Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/d09fb9-f3fa-45b8-a5cd-77b489249fa4/1/qqlyrDzBD3FspJhQRaXwgktgyh8.mft
File: qqlyrDzBD3FspJhQRaXwgktgyh8.mft (raw, json)
Hash identifier: Xa2PbV4V3LN7VMUdH2GYEUsf+btagY+D1SQ78mo5uCw=
Subject key identifier: 1F:31:14:48:56:ED:A3:12:1E:8F:AC:19:C5:A4:D3:61:2B:0E:5C:76
Authority key identifier: AA:A9:72:AC:3C:C1:0F:71:6C:A4:98:50:45:A5:F0:82:4B:60:CA:1F
Certificate issuer: /CN=aaa972ac3cc10f716ca4985045a5f0824b60ca1f
Certificate serial: 0197C94B93E3FFB52024A86BD112BAE8D704
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qqlyrDzBD3FspJhQRaXwgktgyh8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/d09fb9-f3fa-45b8-a5cd-77b489249fa4/1/qqlyrDzBD3FspJhQRaXwgktgyh8.mft
Manifest number: CA
Signing time: Wed 02 Jul 2025 04:01:02 +0000
Manifest this update: Wed 02 Jul 2025 04:01:02 +0000
Manifest next update: Thu 03 Jul 2025 04:01:02 +0000
Files and hashes: 1: qqlyrDzBD3FspJhQRaXwgktgyh8.crl (hash: +VD6EG9tBhJMNPCFB7FVkEI5/xl9bOlJTTBkqOGCFfo=)
2: yIGIxees9MuARoWN6t0oVINh_4A.roa (hash: geAsTIsbC4XBTKHwgmaJ0ZNmwh/Z8F8NnaAnGD8ONe8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/d09fb9-f3fa-45b8-a5cd-77b489249fa4/1/qqlyrDzBD3FspJhQRaXwgktgyh8.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/d09fb9-f3fa-45b8-a5cd-77b489249fa4/1/qqlyrDzBD3FspJhQRaXwgktgyh8.mft
rsync://rpki.ripe.net/repository/DEFAULT/qqlyrDzBD3FspJhQRaXwgktgyh8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 04:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c9:4b:93:e3:ff:b5:20:24:a8:6b:d1:12:ba:e8:d7:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aaa972ac3cc10f716ca4985045a5f0824b60ca1f
Validity
Not Before: Jul 2 04:01:02 2025 GMT
Not After : Jul 3 04:01:02 2025 GMT
Subject: CN=1f31144856eda3121e8fac19c5a4d3612b0e5c76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:b2:8e:b1:4c:3e:a1:1c:16:18:b0:c0:42:aa:
73:f1:9f:9c:8e:da:91:b0:f3:31:4e:a5:6f:42:12:
6f:ca:1e:c2:13:2d:76:45:15:7f:ce:55:6e:4b:b3:
e2:a4:55:77:e0:55:49:d5:82:e4:fe:22:cf:a9:9e:
ab:25:35:3d:f9:74:2d:6b:54:89:ef:a2:d6:23:c0:
1c:57:c2:75:4f:90:09:6c:d6:06:c3:ee:00:c3:be:
08:42:72:88:d2:c9:df:47:88:9c:a7:ac:b8:ce:92:
76:b7:7e:49:71:d7:f0:7d:e0:eb:bc:dd:70:b8:82:
4c:13:82:29:3c:7e:70:89:a6:f6:29:ca:bd:e2:c2:
ea:9e:fb:0d:d8:3a:fb:27:9a:aa:42:53:9c:ff:6d:
ba:51:fb:80:0f:0d:80:50:85:ee:ff:2a:aa:2b:de:
8f:65:c3:a6:07:a9:73:db:83:b9:72:d5:51:2f:ef:
3b:29:b0:b4:db:5c:26:0f:88:aa:fe:50:6f:90:c3:
69:b8:9f:e9:f7:c4:f5:31:ef:86:28:ac:b6:9c:bc:
09:b9:e3:69:26:2a:19:d2:f1:f3:9d:e3:3f:b2:73:
ce:d2:dd:46:7d:8e:1f:4e:ba:94:f2:ce:5e:00:27:
93:60:79:85:1b:62:aa:ea:90:17:ba:d8:1c:d4:89:
c4:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:31:14:48:56:ED:A3:12:1E:8F:AC:19:C5:A4:D3:61:2B:0E:5C:76
X509v3 Authority Key Identifier:
keyid:AA:A9:72:AC:3C:C1:0F:71:6C:A4:98:50:45:A5:F0:82:4B:60:CA:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qqlyrDzBD3FspJhQRaXwgktgyh8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/d09fb9-f3fa-45b8-a5cd-77b489249fa4/1/qqlyrDzBD3FspJhQRaXwgktgyh8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/d09fb9-f3fa-45b8-a5cd-77b489249fa4/1/qqlyrDzBD3FspJhQRaXwgktgyh8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
22:f4:1c:9c:42:65:48:50:ef:50:15:97:f5:88:95:80:82:9f:
b5:64:78:fe:1a:6d:f2:6e:bf:ab:0c:da:49:1b:6c:54:50:10:
31:fa:24:3c:e9:33:6e:cd:4c:e0:cf:37:5d:83:bd:c7:40:fa:
06:f7:c7:c8:29:e0:8b:1d:16:bb:fc:8f:85:20:fa:39:62:2e:
b4:61:38:da:76:2a:ea:6e:6d:e9:81:bf:ef:fa:fe:59:c6:e7:
c7:03:50:e3:80:f4:ae:e2:24:59:d4:fe:2d:75:d8:92:55:39:
e7:b8:23:d3:d8:39:42:5d:3a:00:cd:76:2a:8a:ca:50:1b:b1:
cd:22:a4:b2:f6:bd:e2:1a:71:43:90:cf:ec:03:3e:d1:37:13:
ad:8f:a5:ba:90:14:fe:c7:8c:9c:38:30:d8:61:c6:2a:40:1a:
ce:64:a2:92:e0:d6:f0:67:7c:4e:b1:b5:23:0a:9e:da:8d:08:
58:5a:de:0b:cb:83:6a:2e:d7:ed:8f:68:d2:17:a7:6c:1d:51:
0f:63:72:72:2a:f7:5a:07:5e:51:1a:cf:48:f0:73:49:42:dd:
97:2f:81:b6:6e:e1:e8:54:bc:ec:35:9d:de:54:4b:7f:72:35:
9a:84:14:f2:85:62:2b:1a:15:23:59:a2:1f:94:c9:c7:23:fc:
fe:b3:10:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfJS5Pj/7UgJKhr0RK66NcEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhYTk3MmFjM2NjMTBmNzE2Y2E0OTg1MDQ1YTVmMDgyNGI2
MGNhMWYwHhcNMjUwNzAyMDQwMTAyWhcNMjUwNzAzMDQwMTAyWjAzMTEwLwYDVQQD
EygxZjMxMTQ0ODU2ZWRhMzEyMWU4ZmFjMTljNWE0ZDM2MTJiMGU1Yzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1rKOsUw+oRwWGLDAQqpz8Z+cjtqR
sPMxTqVvQhJvyh7CEy12RRV/zlVuS7PipFV34FVJ1YLk/iLPqZ6rJTU9+XQta1SJ
76LWI8AcV8J1T5AJbNYGw+4Aw74IQnKI0snfR4icp6y4zpJ2t35JcdfwfeDrvN1w
uIJME4IpPH5wiab2Kcq94sLqnvsN2Dr7J5qqQlOc/226UfuADw2AUIXu/yqqK96P
ZcOmB6lz24O5ctVRL+87KbC021wmD4iq/lBvkMNpuJ/p98T1Me+GKKy2nLwJueNp
JioZ0vHzneM/snPO0t1GfY4fTrqU8s5eACeTYHmFG2Kq6pAXutgc1InE9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB8xFEhW7aMSHo+sGcWk02ErDlx2MB8GA1UdIwQY
MBaAFKqpcqw8wQ9xbKSYUEWl8IJLYMofMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXFseXJEekJEM0ZzcEpoUVJhWHdna3RneWg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9kMDlmYjktZjNmYS00NWI4LWE1Y2Qt
NzdiNDg5MjQ5ZmE0LzEvcXFseXJEekJEM0ZzcEpoUVJhWHdna3RneWg4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9kMDlmYjktZjNmYS00NWI4LWE1Y2QtNzdiNDg5MjQ5ZmE0
LzEvcXFseXJEekJEM0ZzcEpoUVJhWHdna3RneWg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIvQcnEJl
SFDvUBWX9YiVgIKftWR4/hpt8m6/qwzaSRtsVFAQMfokPOkzbs1M4M83XYO9x0D6
BvfHyCngix0Wu/yPhSD6OWIutGE42nYq6m5t6YG/7/r+WcbnxwNQ44D0ruIkWdT+
LXXYklU557gj09g5Ql06AM12KorKUBuxzSKksva94hpxQ5DP7AM+0TcTrY+lupAU
/seMnDgw2GHGKkAazmSikuDW8Gd8TrG1Iwqe2o0IWFreC8uDai7X7Y9o0henbB1R
D2Nycir3WgdeURrPSPBzSULdly+Btm7h6FS87DWd3lRLf3I1moQU8oViKxoVI1mi
H5TJxyP8/rMQWw==
-----END CERTIFICATE-----
Generated at Wed Jul 2 13:08:21 2025 by rpki-client