Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/0e1f91-c3ed-435d-a45f-23ac758048ec/1/q3ukNXZmdmStbymmZicOM1eDbxo.mft
File: q3ukNXZmdmStbymmZicOM1eDbxo.mft (raw, json)
Hash identifier: Z0GYWTh3pYa8U29losibz943NnVdrRkv/SC3Jqgc+AM=
Subject key identifier: CD:39:96:80:1E:A5:7A:5C:1F:60:CF:60:15:40:DD:FC:6A:D7:0C:45
Authority key identifier: AB:7B:A4:35:76:66:76:64:AD:6F:29:A6:66:27:0E:33:57:83:6F:1A
Certificate issuer: /CN=ab7ba43576667664ad6f29a666270e3357836f1a
Certificate serial: 019749682A0D24F53FAD21B1EF486E4B41CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3ukNXZmdmStbymmZicOM1eDbxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/0e1f91-c3ed-435d-a45f-23ac758048ec/1/q3ukNXZmdmStbymmZicOM1eDbxo.mft
Manifest number: 157F
Signing time: Sat 07 Jun 2025 08:00:52 +0000
Manifest this update: Sat 07 Jun 2025 08:00:52 +0000
Manifest next update: Sun 08 Jun 2025 08:00:52 +0000
Files and hashes: 1: q3ukNXZmdmStbymmZicOM1eDbxo.crl (hash: 3h73py8gbI8OjdMriDiKyOmS/FosakXxX9DsLxbkE5c=)
2: rFtQ52vnm-Gf2JN4L6yb0DTiUgw.roa (hash: U6PLdhl9fIkfcENijAv37MSFDTY2VRfS2bCNJb0dRIc=)
3: z4h6VOta7nlktuKCkK1-Zw-1S8Q.roa (hash: XA8aL+R7cIm6KIZ8pt2+mp6cPL138KkhjyZFmjM+7SU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/0e1f91-c3ed-435d-a45f-23ac758048ec/1/q3ukNXZmdmStbymmZicOM1eDbxo.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/0e1f91-c3ed-435d-a45f-23ac758048ec/1/q3ukNXZmdmStbymmZicOM1eDbxo.mft
rsync://rpki.ripe.net/repository/DEFAULT/q3ukNXZmdmStbymmZicOM1eDbxo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 08:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:49:68:2a:0d:24:f5:3f:ad:21:b1:ef:48:6e:4b:41:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab7ba43576667664ad6f29a666270e3357836f1a
Validity
Not Before: Jun 7 08:00:52 2025 GMT
Not After : Jun 8 08:00:52 2025 GMT
Subject: CN=cd3996801ea57a5c1f60cf601540ddfc6ad70c45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:87:b1:cb:ad:3d:5e:74:9d:2c:57:c4:ec:f3:
65:aa:1e:ba:49:2b:04:5d:23:4c:31:3a:9b:84:7e:
8e:84:3d:ec:fe:f0:cc:70:c4:df:a4:c3:1d:87:55:
61:11:7c:2f:f7:38:ed:76:cf:28:f0:b3:d8:43:4b:
70:49:c2:8c:d0:09:df:28:08:ae:06:f1:93:d9:6e:
09:63:5a:10:20:63:6b:b4:b5:3c:e4:e6:84:23:f6:
08:9f:39:59:4d:07:68:3a:a9:ac:cd:c3:a1:dc:46:
6f:6d:3b:15:06:52:3b:8c:48:55:76:5a:a2:30:da:
96:6c:e7:7b:3c:3c:88:1b:94:e3:f5:24:13:f6:b2:
ca:63:95:74:38:45:05:f2:b9:84:08:13:5c:74:85:
73:3d:34:80:f0:a4:2d:21:e9:6b:4a:ad:30:40:49:
e7:76:55:58:fc:18:7c:09:70:65:8e:99:43:3b:b8:
85:bf:60:00:7d:dd:b5:3a:7f:ef:ba:06:48:7e:07:
35:43:71:17:8d:5c:65:05:2f:77:ee:9c:df:b6:ad:
65:97:e4:97:64:e8:db:8c:39:58:ad:4f:52:6a:b0:
bb:7f:9f:86:65:3e:e5:3e:60:71:9d:b0:0f:0f:52:
5d:af:e0:62:58:cc:0b:4f:81:7c:21:eb:2d:ec:36:
0d:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:39:96:80:1E:A5:7A:5C:1F:60:CF:60:15:40:DD:FC:6A:D7:0C:45
X509v3 Authority Key Identifier:
keyid:AB:7B:A4:35:76:66:76:64:AD:6F:29:A6:66:27:0E:33:57:83:6F:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3ukNXZmdmStbymmZicOM1eDbxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/0e1f91-c3ed-435d-a45f-23ac758048ec/1/q3ukNXZmdmStbymmZicOM1eDbxo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/0e1f91-c3ed-435d-a45f-23ac758048ec/1/q3ukNXZmdmStbymmZicOM1eDbxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0b:3f:61:09:52:49:b5:4f:bb:c2:38:fc:c9:5d:c5:a8:b4:b0:
fb:75:4a:d7:a6:21:fb:85:3f:bc:1a:e4:25:ae:da:d3:d2:3c:
46:f7:bb:68:13:c0:ba:eb:ab:09:28:24:1f:37:f9:37:85:05:
46:83:5d:59:77:36:b5:0f:ab:b3:d1:88:04:ec:ac:c4:14:3d:
07:d8:c4:9b:89:f5:fd:59:76:8d:17:6f:4b:f2:04:63:27:d8:
74:d3:61:d2:0b:6b:67:d1:a1:dc:a8:bd:df:e8:8c:b3:15:24:
ba:dd:5e:c8:0c:84:3e:32:87:2d:93:9a:2b:9e:7a:2e:62:29:
0b:91:4a:3b:fc:55:42:a7:87:4f:94:15:61:a5:95:f6:72:00:
25:f4:23:53:ef:a8:ef:90:13:d0:a3:d3:f6:ad:94:fa:1e:5b:
9b:cb:79:7d:6b:1f:f3:5c:b5:91:f2:b7:01:88:61:00:32:3f:
6e:8c:96:54:f9:a2:0b:c0:7b:82:7a:ce:1d:d9:7a:17:22:83:
c8:df:34:11:1f:4e:5d:6a:77:c1:87:20:ff:b3:b5:ba:a9:4d:
90:65:f6:78:f0:48:33:5c:09:95:35:a2:a6:ab:cb:69:f8:b3:
ca:2c:b3:cd:d2:2b:ca:cd:0e:93:48:22:68:66:18:63:69:98:
36:4d:9d:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJaCoNJPU/rSGx70huS0HNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiN2JhNDM1NzY2Njc2NjRhZDZmMjlhNjY2MjcwZTMzNTc4
MzZmMWEwHhcNMjUwNjA3MDgwMDUyWhcNMjUwNjA4MDgwMDUyWjAzMTEwLwYDVQQD
EyhjZDM5OTY4MDFlYTU3YTVjMWY2MGNmNjAxNTQwZGRmYzZhZDcwYzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4oexy609XnSdLFfE7PNlqh66SSsE
XSNMMTqbhH6OhD3s/vDMcMTfpMMdh1VhEXwv9zjtds8o8LPYQ0twScKM0AnfKAiu
BvGT2W4JY1oQIGNrtLU85OaEI/YInzlZTQdoOqmszcOh3EZvbTsVBlI7jEhVdlqi
MNqWbOd7PDyIG5Tj9SQT9rLKY5V0OEUF8rmECBNcdIVzPTSA8KQtIelrSq0wQEnn
dlVY/Bh8CXBljplDO7iFv2AAfd21On/vugZIfgc1Q3EXjVxlBS937pzftq1ll+SX
ZOjbjDlYrU9SarC7f5+GZT7lPmBxnbAPD1Jdr+BiWMwLT4F8Iest7DYNXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM05loAepXpcH2DPYBVA3fxq1wxFMB8GA1UdIwQY
MBaAFKt7pDV2ZnZkrW8ppmYnDjNXg28aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTN1a05YWm1kbVN0YnltbVppY09NMWVEYnhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My8wZTFmOTEtYzNlZC00MzVkLWE0NWYt
MjNhYzc1ODA0OGVjLzEvcTN1a05YWm1kbVN0YnltbVppY09NMWVEYnhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My8wZTFmOTEtYzNlZC00MzVkLWE0NWYtMjNhYzc1ODA0OGVj
LzEvcTN1a05YWm1kbVN0YnltbVppY09NMWVEYnhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACz9hCVJJ
tU+7wjj8yV3FqLSw+3VK16Yh+4U/vBrkJa7a09I8Rve7aBPAuuurCSgkHzf5N4UF
RoNdWXc2tQ+rs9GIBOysxBQ9B9jEm4n1/Vl2jRdvS/IEYyfYdNNh0gtrZ9Gh3Ki9
3+iMsxUkut1eyAyEPjKHLZOaK556LmIpC5FKO/xVQqeHT5QVYaWV9nIAJfQjU++o
75AT0KPT9q2U+h5bm8t5fWsf81y1kfK3AYhhADI/boyWVPmiC8B7gnrOHdl6FyKD
yN80ER9OXWp3wYcg/7O1uqlNkGX2ePBIM1wJlTWipqvLafizyiyzzdIrys0Ok0gi
aGYYY2mYNk2d2A==
-----END CERTIFICATE-----
Generated at Sat Jun 7 15:30:58 2025 by rpki-client