Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3f9619-4bd0-4aba-90e2-7c3f8c40c510/1/q9lqrojvmbTVDknsrpyuSPN4gfc.mft
File: q9lqrojvmbTVDknsrpyuSPN4gfc.mft (raw, json)
Hash identifier: EcMuxwE3YDYGoaxmuc8ajvGN5LxtzwsnwInvJgIMy+Y=
Subject key identifier: 3F:8A:63:69:80:4A:F6:EB:95:EF:39:61:AE:54:38:C9:C8:81:71:C5
Authority key identifier: AB:D9:6A:AE:88:EF:99:B4:D5:0E:49:EC:AE:9C:AE:48:F3:78:81:F7
Certificate issuer: /CN=abd96aae88ef99b4d50e49ecae9cae48f37881f7
Certificate serial: 0197D518B321C1CCA8BA704935EB5A18DC24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q9lqrojvmbTVDknsrpyuSPN4gfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/3f9619-4bd0-4aba-90e2-7c3f8c40c510/1/q9lqrojvmbTVDknsrpyuSPN4gfc.mft
Manifest number: 0213
Signing time: Fri 04 Jul 2025 11:00:55 +0000
Manifest this update: Fri 04 Jul 2025 11:00:55 +0000
Manifest next update: Sat 05 Jul 2025 11:00:55 +0000
Files and hashes: 1: jOBsmTZZQR2oFpHPynuOSfcKlhQ.roa (hash: HS2UqrHXUPTUg04Ke/uHXIU8tldEPiGgxWt1zu5k5H0=)
2: q9lqrojvmbTVDknsrpyuSPN4gfc.crl (hash: vAFGimou2DUA4bpRDJGUiJjOstdMzrB7SNBiXBWY4sA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/3f9619-4bd0-4aba-90e2-7c3f8c40c510/1/q9lqrojvmbTVDknsrpyuSPN4gfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/3f9619-4bd0-4aba-90e2-7c3f8c40c510/1/q9lqrojvmbTVDknsrpyuSPN4gfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/q9lqrojvmbTVDknsrpyuSPN4gfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Jul 2025 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:d5:18:b3:21:c1:cc:a8:ba:70:49:35:eb:5a:18:dc:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abd96aae88ef99b4d50e49ecae9cae48f37881f7
Validity
Not Before: Jul 4 11:00:55 2025 GMT
Not After : Jul 5 11:00:55 2025 GMT
Subject: CN=3f8a6369804af6eb95ef3961ae5438c9c88171c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:1f:9a:2e:c9:2d:76:04:93:fe:aa:b6:51:41:
5d:fb:e1:31:e4:01:fe:83:db:0c:d9:f9:7b:d9:5f:
11:61:13:4d:2c:b3:d3:27:07:67:2f:e4:aa:e8:d0:
63:bf:c4:5e:85:a7:b1:b3:74:0c:24:3c:37:b4:ef:
54:9c:95:f1:96:48:8b:5a:ab:fb:19:70:2f:d4:18:
94:a2:9a:d2:ec:2c:bd:c8:b6:63:aa:92:70:80:c7:
54:b4:ea:8a:1d:46:5d:d5:aa:3c:80:40:49:e5:e3:
86:52:a6:b1:31:f4:1f:e6:10:38:61:c4:84:99:37:
d4:49:0b:c7:28:c6:9d:2a:8c:fd:e9:40:da:fe:e6:
8c:30:71:0e:2c:f9:3c:e8:56:6a:a7:f5:66:ee:4a:
bb:2a:12:86:59:77:9d:aa:b4:fa:7b:b2:e5:b8:72:
7f:09:d5:37:bd:ea:48:87:55:ca:23:37:fd:7a:0d:
78:90:ea:f2:20:cf:13:96:24:ae:98:9a:d6:dd:cc:
64:0f:3d:b0:f6:da:27:66:a1:70:87:ca:7e:58:dc:
6a:fc:7d:8d:6a:91:00:5e:7c:14:80:33:cd:14:57:
94:f9:e6:6b:93:7b:8b:fd:bd:fe:3b:c5:18:9b:a1:
33:f0:f4:d7:a7:ca:71:3f:62:c1:99:7b:53:ce:c1:
05:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:8A:63:69:80:4A:F6:EB:95:EF:39:61:AE:54:38:C9:C8:81:71:C5
X509v3 Authority Key Identifier:
keyid:AB:D9:6A:AE:88:EF:99:B4:D5:0E:49:EC:AE:9C:AE:48:F3:78:81:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q9lqrojvmbTVDknsrpyuSPN4gfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3f9619-4bd0-4aba-90e2-7c3f8c40c510/1/q9lqrojvmbTVDknsrpyuSPN4gfc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3f9619-4bd0-4aba-90e2-7c3f8c40c510/1/q9lqrojvmbTVDknsrpyuSPN4gfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
50:99:47:15:f3:5b:22:50:29:f0:26:dd:51:da:5f:7c:c6:4b:
b1:3e:a1:dd:47:1a:9f:34:e1:df:07:1e:0a:8a:a4:47:d2:a4:
32:f4:ff:3e:68:a6:c6:fb:a6:47:88:35:18:ee:c8:fa:58:7d:
55:68:33:6a:01:71:52:f8:da:06:39:3f:f4:4e:60:93:d3:90:
fc:c7:6a:32:74:f0:5a:10:d3:92:44:a3:b4:c7:83:c1:54:6c:
a8:26:da:6b:5f:8b:4b:c2:89:e3:ef:25:d0:dc:71:6c:58:c1:
e4:2b:39:ee:5c:40:07:ee:57:ce:57:77:8d:05:5e:3d:56:1f:
d4:57:09:7f:6c:2f:81:9a:9e:99:47:d3:22:e5:4c:bf:ce:1e:
99:0b:18:e3:47:8e:8b:0c:59:be:55:14:bb:64:14:8b:c5:00:
7c:41:1c:02:d7:01:a5:95:5a:cc:93:c7:51:b4:c7:aa:bb:6a:
20:b3:51:0f:b8:56:fb:ca:a4:b4:6b:2a:3d:c2:c8:6a:6c:2c:
b4:5c:30:df:8c:2e:26:62:43:2a:d8:a2:1f:19:4f:5f:68:07:
c9:f6:a1:f1:2a:51:b4:08:94:b7:58:ac:26:30:08:a4:c5:1a:
cb:fa:09:46:cc:a8:0c:73:9f:6e:d9:47:47:a3:c7:3c:48:94:
94:a4:d5:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfVGLMhwcyounBJNetaGNwkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiZDk2YWFlODhlZjk5YjRkNTBlNDllY2FlOWNhZTQ4ZjM3
ODgxZjcwHhcNMjUwNzA0MTEwMDU1WhcNMjUwNzA1MTEwMDU1WjAzMTEwLwYDVQQD
EygzZjhhNjM2OTgwNGFmNmViOTVlZjM5NjFhZTU0MzhjOWM4ODE3MWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmB+aLsktdgST/qq2UUFd++Ex5AH+
g9sM2fl72V8RYRNNLLPTJwdnL+Sq6NBjv8Rehaexs3QMJDw3tO9UnJXxlkiLWqv7
GXAv1BiUoprS7Cy9yLZjqpJwgMdUtOqKHUZd1ao8gEBJ5eOGUqaxMfQf5hA4YcSE
mTfUSQvHKMadKoz96UDa/uaMMHEOLPk86FZqp/Vm7kq7KhKGWXedqrT6e7LluHJ/
CdU3vepIh1XKIzf9eg14kOryIM8TliSumJrW3cxkDz2w9tonZqFwh8p+WNxq/H2N
apEAXnwUgDPNFFeU+eZrk3uL/b3+O8UYm6Ez8PTXp8pxP2LBmXtTzsEFMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD+KY2mASvbrle85Ya5UOMnIgXHFMB8GA1UdIwQY
MBaAFKvZaq6I75m01Q5J7K6crkjzeIH3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTlscXJvanZtYlRWRGtuc3JweXVTUE40Z2ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zZjk2MTktNGJkMC00YWJhLTkwZTIt
N2MzZjhjNDBjNTEwLzEvcTlscXJvanZtYlRWRGtuc3JweXVTUE40Z2ZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zZjk2MTktNGJkMC00YWJhLTkwZTItN2MzZjhjNDBjNTEw
LzEvcTlscXJvanZtYlRWRGtuc3JweXVTUE40Z2ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUJlHFfNb
IlAp8CbdUdpffMZLsT6h3UcanzTh3wceCoqkR9KkMvT/PmimxvumR4g1GO7I+lh9
VWgzagFxUvjaBjk/9E5gk9OQ/MdqMnTwWhDTkkSjtMeDwVRsqCbaa1+LS8KJ4+8l
0NxxbFjB5Cs57lxAB+5Xzld3jQVePVYf1FcJf2wvgZqemUfTIuVMv84emQsY40eO
iwxZvlUUu2QUi8UAfEEcAtcBpZVazJPHUbTHqrtqILNRD7hW+8qktGsqPcLIamws
tFww34wuJmJDKtiiHxlPX2gHyfah8SpRtAiUt1isJjAIpMUay/oJRsyoDHOfbtlH
R6PHPEiUlKTVMw==
-----END CERTIFICATE-----
Generated at Fri Jul 4 17:26:15 2025 by rpki-client