
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft
File: KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft (raw, json)
Hash identifier: n2AzCQX1E/XDznEHGf0PcUIlr6pW8q53flHhP1yRIg4=
Subject key identifier: B2:07:07:67:F9:82:0E:42:DF:C3:3E:8A:F9:9E:58:E8:30:C8:6A:A4
Authority key identifier: 29:01:F5:01:9A:97:0B:A5:BE:0C:75:4D:20:F7:86:71:81:8F:4A:2E
Certificate issuer: /CN=2901f5019a970ba5be0c754d20f78671818f4a2e
Certificate serial: 01975CB7AB0E63934B147B5C76FA3A1B83C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQH1AZqXC6W-DHVNIPeGcYGPSi4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft
Manifest number: 1588
Signing time: Wed 11 Jun 2025 02:00:30 +0000
Manifest this update: Wed 11 Jun 2025 02:00:30 +0000
Manifest next update: Thu 12 Jun 2025 02:00:30 +0000
Files and hashes: 1: 8U2ACQzYPSPV3L5sSEkKCsB8pBA.roa (hash: ZbH4IgJyW8KkApU2bDE8XFDW+P9+bjUQNudFm1PbyTE=)
2: KQH1AZqXC6W-DHVNIPeGcYGPSi4.crl (hash: 2AsbtATHpFcVdIcJeHHDFfUQX9EtmTz6FDvrwlh48IE=)
3: Ra0sgLWf3JdJbcM4jauXm0fPx4g.roa (hash: ymRkXWhwSlWVwmfkCY22bMBdImNrCEWfsZ+bTko6SjM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft
rsync://rpki.ripe.net/repository/DEFAULT/KQH1AZqXC6W-DHVNIPeGcYGPSi4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 12 Jun 2025 02:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5c:b7:ab:0e:63:93:4b:14:7b:5c:76:fa:3a:1b:83:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2901f5019a970ba5be0c754d20f78671818f4a2e
Validity
Not Before: Jun 11 02:00:30 2025 GMT
Not After : Jun 12 02:00:30 2025 GMT
Subject: CN=b2070767f9820e42dfc33e8af99e58e830c86aa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:52:57:4b:4f:b0:a5:6b:09:5c:b5:03:47:ed:
b8:a1:0d:2b:11:e2:18:f6:90:4a:b6:b0:32:dd:82:
8c:ca:e4:82:3c:66:c0:b1:4e:a8:57:46:38:a9:04:
58:57:42:5d:d1:12:84:b8:ee:35:28:9e:2c:62:99:
08:f3:c7:a3:23:1e:04:c4:3d:8b:e5:0b:b8:36:0d:
26:72:26:c2:07:36:c8:d3:8c:42:2d:5c:5d:4e:fe:
c2:3d:70:bb:12:50:03:a4:ef:74:e0:e0:10:d1:d9:
52:c8:09:6c:a5:ae:0c:07:ff:99:6b:72:d0:ef:ad:
e7:49:6e:90:bc:b8:60:39:02:42:26:a8:31:3a:e4:
a9:8c:a7:5c:17:b8:60:b0:46:69:23:2e:33:d2:7b:
37:8a:b8:33:f6:df:f1:0b:81:0b:6b:9c:28:f6:e6:
ef:96:4c:18:75:fb:6f:ec:f0:98:c4:07:08:47:af:
7d:2e:75:c1:fd:39:29:f5:f2:58:76:27:9c:86:87:
c3:42:d9:45:b0:46:bd:f5:4d:b2:c8:fa:a0:ec:40:
48:a3:22:3e:cb:86:67:ee:7f:73:6b:db:a3:35:cc:
d4:13:cc:95:60:7e:0a:a6:31:0f:2d:5f:45:a6:00:
8f:fc:86:ed:8e:62:ab:53:db:cb:6f:72:4c:3e:c6:
48:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:07:07:67:F9:82:0E:42:DF:C3:3E:8A:F9:9E:58:E8:30:C8:6A:A4
X509v3 Authority Key Identifier:
keyid:29:01:F5:01:9A:97:0B:A5:BE:0C:75:4D:20:F7:86:71:81:8F:4A:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQH1AZqXC6W-DHVNIPeGcYGPSi4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
64:42:47:38:2d:2c:b8:ec:83:6c:7b:a2:98:40:ba:8a:94:18:
a6:34:83:4a:9f:55:e3:9b:7a:08:1e:f9:cf:9d:f8:48:25:f1:
00:4e:cf:07:04:c1:0d:19:0a:cf:20:0a:88:75:84:1c:da:82:
34:bb:1d:cc:1f:fb:1c:6f:e3:07:35:1f:9e:bc:e3:32:79:70:
27:3d:f5:b2:69:e3:44:b6:78:35:ca:bd:36:7c:4c:be:5e:35:
a5:df:59:7f:be:42:78:e4:f5:bd:d8:c0:91:2d:c8:cb:09:5c:
d2:93:07:9c:fd:ae:81:60:23:41:39:30:e6:ac:78:75:2a:44:
00:cd:a0:40:7d:95:81:bb:c5:10:0f:5e:bd:0a:ce:2f:cf:f9:
0f:31:d7:8b:b0:6e:f4:54:2c:00:43:c0:1f:fe:85:34:fd:7c:
a9:86:c6:a4:d1:45:78:03:dd:90:97:e6:b3:e6:ac:36:1b:58:
d0:c2:a2:c4:8c:cd:6e:ef:dc:92:e6:15:57:17:50:c0:a3:1a:
45:6c:ca:78:2f:7d:f0:af:ce:2c:f2:9c:dc:11:7d:01:38:e0:
2f:62:1e:2b:53:f8:28:79:fc:21:0a:f3:32:3d:61:7d:65:1d:
96:9e:18:d0:a2:1c:8c:a9:1a:aa:9b:ee:8f:fc:d6:b0:cb:84:
5c:b0:9a:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdct6sOY5NLFHtcdvo6G4PFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDFmNTAxOWE5NzBiYTViZTBjNzU0ZDIwZjc4NjcxODE4
ZjRhMmUwHhcNMjUwNjExMDIwMDMwWhcNMjUwNjEyMDIwMDMwWjAzMTEwLwYDVQQD
EyhiMjA3MDc2N2Y5ODIwZTQyZGZjMzNlOGFmOTllNThlODMwYzg2YWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1JXS0+wpWsJXLUDR+24oQ0rEeIY
9pBKtrAy3YKMyuSCPGbAsU6oV0Y4qQRYV0Jd0RKEuO41KJ4sYpkI88ejIx4ExD2L
5Qu4Ng0mcibCBzbI04xCLVxdTv7CPXC7ElADpO904OAQ0dlSyAlspa4MB/+Za3LQ
763nSW6QvLhgOQJCJqgxOuSpjKdcF7hgsEZpIy4z0ns3irgz9t/xC4ELa5wo9ubv
lkwYdftv7PCYxAcIR699LnXB/Tkp9fJYdiechofDQtlFsEa99U2yyPqg7EBIoyI+
y4Zn7n9za9ujNczUE8yVYH4KpjEPLV9FpgCP/IbtjmKrU9vLb3JMPsZIOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLIHB2f5gg5C38M+ivmeWOgwyGqkMB8GA1UdIwQY
MBaAFCkB9QGalwulvgx1TSD3hnGBj0ouMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FIMUFacVhDNlctREhWTklQZUdjWUdQU2k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8yN2I2MmUtMzYzOS00ZTc0LWFmZmUt
MmIyZjJiODkwOGNjLzEvS1FIMUFacVhDNlctREhWTklQZUdjWUdQU2k0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8yN2I2MmUtMzYzOS00ZTc0LWFmZmUtMmIyZjJiODkwOGNj
LzEvS1FIMUFacVhDNlctREhWTklQZUdjWUdQU2k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZEJHOC0s
uOyDbHuimEC6ipQYpjSDSp9V45t6CB75z534SCXxAE7PBwTBDRkKzyAKiHWEHNqC
NLsdzB/7HG/jBzUfnrzjMnlwJz31smnjRLZ4Ncq9NnxMvl41pd9Zf75CeOT1vdjA
kS3Iywlc0pMHnP2ugWAjQTkw5qx4dSpEAM2gQH2VgbvFEA9evQrOL8/5DzHXi7Bu
9FQsAEPAH/6FNP18qYbGpNFFeAPdkJfms+asNhtY0MKixIzNbu/ckuYVVxdQwKMa
RWzKeC998K/OLPKc3BF9ATjgL2IeK1P4KHn8IQrzMj1hfWUdlp4Y0KIcjKkaqpvu
j/zWsMuEXLCamQ==
-----END CERTIFICATE-----
Generated at Wed Jun 11 11:52:05 2025 by rpki-client