Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/438008-338d-4c31-97c5-4cb97076cff2/1/QwPxM011rEMsDKp404mnDAnBLKY.mft
File: QwPxM011rEMsDKp404mnDAnBLKY.mft (raw, json)
Hash identifier: jYdrjpNbj8Hu8bjMqH5g0tgmT0BrQfn2QmgrSD6XMFQ=
Subject key identifier: 84:0C:04:08:80:C9:8E:A2:53:82:A3:82:B8:EE:59:0F:F6:40:87:78
Authority key identifier: 43:03:F1:33:4D:75:AC:43:2C:0C:AA:78:D3:89:A7:0C:09:C1:2C:A6
Certificate issuer: /CN=4303f1334d75ac432c0caa78d389a70c09c12ca6
Certificate serial: 019747E7863FB08E4D0D090AE832DA12701C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwPxM011rEMsDKp404mnDAnBLKY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/438008-338d-4c31-97c5-4cb97076cff2/1/QwPxM011rEMsDKp404mnDAnBLKY.mft
Manifest number: D1
Signing time: Sat 07 Jun 2025 01:00:44 +0000
Manifest this update: Sat 07 Jun 2025 01:00:44 +0000
Manifest next update: Sun 08 Jun 2025 01:00:44 +0000
Files and hashes: 1: QwPxM011rEMsDKp404mnDAnBLKY.crl (hash: 1+jUjcnXU4zQAYZR4h11JzZE61yZf0nU9qffNs4Da5M=)
2: etqHJp94mEXyM-mZRNVFRO7Kziw.roa (hash: Y6iOU/XBP66s91SGzXjQj2BEKS4QjWa/buoOF4uhFqg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/438008-338d-4c31-97c5-4cb97076cff2/1/QwPxM011rEMsDKp404mnDAnBLKY.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/438008-338d-4c31-97c5-4cb97076cff2/1/QwPxM011rEMsDKp404mnDAnBLKY.mft
rsync://rpki.ripe.net/repository/DEFAULT/QwPxM011rEMsDKp404mnDAnBLKY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 01:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:47:e7:86:3f:b0:8e:4d:0d:09:0a:e8:32:da:12:70:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4303f1334d75ac432c0caa78d389a70c09c12ca6
Validity
Not Before: Jun 7 01:00:44 2025 GMT
Not After : Jun 8 01:00:44 2025 GMT
Subject: CN=840c040880c98ea25382a382b8ee590ff6408778
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d4:3e:7d:1b:0a:5a:e8:ff:ee:2f:21:c2:ea:
9a:d8:1e:6d:a9:c4:08:fd:ca:2d:cc:da:9d:47:30:
ff:a5:00:19:8f:2d:8f:78:c2:30:75:0c:08:8a:a0:
a8:c3:0f:ff:6f:b9:79:8d:58:8a:59:4e:f6:fa:7b:
7e:68:8e:25:c6:35:5d:5d:d8:31:87:05:d1:bd:8e:
32:a9:b4:ec:2a:ac:9f:3e:ad:41:d9:e2:0b:01:8e:
1b:fc:99:ea:e1:3f:6b:a2:80:7e:af:f3:fc:9e:36:
72:9e:c5:f8:40:4a:19:59:64:4b:0b:8c:cd:91:64:
cb:c9:1b:cf:0f:c4:cc:a4:7f:8b:1f:5c:52:38:74:
3f:c5:a7:3e:e0:bd:07:38:83:31:d9:10:46:92:b0:
20:1a:93:c4:8f:bc:ee:8c:5b:c1:c2:32:15:a8:f5:
be:60:28:1c:4a:a9:33:8d:b7:37:6e:15:09:0d:ee:
3a:f9:5f:49:74:96:51:b4:14:23:a1:2d:56:ef:66:
6c:da:91:b4:71:b0:6b:b6:cc:4f:3b:5b:f5:fe:a2:
1d:12:0d:88:c1:02:dc:73:90:7d:34:5d:01:41:47:
a0:d3:2a:33:af:68:1c:20:83:bc:58:21:cd:2e:99:
8a:dc:7e:c4:a7:14:8e:0a:f9:92:06:80:d8:e9:4b:
a0:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:0C:04:08:80:C9:8E:A2:53:82:A3:82:B8:EE:59:0F:F6:40:87:78
X509v3 Authority Key Identifier:
keyid:43:03:F1:33:4D:75:AC:43:2C:0C:AA:78:D3:89:A7:0C:09:C1:2C:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwPxM011rEMsDKp404mnDAnBLKY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/438008-338d-4c31-97c5-4cb97076cff2/1/QwPxM011rEMsDKp404mnDAnBLKY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/438008-338d-4c31-97c5-4cb97076cff2/1/QwPxM011rEMsDKp404mnDAnBLKY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4a:6a:06:34:18:b9:6c:41:c9:6e:bd:92:35:38:84:50:c6:95:
38:fb:c8:90:c5:f9:24:56:f9:d5:bc:0c:b1:30:65:59:fb:0a:
c0:42:61:8f:aa:25:6e:9a:06:65:97:43:ca:49:90:60:18:bb:
47:ee:83:08:61:a7:a3:d4:d7:d9:cb:1d:cc:46:36:80:c5:d4:
c1:83:ee:dc:87:ba:26:dc:0d:32:e2:69:43:e7:1a:ab:0b:99:
ad:1b:17:0b:96:82:5f:fd:99:b8:0c:02:ab:1c:e2:b0:ee:7d:
7a:9f:c0:9b:2a:3b:53:08:96:db:69:6c:db:34:c0:68:63:77:
b0:dd:e7:ae:44:54:54:4f:9a:8a:cf:a0:a6:86:cf:96:76:31:
39:4b:37:3b:fd:1d:58:32:d4:63:d2:6b:a0:d1:19:80:af:7d:
1e:9a:8e:9e:db:ce:83:1a:ef:d6:e4:e8:cd:2a:86:80:36:67:
8c:18:7e:ba:1a:e1:60:5c:13:39:1f:a8:8e:e9:94:f2:ba:74:
a4:23:27:76:89:5f:45:39:e9:05:1e:56:95:a5:1a:b4:d4:44:
7f:43:f3:d6:53:09:e0:9b:ef:6c:e2:cc:ea:2b:d0:52:37:87:
bc:24:67:ca:62:ab:28:29:37:bb:e3:84:70:0b:2b:9a:4a:0e:
00:92:ef:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdH54Y/sI5NDQkK6DLaEnAcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDNmMTMzNGQ3NWFjNDMyYzBjYWE3OGQzODlhNzBjMDlj
MTJjYTYwHhcNMjUwNjA3MDEwMDQ0WhcNMjUwNjA4MDEwMDQ0WjAzMTEwLwYDVQQD
Eyg4NDBjMDQwODgwYzk4ZWEyNTM4MmEzODJiOGVlNTkwZmY2NDA4Nzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNQ+fRsKWuj/7i8hwuqa2B5tqcQI
/cotzNqdRzD/pQAZjy2PeMIwdQwIiqCoww//b7l5jViKWU72+nt+aI4lxjVdXdgx
hwXRvY4yqbTsKqyfPq1B2eILAY4b/Jnq4T9rooB+r/P8njZynsX4QEoZWWRLC4zN
kWTLyRvPD8TMpH+LH1xSOHQ/xac+4L0HOIMx2RBGkrAgGpPEj7zujFvBwjIVqPW+
YCgcSqkzjbc3bhUJDe46+V9JdJZRtBQjoS1W72Zs2pG0cbBrtsxPO1v1/qIdEg2I
wQLcc5B9NF0BQUeg0yozr2gcIIO8WCHNLpmK3H7EpxSOCvmSBoDY6UughQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIQMBAiAyY6iU4KjgrjuWQ/2QId4MB8GA1UdIwQY
MBaAFEMD8TNNdaxDLAyqeNOJpwwJwSymMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdQeE0wMTFyRU1zREtwNDA0bW5EQW5CTEtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS80MzgwMDgtMzM4ZC00YzMxLTk3YzUt
NGNiOTcwNzZjZmYyLzEvUXdQeE0wMTFyRU1zREtwNDA0bW5EQW5CTEtZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS80MzgwMDgtMzM4ZC00YzMxLTk3YzUtNGNiOTcwNzZjZmYy
LzEvUXdQeE0wMTFyRU1zREtwNDA0bW5EQW5CTEtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASmoGNBi5
bEHJbr2SNTiEUMaVOPvIkMX5JFb51bwMsTBlWfsKwEJhj6olbpoGZZdDykmQYBi7
R+6DCGGno9TX2csdzEY2gMXUwYPu3Ie6JtwNMuJpQ+caqwuZrRsXC5aCX/2ZuAwC
qxzisO59ep/Amyo7UwiW22ls2zTAaGN3sN3nrkRUVE+ais+gpobPlnYxOUs3O/0d
WDLUY9JroNEZgK99HpqOntvOgxrv1uTozSqGgDZnjBh+uhrhYFwTOR+ojumU8rp0
pCMndolfRTnpBR5WlaUatNREf0Pz1lMJ4JvvbOLM6ivQUjeHvCRnymKrKCk3u+OE
cAsrmkoOAJLvtQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 10:48:37 2025 by rpki-client