Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/qvHI3UCIS0nwiAZNPBANKhiahHQ.mft
File: qvHI3UCIS0nwiAZNPBANKhiahHQ.mft (raw, json)
Hash identifier: QE+tC/zn0Sa5ZCuPJakjcTsWQZR781C43ElB0z0v1P4=
Subject key identifier: CD:2D:66:51:AA:B0:47:A7:94:A5:7A:BA:39:CA:9D:CA:FF:B2:58:2C
Authority key identifier: AA:F1:C8:DD:40:88:4B:49:F0:88:06:4D:3C:10:0D:2A:18:9A:84:74
Certificate issuer: /CN=aaf1c8dd40884b49f088064d3c100d2a189a8474
Certificate serial: 01974BFB7F2E141D24E14C6E7443F8E0F43E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qvHI3UCIS0nwiAZNPBANKhiahHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/qvHI3UCIS0nwiAZNPBANKhiahHQ.mft
Manifest number: 01DA
Signing time: Sat 07 Jun 2025 20:01:02 +0000
Manifest this update: Sat 07 Jun 2025 20:01:02 +0000
Manifest next update: Sun 08 Jun 2025 20:01:02 +0000
Files and hashes: 1: UGApytPJPEIPFbzs4L0oU_KIdHM.roa (hash: cf5ZtJTmEf4eW9FhhtNmIkoS04da9/P7WQkJtlas3+0=)
2: qvHI3UCIS0nwiAZNPBANKhiahHQ.crl (hash: R+jtcJ6QRcHokMoBfyIvIQh/yX2Q/VCFCbY0Supy9QM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/qvHI3UCIS0nwiAZNPBANKhiahHQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/qvHI3UCIS0nwiAZNPBANKhiahHQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/qvHI3UCIS0nwiAZNPBANKhiahHQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 20:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4b:fb:7f:2e:14:1d:24:e1:4c:6e:74:43:f8:e0:f4:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aaf1c8dd40884b49f088064d3c100d2a189a8474
Validity
Not Before: Jun 7 20:01:02 2025 GMT
Not After : Jun 8 20:01:02 2025 GMT
Subject: CN=cd2d6651aab047a794a57aba39ca9dcaffb2582c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:43:fd:70:a8:2a:8e:a6:a2:f9:9a:77:91:c7:
f6:13:c2:e0:85:28:aa:2c:e1:41:43:7f:d5:61:b9:
48:18:bd:a9:de:64:ae:3a:7b:d1:44:3d:4c:5a:52:
af:37:05:2f:77:9a:5c:0d:61:21:12:8f:7f:6b:d2:
da:32:e7:44:64:97:77:cc:99:25:19:50:c8:a9:41:
f0:9f:a8:7d:54:3e:5a:c3:d4:9b:ff:88:49:93:9a:
5e:a9:28:cb:5b:71:e0:93:4e:98:c7:c2:c5:72:f9:
4b:98:99:77:3c:77:47:d5:e6:7b:41:8d:93:71:cb:
69:7d:bf:a6:a4:43:e1:97:15:b5:40:d4:5a:c4:8f:
b2:83:3b:71:94:32:8b:fd:8b:30:c6:a1:a8:09:64:
5b:c5:ab:ec:97:f4:c6:1a:3c:38:e9:f2:c5:a4:23:
43:58:c1:6f:11:23:5c:44:96:20:6a:3b:8e:bc:5b:
ea:59:d1:8d:af:c7:80:22:3a:7c:27:f8:83:ec:fc:
43:42:c5:ab:77:a1:f3:ab:e9:c1:84:95:c1:a7:4f:
3c:9e:cc:73:3a:69:23:5f:61:31:b5:71:fc:6d:2a:
06:2d:fa:e0:01:95:87:4b:e2:bc:03:b4:89:3b:b2:
2e:18:65:bc:64:04:39:ca:6d:c3:d0:d8:e2:d6:eb:
1e:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:2D:66:51:AA:B0:47:A7:94:A5:7A:BA:39:CA:9D:CA:FF:B2:58:2C
X509v3 Authority Key Identifier:
keyid:AA:F1:C8:DD:40:88:4B:49:F0:88:06:4D:3C:10:0D:2A:18:9A:84:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qvHI3UCIS0nwiAZNPBANKhiahHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/qvHI3UCIS0nwiAZNPBANKhiahHQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/qvHI3UCIS0nwiAZNPBANKhiahHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a5:49:04:ea:6f:83:fb:d6:fd:3d:ec:19:77:75:c5:0d:1c:ba:
7b:5b:74:28:e5:a1:56:bd:f6:c3:63:3a:87:87:76:88:a5:a7:
34:9f:51:ab:b4:9f:36:6a:3b:74:80:4f:e1:fe:49:a8:f5:35:
e1:f5:fa:ac:e9:77:47:dc:28:5f:e9:e9:26:76:91:b4:85:17:
1b:ba:6f:b5:06:27:ec:c0:7d:12:3b:1c:9c:cf:0a:17:a6:12:
b9:52:f8:4a:8e:12:0c:66:98:45:45:d6:ed:a9:78:17:23:8d:
7b:2c:13:8a:fc:94:1b:b2:bd:a0:1a:8d:b3:60:b4:4d:9c:e6:
49:ca:ee:a3:07:bd:39:93:b0:29:76:f4:85:0e:30:42:e1:32:
a2:bb:e9:38:dd:30:6b:93:3b:db:4a:e4:b9:2a:8e:b7:5e:0f:
bf:4b:f4:8e:b3:52:61:75:cc:51:57:ff:d4:1a:30:72:11:e6:
3f:5c:ce:79:68:b3:8a:8a:44:b0:d8:25:e4:03:f9:79:3b:61:
58:a6:34:35:f0:e6:e9:d0:33:49:75:48:00:25:8c:b2:53:3c:
68:59:2f:c8:fc:e4:69:bb:17:c2:d0:b0:f3:ff:45:16:c4:73:
44:75:d8:5a:7d:6b:24:f1:38:19:3a:16:6d:5d:4a:20:ff:63:
b4:2a:43:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdL+38uFB0k4UxudEP44PQ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhZjFjOGRkNDA4ODRiNDlmMDg4MDY0ZDNjMTAwZDJhMTg5
YTg0NzQwHhcNMjUwNjA3MjAwMTAyWhcNMjUwNjA4MjAwMTAyWjAzMTEwLwYDVQQD
EyhjZDJkNjY1MWFhYjA0N2E3OTRhNTdhYmEzOWNhOWRjYWZmYjI1ODJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0kP9cKgqjqai+Zp3kcf2E8LghSiq
LOFBQ3/VYblIGL2p3mSuOnvRRD1MWlKvNwUvd5pcDWEhEo9/a9LaMudEZJd3zJkl
GVDIqUHwn6h9VD5aw9Sb/4hJk5peqSjLW3Hgk06Yx8LFcvlLmJl3PHdH1eZ7QY2T
cctpfb+mpEPhlxW1QNRaxI+ygztxlDKL/YswxqGoCWRbxavsl/TGGjw46fLFpCND
WMFvESNcRJYgajuOvFvqWdGNr8eAIjp8J/iD7PxDQsWrd6Hzq+nBhJXBp088nsxz
OmkjX2ExtXH8bSoGLfrgAZWHS+K8A7SJO7IuGGW8ZAQ5ym3D0Nji1useFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM0tZlGqsEenlKV6ujnKncr/slgsMB8GA1UdIwQY
MBaAFKrxyN1AiEtJ8IgGTTwQDSoYmoR0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXZISTNVQ0lTMG53aUFaTlBCQU5LaGlhaEhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8zMzkwMGMtZTZjZS00NDRlLWJjOTYt
M2IzMzlkMDgxZjgzLzEvcXZISTNVQ0lTMG53aUFaTlBCQU5LaGlhaEhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8zMzkwMGMtZTZjZS00NDRlLWJjOTYtM2IzMzlkMDgxZjgz
LzEvcXZISTNVQ0lTMG53aUFaTlBCQU5LaGlhaEhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApUkE6m+D
+9b9PewZd3XFDRy6e1t0KOWhVr32w2M6h4d2iKWnNJ9Rq7SfNmo7dIBP4f5JqPU1
4fX6rOl3R9woX+npJnaRtIUXG7pvtQYn7MB9EjscnM8KF6YSuVL4So4SDGaYRUXW
7al4FyONeywTivyUG7K9oBqNs2C0TZzmScruowe9OZOwKXb0hQ4wQuEyorvpON0w
a5M720rkuSqOt14Pv0v0jrNSYXXMUVf/1BowchHmP1zOeWiziopEsNgl5AP5eTth
WKY0NfDm6dAzSXVIACWMslM8aFkvyPzkabsXwtCw8/9FFsRzRHXYWn1rJPE4GToW
bV1KIP9jtCpDsQ==
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:22:45 2025 by rpki-client