Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/bb9947-172c-48b1-be8e-4c905adbf076/1/Q0XQdzx63gjUSBnjthG9KXo5idM.mft
File: Q0XQdzx63gjUSBnjthG9KXo5idM.mft (raw, json)
Hash identifier: xVxN2M/SOksRJrLyfeOUexAMSdHKdA0XrA7VgQCoeCE=
Subject key identifier: C1:FE:C3:1A:6D:1F:C0:3C:A6:38:68:A1:FF:CD:FF:53:A2:9C:66:DF
Authority key identifier: 43:45:D0:77:3C:7A:DE:08:D4:48:19:E3:B6:11:BD:29:7A:39:89:D3
Certificate issuer: /CN=4345d0773c7ade08d44819e3b611bd297a3989d3
Certificate serial: 019649D7FC931C47AB75DBC06A1FA3B6AC47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q0XQdzx63gjUSBnjthG9KXo5idM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/bb9947-172c-48b1-be8e-4c905adbf076/1/Q0XQdzx63gjUSBnjthG9KXo5idM.mft
Manifest number: 1211
Signing time: Fri 18 Apr 2025 17:00:13 +0000
Manifest this update: Fri 18 Apr 2025 17:00:13 +0000
Manifest next update: Sat 19 Apr 2025 17:00:13 +0000
Files and hashes: 1: D7IbZMa3P-hRRIAm78DqK4wNZ34.roa (hash: 3Rvd3MmyWPzVOpIFhMlT5LNPsKGSgahML9FUxKiCMwI=)
2: O7r63uTdFaICg1i90uf5cyEl-h4.roa (hash: Efs34tr8Lub/IHxUGCrqJn6lA9J8HyHyjcZJAIyTZbQ=)
3: Q0XQdzx63gjUSBnjthG9KXo5idM.crl (hash: CFWejYiGb3b9nGJrMZ4DhOdzFvuyNWbuBkN3u7lDRPc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/bb9947-172c-48b1-be8e-4c905adbf076/1/Q0XQdzx63gjUSBnjthG9KXo5idM.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/bb9947-172c-48b1-be8e-4c905adbf076/1/Q0XQdzx63gjUSBnjthG9KXo5idM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q0XQdzx63gjUSBnjthG9KXo5idM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 14:20:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:49:d7:fc:93:1c:47:ab:75:db:c0:6a:1f:a3:b6:ac:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4345d0773c7ade08d44819e3b611bd297a3989d3
Validity
Not Before: Apr 18 17:00:13 2025 GMT
Not After : Apr 19 17:00:13 2025 GMT
Subject: CN=c1fec31a6d1fc03ca63868a1ffcdff53a29c66df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:48:6c:b2:2b:b9:9d:31:59:a0:86:26:51:b5:
9d:20:32:d6:0b:bc:cf:74:82:ee:23:b8:a0:42:63:
be:59:7a:a2:fe:23:ed:49:56:87:cf:3b:7e:7a:35:
c7:00:2c:39:2d:8e:42:06:d1:d0:d6:7b:3c:62:18:
32:7f:2e:e3:94:ff:de:7c:33:26:00:02:d6:70:98:
65:2e:af:3a:73:92:47:9f:f9:6e:83:c0:2e:af:38:
bf:36:71:51:8a:a2:5a:a0:ae:ad:ac:17:78:b6:29:
bb:f5:0d:9c:02:51:4a:71:25:e5:79:3e:a3:92:21:
2b:99:e5:c4:e9:62:2a:7c:59:ee:20:7f:c6:82:9b:
96:dd:a4:0a:55:42:78:c4:54:32:e1:d5:87:4a:35:
66:97:16:69:d8:0b:c5:6f:b6:aa:a0:e7:ca:b5:ba:
fe:3d:b1:e8:a1:65:b0:2a:41:b5:58:d8:5e:63:ab:
67:5a:e0:ef:e9:e3:bc:7b:9e:a1:c1:a0:4a:c5:00:
21:f4:38:a9:47:a2:be:3e:3c:cf:6a:48:6f:12:25:
a3:f7:6a:36:d3:47:a1:52:b0:2d:f4:3d:34:bf:bb:
d7:ec:64:f2:57:c1:6b:db:54:ec:a3:f5:20:40:28:
67:e5:5b:6a:d3:ba:ea:72:4c:e3:3f:1e:eb:7c:04:
5d:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:FE:C3:1A:6D:1F:C0:3C:A6:38:68:A1:FF:CD:FF:53:A2:9C:66:DF
X509v3 Authority Key Identifier:
keyid:43:45:D0:77:3C:7A:DE:08:D4:48:19:E3:B6:11:BD:29:7A:39:89:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q0XQdzx63gjUSBnjthG9KXo5idM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/bb9947-172c-48b1-be8e-4c905adbf076/1/Q0XQdzx63gjUSBnjthG9KXo5idM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/bb9947-172c-48b1-be8e-4c905adbf076/1/Q0XQdzx63gjUSBnjthG9KXo5idM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
08:23:2a:a4:9b:2a:9f:ee:ee:ed:5b:f9:13:41:62:92:73:9f:
1d:87:51:12:3c:99:fe:a3:d2:50:47:35:fa:77:99:d1:45:64:
e4:69:6e:82:f1:ac:7f:ea:a2:d2:d2:95:56:1b:6d:88:2c:fa:
20:97:9e:bb:8e:e3:f6:bf:48:e4:72:2e:82:c5:51:a8:b6:ec:
aa:b7:0d:61:92:b4:86:03:e4:3a:95:d4:7e:ff:10:72:53:73:
4f:bc:3b:3d:97:05:f2:33:90:56:cd:8b:d5:07:88:d0:4b:22:
83:ca:c4:34:ac:2f:93:86:8b:16:f8:a0:e9:2e:1d:74:f8:a2:
1c:b2:70:fe:61:15:2a:1b:7e:c4:83:43:dc:61:67:ae:e1:01:
cd:1c:0c:41:61:86:21:12:7f:c4:06:b8:80:a1:df:b0:b5:a4:
72:db:b2:17:6c:56:eb:1a:98:bf:78:45:dd:1c:ed:ea:ed:c7:
74:6a:f8:64:6c:14:59:69:9f:b3:9c:78:14:b4:4a:57:65:62:
e9:e1:f0:c0:21:a0:24:e7:60:cf:86:7f:91:0a:e2:b4:56:7b:
e5:3f:17:40:aa:f1:63:d0:c5:b0:c2:e7:fc:58:a8:b3:75:b7:
8a:8c:7f:13:8e:18:a8:69:be:d4:e1:32:23:98:bf:65:45:a9:
64:66:50:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZJ1/yTHEerddvAah+jtqxHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNDVkMDc3M2M3YWRlMDhkNDQ4MTllM2I2MTFiZDI5N2Ez
OTg5ZDMwHhcNMjUwNDE4MTcwMDEzWhcNMjUwNDE5MTcwMDEzWjAzMTEwLwYDVQQD
EyhjMWZlYzMxYTZkMWZjMDNjYTYzODY4YTFmZmNkZmY1M2EyOWM2NmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0hssiu5nTFZoIYmUbWdIDLWC7zP
dILuI7igQmO+WXqi/iPtSVaHzzt+ejXHACw5LY5CBtHQ1ns8Yhgyfy7jlP/efDMm
AALWcJhlLq86c5JHn/lug8Aurzi/NnFRiqJaoK6trBd4tim79Q2cAlFKcSXleT6j
kiErmeXE6WIqfFnuIH/GgpuW3aQKVUJ4xFQy4dWHSjVmlxZp2AvFb7aqoOfKtbr+
PbHooWWwKkG1WNheY6tnWuDv6eO8e56hwaBKxQAh9DipR6K+PjzPakhvEiWj92o2
00ehUrAt9D00v7vX7GTyV8Fr21Tso/UgQChn5Vtq07rqckzjPx7rfARd2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMH+wxptH8A8pjhoof/N/1OinGbfMB8GA1UdIwQY
MBaAFENF0Hc8et4I1EgZ47YRvSl6OYnTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTBYUWR6eDYzZ2pVU0JuanRoRzlLWG81aWRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9iYjk5NDctMTcyYy00OGIxLWJlOGUt
NGM5MDVhZGJmMDc2LzEvUTBYUWR6eDYzZ2pVU0JuanRoRzlLWG81aWRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9iYjk5NDctMTcyYy00OGIxLWJlOGUtNGM5MDVhZGJmMDc2
LzEvUTBYUWR6eDYzZ2pVU0JuanRoRzlLWG81aWRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACCMqpJsq
n+7u7Vv5E0FiknOfHYdREjyZ/qPSUEc1+neZ0UVk5GlugvGsf+qi0tKVVhttiCz6
IJeeu47j9r9I5HIugsVRqLbsqrcNYZK0hgPkOpXUfv8QclNzT7w7PZcF8jOQVs2L
1QeI0Esig8rENKwvk4aLFvig6S4ddPiiHLJw/mEVKht+xIND3GFnruEBzRwMQWGG
IRJ/xAa4gKHfsLWkctuyF2xW6xqYv3hF3Rzt6u3HdGr4ZGwUWWmfs5x4FLRKV2Vi
6eHwwCGgJOdgz4Z/kQritFZ75T8XQKrxY9DFsMLn/Fios3W3iox/E44YqGm+1OEy
I5i/ZUWpZGZQVg==
-----END CERTIFICATE-----
Generated at Sat Apr 19 00:50:31 2025 by rpki-client