Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/304aaa-4ce5-4065-b073-26c3365153af/1/QHShwDg61esPBYjkwzlLo0AQpiE.mft
File: QHShwDg61esPBYjkwzlLo0AQpiE.mft (raw, json)
Hash identifier: bUnZ5nP0McHeiBmi/SliQkl/zErktmKOtZ0FTccVrc8=
Subject key identifier: 79:09:FD:9E:18:DB:72:70:21:85:FC:E1:04:E0:F8:4C:D1:79:35:87
Authority key identifier: 40:74:A1:C0:38:3A:D5:EB:0F:05:88:E4:C3:39:4B:A3:40:10:A6:21
Certificate issuer: /CN=4074a1c0383ad5eb0f0588e4c3394ba34010a621
Certificate serial: 019640309E6ECCE8E9FAE6347555B1369545
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QHShwDg61esPBYjkwzlLo0AQpiE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/304aaa-4ce5-4065-b073-26c3365153af/1/QHShwDg61esPBYjkwzlLo0AQpiE.mft
Manifest number: 14F5
Signing time: Wed 16 Apr 2025 20:00:50 +0000
Manifest this update: Wed 16 Apr 2025 20:00:50 +0000
Manifest next update: Thu 17 Apr 2025 20:00:50 +0000
Files and hashes: 1: DrD2EGGK8WeukKhW_YJ8LCGTR78.roa (hash: b5xoiz2oFHur8HWu35m6ElddpxbfSrT/Y2/iqOY1S6Y=)
2: IcWYNvOBamTxu6amEYkiVctQe18.roa (hash: DVw0i9jC2LodVXO+VD00rdFIuWtsdo/jV9gSa2jJOsM=)
3: QHShwDg61esPBYjkwzlLo0AQpiE.crl (hash: aRSnoQNobfACIxLQA00iPXxCYQJT5Dnn3AkMohS83kw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/304aaa-4ce5-4065-b073-26c3365153af/1/QHShwDg61esPBYjkwzlLo0AQpiE.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/304aaa-4ce5-4065-b073-26c3365153af/1/QHShwDg61esPBYjkwzlLo0AQpiE.mft
rsync://rpki.ripe.net/repository/DEFAULT/QHShwDg61esPBYjkwzlLo0AQpiE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:40:30:9e:6e:cc:e8:e9:fa:e6:34:75:55:b1:36:95:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4074a1c0383ad5eb0f0588e4c3394ba34010a621
Validity
Not Before: Apr 16 20:00:50 2025 GMT
Not After : Apr 17 20:00:50 2025 GMT
Subject: CN=7909fd9e18db72702185fce104e0f84cd1793587
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:fc:62:7e:94:5f:de:7d:5f:c3:09:0a:41:da:
60:e7:05:b3:4d:fe:fe:cb:43:85:ec:35:7e:d2:1d:
53:e8:a1:8f:7b:2f:85:77:17:45:1a:73:50:61:28:
bd:a9:98:c1:1c:45:66:b0:3c:1f:98:3f:ab:b3:3f:
2f:9a:9d:a1:db:18:b0:de:05:38:02:47:2a:02:a3:
51:a9:bc:11:c4:85:f8:f4:53:d0:2b:37:00:3d:fc:
33:dd:88:e1:30:37:9b:48:d7:50:51:42:cc:cd:3e:
a1:79:73:21:7e:24:52:01:f2:c3:fc:97:fc:66:8e:
f0:5d:cc:7e:fd:92:82:5a:47:65:a9:4f:34:4c:42:
24:4e:60:0e:05:e7:33:68:72:43:a5:14:8b:93:f3:
d1:f9:e6:8a:8d:7b:f8:95:79:f4:07:8a:d1:b9:48:
e7:7b:6c:19:54:3a:75:2d:ac:14:6f:61:56:3b:76:
2f:dc:d8:2f:e7:db:71:be:79:90:d1:b0:39:e6:9c:
9f:06:1c:92:1b:ec:50:70:81:c6:bc:48:05:08:36:
83:30:67:18:fb:38:51:46:7f:9a:10:ed:58:7b:23:
66:ff:3e:e8:c5:ed:ae:8a:ff:bf:6d:f1:9a:bf:0d:
b1:fc:a5:65:95:09:e2:22:c4:da:41:8a:8b:bd:6e:
32:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:09:FD:9E:18:DB:72:70:21:85:FC:E1:04:E0:F8:4C:D1:79:35:87
X509v3 Authority Key Identifier:
keyid:40:74:A1:C0:38:3A:D5:EB:0F:05:88:E4:C3:39:4B:A3:40:10:A6:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QHShwDg61esPBYjkwzlLo0AQpiE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/304aaa-4ce5-4065-b073-26c3365153af/1/QHShwDg61esPBYjkwzlLo0AQpiE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/304aaa-4ce5-4065-b073-26c3365153af/1/QHShwDg61esPBYjkwzlLo0AQpiE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c6:22:69:49:98:0f:d6:c6:f6:1d:76:fb:fe:e2:15:83:5d:57:
f4:51:e8:2d:05:b9:c5:f5:d4:d0:73:96:ce:a2:c6:ac:3d:0e:
23:ec:df:96:2e:42:c2:ad:0c:5e:79:72:45:ad:cc:88:c6:68:
aa:b6:1d:d5:15:22:89:ab:56:51:1e:51:6e:ce:1f:fe:2e:14:
18:65:48:30:e7:81:a2:8e:c5:f9:63:85:fe:fc:69:4c:c0:3c:
fb:5e:ab:5c:d3:a8:1f:1f:f4:6a:ec:ad:f7:63:b3:2d:ec:83:
42:2d:f9:71:ab:22:d9:4e:19:3f:83:6a:08:7d:90:d9:ac:f2:
6f:f3:95:00:30:16:ef:7d:4f:44:ed:d4:ce:9c:ff:cc:46:2a:
68:1c:92:cb:c9:23:97:71:a2:6b:ff:9a:62:89:d6:53:31:24:
c1:0f:18:ef:80:87:1d:5d:20:b8:90:f6:13:01:b2:7a:52:03:
8b:42:69:04:1e:87:b2:d1:15:4d:24:48:21:4d:59:10:da:fc:
ea:20:e6:1c:1a:c6:55:a2:24:d3:1e:f1:39:60:ea:8d:77:4f:
a8:15:63:f5:af:37:e8:b1:cb:f2:3e:85:ba:d4:79:fe:5d:33:
2b:5e:fc:04:c8:65:cc:f1:4d:48:09:cd:1c:d3:ce:fc:51:c6:
70:df:9b:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZAMJ5uzOjp+uY0dVWxNpVFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNzRhMWMwMzgzYWQ1ZWIwZjA1ODhlNGMzMzk0YmEzNDAx
MGE2MjEwHhcNMjUwNDE2MjAwMDUwWhcNMjUwNDE3MjAwMDUwWjAzMTEwLwYDVQQD
Eyg3OTA5ZmQ5ZTE4ZGI3MjcwMjE4NWZjZTEwNGUwZjg0Y2QxNzkzNTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/xifpRf3n1fwwkKQdpg5wWzTf7+
y0OF7DV+0h1T6KGPey+FdxdFGnNQYSi9qZjBHEVmsDwfmD+rsz8vmp2h2xiw3gU4
AkcqAqNRqbwRxIX49FPQKzcAPfwz3YjhMDebSNdQUULMzT6heXMhfiRSAfLD/Jf8
Zo7wXcx+/ZKCWkdlqU80TEIkTmAOBeczaHJDpRSLk/PR+eaKjXv4lXn0B4rRuUjn
e2wZVDp1LawUb2FWO3Yv3Ngv59txvnmQ0bA55pyfBhySG+xQcIHGvEgFCDaDMGcY
+zhRRn+aEO1YeyNm/z7oxe2uiv+/bfGavw2x/KVllQniIsTaQYqLvW4y6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHkJ/Z4Y23JwIYX84QTg+EzReTWHMB8GA1UdIwQY
MBaAFEB0ocA4OtXrDwWI5MM5S6NAEKYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUhTaHdEZzYxZXNQQllqa3d6bExvMEFRcGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8zMDRhYWEtNGNlNS00MDY1LWIwNzMt
MjZjMzM2NTE1M2FmLzEvUUhTaHdEZzYxZXNQQllqa3d6bExvMEFRcGlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi8zMDRhYWEtNGNlNS00MDY1LWIwNzMtMjZjMzM2NTE1M2Fm
LzEvUUhTaHdEZzYxZXNQQllqa3d6bExvMEFRcGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxiJpSZgP
1sb2HXb7/uIVg11X9FHoLQW5xfXU0HOWzqLGrD0OI+zfli5Cwq0MXnlyRa3MiMZo
qrYd1RUiiatWUR5Rbs4f/i4UGGVIMOeBoo7F+WOF/vxpTMA8+16rXNOoHx/0auyt
92OzLeyDQi35casi2U4ZP4NqCH2Q2azyb/OVADAW731PRO3Uzpz/zEYqaBySy8kj
l3Gia/+aYonWUzEkwQ8Y74CHHV0guJD2EwGyelIDi0JpBB6HstEVTSRIIU1ZENr8
6iDmHBrGVaIk0x7xOWDqjXdPqBVj9a836LHL8j6FutR5/l0zK178BMhlzPFNSAnN
HNPO/FHGcN+bHQ==
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:47:59 2025 by rpki-client