Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft
File: KqPjBJdiCGjhestHhoLOegvRNTQ.mft (raw, json)
Hash identifier: 5xctFGw/Zv8ZQezljW3HOl6PGIl7vr11iZ6JjTCHBR0=
Subject key identifier: 2F:57:5F:26:93:4C:87:95:5D:CD:98:55:4D:55:78:86:57:F6:83:AC
Authority key identifier: 2A:A3:E3:04:97:62:08:68:E1:7A:CB:47:86:82:CE:7A:0B:D1:35:34
Certificate issuer: /CN=2aa3e30497620868e17acb478682ce7a0bd13534
Certificate serial: 0198971363B0B95FE14AD436A60DFF1B37CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KqPjBJdiCGjhestHhoLOegvRNTQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft
Manifest number: 1628
Signing time: Mon 11 Aug 2025 03:01:26 +0000
Manifest this update: Mon 11 Aug 2025 03:01:26 +0000
Manifest next update: Tue 12 Aug 2025 03:01:26 +0000
Files and hashes: 1: KqPjBJdiCGjhestHhoLOegvRNTQ.crl (hash: CAmlW4zs8vJVWLcN6d+hLPyjMyYao3Hrc88AgDskwnI=)
2: _F5YjzIp4N7IiS5lXnJMJsPMLEU.roa (hash: HX+68oJeKBQGUaK3TL3s9cs53fsCINCeh8CnxLw+JsM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/KqPjBJdiCGjhestHhoLOegvRNTQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Aug 2025 02:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:97:13:63:b0:b9:5f:e1:4a:d4:36:a6:0d:ff:1b:37:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2aa3e30497620868e17acb478682ce7a0bd13534
Validity
Not Before: Aug 11 03:01:26 2025 GMT
Not After : Aug 12 03:01:26 2025 GMT
Subject: CN=2f575f26934c87955dcd98554d55788657f683ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:a3:78:e1:ab:9c:d4:8a:30:17:59:9f:0f:12:
93:60:52:d3:0c:ac:f0:be:c4:a0:b9:89:af:63:33:
ca:3b:df:14:0e:b6:32:eb:f9:a3:92:e0:0d:c0:85:
e3:9e:2b:ca:57:5f:cc:1c:0b:0f:63:cc:82:c3:18:
5c:b7:60:c3:74:73:bf:17:64:33:62:f7:be:d4:52:
bd:1d:54:03:77:1b:8d:2e:3f:99:8d:63:5b:e1:76:
96:3a:8e:fa:13:37:fa:44:9b:c6:ca:e5:dd:55:70:
e3:fa:86:75:25:7e:f6:40:0d:02:ae:a1:53:f9:93:
9a:57:fb:61:13:cb:3d:d3:fc:e4:37:73:da:99:0c:
62:9a:27:b8:33:78:f4:aa:8a:0e:1a:0c:74:c8:97:
8b:a6:a3:59:c4:2a:85:d3:63:da:f9:7d:7a:b7:cf:
12:15:af:54:eb:05:7b:9c:0e:ff:c8:09:f5:50:93:
fe:b5:41:a1:76:72:e7:2b:7b:46:fa:81:07:ff:14:
f1:8c:7c:02:fc:4e:a3:1f:ab:38:37:ec:eb:67:5f:
22:82:7f:c6:68:fc:c4:c8:b1:89:13:44:d2:41:e0:
80:f8:3f:1a:2d:36:5e:8b:90:55:c1:37:62:e9:97:
8e:fd:60:1f:cc:d9:04:f9:60:02:42:99:3c:f1:3c:
0e:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:57:5F:26:93:4C:87:95:5D:CD:98:55:4D:55:78:86:57:F6:83:AC
X509v3 Authority Key Identifier:
keyid:2A:A3:E3:04:97:62:08:68:E1:7A:CB:47:86:82:CE:7A:0B:D1:35:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KqPjBJdiCGjhestHhoLOegvRNTQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9a:df:8c:6e:8b:de:2f:f6:4f:4f:d6:3c:48:d0:92:ea:4e:04:
e4:36:f0:42:c2:33:82:78:43:f2:af:d6:26:69:dd:bd:8a:20:
98:59:e7:de:43:84:be:c5:34:e4:3b:b4:d2:a7:61:2e:46:2f:
6c:de:0b:f5:88:03:63:dd:88:9b:91:49:63:42:30:bb:6a:49:
ea:dc:6b:60:0d:a5:81:9c:a5:11:f2:71:0b:79:7d:a0:b8:d3:
b4:98:8c:28:5e:82:6a:fa:a4:35:b5:4c:e6:94:c8:98:9c:b7:
02:e9:a4:b8:f2:cb:d0:7a:a0:a6:31:a6:18:e9:8e:3d:b7:9e:
26:18:c5:0a:4b:e8:ee:1d:a9:b4:d3:82:24:07:c8:7d:d2:f5:
d6:d4:2e:ed:05:72:88:fe:26:f5:4d:fb:1f:f3:e9:47:3f:cd:
f6:8a:ee:b8:e4:f1:9a:33:3c:7c:6b:a6:bf:2c:b2:1a:c6:2f:
18:74:38:2b:f3:b9:7e:6c:77:5c:ee:b1:86:31:32:24:8d:b8:
be:7a:fb:76:63:a8:67:44:02:56:15:1a:38:bf:e5:d0:4e:c7:
10:70:cb:05:69:e4:46:85:a1:b9:a3:7c:6b:ea:e2:06:f4:6e:
b1:a4:93:90:b3:7d:76:6b:6f:1f:8d:9d:7c:7c:74:4d:fa:79:
80:8d:3a:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiXE2OwuV/hStQ2pg3/GzfLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYTNlMzA0OTc2MjA4NjhlMTdhY2I0Nzg2ODJjZTdhMGJk
MTM1MzQwHhcNMjUwODExMDMwMTI2WhcNMjUwODEyMDMwMTI2WjAzMTEwLwYDVQQD
EygyZjU3NWYyNjkzNGM4Nzk1NWRjZDk4NTU0ZDU1Nzg4NjU3ZjY4M2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxKN44auc1IowF1mfDxKTYFLTDKzw
vsSguYmvYzPKO98UDrYy6/mjkuANwIXjnivKV1/MHAsPY8yCwxhct2DDdHO/F2Qz
Yve+1FK9HVQDdxuNLj+ZjWNb4XaWOo76Ezf6RJvGyuXdVXDj+oZ1JX72QA0CrqFT
+ZOaV/thE8s90/zkN3PamQximie4M3j0qooOGgx0yJeLpqNZxCqF02Pa+X16t88S
Fa9U6wV7nA7/yAn1UJP+tUGhdnLnK3tG+oEH/xTxjHwC/E6jH6s4N+zrZ18ign/G
aPzEyLGJE0TSQeCA+D8aLTZei5BVwTdi6ZeO/WAfzNkE+WACQpk88TwOKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC9XXyaTTIeVXc2YVU1VeIZX9oOsMB8GA1UdIwQY
MBaAFCqj4wSXYgho4XrLR4aCznoL0TU0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3FQakJKZGlDR2poZXN0SGhvTE9lZ3ZSTlRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS85ODdiM2MtZjM0NS00MTEyLTkyNDAt
YTRjMGFiYTliYmViLzEvS3FQakJKZGlDR2poZXN0SGhvTE9lZ3ZSTlRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS85ODdiM2MtZjM0NS00MTEyLTkyNDAtYTRjMGFiYTliYmVi
LzEvS3FQakJKZGlDR2poZXN0SGhvTE9lZ3ZSTlRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmt+Mbove
L/ZPT9Y8SNCS6k4E5DbwQsIzgnhD8q/WJmndvYogmFnn3kOEvsU05Du00qdhLkYv
bN4L9YgDY92Im5FJY0Iwu2pJ6txrYA2lgZylEfJxC3l9oLjTtJiMKF6CavqkNbVM
5pTImJy3AumkuPLL0HqgpjGmGOmOPbeeJhjFCkvo7h2ptNOCJAfIfdL11tQu7QVy
iP4m9U37H/PpRz/N9oruuOTxmjM8fGumvyyyGsYvGHQ4K/O5fmx3XO6xhjEyJI24
vnr7dmOoZ0QCVhUaOL/l0E7HEHDLBWnkRoWhuaN8a+riBvRusaSTkLN9dmtvH42d
fHx0Tfp5gI06BA==
-----END CERTIFICATE-----
Generated at Mon Aug 11 09:51:14 2025 by rpki-client