Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/709e07-47d5-4720-b777-c6bca01b2ff8/1/qMbzkzUMd1mMEhrNPJL3BIV274k.mft
File: qMbzkzUMd1mMEhrNPJL3BIV274k.mft (raw, json)
Hash identifier: nlq0UvLDlQ9GWqGVYBi5w98YSTxQQPOZxGtCatdoYeQ=
Subject key identifier: D6:ED:40:C1:96:84:D0:CE:45:E3:0F:71:93:71:11:F7:A5:42:33:C5
Authority key identifier: A8:C6:F3:93:35:0C:77:59:8C:12:1A:CD:3C:92:F7:04:85:76:EF:89
Certificate issuer: /CN=a8c6f393350c77598c121acd3c92f7048576ef89
Certificate serial: 01974E5784F6744BC4C20747B8D3F0C15943
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qMbzkzUMd1mMEhrNPJL3BIV274k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/709e07-47d5-4720-b777-c6bca01b2ff8/1/qMbzkzUMd1mMEhrNPJL3BIV274k.mft
Manifest number: 0CB5
Signing time: Sun 08 Jun 2025 07:00:47 +0000
Manifest this update: Sun 08 Jun 2025 07:00:47 +0000
Manifest next update: Mon 09 Jun 2025 07:00:47 +0000
Files and hashes: 1: eOh7otVHHrYHGXBG7XugLjFkG3I.roa (hash: jBij6Zpdi8PdzGdFEr+QptijCvWCfUOl+3jki1c2vMs=)
2: lCDqNprGOb5vTF01oJ8hwQqZCRE.roa (hash: mFZkrlVA4mVLiefirb6z2hXCAJmumM9YtxbYwU/yy10=)
3: qMbzkzUMd1mMEhrNPJL3BIV274k.crl (hash: Lx5eMTd/kNejRJkmLzXaQQyHFYwYhAXcl4qt/IVNKFk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/709e07-47d5-4720-b777-c6bca01b2ff8/1/qMbzkzUMd1mMEhrNPJL3BIV274k.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/709e07-47d5-4720-b777-c6bca01b2ff8/1/qMbzkzUMd1mMEhrNPJL3BIV274k.mft
rsync://rpki.ripe.net/repository/DEFAULT/qMbzkzUMd1mMEhrNPJL3BIV274k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 07:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4e:57:84:f6:74:4b:c4:c2:07:47:b8:d3:f0:c1:59:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8c6f393350c77598c121acd3c92f7048576ef89
Validity
Not Before: Jun 8 07:00:47 2025 GMT
Not After : Jun 9 07:00:47 2025 GMT
Subject: CN=d6ed40c19684d0ce45e30f71937111f7a54233c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:d7:24:af:6d:f7:3c:4f:87:7e:b0:d7:b3:b0:
5f:08:6e:4f:c0:5a:4d:30:e3:08:bc:5b:70:b7:d5:
d8:cf:f7:7a:df:9a:2c:3d:00:c9:1c:c0:e4:bb:0c:
48:ef:9b:83:93:8b:88:d6:38:26:af:88:00:c4:05:
3b:5c:3d:70:09:a4:af:4e:8b:f3:7d:7e:3a:6a:60:
85:0c:fe:0f:a2:df:a5:a7:c1:65:ee:ff:9f:fd:ee:
22:f3:ce:73:cb:d8:23:d2:a5:4d:0c:2b:10:92:71:
f8:f2:b3:bb:0f:75:95:1a:2c:30:15:41:bf:98:e5:
92:63:e8:0a:a0:da:bb:e0:d5:e4:5c:0d:12:6f:a9:
e2:41:00:98:7a:fe:c6:cb:be:7a:3f:f5:a3:93:b2:
b4:c0:c2:b2:ab:e7:1b:95:33:5d:60:99:31:7e:e0:
05:6f:6b:30:bf:f6:2d:9e:5a:b9:c8:2d:40:01:33:
01:e9:97:82:27:60:26:db:b7:1a:46:04:9c:ce:70:
f9:81:6b:cd:58:62:8e:d8:ef:04:d2:80:0b:40:cc:
a4:4b:77:a1:b7:24:c5:ad:e1:94:c4:59:54:ff:48:
fd:29:68:de:cd:4f:39:e7:9e:46:33:94:2e:cd:d8:
bc:02:d3:3a:4b:59:c1:be:70:f7:ef:f0:0f:d6:a8:
13:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:ED:40:C1:96:84:D0:CE:45:E3:0F:71:93:71:11:F7:A5:42:33:C5
X509v3 Authority Key Identifier:
keyid:A8:C6:F3:93:35:0C:77:59:8C:12:1A:CD:3C:92:F7:04:85:76:EF:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qMbzkzUMd1mMEhrNPJL3BIV274k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/709e07-47d5-4720-b777-c6bca01b2ff8/1/qMbzkzUMd1mMEhrNPJL3BIV274k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/709e07-47d5-4720-b777-c6bca01b2ff8/1/qMbzkzUMd1mMEhrNPJL3BIV274k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
77:8f:40:d8:8e:ea:a9:7d:50:40:54:98:10:ff:19:e8:10:de:
ca:f8:46:a4:d9:17:de:77:4b:06:54:30:a4:65:91:b2:4b:80:
6d:22:0a:ec:23:10:e7:db:1f:a2:1b:b3:24:b3:5c:d3:9d:9c:
fe:39:c5:c9:3e:4b:ec:ef:14:b8:92:03:e7:94:6b:eb:2c:5b:
ab:b5:8d:41:fa:d9:21:62:e5:09:90:a1:d1:89:e6:fd:0a:52:
82:08:d1:9f:4b:09:16:4b:dc:73:fd:aa:bf:36:3a:c7:aa:c7:
00:fc:22:47:45:67:0c:6f:4a:da:45:0f:5e:a2:b5:d2:b6:41:
69:ee:fa:e2:a6:9f:19:57:94:2d:c6:09:f7:7f:09:dd:14:4c:
7b:3a:c6:b5:6c:35:e7:55:6c:66:f8:3b:6d:a2:c6:79:0c:ba:
75:43:93:7b:ab:86:c7:c5:7a:f2:ba:a9:fd:d7:ac:bd:7b:b3:
aa:62:2b:4a:33:5f:30:a9:00:65:ab:e9:21:ff:e8:e8:31:f9:
6e:52:25:c4:69:66:17:0e:21:e8:c4:ca:74:f8:0a:3a:8b:71:
eb:f3:4a:a9:11:5c:6b:ca:24:a4:3c:e5:e7:7b:a5:9e:0b:d6:
3c:de:82:61:97:17:e6:c9:33:80:94:81:fd:79:03:74:dd:17:
f9:43:6b:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOV4T2dEvEwgdHuNPwwVlDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4YzZmMzkzMzUwYzc3NTk4YzEyMWFjZDNjOTJmNzA0ODU3
NmVmODkwHhcNMjUwNjA4MDcwMDQ3WhcNMjUwNjA5MDcwMDQ3WjAzMTEwLwYDVQQD
EyhkNmVkNDBjMTk2ODRkMGNlNDVlMzBmNzE5MzcxMTFmN2E1NDIzM2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzdckr233PE+HfrDXs7BfCG5PwFpN
MOMIvFtwt9XYz/d635osPQDJHMDkuwxI75uDk4uI1jgmr4gAxAU7XD1wCaSvTovz
fX46amCFDP4Pot+lp8Fl7v+f/e4i885zy9gj0qVNDCsQknH48rO7D3WVGiwwFUG/
mOWSY+gKoNq74NXkXA0Sb6niQQCYev7Gy756P/Wjk7K0wMKyq+cblTNdYJkxfuAF
b2swv/Ytnlq5yC1AATMB6ZeCJ2Am27caRgScznD5gWvNWGKO2O8E0oALQMykS3eh
tyTFreGUxFlU/0j9KWjezU85555GM5Quzdi8AtM6S1nBvnD37/AP1qgTtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNbtQMGWhNDOReMPcZNxEfelQjPFMB8GA1UdIwQY
MBaAFKjG85M1DHdZjBIazTyS9wSFdu+JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcU1iemt6VU1kMW1NRWhyTlBKTDNCSVYyNzRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS83MDllMDctNDdkNS00NzIwLWI3Nzct
YzZiY2EwMWIyZmY4LzEvcU1iemt6VU1kMW1NRWhyTlBKTDNCSVYyNzRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS83MDllMDctNDdkNS00NzIwLWI3NzctYzZiY2EwMWIyZmY4
LzEvcU1iemt6VU1kMW1NRWhyTlBKTDNCSVYyNzRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd49A2I7q
qX1QQFSYEP8Z6BDeyvhGpNkX3ndLBlQwpGWRskuAbSIK7CMQ59sfohuzJLNc052c
/jnFyT5L7O8UuJID55Rr6yxbq7WNQfrZIWLlCZCh0Ynm/QpSggjRn0sJFkvcc/2q
vzY6x6rHAPwiR0VnDG9K2kUPXqK10rZBae764qafGVeULcYJ938J3RRMezrGtWw1
51VsZvg7baLGeQy6dUOTe6uGx8V68rqp/desvXuzqmIrSjNfMKkAZavpIf/o6DH5
blIlxGlmFw4h6MTKdPgKOotx6/NKqRFca8okpDzl53ulngvWPN6CYZcX5skzgJSB
/XkDdN0X+UNrbA==
-----END CERTIFICATE-----
Generated at Sun Jun 8 16:41:36 2025 by rpki-client