Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.mft
File: QkMqMZ9UsFg3L9MlKOrlH8kMFbI.mft (raw, json)
Hash identifier: jPw+CQE4ixt0TN4dwQjXj1g3nKK5S/F6/AoiebrrPl8=
Subject key identifier: A3:53:80:71:75:B7:ED:D5:C6:A2:4E:39:51:7E:12:89:AB:14:43:E0
Authority key identifier: 42:43:2A:31:9F:54:B0:58:37:2F:D3:25:28:EA:E5:1F:C9:0C:15:B2
Certificate issuer: /CN=42432a319f54b058372fd32528eae51fc90c15b2
Certificate serial: 01974A438D4EB599DD8B9F4F4AE7325043BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.mft
Manifest number: 022B
Signing time: Sat 07 Jun 2025 12:00:30 +0000
Manifest this update: Sat 07 Jun 2025 12:00:30 +0000
Manifest next update: Sun 08 Jun 2025 12:00:30 +0000
Files and hashes: 1: Fg4gfGthOyzcFXfxEYyjwrss7as.roa (hash: mWUv12QovIjIHXpuDNAMlgedx6+BQ3vMWaiHrsA7+3A=)
2: Q5e6g1WUMRG4cL4aNZtJqqD_-yo.roa (hash: T3aZ91YVxRUkDJ96e4vMqo7oCynEMTZ2Xb8h0pZbGMo=)
3: QkMqMZ9UsFg3L9MlKOrlH8kMFbI.crl (hash: 7OfvSF7fi0UcsKDUheYWIQBHQhr6MHSzWwEeH66b88k=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.mft
rsync://rpki.ripe.net/repository/DEFAULT/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4a:43:8d:4e:b5:99:dd:8b:9f:4f:4a:e7:32:50:43:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42432a319f54b058372fd32528eae51fc90c15b2
Validity
Not Before: Jun 7 12:00:30 2025 GMT
Not After : Jun 8 12:00:30 2025 GMT
Subject: CN=a353807175b7edd5c6a24e39517e1289ab1443e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:66:ec:1e:6c:e6:bc:44:ee:0c:0d:86:47:8b:
99:4a:64:c4:44:41:0d:e6:05:be:2e:29:27:28:6b:
ef:13:19:97:13:72:43:e9:a3:5b:bc:9e:a1:09:fa:
e2:ad:43:00:9f:e7:66:a9:e7:17:1b:77:a2:4f:00:
eb:11:8b:de:74:49:c4:ed:b7:1d:b8:bc:c1:89:ac:
b7:3b:76:5f:8f:ce:74:6d:6a:92:8d:90:3f:1b:67:
11:90:16:be:e2:f0:fe:5a:dc:36:15:f1:da:a2:53:
85:0b:f8:0a:cb:64:52:cf:c2:9a:db:bc:40:33:b6:
a2:a3:74:94:8f:87:03:bc:a8:95:17:49:80:3c:6d:
10:74:15:9d:83:0e:c5:ae:0e:c5:46:31:46:01:2a:
06:11:d3:91:33:f8:3b:fe:a3:dd:92:06:2d:38:6d:
a4:7a:2b:b7:f8:4b:d2:4c:0f:20:6e:1f:a9:30:fb:
8d:45:37:ee:15:4c:a3:f2:a3:36:8f:5c:71:e6:7f:
8f:95:d7:87:e9:1e:13:0f:22:ca:e6:ff:2e:07:8e:
79:e4:fa:c3:6c:fd:53:3e:2a:ae:20:1b:62:c7:84:
a0:68:8f:7b:9f:d8:0a:8a:39:03:6f:3d:70:fd:16:
0b:94:47:16:4b:c9:bd:20:ce:f5:ec:8b:b5:b4:d6:
bc:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:53:80:71:75:B7:ED:D5:C6:A2:4E:39:51:7E:12:89:AB:14:43:E0
X509v3 Authority Key Identifier:
keyid:42:43:2A:31:9F:54:B0:58:37:2F:D3:25:28:EA:E5:1F:C9:0C:15:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
17:72:d8:86:dd:70:fb:df:95:2a:6f:65:ec:7a:65:80:ac:e4:
d0:c8:72:0f:0c:e4:ff:e8:66:44:95:57:2c:ad:c7:0f:5e:81:
64:98:23:c5:b4:db:f3:9a:4f:46:6b:98:27:52:2a:1c:99:76:
ef:cb:ef:40:e9:b9:ca:82:29:8c:02:e5:ca:96:cd:c6:32:72:
22:58:63:01:17:95:65:bd:ee:41:04:ac:fb:b3:09:91:6f:78:
33:f5:30:78:d6:20:f7:62:16:49:26:32:1f:c2:fa:04:53:64:
c4:49:6d:97:a8:b7:d5:87:2c:c9:d7:3f:09:fd:b4:f1:e6:d0:
d9:cf:43:c2:62:71:7c:5b:20:c0:a6:d5:4d:69:d5:a5:0d:bf:
de:58:f3:e6:28:da:14:b5:6b:03:0d:4f:da:73:3d:c5:8c:3f:
d7:ac:fb:0f:38:45:65:f7:dd:d4:e2:96:58:37:55:bc:e8:82:
97:82:63:56:9d:b0:22:08:18:cf:fb:63:3a:c8:80:66:09:78:
21:8b:a9:5d:20:99:bd:9e:2a:58:a7:ef:25:d2:fd:03:5b:36:
c8:d1:ef:43:a9:7b:46:fb:0f:66:1e:0b:e9:c9:41:18:f4:93:
9a:b9:2a:1a:bf:c7:0f:41:4e:55:73:c4:fe:49:59:25:56:39:
f8:d4:3d:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKQ41OtZndi59PSucyUEO8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyNDMyYTMxOWY1NGIwNTgzNzJmZDMyNTI4ZWFlNTFmYzkw
YzE1YjIwHhcNMjUwNjA3MTIwMDMwWhcNMjUwNjA4MTIwMDMwWjAzMTEwLwYDVQQD
EyhhMzUzODA3MTc1YjdlZGQ1YzZhMjRlMzk1MTdlMTI4OWFiMTQ0M2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumbsHmzmvETuDA2GR4uZSmTEREEN
5gW+LiknKGvvExmXE3JD6aNbvJ6hCfrirUMAn+dmqecXG3eiTwDrEYvedEnE7bcd
uLzBiay3O3Zfj850bWqSjZA/G2cRkBa+4vD+Wtw2FfHaolOFC/gKy2RSz8Ka27xA
M7aio3SUj4cDvKiVF0mAPG0QdBWdgw7Frg7FRjFGASoGEdORM/g7/qPdkgYtOG2k
eiu3+EvSTA8gbh+pMPuNRTfuFUyj8qM2j1xx5n+PldeH6R4TDyLK5v8uB4555PrD
bP1TPiquIBtix4SgaI97n9gKijkDbz1w/RYLlEcWS8m9IM717Iu1tNa8eQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKNTgHF1t+3VxqJOOVF+EomrFEPgMB8GA1UdIwQY
MBaAFEJDKjGfVLBYNy/TJSjq5R/JDBWyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWtNcU1aOVVzRmczTDlNbEtPcmxIOGtNRmJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS83YWI3OWMtOWRmZi00YTVkLWFlODMt
MTMxZGMyYmEyZWM4LzEvUWtNcU1aOVVzRmczTDlNbEtPcmxIOGtNRmJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS83YWI3OWMtOWRmZi00YTVkLWFlODMtMTMxZGMyYmEyZWM4
LzEvUWtNcU1aOVVzRmczTDlNbEtPcmxIOGtNRmJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF3LYht1w
+9+VKm9l7HplgKzk0MhyDwzk/+hmRJVXLK3HD16BZJgjxbTb85pPRmuYJ1IqHJl2
78vvQOm5yoIpjALlypbNxjJyIlhjAReVZb3uQQSs+7MJkW94M/UweNYg92IWSSYy
H8L6BFNkxEltl6i31Ycsydc/Cf208ebQ2c9DwmJxfFsgwKbVTWnVpQ2/3ljz5ija
FLVrAw1P2nM9xYw/16z7DzhFZffd1OKWWDdVvOiCl4JjVp2wIggYz/tjOsiAZgl4
IYupXSCZvZ4qWKfvJdL9A1s2yNHvQ6l7RvsPZh4L6clBGPSTmrkqGr/HD0FOVXPE
/klZJVY5+NQ93Q==
-----END CERTIFICATE-----
Generated at Sat Jun 7 17:23:25 2025 by rpki-client