Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft
File: Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft (raw, json)
Hash identifier: B02kPyBk9MpWwXYGB+ydvjjjoLbHoejAiUAlttt9uUA=
Subject key identifier: 43:8D:96:FC:20:44:F0:8C:DB:63:53:CB:0D:04:82:6D:10:F7:09:2D
Authority key identifier: 42:7D:F9:5E:E1:0A:2A:D4:EA:F0:82:DF:AC:15:98:38:B3:7D:34:50
Certificate issuer: /CN=427df95ee10a2ad4eaf082dfac159838b37d3450
Certificate serial: 0199180940395DDB13505A196F36D5BA8B9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qn35XuEKKtTq8ILfrBWYOLN9NFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft
Manifest number: 06C3
Signing time: Fri 05 Sep 2025 04:01:23 +0000
Manifest this update: Fri 05 Sep 2025 04:01:23 +0000
Manifest next update: Sat 06 Sep 2025 04:01:23 +0000
Files and hashes: 1: BR-wwst0Mwoj4cW4aMMLkST0T08.roa (hash: KhuoTa1EwW+NDwJopflLn+SOxpsU8qTU0jm6Bsplu/Y=)
2: Qn35XuEKKtTq8ILfrBWYOLN9NFA.crl (hash: 6/Zox4Nu85EKxsRRcTVvwsKMiWPlfrbq+erKkGupM7w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Qn35XuEKKtTq8ILfrBWYOLN9NFA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 01:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:18:09:40:39:5d:db:13:50:5a:19:6f:36:d5:ba:8b:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=427df95ee10a2ad4eaf082dfac159838b37d3450
Validity
Not Before: Sep 5 04:01:23 2025 GMT
Not After : Sep 6 04:01:23 2025 GMT
Subject: CN=438d96fc2044f08cdb6353cb0d04826d10f7092d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:e5:a3:a5:74:83:8e:da:d1:25:b9:22:a2:ae:
ec:f1:83:26:8d:e8:c3:dd:5d:7e:8f:12:aa:88:1f:
b5:88:4e:35:55:2b:31:01:fb:31:a8:73:73:a9:71:
98:df:d9:7d:c1:e2:9f:5b:db:b6:79:af:e1:cb:2e:
aa:c0:54:8a:3c:80:1e:d8:73:73:8b:44:6a:51:12:
0d:d2:08:7d:2e:3d:68:6a:50:38:f2:c9:94:67:00:
33:55:fb:54:23:4d:96:eb:11:37:2f:1d:8e:49:8d:
75:c6:84:f5:61:18:d3:ca:6f:07:7a:c6:f8:52:d7:
c9:33:c7:fd:9b:4a:0d:24:93:01:e8:62:c1:6b:5d:
61:b2:40:20:f5:a8:78:57:0b:81:28:eb:aa:0a:ac:
9f:dd:8d:6e:58:4d:32:63:be:37:a7:e4:92:b3:49:
05:9a:14:33:a1:7d:9c:16:b6:d9:09:1d:76:e8:0a:
c6:52:8b:d3:05:e7:1a:82:2b:35:65:a1:16:57:06:
cf:cf:46:aa:c9:ad:0c:8a:03:e4:ae:2c:61:e6:f3:
ce:70:5a:12:ac:e4:ea:e8:9c:95:92:2d:ea:1e:30:
bd:bb:c3:e0:7e:bc:f6:46:e8:db:e0:d5:8e:22:3a:
9e:da:cc:98:63:11:f5:d5:d5:f3:9b:f1:91:cf:ff:
5a:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:8D:96:FC:20:44:F0:8C:DB:63:53:CB:0D:04:82:6D:10:F7:09:2D
X509v3 Authority Key Identifier:
keyid:42:7D:F9:5E:E1:0A:2A:D4:EA:F0:82:DF:AC:15:98:38:B3:7D:34:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qn35XuEKKtTq8ILfrBWYOLN9NFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ac:a8:d7:47:93:77:0e:06:81:82:0f:78:f1:04:63:29:21:a3:
e1:b3:9a:95:7c:4a:ac:c7:8e:df:dc:6e:6c:4b:8f:68:28:d1:
81:97:af:6b:af:9a:89:64:12:de:0a:ed:55:74:54:a7:8e:21:
32:3c:52:32:cb:0d:c5:9d:27:d9:02:90:95:80:aa:c4:ef:9e:
d6:27:e8:98:29:48:7e:7e:cc:b1:a8:52:95:61:b6:f8:e0:b2:
d1:37:69:b1:a4:07:f8:2d:6d:eb:2b:c7:89:22:75:2c:8c:d4:
e1:36:77:5b:a9:c9:90:2b:6e:bc:06:fb:b4:c9:2e:4a:f1:45:
d5:ec:60:1e:e3:4b:10:e1:49:39:e5:71:7d:84:78:82:d2:77:
f1:c4:8c:f1:53:83:7f:b4:89:5e:85:75:a0:e7:ae:53:02:14:
92:4b:1c:a9:68:27:95:c3:9c:61:a7:94:eb:b3:10:d6:19:95:
89:ec:4c:2c:3a:5d:10:4e:da:d1:12:dc:80:0e:56:e7:a1:23:
2b:ad:91:68:9d:3e:56:cc:ef:38:57:af:19:ba:73:c9:66:a4:
cf:ec:d0:80:00:80:e3:05:d2:94:e3:2c:24:d3:08:d1:35:63:
4e:68:3c:5b:62:ee:14:cc:62:89:d8:70:e4:9c:1c:49:e6:fd:
bb:34:35:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkYCUA5XdsTUFoZbzbVuoufMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyN2RmOTVlZTEwYTJhZDRlYWYwODJkZmFjMTU5ODM4YjM3
ZDM0NTAwHhcNMjUwOTA1MDQwMTIzWhcNMjUwOTA2MDQwMTIzWjAzMTEwLwYDVQQD
Eyg0MzhkOTZmYzIwNDRmMDhjZGI2MzUzY2IwZDA0ODI2ZDEwZjcwOTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvOWjpXSDjtrRJbkioq7s8YMmjejD
3V1+jxKqiB+1iE41VSsxAfsxqHNzqXGY39l9weKfW9u2ea/hyy6qwFSKPIAe2HNz
i0RqURIN0gh9Lj1oalA48smUZwAzVftUI02W6xE3Lx2OSY11xoT1YRjTym8Hesb4
UtfJM8f9m0oNJJMB6GLBa11hskAg9ah4VwuBKOuqCqyf3Y1uWE0yY743p+SSs0kF
mhQzoX2cFrbZCR126ArGUovTBecagis1ZaEWVwbPz0aqya0MigPkrixh5vPOcFoS
rOTq6JyVki3qHjC9u8Pgfrz2Rujb4NWOIjqe2syYYxH11dXzm/GRz/9aywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEONlvwgRPCM22NTyw0Egm0Q9wktMB8GA1UdIwQY
MBaAFEJ9+V7hCirU6vCC36wVmDizfTRQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW4zNVh1RUtLdFRxOElMZnJCV1lPTE45TkZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC80YTMwNjgtZWE5ZC00OTY2LWJlNTUt
Nzk0M2Q5YTc5YmQyLzEvUW4zNVh1RUtLdFRxOElMZnJCV1lPTE45TkZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC80YTMwNjgtZWE5ZC00OTY2LWJlNTUtNzk0M2Q5YTc5YmQy
LzEvUW4zNVh1RUtLdFRxOElMZnJCV1lPTE45TkZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArKjXR5N3
DgaBgg948QRjKSGj4bOalXxKrMeO39xubEuPaCjRgZeva6+aiWQS3grtVXRUp44h
MjxSMssNxZ0n2QKQlYCqxO+e1ifomClIfn7MsahSlWG2+OCy0TdpsaQH+C1t6yvH
iSJ1LIzU4TZ3W6nJkCtuvAb7tMkuSvFF1exgHuNLEOFJOeVxfYR4gtJ38cSM8VOD
f7SJXoV1oOeuUwIUkkscqWgnlcOcYaeU67MQ1hmViexMLDpdEE7a0RLcgA5W56Ej
K62RaJ0+VszvOFevGbpzyWakz+zQgACA4wXSlOMsJNMI0TVjTmg8W2LuFMxiidhw
5JwcSeb9uzQ1+w==
-----END CERTIFICATE-----
Generated at Fri Sep 5 06:27:13 2025 by rpki-client