Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft
File: KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft (raw, json)
Hash identifier: iHqGPtfiyVKPLZsJrjQVaR13InEvnM/XpR6cdUkTnf0=
Subject key identifier: 3B:00:0F:41:46:00:13:72:A6:E7:D6:D5:6F:8D:50:5F:A3:9D:94:75
Authority key identifier: 29:01:F5:01:9A:97:0B:A5:BE:0C:75:4D:20:F7:86:71:81:8F:4A:2E
Certificate issuer: /CN=2901f5019a970ba5be0c754d20f78671818f4a2e
Certificate serial: 01989780902CA837FDF6E7F5FA8481405FEC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQH1AZqXC6W-DHVNIPeGcYGPSi4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft
Manifest number: 162B
Signing time: Mon 11 Aug 2025 05:00:41 +0000
Manifest this update: Mon 11 Aug 2025 05:00:41 +0000
Manifest next update: Tue 12 Aug 2025 05:00:41 +0000
Files and hashes: 1: 8U2ACQzYPSPV3L5sSEkKCsB8pBA.roa (hash: ZbH4IgJyW8KkApU2bDE8XFDW+P9+bjUQNudFm1PbyTE=)
2: KQH1AZqXC6W-DHVNIPeGcYGPSi4.crl (hash: BqiQuWKME75G3OzJQ6Cj2cs7YYlcIXqYYNEX6GxgN9g=)
3: Ra0sgLWf3JdJbcM4jauXm0fPx4g.roa (hash: ymRkXWhwSlWVwmfkCY22bMBdImNrCEWfsZ+bTko6SjM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft
rsync://rpki.ripe.net/repository/DEFAULT/KQH1AZqXC6W-DHVNIPeGcYGPSi4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Aug 2025 02:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:97:80:90:2c:a8:37:fd:f6:e7:f5:fa:84:81:40:5f:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2901f5019a970ba5be0c754d20f78671818f4a2e
Validity
Not Before: Aug 11 05:00:41 2025 GMT
Not After : Aug 12 05:00:41 2025 GMT
Subject: CN=3b000f4146001372a6e7d6d56f8d505fa39d9475
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:6f:23:9b:58:af:76:c3:ce:96:63:55:03:a4:
5c:2e:bf:44:eb:bc:72:10:29:7e:c8:79:b4:ee:8c:
1b:0c:cc:de:36:4f:93:6e:7b:c0:21:6c:f3:65:59:
36:da:4a:e6:18:fe:9f:3d:ff:53:7a:16:30:21:7f:
56:1d:ec:a1:ca:98:9d:3f:67:9a:7f:a3:50:a7:aa:
ef:e3:d2:bf:59:77:f9:50:56:e0:f9:35:1a:25:62:
cb:7f:1a:2b:26:ee:21:4b:7b:4f:19:ef:73:ce:41:
71:ab:ad:ed:58:42:79:be:b6:86:7b:9f:3a:55:5b:
77:0c:ce:4e:2e:81:4f:5c:ca:42:e9:4c:d8:7b:b5:
a6:9b:e9:a3:21:e9:4a:65:1f:5f:c0:61:25:19:74:
a3:84:b5:60:5e:d2:df:71:d6:b7:b1:0e:ba:a3:19:
c5:c8:26:4b:cd:38:6e:af:d6:bd:40:a2:cc:9b:7a:
13:21:a3:f4:0e:1b:fb:9a:ce:f1:71:7e:6f:50:cb:
e3:d3:58:94:78:95:79:f7:38:6c:e8:4c:14:48:8c:
18:24:20:bd:4b:f7:aa:6a:09:d6:85:0c:55:98:7a:
38:75:89:6a:a4:e8:f1:48:69:19:1e:c9:79:a8:b1:
d7:41:4e:b5:4c:e2:78:db:fc:db:e5:f3:42:1a:ed:
ca:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:00:0F:41:46:00:13:72:A6:E7:D6:D5:6F:8D:50:5F:A3:9D:94:75
X509v3 Authority Key Identifier:
keyid:29:01:F5:01:9A:97:0B:A5:BE:0C:75:4D:20:F7:86:71:81:8F:4A:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQH1AZqXC6W-DHVNIPeGcYGPSi4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6e:e1:38:a4:41:04:cd:2e:37:e9:af:a2:96:9c:0a:47:87:a4:
b7:16:03:95:88:1f:55:15:bf:43:58:62:68:92:cd:04:22:04:
93:da:9b:a4:bc:64:b8:bd:59:3f:fe:f3:21:54:a9:ca:ae:d6:
4e:27:c3:5a:bb:7f:43:fc:69:af:0e:63:a0:d1:0d:c5:5e:d8:
33:fa:4c:f8:54:a0:48:e8:69:73:d0:e9:ae:89:b7:aa:43:6a:
5f:8b:10:cd:4c:ec:4b:45:39:f5:13:dd:c8:2d:74:e1:3c:73:
4d:4f:46:2c:ca:fe:df:0c:9e:4e:68:a9:e0:ae:7e:56:23:77:
c1:76:5c:b7:89:0b:99:8c:1d:74:40:f4:a1:5c:1b:be:d1:a7:
c2:d8:88:a1:37:c5:61:52:a2:fc:ef:e8:25:f8:07:da:df:86:
53:53:04:f3:2c:ac:a6:41:7b:76:0e:73:d1:3a:d8:4a:31:31:
91:e3:d2:ca:f7:78:02:80:08:80:86:30:aa:73:4e:05:34:e1:
13:9d:0f:de:7b:5b:e3:d6:88:20:b4:c3:81:e7:f4:86:10:0f:
c6:1d:77:f1:0d:0b:fb:03:b4:70:e4:29:4f:60:d1:cb:a9:ea:
c0:b9:0b:f8:4c:28:4d:ce:c4:d5:32:7a:a6:87:29:21:80:1f:
07:a1:df:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiXgJAsqDf99uf1+oSBQF/sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDFmNTAxOWE5NzBiYTViZTBjNzU0ZDIwZjc4NjcxODE4
ZjRhMmUwHhcNMjUwODExMDUwMDQxWhcNMjUwODEyMDUwMDQxWjAzMTEwLwYDVQQD
EygzYjAwMGY0MTQ2MDAxMzcyYTZlN2Q2ZDU2ZjhkNTA1ZmEzOWQ5NDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApG8jm1ivdsPOlmNVA6RcLr9E67xy
ECl+yHm07owbDMzeNk+TbnvAIWzzZVk22krmGP6fPf9TehYwIX9WHeyhypidP2ea
f6NQp6rv49K/WXf5UFbg+TUaJWLLfxorJu4hS3tPGe9zzkFxq63tWEJ5vraGe586
VVt3DM5OLoFPXMpC6UzYe7Wmm+mjIelKZR9fwGElGXSjhLVgXtLfcda3sQ66oxnF
yCZLzThur9a9QKLMm3oTIaP0Dhv7ms7xcX5vUMvj01iUeJV59zhs6EwUSIwYJCC9
S/eqagnWhQxVmHo4dYlqpOjxSGkZHsl5qLHXQU61TOJ42/zb5fNCGu3KEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDsAD0FGABNypufW1W+NUF+jnZR1MB8GA1UdIwQY
MBaAFCkB9QGalwulvgx1TSD3hnGBj0ouMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FIMUFacVhDNlctREhWTklQZUdjWUdQU2k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8yN2I2MmUtMzYzOS00ZTc0LWFmZmUt
MmIyZjJiODkwOGNjLzEvS1FIMUFacVhDNlctREhWTklQZUdjWUdQU2k0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8yN2I2MmUtMzYzOS00ZTc0LWFmZmUtMmIyZjJiODkwOGNj
LzEvS1FIMUFacVhDNlctREhWTklQZUdjWUdQU2k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbuE4pEEE
zS436a+ilpwKR4ektxYDlYgfVRW/Q1hiaJLNBCIEk9qbpLxkuL1ZP/7zIVSpyq7W
TifDWrt/Q/xprw5joNENxV7YM/pM+FSgSOhpc9Dprom3qkNqX4sQzUzsS0U59RPd
yC104TxzTU9GLMr+3wyeTmip4K5+ViN3wXZct4kLmYwddED0oVwbvtGnwtiIoTfF
YVKi/O/oJfgH2t+GU1ME8yyspkF7dg5z0TrYSjExkePSyvd4AoAIgIYwqnNOBTTh
E50P3ntb49aIILTDgef0hhAPxh138Q0L+wO0cOQpT2DRy6nqwLkL+EwoTc7E1TJ6
pocpIYAfB6Hfww==
-----END CERTIFICATE-----
Generated at Mon Aug 11 08:47:11 2025 by rpki-client