Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft
File: KqPjBJdiCGjhestHhoLOegvRNTQ.mft (raw, json)
Hash identifier: FCLEOYu8q6qzZXwZW0DLy0Kp86j1eQeqNlQp8gRNFnA=
Subject key identifier: 6B:5E:B9:75:33:A3:CF:F9:21:86:94:24:25:65:B4:F8:4D:92:84:86
Authority key identifier: 2A:A3:E3:04:97:62:08:68:E1:7A:CB:47:86:82:CE:7A:0B:D1:35:34
Certificate issuer: /CN=2aa3e30497620868e17acb478682ce7a0bd13534
Certificate serial: 01974EC5389575AFB9003A8F48619021F6C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KqPjBJdiCGjhestHhoLOegvRNTQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft
Manifest number: 157E
Signing time: Sun 08 Jun 2025 09:00:37 +0000
Manifest this update: Sun 08 Jun 2025 09:00:37 +0000
Manifest next update: Mon 09 Jun 2025 09:00:37 +0000
Files and hashes: 1: KqPjBJdiCGjhestHhoLOegvRNTQ.crl (hash: tJZ6YrxKRrxxCiO/4tFsjci5UDwkMmxW4Lv70vIM4kk=)
2: _F5YjzIp4N7IiS5lXnJMJsPMLEU.roa (hash: HX+68oJeKBQGUaK3TL3s9cs53fsCINCeh8CnxLw+JsM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/KqPjBJdiCGjhestHhoLOegvRNTQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4e:c5:38:95:75:af:b9:00:3a:8f:48:61:90:21:f6:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2aa3e30497620868e17acb478682ce7a0bd13534
Validity
Not Before: Jun 8 09:00:37 2025 GMT
Not After : Jun 9 09:00:37 2025 GMT
Subject: CN=6b5eb97533a3cff9218694242565b4f84d928486
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:e7:55:fb:6e:d4:63:0f:d9:88:53:d2:08:86:
b8:67:77:12:c1:eb:c7:94:9c:5f:c7:fd:05:4c:07:
7d:1f:91:96:ee:0a:62:de:70:78:54:4a:fe:4b:1f:
34:3a:fb:28:7a:b0:c5:27:88:42:6e:a7:d0:a8:8d:
82:46:a3:67:8d:67:f9:93:3e:98:96:20:a2:2e:29:
3c:46:12:39:d7:f7:2c:26:f4:8e:c9:81:c8:fe:ab:
06:98:79:7f:85:91:f6:42:b9:ca:b1:7d:fc:7f:d2:
b7:2b:4c:77:2b:63:c4:f0:f3:9a:bb:92:3b:bd:40:
ca:ce:00:b0:fe:d0:0e:75:88:e5:5e:7e:e2:db:f2:
14:5b:ac:c3:1e:c1:65:88:c5:c6:1a:5d:16:ff:42:
ff:87:12:c8:f2:bb:13:7b:78:27:19:af:eb:63:0d:
c1:08:6f:2c:83:1b:36:3e:6b:39:b6:71:e6:3c:61:
41:b2:b3:8c:b2:cf:ea:e3:3c:94:5d:a4:32:f1:ba:
ef:f6:79:4d:0f:6d:9e:6a:8d:08:c2:22:c6:0d:8d:
71:fb:f2:12:0d:99:fb:65:27:a0:f1:90:c6:18:bf:
e7:7d:b4:e3:d7:cc:27:55:85:3d:75:8a:4d:ea:cd:
7f:fe:73:4c:0f:8d:02:98:92:f6:6a:d0:db:f6:be:
6a:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:5E:B9:75:33:A3:CF:F9:21:86:94:24:25:65:B4:F8:4D:92:84:86
X509v3 Authority Key Identifier:
keyid:2A:A3:E3:04:97:62:08:68:E1:7A:CB:47:86:82:CE:7A:0B:D1:35:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KqPjBJdiCGjhestHhoLOegvRNTQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
54:0b:1f:f6:7d:3b:20:50:c8:73:05:e5:02:85:0f:d7:cf:20:
c0:aa:13:64:1f:f0:48:6f:33:21:20:58:06:02:ec:f3:89:20:
4e:db:39:f8:9d:22:52:bc:45:e5:70:e4:f7:22:82:c1:b3:51:
c8:76:ff:48:ce:3b:33:ba:b0:50:7c:ec:5a:38:0d:88:7c:cf:
a5:23:4d:7c:4c:f8:5e:3b:6e:19:28:76:79:df:c7:12:90:7d:
b4:37:84:15:0d:b0:2e:28:8a:3a:b7:ea:d4:b8:be:c5:83:cd:
96:e5:9d:3e:7a:54:99:16:bf:df:a1:f5:e0:31:42:f6:e8:e4:
6e:87:44:8a:66:09:01:0b:e0:16:70:4d:e2:5e:9c:32:00:20:
f3:d3:6e:4e:b6:0a:63:5d:58:bf:01:ed:e5:44:47:f0:fe:f0:
6c:28:c2:fe:29:89:48:9d:97:5f:12:c1:4e:a2:4e:d5:a2:e9:
63:17:a4:3f:0d:15:2e:7a:d8:94:ea:27:d0:79:1c:ea:e8:b2:
15:1b:6b:92:a9:a4:9a:7b:93:22:20:98:7a:a4:fb:60:42:ad:
98:a7:fd:ba:b4:81:1d:52:52:bf:14:0e:32:15:4b:0d:61:67:
20:75:f5:88:c1:c2:a6:61:21:66:cb:82:0e:59:49:b3:74:33:
bc:3a:ce:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOxTiVda+5ADqPSGGQIfbIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYTNlMzA0OTc2MjA4NjhlMTdhY2I0Nzg2ODJjZTdhMGJk
MTM1MzQwHhcNMjUwNjA4MDkwMDM3WhcNMjUwNjA5MDkwMDM3WjAzMTEwLwYDVQQD
Eyg2YjVlYjk3NTMzYTNjZmY5MjE4Njk0MjQyNTY1YjRmODRkOTI4NDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0edV+27UYw/ZiFPSCIa4Z3cSwevH
lJxfx/0FTAd9H5GW7gpi3nB4VEr+Sx80OvsoerDFJ4hCbqfQqI2CRqNnjWf5kz6Y
liCiLik8RhI51/csJvSOyYHI/qsGmHl/hZH2QrnKsX38f9K3K0x3K2PE8POau5I7
vUDKzgCw/tAOdYjlXn7i2/IUW6zDHsFliMXGGl0W/0L/hxLI8rsTe3gnGa/rYw3B
CG8sgxs2Pms5tnHmPGFBsrOMss/q4zyUXaQy8brv9nlND22eao0IwiLGDY1x+/IS
DZn7ZSeg8ZDGGL/nfbTj18wnVYU9dYpN6s1//nNMD40CmJL2atDb9r5qbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGteuXUzo8/5IYaUJCVltPhNkoSGMB8GA1UdIwQY
MBaAFCqj4wSXYgho4XrLR4aCznoL0TU0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3FQakJKZGlDR2poZXN0SGhvTE9lZ3ZSTlRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS85ODdiM2MtZjM0NS00MTEyLTkyNDAt
YTRjMGFiYTliYmViLzEvS3FQakJKZGlDR2poZXN0SGhvTE9lZ3ZSTlRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS85ODdiM2MtZjM0NS00MTEyLTkyNDAtYTRjMGFiYTliYmVi
LzEvS3FQakJKZGlDR2poZXN0SGhvTE9lZ3ZSTlRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVAsf9n07
IFDIcwXlAoUP188gwKoTZB/wSG8zISBYBgLs84kgTts5+J0iUrxF5XDk9yKCwbNR
yHb/SM47M7qwUHzsWjgNiHzPpSNNfEz4XjtuGSh2ed/HEpB9tDeEFQ2wLiiKOrfq
1Li+xYPNluWdPnpUmRa/36H14DFC9ujkbodEimYJAQvgFnBN4l6cMgAg89NuTrYK
Y11YvwHt5URH8P7wbCjC/imJSJ2XXxLBTqJO1aLpYxekPw0VLnrYlOon0Hkc6uiy
FRtrkqmkmnuTIiCYeqT7YEKtmKf9urSBHVJSvxQOMhVLDWFnIHX1iMHCpmEhZsuC
DllJs3QzvDrOoQ==
-----END CERTIFICATE-----
Generated at Sun Jun 8 16:00:48 2025 by rpki-client