3:58:8d:
52:5c:cd:60:f0:a0:b8:7e:a1:f4:15:96:36:b8:a0:
78:f4:8c:6f:c2:ca:62:04:a5:0d:69:89:3a:f4:37:
08:0d:ba:76:29:2b:7c:7b:55:94:2e:a9:c3:fe:36:
3f:81:78:c2:e6:1e:a4:d2:fd:2a:3e:30:24:f7:1f:
1a:d1:4a:94:6c:23:47:cc:03:50:bf:4d:e3:9b:96:
37:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:2E:A1:32:0F:ED:E9:29:40:91:94:18:15:14:2D:BD:0A:F8:A4:64
X509v3 Authority Key Identifier:
keyid:29:01:F5:01:9A:97:0B:A5:BE:0C:75:4D:20:F7:86:71:81:8F:4A:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQH1AZqXC6W-DHVNIPeGcYGPSi4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
29:44:4e:73:87:bb:6d:e8:29:09:ce:62:fd:2e:ab:9a:d2:15:
fb:2e:64:26:40:bb:42:d7:bb:2d:ae:bf:18:b9:5e:38:d2:d4:
9f:dd:ca:27:4a:6a:1b:79:47:3a:ad:1e:ca:a9:95:49:c2:d0:
ca:67:65:66:a3:c9:20:ea:e7:13:a5:08:e4:56:04:71:bf:1e:
cf:cc:34:92:1a:fc:bb:97:22:17:4b:9e:87:6f:5a:4e:66:36:
3b:14:9d:2e:0b:73:5c:29:93:99:24:02:19:be:04:2e:2c:71:
ff:e8:02:90:c9:2b:34:9c:a4:af:cb:76:ce:57:28:0b:5c:c0:
4f:72:ca:41:6c:6f:49:ac:ad:8a:a0:bb:20:5a:ff:76:1d:1c:
58:ed:2a:7d:7c:a1:c3:a9:15:ba:51:20:eb:fd:eb:f2:51:8f:
c1:5c:3b:bf:2e:42:79:37:87:e0:bd:d2:67:2a:ba:67:fe:44:
de:98:bd:ec:0d:ee:86:0b:6d:36:29:d8:97:d8:30:9a:c3:a3:
61:d0:6c:db:d3:91:a7:7b:91:05:22:4d:fa:43:8b:fd:fb:d8:
69:82:1a:5a:b6:64:1e:98:b3:a7:8f:52:5c:7e:6a:9d:a7:e1:
86:a3:96:4d:40:a7:a0:60:5c:dc:34:86:ed:bc:3f:f4:f6:d9:
d1:47:4f:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdayTII562JQGOoPp/2p+FhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDFmNTAxOWE5NzBiYTViZTBjNzU0ZDIwZjc4NjcxODE4
ZjRhMmUwHhcNMjUwNjEwMTcwMDI0WhcNMjUwNjExMTcwMDI0WjAzMTEwLwYDVQQD
EyhjMjJlYTEzMjBmZWRlOTI5NDA5MTk0MTgxNTE0MmRiZDBhZjhhNDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuP31kEYw7wytSfzLEvrYZBfa9DQa
AyCF1V3rLNzu8y8AYLX+AUeS/axbdGHPhbe79qyj1w49aqHTUdGOd1ylg/F2cP/L
w1BGG5uztmFsfRuSvYCKhOKOugwLkbxUgtXTBTeGsHPRQRRxeeqfGejJXCn4Q9ji
boEBnNiFi0SCM84+A257CxXUUse+p37Ry9tamWSalK4xKMlgnVmqFcMRFp5rmh+y
ChyspGjS29NQDNGzWI1SXM1g8KC4fqH0FZY2uKB49IxvwspiBKUNaYk69DcIDbp2
KSt8e1WULqnD/jY/gXjC5h6k0v0qPjAk9x8a0UqUbCNHzANQv03jm5Y3uQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMIuoTIP7ekpQJGUGBUULb0K+KRkMB8GA1UdIwQY
MBaAFCkB9QGalwulvgx1TSD3hnGBj0ouMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FIMUFacVhDNlctREhWTklQZUdjWUdQU2k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8yN2I2MmUtMzYzOS00ZTc0LWFmZmUt
MmIyZjJiODkwOGNjLzEvS1FIMUFacVhDNlctREhWTklQZUdjWUdQU2k0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8yN2I2MmUtMzYzOS00ZTc0LWFmZmUtMmIyZjJiODkwOGNj
LzEvS1FIMUFacVhDNlctREhWTklQZUdjWUdQU2k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKUROc4e7
begpCc5i/S6rmtIV+y5kJkC7Qte7La6/GLleONLUn93KJ0pqG3lHOq0eyqmVScLQ
ymdlZqPJIOrnE6UI5FYEcb8ez8w0khr8u5ciF0ueh29aTmY2OxSdLgtzXCmTmSQC
Gb4ELixx/+gCkMkrNJykr8t2zlcoC1zAT3LKQWxvSaytiqC7IFr/dh0cWO0qfXyh
w6kVulEg6/3r8lGPwVw7vy5CeTeH4L3SZyq6Z/5E3pi97A3uhgttNinYl9gwmsOj
YdBs29ORp3uRBSJN+kOL/fvYaYIaWrZkHpizp49SXH5qnafhhqOWTUCnoGBc3DSG
7bw/9PbZ0UdP4w==
-----END CERTIFICATE-----
Generated at Tue Jun 10 20:59:20 2025 by rpki-client