Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/7bb038-01bc-4d85-9f04-d22274bba713/1/qklDGDthG-Ogd1OCUJSQBIsK1zg.mft
File: qklDGDthG-Ogd1OCUJSQBIsK1zg.mft (raw, json)
Hash identifier: E4QRN3ZC7tCoL60Ky9TgacKg7iPyuKUeUvnWsx5ezW8=
Subject key identifier: A1:CF:90:F2:80:F3:E0:13:26:F4:8A:49:D6:C4:64:8C:4F:A8:6E:6E
Authority key identifier: AA:49:43:18:3B:61:1B:E3:A0:77:53:82:50:94:90:04:8B:0A:D7:38
Certificate issuer: /CN=aa4943183b611be3a0775382509490048b0ad738
Certificate serial: 019922C379329C361C074B0C28AA2F8EE4F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qklDGDthG-Ogd1OCUJSQBIsK1zg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/7bb038-01bc-4d85-9f04-d22274bba713/1/qklDGDthG-Ogd1OCUJSQBIsK1zg.mft
Manifest number: 1674
Signing time: Sun 07 Sep 2025 06:00:59 +0000
Manifest this update: Sun 07 Sep 2025 06:00:59 +0000
Manifest next update: Mon 08 Sep 2025 06:00:59 +0000
Files and hashes: 1: _b9uzDBnaBhrr4RiKYd-HrjhIyY.roa (hash: zuVo5YCjE6oxIWEPlMV6dA4fTWapSfHiFlgPsUG/qhk=)
2: qklDGDthG-Ogd1OCUJSQBIsK1zg.crl (hash: MXKdgJ68WSxTkqcg3M0QSKO6p3UVv6ctjxrVyz8XX0A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/7bb038-01bc-4d85-9f04-d22274bba713/1/qklDGDthG-Ogd1OCUJSQBIsK1zg.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/7bb038-01bc-4d85-9f04-d22274bba713/1/qklDGDthG-Ogd1OCUJSQBIsK1zg.mft
rsync://rpki.ripe.net/repository/DEFAULT/qklDGDthG-Ogd1OCUJSQBIsK1zg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:c3:79:32:9c:36:1c:07:4b:0c:28:aa:2f:8e:e4:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa4943183b611be3a0775382509490048b0ad738
Validity
Not Before: Sep 7 06:00:59 2025 GMT
Not After : Sep 8 06:00:59 2025 GMT
Subject: CN=a1cf90f280f3e01326f48a49d6c4648c4fa86e6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:69:4f:0f:35:d6:47:e1:ff:55:27:75:b5:e2:
2f:c3:28:e0:c8:8c:69:ff:20:36:bf:cf:6c:ce:4e:
31:e5:e9:5c:1f:e0:39:65:ea:6a:e4:32:2c:79:32:
93:93:66:c7:80:74:b1:5d:f0:02:49:c3:e1:0d:2d:
b3:2d:70:9e:90:fe:54:a3:0c:79:f8:09:26:7a:ea:
1a:5e:46:d2:70:70:9c:c3:0d:ff:e6:6a:fe:b4:31:
d8:01:d7:57:09:85:d6:13:80:e8:65:f0:d9:5c:e0:
55:34:be:b0:67:81:af:bb:4f:78:19:d9:9f:4f:72:
0a:8c:8f:3a:95:dd:4f:75:7e:c5:24:96:b0:68:6a:
20:53:eb:51:35:32:6b:2f:0d:bf:71:a3:db:e3:9e:
64:84:21:b3:f1:3a:26:d3:8b:65:ee:99:af:ec:f5:
65:e2:2f:95:58:16:dc:20:e4:1a:fd:a0:74:09:7c:
ed:51:94:7c:79:0c:b7:43:85:d4:85:c5:35:1b:c3:
5a:96:3b:ef:93:7d:a8:12:42:90:b0:9b:1b:d3:b0:
b0:b6:a0:f2:55:dc:fe:45:5f:ab:e0:53:d0:84:b7:
a3:9c:3d:8e:40:55:ef:40:bc:07:7f:2e:27:2c:59:
4c:6d:31:3a:00:1e:74:3f:3e:7f:36:0b:80:f8:b4:
ed:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:CF:90:F2:80:F3:E0:13:26:F4:8A:49:D6:C4:64:8C:4F:A8:6E:6E
X509v3 Authority Key Identifier:
keyid:AA:49:43:18:3B:61:1B:E3:A0:77:53:82:50:94:90:04:8B:0A:D7:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qklDGDthG-Ogd1OCUJSQBIsK1zg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/7bb038-01bc-4d85-9f04-d22274bba713/1/qklDGDthG-Ogd1OCUJSQBIsK1zg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/7bb038-01bc-4d85-9f04-d22274bba713/1/qklDGDthG-Ogd1OCUJSQBIsK1zg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
d0:4c:10:06:63:0c:7c:11:16:da:ef:61:a3:de:8a:1d:19:ab:
07:63:9e:92:16:da:34:d2:12:77:1c:7f:8e:f6:f9:d9:40:94:
08:d3:51:ff:b0:31:5b:78:4a:2e:10:b7:1a:c0:4e:01:6e:c5:
b0:d3:72:a1:93:a6:c9:6a:d1:a2:b7:00:6c:b1:4e:be:28:f9:
0b:6e:a8:00:49:f8:44:ec:dd:2b:e1:fe:78:10:a3:31:d3:3f:
6a:76:35:33:32:12:8c:71:84:2f:7f:49:a9:b1:b4:f2:79:6e:
a7:7d:4b:6f:c5:3f:a5:51:27:42:a2:93:4e:94:fc:1c:51:d3:
eb:42:9e:48:88:8e:dc:17:7d:03:ff:28:01:59:b0:7b:63:3f:
48:20:11:a0:2a:b5:11:38:5e:a4:82:fb:5d:15:b7:37:fc:bc:
9f:05:7e:b9:76:d8:24:5f:8e:b0:a7:02:b4:03:67:b6:1a:81:
20:5e:22:dc:95:5e:fb:59:32:f5:28:8a:0f:42:f0:85:da:ce:
50:0b:84:27:d5:45:43:7a:0a:82:97:28:a5:f0:84:a2:c3:db:
6b:9c:b5:f1:eb:3b:d1:3f:4e:56:78:7f:0d:9d:18:3c:23:84:
62:3c:69:f6:0d:cd:29:c1:35:58:bb:93:d6:29:6e:3e:8d:43:
03:2e:ae:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiw3kynDYcB0sMKKovjuT3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNDk0MzE4M2I2MTFiZTNhMDc3NTM4MjUwOTQ5MDA0OGIw
YWQ3MzgwHhcNMjUwOTA3MDYwMDU5WhcNMjUwOTA4MDYwMDU5WjAzMTEwLwYDVQQD
EyhhMWNmOTBmMjgwZjNlMDEzMjZmNDhhNDlkNmM0NjQ4YzRmYTg2ZTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwmlPDzXWR+H/VSd1teIvwyjgyIxp
/yA2v89szk4x5elcH+A5Zepq5DIseTKTk2bHgHSxXfACScPhDS2zLXCekP5Uowx5
+AkmeuoaXkbScHCcww3/5mr+tDHYAddXCYXWE4DoZfDZXOBVNL6wZ4Gvu094Gdmf
T3IKjI86ld1PdX7FJJawaGogU+tRNTJrLw2/caPb455khCGz8Tom04tl7pmv7PVl
4i+VWBbcIOQa/aB0CXztUZR8eQy3Q4XUhcU1G8Naljvvk32oEkKQsJsb07CwtqDy
Vdz+RV+r4FPQhLejnD2OQFXvQLwHfy4nLFlMbTE6AB50Pz5/NguA+LTtXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKHPkPKA8+ATJvSKSdbEZIxPqG5uMB8GA1UdIwQY
MBaAFKpJQxg7YRvjoHdTglCUkASLCtc4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWtsREdEdGhHLU9nZDFPQ1VKU1FCSXNLMXpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS83YmIwMzgtMDFiYy00ZDg1LTlmMDQt
ZDIyMjc0YmJhNzEzLzEvcWtsREdEdGhHLU9nZDFPQ1VKU1FCSXNLMXpnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS83YmIwMzgtMDFiYy00ZDg1LTlmMDQtZDIyMjc0YmJhNzEz
LzEvcWtsREdEdGhHLU9nZDFPQ1VKU1FCSXNLMXpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0EwQBmMM
fBEW2u9ho96KHRmrB2OekhbaNNISdxx/jvb52UCUCNNR/7AxW3hKLhC3GsBOAW7F
sNNyoZOmyWrRorcAbLFOvij5C26oAEn4ROzdK+H+eBCjMdM/anY1MzISjHGEL39J
qbG08nlup31Lb8U/pVEnQqKTTpT8HFHT60KeSIiO3Bd9A/8oAVmwe2M/SCARoCq1
EThepIL7XRW3N/y8nwV+uXbYJF+OsKcCtANnthqBIF4i3JVe+1ky9SiKD0LwhdrO
UAuEJ9VFQ3oKgpcopfCEosPba5y18es70T9OVnh/DZ0YPCOEYjxp9g3NKcE1WLuT
1iluPo1DAy6uCQ==
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:23:00 2025 by rpki-client