Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/a4cd0d-af14-49c3-9481-35479c54dcbd/1/L-QXNib0YCZA6NTpa1ShoJar54s.mft
File: L-QXNib0YCZA6NTpa1ShoJar54s.mft (raw, json)
Hash identifier: T5VxH0bIuuCKmnS1J2dqt1lgOIqDTvNQHxUv/c9KyoY=
Subject key identifier: B9:9D:3C:24:D7:18:CE:93:2D:E5:A8:9A:5B:4E:91:86:E6:81:4E:92
Authority key identifier: 2F:E4:17:36:26:F4:60:26:40:E8:D4:E9:6B:54:A1:A0:96:AB:E7:8B
Certificate issuer: /CN=2fe4173626f4602640e8d4e96b54a1a096abe78b
Certificate serial: 01975CB84FC77A0AA5CFF5E0CF3590A347B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L-QXNib0YCZA6NTpa1ShoJar54s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/a4cd0d-af14-49c3-9481-35479c54dcbd/1/L-QXNib0YCZA6NTpa1ShoJar54s.mft
Manifest number: 1074
Signing time: Wed 11 Jun 2025 02:01:12 +0000
Manifest this update: Wed 11 Jun 2025 02:01:12 +0000
Manifest next update: Thu 12 Jun 2025 02:01:12 +0000
Files and hashes: 1: 8PzBSdujNIrE9ZxwXkq7Jh0bBAs.roa (hash: 4Awpnumk+tPfHQxPVq+VsOA860hCJdP+GfTQ/2K+zcA=)
2: L-QXNib0YCZA6NTpa1ShoJar54s.crl (hash: Yjl3ocFd1hXXuQDEDxYUH85omAbet7nMHxBboVlEMyg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/a4cd0d-af14-49c3-9481-35479c54dcbd/1/L-QXNib0YCZA6NTpa1ShoJar54s.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/a4cd0d-af14-49c3-9481-35479c54dcbd/1/L-QXNib0YCZA6NTpa1ShoJar54s.mft
rsync://rpki.ripe.net/repository/DEFAULT/L-QXNib0YCZA6NTpa1ShoJar54s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Jun 2025 23:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5c:b8:4f:c7:7a:0a:a5:cf:f5:e0:cf:35:90:a3:47:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fe4173626f4602640e8d4e96b54a1a096abe78b
Validity
Not Before: Jun 11 02:01:12 2025 GMT
Not After : Jun 12 02:01:12 2025 GMT
Subject: CN=b99d3c24d718ce932de5a89a5b4e9186e6814e92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:73:0f:5f:30:25:d4:c9:a7:e5:9f:0d:e1:4a:
ad:14:26:bc:a5:04:93:ce:b0:7f:bc:6f:43:5e:f9:
c9:27:3b:09:29:2f:05:bf:f7:8e:de:df:53:9d:43:
5a:49:06:75:34:99:8c:09:29:12:b4:4d:e5:67:5d:
55:48:fb:61:16:11:6f:5a:73:98:a0:17:36:42:7f:
d7:b5:e0:ad:2b:55:68:69:c4:53:db:7c:9b:29:25:
80:fc:5f:e6:a5:9e:fe:29:39:54:17:01:e1:df:38:
c6:c3:56:29:b6:b6:06:fc:c8:13:72:ab:cb:2d:7d:
af:f7:84:54:b4:3f:c0:b6:d6:96:99:3c:82:73:d3:
1a:56:47:95:4c:7f:b0:82:57:f9:28:bb:67:e6:f3:
b5:32:0e:54:4f:b4:17:54:ca:f6:40:82:af:a0:33:
27:56:d8:85:23:85:a9:6e:c7:82:88:36:7b:c8:d7:
4d:59:0b:20:96:0c:26:34:c1:2e:a5:94:53:61:60:
61:a2:31:ad:7e:a6:3b:85:73:25:a0:dd:80:db:ac:
ae:00:35:7b:a1:6c:45:3a:d6:bc:10:08:5e:ea:12:
c9:e7:db:b4:98:1f:44:05:97:c8:da:01:a3:ba:95:
f2:5c:96:31:d6:c1:c9:7a:aa:96:fb:96:a6:76:79:
aa:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:9D:3C:24:D7:18:CE:93:2D:E5:A8:9A:5B:4E:91:86:E6:81:4E:92
X509v3 Authority Key Identifier:
keyid:2F:E4:17:36:26:F4:60:26:40:E8:D4:E9:6B:54:A1:A0:96:AB:E7:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L-QXNib0YCZA6NTpa1ShoJar54s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/a4cd0d-af14-49c3-9481-35479c54dcbd/1/L-QXNib0YCZA6NTpa1ShoJar54s.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/a4cd0d-af14-49c3-9481-35479c54dcbd/1/L-QXNib0YCZA6NTpa1ShoJar54s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
23:84:aa:45:ed:75:64:bf:1a:4a:8d:e1:1b:2b:9c:49:2c:60:
10:88:6f:df:2b:71:80:b4:f8:71:31:7f:65:31:34:37:91:22:
3f:99:82:c9:eb:bc:1c:10:b3:e4:bd:0f:3f:c9:38:2e:3c:9e:
92:aa:6d:c5:2c:89:bf:63:04:cd:27:07:eb:d2:a5:80:2e:bd:
da:0e:2d:40:05:9e:93:4b:b6:5e:29:57:a0:bf:96:52:0e:2a:
b9:5e:b4:d7:84:64:ea:ab:ef:74:cd:51:ba:f0:97:e0:2f:2a:
0f:9e:b6:04:2d:03:62:fd:2a:3a:00:18:c2:c7:8e:94:1d:03:
90:8f:f6:f7:3e:df:c2:8d:c0:81:44:7e:d6:79:d2:df:87:2e:
60:96:aa:50:fc:2f:99:86:50:7d:88:39:7c:39:b5:d6:c9:b5:
2b:57:fa:bb:45:1f:cb:8d:35:63:a0:93:72:71:7e:67:e3:f4:
de:af:ba:2b:45:52:59:ac:71:e6:97:aa:4c:3a:04:92:d4:a9:
42:a1:dc:52:d0:e7:6f:5e:1d:aa:8d:1c:39:eb:79:e0:4c:f4:
72:53:ec:7a:42:b6:a9:df:39:b3:d2:76:81:da:79:84:1c:f9:
91:c9:7a:9b:37:c0:86:43:1f:ee:f3:05:b4:38:9f:fa:42:89:
39:63:5e:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdcuE/Hegqlz/XgzzWQo0e2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmZTQxNzM2MjZmNDYwMjY0MGU4ZDRlOTZiNTRhMWEwOTZh
YmU3OGIwHhcNMjUwNjExMDIwMTEyWhcNMjUwNjEyMDIwMTEyWjAzMTEwLwYDVQQD
EyhiOTlkM2MyNGQ3MThjZTkzMmRlNWE4OWE1YjRlOTE4NmU2ODE0ZTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAznMPXzAl1Mmn5Z8N4UqtFCa8pQST
zrB/vG9DXvnJJzsJKS8Fv/eO3t9TnUNaSQZ1NJmMCSkStE3lZ11VSPthFhFvWnOY
oBc2Qn/XteCtK1VoacRT23ybKSWA/F/mpZ7+KTlUFwHh3zjGw1YptrYG/MgTcqvL
LX2v94RUtD/AttaWmTyCc9MaVkeVTH+wglf5KLtn5vO1Mg5UT7QXVMr2QIKvoDMn
VtiFI4WpbseCiDZ7yNdNWQsglgwmNMEupZRTYWBhojGtfqY7hXMloN2A26yuADV7
oWxFOta8EAhe6hLJ59u0mB9EBZfI2gGjupXyXJYx1sHJeqqW+5amdnmqewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLmdPCTXGM6TLeWomltOkYbmgU6SMB8GA1UdIwQY
MBaAFC/kFzYm9GAmQOjU6WtUoaCWq+eLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTC1RWE5pYjBZQ1pBNk5UcGExU2hvSmFyNTRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9hNGNkMGQtYWYxNC00OWMzLTk0ODEt
MzU0NzljNTRkY2JkLzEvTC1RWE5pYjBZQ1pBNk5UcGExU2hvSmFyNTRzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9hNGNkMGQtYWYxNC00OWMzLTk0ODEtMzU0NzljNTRkY2Jk
LzEvTC1RWE5pYjBZQ1pBNk5UcGExU2hvSmFyNTRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI4SqRe11
ZL8aSo3hGyucSSxgEIhv3ytxgLT4cTF/ZTE0N5EiP5mCyeu8HBCz5L0PP8k4Ljye
kqptxSyJv2MEzScH69KlgC692g4tQAWek0u2XilXoL+WUg4quV6014Rk6qvvdM1R
uvCX4C8qD562BC0DYv0qOgAYwseOlB0DkI/29z7fwo3AgUR+1nnS34cuYJaqUPwv
mYZQfYg5fDm11sm1K1f6u0Ufy401Y6CTcnF+Z+P03q+6K0VSWaxx5peqTDoEktSp
QqHcUtDnb14dqo0cOet54Ez0clPsekK2qd85s9J2gdp5hBz5kcl6mzfAhkMf7vMF
tDif+kKJOWNe4w==
-----END CERTIFICATE-----
Generated at Wed Jun 11 09:33:54 2025 by rpki-client