Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/bb9947-172c-48b1-be8e-4c905adbf076/1/Q0XQdzx63gjUSBnjthG9KXo5idM.mft
File: Q0XQdzx63gjUSBnjthG9KXo5idM.mft (raw, json)
Hash identifier: D9BBkHFWsHvqFz+UJI9Na4ZnbbLwdyggQFWJdUek8g8=
Subject key identifier: 2D:B5:1F:C2:8A:52:BB:ED:0F:30:9D:29:8C:D2:F3:3F:2D:56:47:6F
Authority key identifier: 43:45:D0:77:3C:7A:DE:08:D4:48:19:E3:B6:11:BD:29:7A:39:89:D3
Certificate issuer: /CN=4345d0773c7ade08d44819e3b611bd297a3989d3
Certificate serial: 019746D4AAA4F860F9F9A3D8B65D5C2C95B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q0XQdzx63gjUSBnjthG9KXo5idM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/bb9947-172c-48b1-be8e-4c905adbf076/1/Q0XQdzx63gjUSBnjthG9KXo5idM.mft
Manifest number: 1294
Signing time: Fri 06 Jun 2025 20:00:31 +0000
Manifest this update: Fri 06 Jun 2025 20:00:31 +0000
Manifest next update: Sat 07 Jun 2025 20:00:31 +0000
Files and hashes: 1: D7IbZMa3P-hRRIAm78DqK4wNZ34.roa (hash: 3Rvd3MmyWPzVOpIFhMlT5LNPsKGSgahML9FUxKiCMwI=)
2: O7r63uTdFaICg1i90uf5cyEl-h4.roa (hash: Efs34tr8Lub/IHxUGCrqJn6lA9J8HyHyjcZJAIyTZbQ=)
3: Q0XQdzx63gjUSBnjthG9KXo5idM.crl (hash: V773N+TD2+mnl4shxRSeBgYK6iJI3DzZb+cTvfBlFTM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/bb9947-172c-48b1-be8e-4c905adbf076/1/Q0XQdzx63gjUSBnjthG9KXo5idM.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/bb9947-172c-48b1-be8e-4c905adbf076/1/Q0XQdzx63gjUSBnjthG9KXo5idM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q0XQdzx63gjUSBnjthG9KXo5idM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 20:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:46:d4:aa:a4:f8:60:f9:f9:a3:d8:b6:5d:5c:2c:95:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4345d0773c7ade08d44819e3b611bd297a3989d3
Validity
Not Before: Jun 6 20:00:31 2025 GMT
Not After : Jun 7 20:00:31 2025 GMT
Subject: CN=2db51fc28a52bbed0f309d298cd2f33f2d56476f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:cd:79:c0:17:60:35:a2:ad:9b:b0:9f:c2:d9:
b7:db:c1:2b:44:1d:7d:6d:b5:1b:29:af:ef:bc:b4:
bc:e6:4b:cd:de:87:b3:92:d6:3f:a3:c9:12:9f:15:
9b:87:48:af:14:3d:9b:8e:4e:36:23:a6:2c:da:86:
bc:32:38:ce:f8:5f:24:1d:8b:e5:30:52:d4:cc:6d:
bf:50:a6:6c:a7:cb:69:de:01:3b:2a:b8:55:69:a3:
c5:9c:98:54:85:fa:96:7d:d4:a8:26:12:03:e3:56:
71:b0:3c:71:f7:eb:fd:ff:77:cd:8f:a8:1e:30:4c:
87:eb:50:52:8d:b1:37:03:7c:49:30:62:68:6c:9f:
69:09:74:d1:2f:4a:88:66:ae:8b:7f:46:46:04:98:
eb:c1:b8:6d:f0:1c:7c:73:44:fa:7e:26:6a:9b:83:
40:89:6b:c9:b2:69:ae:86:e1:42:38:20:03:f5:2b:
2f:95:ac:38:cb:04:c1:9f:86:69:03:6e:77:3d:30:
44:54:0a:04:29:66:c1:f6:58:75:a8:76:1b:d3:89:
69:50:63:b7:7d:60:15:22:3b:69:ec:48:3d:ac:c7:
ab:e1:73:03:39:ff:86:50:98:3b:ce:25:57:6e:a0:
e4:c5:94:53:db:07:fc:64:d9:5c:48:46:f2:be:c7:
96:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:B5:1F:C2:8A:52:BB:ED:0F:30:9D:29:8C:D2:F3:3F:2D:56:47:6F
X509v3 Authority Key Identifier:
keyid:43:45:D0:77:3C:7A:DE:08:D4:48:19:E3:B6:11:BD:29:7A:39:89:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q0XQdzx63gjUSBnjthG9KXo5idM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/bb9947-172c-48b1-be8e-4c905adbf076/1/Q0XQdzx63gjUSBnjthG9KXo5idM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/bb9947-172c-48b1-be8e-4c905adbf076/1/Q0XQdzx63gjUSBnjthG9KXo5idM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
99:c4:42:bd:03:3a:3c:0c:82:14:c7:eb:e3:ec:72:0f:d1:84:
4e:92:f5:27:93:13:79:51:5b:93:84:bb:2b:a2:ef:de:5e:7c:
3b:15:43:f5:f4:f3:84:ec:8b:3a:12:8e:e8:db:8a:c8:b8:e3:
6d:a8:27:13:b2:ca:4d:0c:b9:89:b1:d5:94:c3:37:8c:2f:88:
5e:1c:a4:a0:3c:ad:4d:45:97:16:6c:ce:c1:58:fe:78:e2:55:
f1:95:83:2a:59:74:ab:77:bf:34:77:c8:c2:a6:e2:54:3c:18:
c0:19:3c:17:84:2a:82:12:d1:bc:c8:bc:fa:a6:ad:67:99:fa:
18:2e:7c:12:2c:6a:80:f7:f8:76:30:d2:67:3d:df:35:c2:9a:
cf:72:73:e9:3f:6e:2f:11:03:f5:55:4e:00:79:99:4e:ae:cb:
6f:96:55:9d:64:ba:bd:d8:49:a0:9f:d7:c7:59:d1:ce:6a:5e:
00:a0:5c:47:bb:a6:22:bc:db:0c:d8:45:a3:16:1b:da:55:97:
40:68:14:03:b9:eb:cf:9c:c2:85:82:ba:60:ce:50:68:c1:85:
ac:13:e2:d2:f9:b0:ec:f0:2d:75:fe:10:b8:3a:6a:03:8b:90:
65:44:a3:cc:9d:07:64:7b:06:ec:c6:c0:65:20:5d:ac:07:2b:
97:f9:6b:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdG1Kqk+GD5+aPYtl1cLJW3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNDVkMDc3M2M3YWRlMDhkNDQ4MTllM2I2MTFiZDI5N2Ez
OTg5ZDMwHhcNMjUwNjA2MjAwMDMxWhcNMjUwNjA3MjAwMDMxWjAzMTEwLwYDVQQD
EygyZGI1MWZjMjhhNTJiYmVkMGYzMDlkMjk4Y2QyZjMzZjJkNTY0NzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsM15wBdgNaKtm7Cfwtm328ErRB19
bbUbKa/vvLS85kvN3oezktY/o8kSnxWbh0ivFD2bjk42I6Ys2oa8MjjO+F8kHYvl
MFLUzG2/UKZsp8tp3gE7KrhVaaPFnJhUhfqWfdSoJhID41ZxsDxx9+v9/3fNj6ge
MEyH61BSjbE3A3xJMGJobJ9pCXTRL0qIZq6Lf0ZGBJjrwbht8Bx8c0T6fiZqm4NA
iWvJsmmuhuFCOCAD9Ssvlaw4ywTBn4ZpA253PTBEVAoEKWbB9lh1qHYb04lpUGO3
fWAVIjtp7Eg9rMer4XMDOf+GUJg7ziVXbqDkxZRT2wf8ZNlcSEbyvseWFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC21H8KKUrvtDzCdKYzS8z8tVkdvMB8GA1UdIwQY
MBaAFENF0Hc8et4I1EgZ47YRvSl6OYnTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTBYUWR6eDYzZ2pVU0JuanRoRzlLWG81aWRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9iYjk5NDctMTcyYy00OGIxLWJlOGUt
NGM5MDVhZGJmMDc2LzEvUTBYUWR6eDYzZ2pVU0JuanRoRzlLWG81aWRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9iYjk5NDctMTcyYy00OGIxLWJlOGUtNGM5MDVhZGJmMDc2
LzEvUTBYUWR6eDYzZ2pVU0JuanRoRzlLWG81aWRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmcRCvQM6
PAyCFMfr4+xyD9GETpL1J5MTeVFbk4S7K6Lv3l58OxVD9fTzhOyLOhKO6NuKyLjj
bagnE7LKTQy5ibHVlMM3jC+IXhykoDytTUWXFmzOwVj+eOJV8ZWDKll0q3e/NHfI
wqbiVDwYwBk8F4QqghLRvMi8+qatZ5n6GC58EixqgPf4djDSZz3fNcKaz3Jz6T9u
LxED9VVOAHmZTq7Lb5ZVnWS6vdhJoJ/Xx1nRzmpeAKBcR7umIrzbDNhFoxYb2lWX
QGgUA7nrz5zChYK6YM5QaMGFrBPi0vmw7PAtdf4QuDpqA4uQZUSjzJ0HZHsG7MbA
ZSBdrAcrl/lrAQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 03:30:10 2025 by rpki-client