Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.mft
File: TQiJTKQFMefSApQJEojnetEsKXk.mft (raw, json)
Hash identifier: p817RyFsA9KNE6jh1uFjQPaU128d4gVFBggkdq7um14=
Subject key identifier: 52:A0:63:1F:0E:05:47:6C:8F:69:4B:21:15:07:86:E0:C0:C0:B2:A6
Authority key identifier: 4D:08:89:4C:A4:05:31:E7:D2:02:94:09:12:88:E7:7A:D1:2C:29:79
Certificate issuer: /CN=4d08894ca40531e7d20294091288e77ad12c2979
Certificate serial: 01974AE86B5811955AD475D2481B06F51483
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TQiJTKQFMefSApQJEojnetEsKXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.mft
Manifest number: 0644
Signing time: Sat 07 Jun 2025 15:00:35 +0000
Manifest this update: Sat 07 Jun 2025 15:00:35 +0000
Manifest next update: Sun 08 Jun 2025 15:00:35 +0000
Files and hashes: 1: 9vSYuCdAG_e0E6RGGzb6agTE0BM.roa (hash: QacZLKOpB/Eo9Q8tjYWI0KN++SKGpTz/tW+UR9tDqD0=)
2: TQiJTKQFMefSApQJEojnetEsKXk.crl (hash: U7pWVBYRjbHAbUG4IFRd3MatVzZsJF8V+piOhZB+RHI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.mft
rsync://rpki.ripe.net/repository/DEFAULT/TQiJTKQFMefSApQJEojnetEsKXk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4a:e8:6b:58:11:95:5a:d4:75:d2:48:1b:06:f5:14:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d08894ca40531e7d20294091288e77ad12c2979
Validity
Not Before: Jun 7 15:00:35 2025 GMT
Not After : Jun 8 15:00:35 2025 GMT
Subject: CN=52a0631f0e05476c8f694b21150786e0c0c0b2a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:1f:15:70:e4:b2:fa:2b:66:45:8c:49:a0:e9:
d7:a0:b3:2e:be:cb:46:ee:f4:37:16:23:d5:d5:42:
4c:7f:10:d0:4a:d8:85:3d:54:4b:0a:90:bb:3f:fd:
be:13:6f:f1:a9:cb:be:32:4b:a8:b3:2d:c8:0e:c0:
8b:75:7f:8e:6a:82:b1:2b:95:20:ff:70:0a:d6:6a:
98:d1:d4:6f:78:95:74:b4:99:7d:37:b5:73:b0:df:
94:aa:df:73:e8:8a:64:62:10:c9:7a:f6:dc:3a:45:
17:1d:3b:84:84:1f:fb:59:ce:5c:9c:ca:e5:47:89:
ac:29:1e:02:b4:6b:79:3e:8c:31:78:58:2e:16:13:
f1:8f:32:8c:81:4c:3b:d5:78:15:d8:46:93:d6:e4:
63:a2:e7:e5:a4:32:47:9d:1b:d1:df:e8:fd:4b:0f:
e2:d3:63:11:05:4f:b4:28:00:47:6a:cb:9b:af:4b:
0c:f0:da:22:ce:e2:2a:bc:b4:5a:cf:88:2d:6d:87:
d1:42:cf:20:dc:ce:19:ae:ad:b3:ea:f1:7a:e6:31:
12:f1:78:15:ea:6d:f6:cd:e1:79:d2:48:a0:71:0c:
e5:ab:30:fb:a1:aa:74:5d:9f:79:99:60:4e:11:c3:
0b:10:72:71:75:17:81:a0:c9:e7:e7:22:19:a0:d1:
a8:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:A0:63:1F:0E:05:47:6C:8F:69:4B:21:15:07:86:E0:C0:C0:B2:A6
X509v3 Authority Key Identifier:
keyid:4D:08:89:4C:A4:05:31:E7:D2:02:94:09:12:88:E7:7A:D1:2C:29:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TQiJTKQFMefSApQJEojnetEsKXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
10:b0:a4:28:70:92:b5:61:ab:ce:44:e0:83:8a:ee:6a:94:e9:
79:b3:f3:f4:71:68:89:84:f7:3e:ad:7c:df:8b:b1:7d:5d:09:
80:62:b1:10:8b:cc:89:1a:03:fb:5a:2d:a2:9d:39:1a:b7:8d:
9c:53:fe:48:5f:39:9e:68:78:0d:9b:fd:0d:d4:32:0b:15:fb:
ea:ed:4d:9b:78:3e:8b:47:0a:f9:fb:ab:b1:55:e0:6a:06:68:
9b:bd:5d:06:3b:d6:1c:b8:b7:dd:f8:d5:d4:8c:70:dd:5c:1b:
62:f6:68:3d:87:00:41:98:e6:ea:50:63:e6:dc:78:0b:95:d1:
9b:53:7a:38:d5:7d:13:4d:dd:1b:ce:9b:73:27:6d:e2:3f:cb:
bc:5e:2f:91:e2:d6:7c:aa:18:9a:2c:ef:85:3f:4e:26:c5:d5:
76:21:4d:e8:54:38:57:18:ab:79:cd:96:d2:19:3d:59:5b:34:
17:ba:0b:92:a7:e6:2c:64:0a:8e:f7:a7:c4:82:96:d8:48:73:
4d:3d:df:10:d5:eb:97:12:39:49:d6:c1:c9:22:f1:38:6e:e4:
b6:7c:c7:ec:3b:ec:61:4d:5a:60:41:b9:1b:4c:fb:7b:a2:32:
4a:9d:3b:dc:b0:11:1d:c8:6e:0e:32:d8:b1:0f:04:c1:8a:e9:
bd:dc:eb:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdK6GtYEZVa1HXSSBsG9RSDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMDg4OTRjYTQwNTMxZTdkMjAyOTQwOTEyODhlNzdhZDEy
YzI5NzkwHhcNMjUwNjA3MTUwMDM1WhcNMjUwNjA4MTUwMDM1WjAzMTEwLwYDVQQD
Eyg1MmEwNjMxZjBlMDU0NzZjOGY2OTRiMjExNTA3ODZlMGMwYzBiMmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1h8VcOSy+itmRYxJoOnXoLMuvstG
7vQ3FiPV1UJMfxDQStiFPVRLCpC7P/2+E2/xqcu+Mkuosy3IDsCLdX+OaoKxK5Ug
/3AK1mqY0dRveJV0tJl9N7VzsN+Uqt9z6IpkYhDJevbcOkUXHTuEhB/7Wc5cnMrl
R4msKR4CtGt5PowxeFguFhPxjzKMgUw71XgV2EaT1uRjouflpDJHnRvR3+j9Sw/i
02MRBU+0KABHasubr0sM8NoizuIqvLRaz4gtbYfRQs8g3M4Zrq2z6vF65jES8XgV
6m32zeF50kigcQzlqzD7oap0XZ95mWBOEcMLEHJxdReBoMnn5yIZoNGoOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFKgYx8OBUdsj2lLIRUHhuDAwLKmMB8GA1UdIwQY
MBaAFE0IiUykBTHn0gKUCRKI53rRLCl5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFFpSlRLUUZNZWZTQXBRSkVvam5ldEVzS1hrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85YTA4YjAtY2ZlYy00YzkxLWI4ZWIt
NGFiYWRiNWFlYTlhLzEvVFFpSlRLUUZNZWZTQXBRSkVvam5ldEVzS1hrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85YTA4YjAtY2ZlYy00YzkxLWI4ZWItNGFiYWRiNWFlYTlh
LzEvVFFpSlRLUUZNZWZTQXBRSkVvam5ldEVzS1hrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAELCkKHCS
tWGrzkTgg4ruapTpebPz9HFoiYT3Pq1834uxfV0JgGKxEIvMiRoD+1otop05GreN
nFP+SF85nmh4DZv9DdQyCxX76u1Nm3g+i0cK+fursVXgagZom71dBjvWHLi33fjV
1Ixw3VwbYvZoPYcAQZjm6lBj5tx4C5XRm1N6ONV9E03dG86bcydt4j/LvF4vkeLW
fKoYmizvhT9OJsXVdiFN6FQ4Vxirec2W0hk9WVs0F7oLkqfmLGQKjvenxIKW2Ehz
TT3fENXrlxI5SdbBySLxOG7ktnzH7DvsYU1aYEG5G0z7e6IySp073LARHchuDjLY
sQ8EwYrpvdzrWA==
-----END CERTIFICATE-----
Generated at Sat Jun 7 17:24:28 2025 by rpki-client