Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft
File: KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft (raw, json)
Hash identifier: /mUN+xNGxY9OmkGnLR4T7kwQZjWMM9KN+S+ujGye3vA=
Subject key identifier: 43:67:E5:89:8C:62:23:1B:E1:EC:D7:97:B4:FF:7D:4C:62:82:D4:A5
Authority key identifier: 29:01:F5:01:9A:97:0B:A5:BE:0C:75:4D:20:F7:86:71:81:8F:4A:2E
Certificate issuer: /CN=2901f5019a970ba5be0c754d20f78671818f4a2e
Certificate serial: 01978357614101D8070BAA225EA2550DFB2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQH1AZqXC6W-DHVNIPeGcYGPSi4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft
Manifest number: 159C
Signing time: Wed 18 Jun 2025 14:00:31 +0000
Manifest this update: Wed 18 Jun 2025 14:00:31 +0000
Manifest next update: Thu 19 Jun 2025 14:00:31 +0000
Files and hashes: 1: 8U2ACQzYPSPV3L5sSEkKCsB8pBA.roa (hash: ZbH4IgJyW8KkApU2bDE8XFDW+P9+bjUQNudFm1PbyTE=)
2: KQH1AZqXC6W-DHVNIPeGcYGPSi4.crl (hash: t/ARgmtwYzTh7wKuAma/FLjcYhqIMvqEEPJnJB6XStA=)
3: Ra0sgLWf3JdJbcM4jauXm0fPx4g.roa (hash: ymRkXWhwSlWVwmfkCY22bMBdImNrCEWfsZ+bTko6SjM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft
rsync://rpki.ripe.net/repository/DEFAULT/KQH1AZqXC6W-DHVNIPeGcYGPSi4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Jun 2025 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:83:57:61:41:01:d8:07:0b:aa:22:5e:a2:55:0d:fb:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2901f5019a970ba5be0c754d20f78671818f4a2e
Validity
Not Before: Jun 18 14:00:31 2025 GMT
Not After : Jun 19 14:00:31 2025 GMT
Subject: CN=4367e5898c62231be1ecd797b4ff7d4c6282d4a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:3e:31:66:7e:fa:8c:63:0e:46:e4:fa:c1:f0:
24:3f:c8:23:d7:1c:15:41:fc:e3:ca:4b:7b:7d:86:
ed:23:cf:eb:09:cb:55:e4:ed:72:c7:1c:2f:6e:48:
69:2c:c1:1d:31:e0:a2:e0:b7:7c:16:a9:94:bd:c1:
6b:b8:50:08:93:d0:f8:5a:03:0f:1a:11:e7:e0:2b:
b5:d5:4f:7f:53:08:a6:26:ed:02:84:e8:3c:af:53:
01:48:35:b5:78:1a:d4:ff:c7:37:6d:ad:71:2e:f8:
f0:0f:39:bd:60:29:b2:8b:f6:50:70:92:67:d1:cd:
85:7a:1f:3f:c3:7f:f8:ce:95:43:c5:32:11:0c:22:
5d:46:29:6f:fc:d3:16:71:4a:63:d9:f9:71:38:d5:
90:02:29:3c:d6:a9:d4:b1:2e:60:03:50:ac:7b:1d:
ec:6a:2a:f1:44:7e:76:07:54:d3:82:79:96:4b:50:
03:f8:ce:1c:56:3e:e5:e2:20:ef:88:2c:11:d7:c6:
a3:1d:ab:48:86:8f:33:b5:8b:ab:7c:d0:5c:74:1a:
12:40:21:14:c2:47:16:f6:66:f3:c4:c2:65:8f:53:
a7:c8:5a:35:0d:43:42:01:d4:a6:4d:17:8f:e9:0f:
36:f2:e4:75:6a:6c:a3:f6:fa:ab:12:4c:86:4a:e3:
97:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:67:E5:89:8C:62:23:1B:E1:EC:D7:97:B4:FF:7D:4C:62:82:D4:A5
X509v3 Authority Key Identifier:
keyid:29:01:F5:01:9A:97:0B:A5:BE:0C:75:4D:20:F7:86:71:81:8F:4A:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQH1AZqXC6W-DHVNIPeGcYGPSi4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3d:7b:55:fb:ef:de:6c:1b:c2:d6:5e:f8:2d:31:97:78:11:3b:
44:d0:00:ec:b1:09:f3:10:b9:cd:fb:64:0b:f3:cf:b0:d8:23:
d5:a9:0d:86:20:f3:c8:4c:e5:58:0c:57:b2:d3:ea:08:55:21:
e3:f0:7e:be:57:37:da:a0:78:fc:7f:0e:41:d5:d0:18:00:e9:
3c:03:00:4a:93:5a:b7:35:5e:0a:e6:ba:9d:81:05:39:fd:58:
a9:18:15:2f:1a:d2:b6:71:a6:5c:fd:84:a4:89:ef:c6:cd:41:
45:38:a5:10:db:c9:c1:88:b9:1b:ba:fd:32:1b:32:0e:e3:5d:
10:0b:5a:49:59:cd:a0:74:b1:46:b6:d5:44:55:7d:e3:86:f6:
3f:47:b4:ca:0a:3d:89:64:5f:c8:da:13:30:a9:48:ad:4b:92:
26:8f:79:5e:45:8e:e1:e3:04:39:a6:77:2f:47:b6:80:1d:8e:
ff:a1:b1:22:ba:d5:e3:f7:ac:7a:2e:4a:28:dd:cc:ba:04:77:
87:8e:82:93:44:21:e4:c7:f3:35:e6:3e:98:26:7d:00:63:6b:
fd:2f:81:1f:31:4d:6b:99:e1:e0:ca:41:0a:ba:26:ca:11:22:
01:88:da:dc:be:22:83:28:df:c7:4f:07:ee:03:8e:2f:32:a7:
cf:b9:b8:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZeDV2FBAdgHC6oiXqJVDfssMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDFmNTAxOWE5NzBiYTViZTBjNzU0ZDIwZjc4NjcxODE4
ZjRhMmUwHhcNMjUwNjE4MTQwMDMxWhcNMjUwNjE5MTQwMDMxWjAzMTEwLwYDVQQD
Eyg0MzY3ZTU4OThjNjIyMzFiZTFlY2Q3OTdiNGZmN2Q0YzYyODJkNGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxD4xZn76jGMORuT6wfAkP8gj1xwV
Qfzjykt7fYbtI8/rCctV5O1yxxwvbkhpLMEdMeCi4Ld8FqmUvcFruFAIk9D4WgMP
GhHn4Cu11U9/UwimJu0ChOg8r1MBSDW1eBrU/8c3ba1xLvjwDzm9YCmyi/ZQcJJn
0c2Feh8/w3/4zpVDxTIRDCJdRilv/NMWcUpj2flxONWQAik81qnUsS5gA1Csex3s
airxRH52B1TTgnmWS1AD+M4cVj7l4iDviCwR18ajHatIho8ztYurfNBcdBoSQCEU
wkcW9mbzxMJlj1OnyFo1DUNCAdSmTReP6Q828uR1amyj9vqrEkyGSuOXzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFENn5YmMYiMb4ezXl7T/fUxigtSlMB8GA1UdIwQY
MBaAFCkB9QGalwulvgx1TSD3hnGBj0ouMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FIMUFacVhDNlctREhWTklQZUdjWUdQU2k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8yN2I2MmUtMzYzOS00ZTc0LWFmZmUt
MmIyZjJiODkwOGNjLzEvS1FIMUFacVhDNlctREhWTklQZUdjWUdQU2k0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8yN2I2MmUtMzYzOS00ZTc0LWFmZmUtMmIyZjJiODkwOGNj
LzEvS1FIMUFacVhDNlctREhWTklQZUdjWUdQU2k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPXtV++/e
bBvC1l74LTGXeBE7RNAA7LEJ8xC5zftkC/PPsNgj1akNhiDzyEzlWAxXstPqCFUh
4/B+vlc32qB4/H8OQdXQGADpPAMASpNatzVeCua6nYEFOf1YqRgVLxrStnGmXP2E
pInvxs1BRTilENvJwYi5G7r9MhsyDuNdEAtaSVnNoHSxRrbVRFV944b2P0e0ygo9
iWRfyNoTMKlIrUuSJo95XkWO4eMEOaZ3L0e2gB2O/6GxIrrV4/esei5KKN3MugR3
h46Ck0Qh5MfzNeY+mCZ9AGNr/S+BHzFNa5nh4MpBCromyhEiAYja3L4igyjfx08H
7gOOLzKnz7m4ow==
-----END CERTIFICATE-----
Generated at Wed Jun 18 16:33:35 2025 by rpki-client