Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/304aaa-4ce5-4065-b073-26c3365153af/1/QHShwDg61esPBYjkwzlLo0AQpiE.mft
File: QHShwDg61esPBYjkwzlLo0AQpiE.mft (raw, json)
Hash identifier: 7eiDMz8B/fAAV3S4Ve9DiGCWO8XrBl+4LltcvCFRQ7c=
Subject key identifier: 64:D5:E5:9A:1F:A9:50:11:2E:26:F4:22:2A:81:E7:16:C7:5D:6F:13
Authority key identifier: 40:74:A1:C0:38:3A:D5:EB:0F:05:88:E4:C3:39:4B:A3:40:10:A6:21
Certificate issuer: /CN=4074a1c0383ad5eb0f0588e4c3394ba34010a621
Certificate serial: 0197564824D32DB5ADC89011873450C372CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QHShwDg61esPBYjkwzlLo0AQpiE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/304aaa-4ce5-4065-b073-26c3365153af/1/QHShwDg61esPBYjkwzlLo0AQpiE.mft
Manifest number: 1585
Signing time: Mon 09 Jun 2025 20:00:57 +0000
Manifest this update: Mon 09 Jun 2025 20:00:57 +0000
Manifest next update: Tue 10 Jun 2025 20:00:57 +0000
Files and hashes: 1: DrD2EGGK8WeukKhW_YJ8LCGTR78.roa (hash: b5xoiz2oFHur8HWu35m6ElddpxbfSrT/Y2/iqOY1S6Y=)
2: IcWYNvOBamTxu6amEYkiVctQe18.roa (hash: DVw0i9jC2LodVXO+VD00rdFIuWtsdo/jV9gSa2jJOsM=)
3: QHShwDg61esPBYjkwzlLo0AQpiE.crl (hash: SnIb/Oq3r0h1NvBwt8G19rcDbjpF+LIib1ZM/5EHw18=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/304aaa-4ce5-4065-b073-26c3365153af/1/QHShwDg61esPBYjkwzlLo0AQpiE.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/304aaa-4ce5-4065-b073-26c3365153af/1/QHShwDg61esPBYjkwzlLo0AQpiE.mft
rsync://rpki.ripe.net/repository/DEFAULT/QHShwDg61esPBYjkwzlLo0AQpiE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 10 Jun 2025 19:25:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:56:48:24:d3:2d:b5:ad:c8:90:11:87:34:50:c3:72:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4074a1c0383ad5eb0f0588e4c3394ba34010a621
Validity
Not Before: Jun 9 20:00:57 2025 GMT
Not After : Jun 10 20:00:57 2025 GMT
Subject: CN=64d5e59a1fa950112e26f4222a81e716c75d6f13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:27:f9:36:a4:4a:93:fc:15:e4:ed:ed:01:1c:
1d:55:92:03:83:cc:87:73:d0:95:60:12:a8:86:e8:
0c:66:45:32:eb:2f:4b:d3:ba:17:b8:5c:50:c4:89:
a7:e6:b8:6c:c9:82:2d:af:7b:ec:03:76:b5:44:20:
30:15:05:d7:be:bd:18:79:da:d1:cf:47:de:41:85:
46:53:2e:34:a2:c5:c7:70:39:59:36:e1:7a:a2:26:
94:4a:b7:fa:64:1b:06:50:8d:73:94:5d:b4:55:9b:
6a:97:ee:db:c1:4e:a8:cc:e9:fd:5f:3d:02:f1:6b:
ff:fb:4c:9b:cc:6f:f4:dd:f8:d9:d3:35:cb:d4:a1:
d4:ba:c5:6d:de:12:0a:f8:b7:10:aa:7e:a1:fd:50:
f9:72:77:55:56:ac:14:0f:2c:54:e6:b7:d8:6d:14:
9a:b3:0b:ad:5c:65:88:2e:b2:f3:de:2e:f0:01:6c:
06:f1:55:0e:59:10:13:a7:a7:c6:8b:4a:9d:56:db:
82:22:3b:8b:ff:fc:f8:c7:d8:b3:a1:1f:1f:b2:43:
88:7f:ae:01:3d:a0:7b:b5:61:10:4b:f4:b7:af:a1:
51:95:e2:5a:04:50:39:ea:72:61:4f:1f:12:58:b4:
ae:17:3c:4e:b0:6c:d3:2e:88:af:f9:c8:8f:f9:d5:
eb:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:D5:E5:9A:1F:A9:50:11:2E:26:F4:22:2A:81:E7:16:C7:5D:6F:13
X509v3 Authority Key Identifier:
keyid:40:74:A1:C0:38:3A:D5:EB:0F:05:88:E4:C3:39:4B:A3:40:10:A6:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QHShwDg61esPBYjkwzlLo0AQpiE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/304aaa-4ce5-4065-b073-26c3365153af/1/QHShwDg61esPBYjkwzlLo0AQpiE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/304aaa-4ce5-4065-b073-26c3365153af/1/QHShwDg61esPBYjkwzlLo0AQpiE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
80:c6:9b:23:7f:b2:1f:29:68:2e:f6:2a:18:0d:fc:5c:dd:c1:
da:56:9e:1f:f3:96:ce:86:3e:27:ee:d8:ee:f4:c3:1c:75:0b:
c1:84:d7:7b:3c:45:b7:63:9d:99:e7:f9:98:d4:77:cb:98:09:
d1:5c:17:d1:d6:42:37:a0:f5:16:76:81:60:d8:a0:97:cc:f1:
d8:ef:41:10:97:ee:72:92:86:a7:ea:4b:0a:44:28:d4:6c:ad:
12:72:c1:79:d2:b2:25:ed:ba:24:10:f7:65:42:a9:0c:1b:4a:
14:70:94:1e:e3:00:e6:3b:29:0d:03:ef:bc:42:ea:52:5c:d3:
4a:33:ba:a0:90:94:fe:9f:7b:0e:95:58:7c:f3:20:9c:35:d7:
b9:6a:b6:53:3f:23:0f:37:c1:6a:ae:51:ae:49:1c:d4:f4:b5:
ca:2b:69:61:51:ce:d1:80:fc:15:78:2a:c8:f1:11:cd:a3:ae:
62:e8:dd:fb:e4:04:e2:77:ff:95:97:e4:40:48:e3:3f:d7:7e:
31:fc:c0:7c:73:87:6b:44:ac:53:b4:6b:bd:06:47:df:7c:d0:
8a:8c:fc:2b:83:09:74:30:34:1d:00:6d:fc:25:40:e4:ef:67:
fa:fa:09:2b:98:16:eb:ab:cd:77:c3:01:bf:6f:42:3d:ce:f8:
6e:80:cc:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdWSCTTLbWtyJARhzRQw3LMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNzRhMWMwMzgzYWQ1ZWIwZjA1ODhlNGMzMzk0YmEzNDAx
MGE2MjEwHhcNMjUwNjA5MjAwMDU3WhcNMjUwNjEwMjAwMDU3WjAzMTEwLwYDVQQD
Eyg2NGQ1ZTU5YTFmYTk1MDExMmUyNmY0MjIyYTgxZTcxNmM3NWQ2ZjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSf5NqRKk/wV5O3tARwdVZIDg8yH
c9CVYBKohugMZkUy6y9L07oXuFxQxImn5rhsyYItr3vsA3a1RCAwFQXXvr0YedrR
z0feQYVGUy40osXHcDlZNuF6oiaUSrf6ZBsGUI1zlF20VZtql+7bwU6ozOn9Xz0C
8Wv/+0ybzG/03fjZ0zXL1KHUusVt3hIK+LcQqn6h/VD5cndVVqwUDyxU5rfYbRSa
swutXGWILrLz3i7wAWwG8VUOWRATp6fGi0qdVtuCIjuL//z4x9izoR8fskOIf64B
PaB7tWEQS/S3r6FRleJaBFA56nJhTx8SWLSuFzxOsGzTLoiv+ciP+dXrmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGTV5ZofqVARLib0IiqB5xbHXW8TMB8GA1UdIwQY
MBaAFEB0ocA4OtXrDwWI5MM5S6NAEKYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUhTaHdEZzYxZXNQQllqa3d6bExvMEFRcGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8zMDRhYWEtNGNlNS00MDY1LWIwNzMt
MjZjMzM2NTE1M2FmLzEvUUhTaHdEZzYxZXNQQllqa3d6bExvMEFRcGlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi8zMDRhYWEtNGNlNS00MDY1LWIwNzMtMjZjMzM2NTE1M2Fm
LzEvUUhTaHdEZzYxZXNQQllqa3d6bExvMEFRcGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgMabI3+y
HyloLvYqGA38XN3B2laeH/OWzoY+J+7Y7vTDHHULwYTXezxFt2Odmef5mNR3y5gJ
0VwX0dZCN6D1FnaBYNigl8zx2O9BEJfucpKGp+pLCkQo1GytEnLBedKyJe26JBD3
ZUKpDBtKFHCUHuMA5jspDQPvvELqUlzTSjO6oJCU/p97DpVYfPMgnDXXuWq2Uz8j
DzfBaq5Rrkkc1PS1yitpYVHO0YD8FXgqyPERzaOuYujd++QE4nf/lZfkQEjjP9d+
MfzAfHOHa0SsU7RrvQZH33zQioz8K4MJdDA0HQBt/CVA5O9n+voJK5gW66vNd8MB
v29CPc74boDMDw==
-----END CERTIFICATE-----
Generated at Tue Jun 10 04:45:03 2025 by rpki-client