Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft
File: Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft (raw, json)
Hash identifier: LIW0XcM17TS76a+BeD/5JPn45P6t6Hzz7mn6d2aM9xU=
Subject key identifier: F4:E2:A8:00:13:3C:A2:23:75:D8:42:BB:75:56:A3:FF:93:8C:48:40
Authority key identifier: 42:7D:F9:5E:E1:0A:2A:D4:EA:F0:82:DF:AC:15:98:38:B3:7D:34:50
Certificate issuer: /CN=427df95ee10a2ad4eaf082dfac159838b37d3450
Certificate serial: 01975422C653EC2DF769DE11F89BD23B1B90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qn35XuEKKtTq8ILfrBWYOLN9NFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft
Manifest number: 05D9
Signing time: Mon 09 Jun 2025 10:00:54 +0000
Manifest this update: Mon 09 Jun 2025 10:00:54 +0000
Manifest next update: Tue 10 Jun 2025 10:00:54 +0000
Files and hashes: 1: BR-wwst0Mwoj4cW4aMMLkST0T08.roa (hash: KhuoTa1EwW+NDwJopflLn+SOxpsU8qTU0jm6Bsplu/Y=)
2: Qn35XuEKKtTq8ILfrBWYOLN9NFA.crl (hash: 64aTWk5zFYkD5KEzvUf17j0WBa88mDgjUMZCFVkDgMg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Qn35XuEKKtTq8ILfrBWYOLN9NFA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 10 Jun 2025 02:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:54:22:c6:53:ec:2d:f7:69:de:11:f8:9b:d2:3b:1b:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=427df95ee10a2ad4eaf082dfac159838b37d3450
Validity
Not Before: Jun 9 10:00:54 2025 GMT
Not After : Jun 10 10:00:54 2025 GMT
Subject: CN=f4e2a800133ca22375d842bb7556a3ff938c4840
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:dd:a2:96:7d:96:23:ff:43:3d:b1:73:60:c3:
b4:1e:3a:82:fb:27:fc:07:e1:0c:c4:8e:15:5d:a5:
6d:ff:1a:e9:0c:6c:43:e5:27:14:91:74:e9:7c:9c:
3f:f1:e1:3a:fb:0c:60:92:36:cf:9e:41:e4:2b:a2:
55:0b:73:35:dd:35:4d:da:ce:55:82:1d:c9:62:2f:
6d:37:9b:47:73:d4:ac:a2:b8:df:10:b5:e9:4c:e9:
d4:e9:44:eb:fc:48:92:7d:c3:70:8b:1d:0a:53:b8:
fb:41:52:0a:c5:f3:6f:c0:12:4d:cc:d2:bd:61:7a:
80:4b:eb:9e:7d:95:ff:d3:e9:e3:07:66:a7:66:89:
66:19:76:48:c3:3a:ab:0d:c3:df:50:a7:6e:9a:d0:
d9:b1:1f:32:df:93:5c:8c:38:ba:44:fe:37:82:e5:
f5:76:5a:b8:cb:4e:3f:4d:35:fa:3e:33:2c:0e:e9:
50:6a:65:3a:d1:5b:de:a3:7b:47:4b:e0:b3:6d:4a:
14:dd:98:ab:5d:b5:18:1c:8f:77:35:72:20:eb:93:
94:bf:be:85:b1:eb:84:3c:59:1b:39:e7:90:26:fa:
3c:7f:d9:47:9b:63:5e:25:b9:3c:4c:fe:13:4d:e0:
dc:0c:d4:6a:fe:f7:f9:03:e1:af:95:df:33:78:a1:
e8:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:E2:A8:00:13:3C:A2:23:75:D8:42:BB:75:56:A3:FF:93:8C:48:40
X509v3 Authority Key Identifier:
keyid:42:7D:F9:5E:E1:0A:2A:D4:EA:F0:82:DF:AC:15:98:38:B3:7D:34:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qn35XuEKKtTq8ILfrBWYOLN9NFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1b:3b:ab:d2:01:ec:68:b9:a4:91:16:d5:0a:01:9e:99:05:76:
c2:72:b5:08:d2:5c:d1:96:63:0c:0c:70:6b:93:ef:4f:b1:33:
0f:6a:e0:93:da:40:91:46:24:e4:87:7b:0e:07:93:a4:e0:10:
60:3f:ea:7e:af:9c:ad:9a:87:9c:a9:d9:d4:c2:eb:10:70:eb:
3b:69:a7:de:33:5b:6f:e9:c5:e1:d4:23:70:fa:4e:9a:08:c6:
57:a1:2c:5f:d1:f2:61:fa:b6:3b:cf:37:cd:37:31:b1:ae:0c:
48:93:76:62:c9:e6:49:6b:a8:6a:fd:d1:52:8a:f4:5e:35:95:
65:49:e4:02:2d:88:eb:eb:e8:91:20:60:8a:bd:ec:11:61:99:
82:3b:14:82:e1:6d:5c:dc:ea:db:6e:ef:4f:54:fa:16:d5:9c:
fd:91:96:8a:7f:ed:5b:a7:94:2d:fd:8a:17:5e:64:83:1f:c5:
cc:a1:72:3b:da:9c:2c:6b:b3:f4:cd:61:b3:b5:90:ed:b8:9a:
da:24:e1:ae:0e:e1:c3:ef:78:6c:70:6a:e2:f1:cf:c1:ad:af:
6c:2a:da:44:7b:91:cf:44:6c:0a:07:5b:b7:be:cd:a2:bd:ef:
72:43:15:2c:84:13:cd:21:c0:00:9f:4e:a1:23:19:f9:3c:e4:
d4:7a:5c:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdUIsZT7C33ad4R+JvSOxuQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyN2RmOTVlZTEwYTJhZDRlYWYwODJkZmFjMTU5ODM4YjM3
ZDM0NTAwHhcNMjUwNjA5MTAwMDU0WhcNMjUwNjEwMTAwMDU0WjAzMTEwLwYDVQQD
EyhmNGUyYTgwMDEzM2NhMjIzNzVkODQyYmI3NTU2YTNmZjkzOGM0ODQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2N2iln2WI/9DPbFzYMO0HjqC+yf8
B+EMxI4VXaVt/xrpDGxD5ScUkXTpfJw/8eE6+wxgkjbPnkHkK6JVC3M13TVN2s5V
gh3JYi9tN5tHc9SsorjfELXpTOnU6UTr/EiSfcNwix0KU7j7QVIKxfNvwBJNzNK9
YXqAS+uefZX/0+njB2anZolmGXZIwzqrDcPfUKdumtDZsR8y35NcjDi6RP43guX1
dlq4y04/TTX6PjMsDulQamU60Vveo3tHS+CzbUoU3ZirXbUYHI93NXIg65OUv76F
seuEPFkbOeeQJvo8f9lHm2NeJbk8TP4TTeDcDNRq/vf5A+Gvld8zeKHoGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPTiqAATPKIjddhCu3VWo/+TjEhAMB8GA1UdIwQY
MBaAFEJ9+V7hCirU6vCC36wVmDizfTRQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW4zNVh1RUtLdFRxOElMZnJCV1lPTE45TkZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC80YTMwNjgtZWE5ZC00OTY2LWJlNTUt
Nzk0M2Q5YTc5YmQyLzEvUW4zNVh1RUtLdFRxOElMZnJCV1lPTE45TkZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC80YTMwNjgtZWE5ZC00OTY2LWJlNTUtNzk0M2Q5YTc5YmQy
LzEvUW4zNVh1RUtLdFRxOElMZnJCV1lPTE45TkZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGzur0gHs
aLmkkRbVCgGemQV2wnK1CNJc0ZZjDAxwa5PvT7EzD2rgk9pAkUYk5Id7DgeTpOAQ
YD/qfq+crZqHnKnZ1MLrEHDrO2mn3jNbb+nF4dQjcPpOmgjGV6EsX9HyYfq2O883
zTcxsa4MSJN2YsnmSWuoav3RUor0XjWVZUnkAi2I6+vokSBgir3sEWGZgjsUguFt
XNzq227vT1T6FtWc/ZGWin/tW6eULf2KF15kgx/FzKFyO9qcLGuz9M1hs7WQ7bia
2iThrg7hw+94bHBq4vHPwa2vbCraRHuRz0RsCgdbt77Nor3vckMVLIQTzSHAAJ9O
oSMZ+Tzk1HpceQ==
-----END CERTIFICATE-----
Generated at Mon Jun 9 12:32:12 2025 by rpki-client