Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/bb9947-172c-48b1-be8e-4c905adbf076/1/Q0XQdzx63gjUSBnjthG9KXo5idM.mft
File: Q0XQdzx63gjUSBnjthG9KXo5idM.mft (raw, json)
Hash identifier: p7utSWhdYEdNxkOprJugxxAC4fFypqOzmC8k711AQgY=
Subject key identifier: 8A:1E:F1:2D:70:2B:01:EF:AD:B3:23:0E:84:14:E2:39:D0:33:5C:56
Authority key identifier: 43:45:D0:77:3C:7A:DE:08:D4:48:19:E3:B6:11:BD:29:7A:39:89:D3
Certificate issuer: /CN=4345d0773c7ade08d44819e3b611bd297a3989d3
Certificate serial: 0199165181244382F3B23A0F74A9084146BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q0XQdzx63gjUSBnjthG9KXo5idM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/bb9947-172c-48b1-be8e-4c905adbf076/1/Q0XQdzx63gjUSBnjthG9KXo5idM.mft
Manifest number: 1384
Signing time: Thu 04 Sep 2025 20:01:04 +0000
Manifest this update: Thu 04 Sep 2025 20:01:04 +0000
Manifest next update: Fri 05 Sep 2025 20:01:04 +0000
Files and hashes: 1: D7IbZMa3P-hRRIAm78DqK4wNZ34.roa (hash: 3Rvd3MmyWPzVOpIFhMlT5LNPsKGSgahML9FUxKiCMwI=)
2: O7r63uTdFaICg1i90uf5cyEl-h4.roa (hash: Efs34tr8Lub/IHxUGCrqJn6lA9J8HyHyjcZJAIyTZbQ=)
3: Q0XQdzx63gjUSBnjthG9KXo5idM.crl (hash: uRJ1Ugs3KO6oatjpDYpHuESUYQsdohGisDAXJc4n0vk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/bb9947-172c-48b1-be8e-4c905adbf076/1/Q0XQdzx63gjUSBnjthG9KXo5idM.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/bb9947-172c-48b1-be8e-4c905adbf076/1/Q0XQdzx63gjUSBnjthG9KXo5idM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q0XQdzx63gjUSBnjthG9KXo5idM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Sep 2025 19:46:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:16:51:81:24:43:82:f3:b2:3a:0f:74:a9:08:41:46:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4345d0773c7ade08d44819e3b611bd297a3989d3
Validity
Not Before: Sep 4 20:01:04 2025 GMT
Not After : Sep 5 20:01:04 2025 GMT
Subject: CN=8a1ef12d702b01efadb3230e8414e239d0335c56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:bd:7e:7d:c9:c8:92:e8:21:4e:b6:b9:74:c9:
d0:55:af:07:08:6c:06:c1:0b:ab:31:19:2b:8c:3a:
d4:ee:a5:3b:1e:7b:a5:c5:0c:3a:91:78:4f:56:1a:
bb:7d:45:44:5f:94:3f:9f:27:18:ce:8a:ae:d2:ff:
14:10:b4:33:f0:a8:63:1e:e5:5a:39:f0:3a:c6:e4:
a4:6c:54:54:6b:e9:e2:f1:45:ac:24:71:41:7c:aa:
78:88:71:09:8a:90:98:cc:4d:3d:06:8b:a9:70:36:
58:0b:bc:a3:4f:e8:f8:ee:37:db:84:4f:a5:56:d1:
24:74:e1:52:f0:01:90:55:58:8c:f7:4b:95:33:78:
cd:c2:ae:e1:10:ef:63:0f:5f:30:e2:28:41:08:f4:
00:9c:36:78:4e:d4:69:45:b9:f5:55:dd:f9:14:0b:
61:65:13:c2:6e:2f:61:a3:18:ac:60:5f:4a:4e:29:
a5:39:5f:bc:3e:56:3f:c3:b8:8c:be:6b:bf:e0:b6:
7e:ed:7d:0a:d7:21:30:23:9a:80:5b:ac:bd:b0:ca:
17:e3:48:85:97:c8:35:cd:f0:6c:8d:3c:d6:53:25:
b0:0b:54:52:b7:01:3c:bf:e9:4d:1b:30:53:27:8a:
b3:cb:ff:56:26:04:5d:06:84:dc:58:2c:6c:90:d2:
2d:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:1E:F1:2D:70:2B:01:EF:AD:B3:23:0E:84:14:E2:39:D0:33:5C:56
X509v3 Authority Key Identifier:
keyid:43:45:D0:77:3C:7A:DE:08:D4:48:19:E3:B6:11:BD:29:7A:39:89:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q0XQdzx63gjUSBnjthG9KXo5idM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/bb9947-172c-48b1-be8e-4c905adbf076/1/Q0XQdzx63gjUSBnjthG9KXo5idM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/bb9947-172c-48b1-be8e-4c905adbf076/1/Q0XQdzx63gjUSBnjthG9KXo5idM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b3:8e:67:10:8b:2f:4d:0a:3d:0b:69:5c:a9:a3:77:46:f1:42:
fd:9e:82:e7:c4:f5:74:73:cf:fb:f3:88:4b:3d:ec:ab:b3:22:
96:04:db:58:29:fe:ba:54:e2:a8:18:48:d7:f1:e6:b5:86:64:
da:c9:01:91:b2:67:22:cb:40:40:f7:4c:8e:c1:61:9b:db:41:
8e:24:64:b5:2f:d5:df:bc:79:22:60:62:42:ec:e5:b7:f3:e1:
97:3b:de:96:ca:ad:0d:a2:06:59:d7:0c:c4:30:4a:bd:fb:b7:
88:2c:86:67:73:60:4a:f6:e6:12:8d:35:e5:26:6a:1e:97:6d:
bb:d6:92:ac:91:1c:4d:c0:d7:ca:d4:9e:ca:22:e4:43:48:5b:
79:98:87:83:8b:7c:02:bf:75:63:56:62:68:4b:fc:b3:64:f7:
0e:14:64:49:6e:8a:ec:55:f4:12:c1:ab:b2:57:ee:c3:82:98:
b8:1c:7b:3a:d5:0d:07:80:d6:09:e6:b8:36:e6:69:40:2b:85:
2c:80:9f:f1:bd:c6:3c:3f:69:69:ec:1a:8f:40:db:1f:eb:b6:
eb:b7:23:e3:2d:3a:6c:35:27:c1:1d:a6:6b:80:a7:f1:c9:d4:
8f:20:ca:db:b4:2d:3f:a0:fe:fb:c6:13:fd:59:c8:4f:20:54:
67:1a:ea:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkWUYEkQ4LzsjoPdKkIQUa/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNDVkMDc3M2M3YWRlMDhkNDQ4MTllM2I2MTFiZDI5N2Ez
OTg5ZDMwHhcNMjUwOTA0MjAwMTA0WhcNMjUwOTA1MjAwMTA0WjAzMTEwLwYDVQQD
Eyg4YTFlZjEyZDcwMmIwMWVmYWRiMzIzMGU4NDE0ZTIzOWQwMzM1YzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsb1+fcnIkughTra5dMnQVa8HCGwG
wQurMRkrjDrU7qU7HnulxQw6kXhPVhq7fUVEX5Q/nycYzoqu0v8UELQz8KhjHuVa
OfA6xuSkbFRUa+ni8UWsJHFBfKp4iHEJipCYzE09BoupcDZYC7yjT+j47jfbhE+l
VtEkdOFS8AGQVViM90uVM3jNwq7hEO9jD18w4ihBCPQAnDZ4TtRpRbn1Vd35FAth
ZRPCbi9hoxisYF9KTimlOV+8PlY/w7iMvmu/4LZ+7X0K1yEwI5qAW6y9sMoX40iF
l8g1zfBsjTzWUyWwC1RStwE8v+lNGzBTJ4qzy/9WJgRdBoTcWCxskNItdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIoe8S1wKwHvrbMjDoQU4jnQM1xWMB8GA1UdIwQY
MBaAFENF0Hc8et4I1EgZ47YRvSl6OYnTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTBYUWR6eDYzZ2pVU0JuanRoRzlLWG81aWRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9iYjk5NDctMTcyYy00OGIxLWJlOGUt
NGM5MDVhZGJmMDc2LzEvUTBYUWR6eDYzZ2pVU0JuanRoRzlLWG81aWRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9iYjk5NDctMTcyYy00OGIxLWJlOGUtNGM5MDVhZGJmMDc2
LzEvUTBYUWR6eDYzZ2pVU0JuanRoRzlLWG81aWRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs45nEIsv
TQo9C2lcqaN3RvFC/Z6C58T1dHPP+/OISz3sq7MilgTbWCn+ulTiqBhI1/HmtYZk
2skBkbJnIstAQPdMjsFhm9tBjiRktS/V37x5ImBiQuzlt/PhlzvelsqtDaIGWdcM
xDBKvfu3iCyGZ3NgSvbmEo015SZqHpdtu9aSrJEcTcDXytSeyiLkQ0hbeZiHg4t8
Ar91Y1ZiaEv8s2T3DhRkSW6K7FX0EsGrslfuw4KYuBx7OtUNB4DWCea4NuZpQCuF
LICf8b3GPD9paewaj0DbH+u267cj4y06bDUnwR2ma4Cn8cnUjyDK27QtP6D++8YT
/VnITyBUZxrqVw==
-----END CERTIFICATE-----
Generated at Fri Sep 5 04:27:17 2025 by rpki-client