Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.mft
File: qltHHQugidnp9GwpExlnT6yBKNA.mft (raw, json)
Hash identifier: uerJsWaFBlKPxR58+XnLuCf239JMaUs+eFV+Lw9cKk4=
Subject key identifier: D6:C6:5D:28:CB:BF:70:52:6F:E5:FA:85:8B:3C:1F:33:88:AB:C0:7C
Authority key identifier: AA:5B:47:1D:0B:A0:89:D9:E9:F4:6C:29:13:19:67:4F:AC:81:28:D0
Certificate issuer: /CN=aa5b471d0ba089d9e9f46c291319674fac8128d0
Certificate serial: 0198CACA3E11E9D3825B0958D168A9CB752D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qltHHQugidnp9GwpExlnT6yBKNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.mft
Manifest number: 0C96
Signing time: Thu 21 Aug 2025 04:01:48 +0000
Manifest this update: Thu 21 Aug 2025 04:01:48 +0000
Manifest next update: Fri 22 Aug 2025 04:01:48 +0000
Files and hashes: 1: 2K6387yyM5gxakFjGUcn1KUMQ58.roa (hash: KwEJI06hkpRX+nj9eXMKKI3vC9xa4ElKQ9FhYTbVyds=)
2: VNd90Fl0tWahsmhhQvhoAAT8f5U.roa (hash: U+zi8hpH0S9lksZLxaBLhZX/Hg0tdOzYwVmTSHbyaHY=)
3: qltHHQugidnp9GwpExlnT6yBKNA.crl (hash: AOTJykFvmAf1ecT9DUnJt78UnVJxulReauLzWlalm/U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.mft
rsync://rpki.ripe.net/repository/DEFAULT/qltHHQugidnp9GwpExlnT6yBKNA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 23:01:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ca:ca:3e:11:e9:d3:82:5b:09:58:d1:68:a9:cb:75:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa5b471d0ba089d9e9f46c291319674fac8128d0
Validity
Not Before: Aug 21 04:01:48 2025 GMT
Not After : Aug 22 04:01:48 2025 GMT
Subject: CN=d6c65d28cbbf70526fe5fa858b3c1f3388abc07c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:73:05:d3:ec:37:f0:8b:f0:54:72:4d:4f:06:
ff:a3:63:ea:d4:ff:b5:0f:38:c8:6f:ca:5c:28:d3:
99:5d:5e:37:fc:dc:d4:a5:e5:ff:ea:ef:9f:c4:7e:
9d:aa:6c:a5:8f:26:e7:74:f4:fa:9e:df:f2:09:1b:
75:95:a4:a6:bf:32:85:c6:a5:f9:a8:53:95:6c:5e:
0d:f4:dd:8f:be:de:b6:bc:ab:8c:b2:16:8f:4c:0a:
8e:28:44:8e:49:89:dd:0b:b7:75:20:09:10:e5:02:
38:6b:06:99:b2:8f:08:cb:0a:2a:c7:1d:a8:b0:06:
75:19:74:b9:c2:73:9a:1a:69:53:ad:a9:ba:98:5d:
b8:e1:5d:47:ed:43:b8:ed:56:c4:cf:60:44:47:74:
5a:af:81:31:82:95:67:b4:9e:b9:79:b2:7a:d2:f2:
59:a7:29:e0:89:d9:6d:37:40:58:ef:1c:5f:97:a0:
b2:ef:32:9e:39:7c:35:92:c1:d0:09:19:8f:93:a8:
3d:82:cb:ba:78:49:0c:47:09:66:41:5e:8b:0b:57:
36:51:b1:db:0e:31:e9:84:a5:c9:01:bd:f3:9f:08:
a1:31:6a:8e:21:d4:8b:46:19:22:e7:95:bd:56:25:
d7:ab:05:c4:58:63:6a:ac:c5:78:56:4a:c1:49:97:
3b:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:C6:5D:28:CB:BF:70:52:6F:E5:FA:85:8B:3C:1F:33:88:AB:C0:7C
X509v3 Authority Key Identifier:
keyid:AA:5B:47:1D:0B:A0:89:D9:E9:F4:6C:29:13:19:67:4F:AC:81:28:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qltHHQugidnp9GwpExlnT6yBKNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7a:6b:89:66:d1:4f:0b:59:c5:68:9d:79:b3:10:b6:1d:a0:e7:
9d:52:e1:77:1d:53:32:2a:37:fd:3b:ef:96:bc:5a:03:13:39:
5c:7e:e3:3b:75:8d:4b:98:44:2a:e8:9e:d4:66:20:23:d0:88:
c5:f6:ab:fe:e2:29:a8:d8:37:44:ff:25:23:68:4f:e8:b5:88:
d0:59:d7:86:b5:7c:15:e6:9c:3d:09:32:43:38:fc:37:f4:31:
e9:d4:55:ac:35:e4:80:82:ea:e2:cb:22:d8:e5:03:f1:08:ba:
36:89:90:26:dc:d4:55:6d:16:f0:32:fd:9c:3b:80:64:ad:e4:
71:eb:72:92:c0:22:a7:24:ae:ff:9c:05:15:75:3e:a1:10:09:
49:bc:65:3a:c2:1a:55:25:05:2c:6c:36:b8:03:e9:1b:47:92:
3b:28:4d:54:a5:99:98:4b:1e:9c:48:76:47:39:ea:1c:f0:af:
66:c4:17:02:4d:e1:4d:4a:fb:ed:a6:86:82:83:6c:30:57:f9:
3b:29:c0:45:1a:a9:cb:f3:3c:07:d9:50:39:41:ee:61:c0:3d:
3d:17:ee:ef:24:b7:93:78:0d:d7:9a:b8:d6:42:a2:e5:8b:08:
e5:8a:84:97:7b:92:a9:fb:e4:e5:cb:89:de:32:43:33:8f:9e:
ed:ba:07:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjKyj4R6dOCWwlY0Wipy3UtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNWI0NzFkMGJhMDg5ZDllOWY0NmMyOTEzMTk2NzRmYWM4
MTI4ZDAwHhcNMjUwODIxMDQwMTQ4WhcNMjUwODIyMDQwMTQ4WjAzMTEwLwYDVQQD
EyhkNmM2NWQyOGNiYmY3MDUyNmZlNWZhODU4YjNjMWYzMzg4YWJjMDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkHMF0+w38IvwVHJNTwb/o2Pq1P+1
DzjIb8pcKNOZXV43/NzUpeX/6u+fxH6dqmyljybndPT6nt/yCRt1laSmvzKFxqX5
qFOVbF4N9N2Pvt62vKuMshaPTAqOKESOSYndC7d1IAkQ5QI4awaZso8Iywoqxx2o
sAZ1GXS5wnOaGmlTram6mF244V1H7UO47VbEz2BER3Rar4ExgpVntJ65ebJ60vJZ
pyngidltN0BY7xxfl6Cy7zKeOXw1ksHQCRmPk6g9gsu6eEkMRwlmQV6LC1c2UbHb
DjHphKXJAb3znwihMWqOIdSLRhki55W9ViXXqwXEWGNqrMV4VkrBSZc7WQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNbGXSjLv3BSb+X6hYs8HzOIq8B8MB8GA1UdIwQY
MBaAFKpbRx0LoInZ6fRsKRMZZ0+sgSjQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWx0SEhRdWdpZG5wOUd3cEV4bG5UNnlCS05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS80YmUwMjctODhlOS00N2UzLWJiODgt
NmYyZTI1MjliZTgyLzEvcWx0SEhRdWdpZG5wOUd3cEV4bG5UNnlCS05BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS80YmUwMjctODhlOS00N2UzLWJiODgtNmYyZTI1MjliZTgy
LzEvcWx0SEhRdWdpZG5wOUd3cEV4bG5UNnlCS05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAemuJZtFP
C1nFaJ15sxC2HaDnnVLhdx1TMio3/TvvlrxaAxM5XH7jO3WNS5hEKuie1GYgI9CI
xfar/uIpqNg3RP8lI2hP6LWI0FnXhrV8FeacPQkyQzj8N/Qx6dRVrDXkgILq4ssi
2OUD8Qi6NomQJtzUVW0W8DL9nDuAZK3kcetyksAipySu/5wFFXU+oRAJSbxlOsIa
VSUFLGw2uAPpG0eSOyhNVKWZmEsenEh2RznqHPCvZsQXAk3hTUr77aaGgoNsMFf5
OynARRqpy/M8B9lQOUHuYcA9PRfu7yS3k3gN15q41kKi5YsI5YqEl3uSqfvk5cuJ
3jJDM4+e7boHjw==
-----END CERTIFICATE-----
Generated at Thu Aug 21 08:24:23 2025 by rpki-client