Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.mft
File: QHxwg0YOGkxyxLxCdjE9OoWUSoc.mft (raw, json)
Hash identifier: Z7Jh7/kh+/sWFqIhfYrqeGMwDaEB6OqI/5ZsmlhoTwU=
Subject key identifier: CE:50:39:3D:44:8C:6A:A3:0F:FC:72:99:DD:04:A7:2B:87:2F:83:A4
Authority key identifier: 40:7C:70:83:46:0E:1A:4C:72:C4:BC:42:76:31:3D:3A:85:94:4A:87
Certificate issuer: /CN=407c7083460e1a4c72c4bc4276313d3a85944a87
Certificate serial: 0197688508D7DDC0FABB59C1A7A97180A880
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QHxwg0YOGkxyxLxCdjE9OoWUSoc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.mft
Manifest number: 0D1D
Signing time: Fri 13 Jun 2025 09:00:38 +0000
Manifest this update: Fri 13 Jun 2025 09:00:38 +0000
Manifest next update: Sat 14 Jun 2025 09:00:38 +0000
Files and hashes: 1: GQOl6LTvNyPMyG3KjW9Ajp0Bvpw.roa (hash: eZX/fpaYpvDnXloavaVJKtIU2XKfpzNfzwR74TFia7o=)
2: QHxwg0YOGkxyxLxCdjE9OoWUSoc.crl (hash: 5yhfghr25qvpEV6twi3C+7wzrCaxTEHT8r9QObPcrn4=)
3: b5Ug6NPJo2XtezY8UVzxnmPE-i0.roa (hash: VB+B1HYKvDBDwa8bPpxYYXoTuHADEZJRpgBpaSqbPu4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.mft
rsync://rpki.ripe.net/repository/DEFAULT/QHxwg0YOGkxyxLxCdjE9OoWUSoc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Jun 2025 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:68:85:08:d7:dd:c0:fa:bb:59:c1:a7:a9:71:80:a8:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=407c7083460e1a4c72c4bc4276313d3a85944a87
Validity
Not Before: Jun 13 09:00:38 2025 GMT
Not After : Jun 14 09:00:38 2025 GMT
Subject: CN=ce50393d448c6aa30ffc7299dd04a72b872f83a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:8e:d8:7c:e4:70:7e:c1:98:b1:75:93:e8:2f:
b0:7c:63:8d:0b:37:b5:98:66:04:84:9d:a9:b8:2d:
30:af:64:43:ac:82:71:fe:42:4f:11:0e:28:f9:66:
2d:0c:19:f4:36:fe:dd:ab:c0:24:83:25:7f:ba:d2:
01:79:cc:60:76:a2:10:0b:aa:82:a9:a4:61:31:fb:
37:99:88:7d:ae:e9:2e:57:2d:9a:9f:a9:5a:7c:88:
c6:56:e2:f5:39:ee:db:75:d5:bb:18:00:e6:e3:97:
86:51:b0:f6:a9:53:5f:14:d1:97:70:30:a1:b0:1f:
7c:3f:8d:df:59:e6:41:fc:25:61:66:ae:d7:9c:29:
89:fa:ac:33:46:db:db:69:9f:50:34:30:d5:ce:a5:
b5:93:fe:1f:50:20:8b:00:bc:a6:e0:2a:05:63:5c:
8f:a6:21:86:dd:0f:9e:e2:75:28:d8:f4:dc:03:32:
53:02:b8:f9:a6:ec:9c:9b:3a:fe:fd:fc:07:d7:30:
1f:ef:ca:c5:67:7c:a7:e0:13:37:49:6d:e7:49:05:
e8:9c:43:39:e5:44:8c:d5:3a:71:f9:0e:fb:42:df:
39:06:11:e8:d9:43:30:48:84:f4:62:25:38:c8:48:
e1:5f:73:81:24:c7:d1:13:bc:da:c8:bc:84:9a:81:
a2:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:50:39:3D:44:8C:6A:A3:0F:FC:72:99:DD:04:A7:2B:87:2F:83:A4
X509v3 Authority Key Identifier:
keyid:40:7C:70:83:46:0E:1A:4C:72:C4:BC:42:76:31:3D:3A:85:94:4A:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QHxwg0YOGkxyxLxCdjE9OoWUSoc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
52:61:10:4b:31:c1:7d:37:2e:ac:cd:3a:db:62:8b:6a:2c:7e:
e6:8d:32:60:68:3a:94:d0:f7:26:69:e0:db:d9:59:7d:a2:7d:
ec:b1:d7:6b:ad:6a:fe:4f:0f:db:e5:c2:dc:4a:c0:02:5d:9b:
e7:b9:69:e1:c4:d4:ad:6d:07:b9:27:27:be:a4:b0:3b:cf:b7:
c5:5f:b5:ae:fb:4c:f2:6a:ed:0c:6c:c8:6e:4e:79:eb:ba:34:
e8:e4:48:c4:93:11:7d:6a:bb:19:dd:ae:9d:20:2f:90:47:6b:
6d:c3:91:38:51:82:e0:5b:7d:7a:75:86:58:73:5b:4e:95:fc:
cd:6e:67:75:20:24:34:7e:62:2c:7c:34:5f:3a:87:6d:03:a2:
90:90:86:9e:32:91:9c:bd:3e:f7:76:b9:90:4f:a0:79:78:c3:
74:4b:79:ec:c7:46:4c:04:ba:de:0e:52:b9:73:7f:aa:d1:f9:
bd:02:97:55:91:20:f6:8e:fd:49:35:e5:66:bf:7e:8c:75:32:
62:15:5d:13:4e:27:03:d1:de:c9:d8:22:48:f3:d2:d1:39:80:
31:c5:43:4e:91:96:df:dc:d4:aa:17:be:02:5a:b3:c1:b2:a6:
e8:5e:4c:9e:c7:da:32:27:42:56:06:03:a8:19:9f:16:6a:a3:
58:46:44:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdohQjX3cD6u1nBp6lxgKiAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwN2M3MDgzNDYwZTFhNGM3MmM0YmM0Mjc2MzEzZDNhODU5
NDRhODcwHhcNMjUwNjEzMDkwMDM4WhcNMjUwNjE0MDkwMDM4WjAzMTEwLwYDVQQD
EyhjZTUwMzkzZDQ0OGM2YWEzMGZmYzcyOTlkZDA0YTcyYjg3MmY4M2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyo7YfORwfsGYsXWT6C+wfGONCze1
mGYEhJ2puC0wr2RDrIJx/kJPEQ4o+WYtDBn0Nv7dq8AkgyV/utIBecxgdqIQC6qC
qaRhMfs3mYh9rukuVy2an6lafIjGVuL1Oe7bddW7GADm45eGUbD2qVNfFNGXcDCh
sB98P43fWeZB/CVhZq7XnCmJ+qwzRtvbaZ9QNDDVzqW1k/4fUCCLALym4CoFY1yP
piGG3Q+e4nUo2PTcAzJTArj5puycmzr+/fwH1zAf78rFZ3yn4BM3SW3nSQXonEM5
5USM1Tpx+Q77Qt85BhHo2UMwSIT0YiU4yEjhX3OBJMfRE7zayLyEmoGiUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM5QOT1EjGqjD/xymd0EpyuHL4OkMB8GA1UdIwQY
MBaAFEB8cINGDhpMcsS8QnYxPTqFlEqHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUh4d2cwWU9Ha3h5eEx4Q2RqRTlPb1dVU29jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi84YTc1NjktZWQ3NC00YTkyLTg2Mjct
OTg1ZWQxNWM5YWViLzEvUUh4d2cwWU9Ha3h5eEx4Q2RqRTlPb1dVU29jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi84YTc1NjktZWQ3NC00YTkyLTg2MjctOTg1ZWQxNWM5YWVi
LzEvUUh4d2cwWU9Ha3h5eEx4Q2RqRTlPb1dVU29jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUmEQSzHB
fTcurM0622KLaix+5o0yYGg6lND3Jmng29lZfaJ97LHXa61q/k8P2+XC3ErAAl2b
57lp4cTUrW0HuScnvqSwO8+3xV+1rvtM8mrtDGzIbk5567o06ORIxJMRfWq7Gd2u
nSAvkEdrbcOROFGC4Ft9enWGWHNbTpX8zW5ndSAkNH5iLHw0XzqHbQOikJCGnjKR
nL0+93a5kE+geXjDdEt57MdGTAS63g5SuXN/qtH5vQKXVZEg9o79STXlZr9+jHUy
YhVdE04nA9HeydgiSPPS0TmAMcVDTpGW39zUqhe+AlqzwbKm6F5MnsfaMidCVgYD
qBmfFmqjWEZEUQ==
-----END CERTIFICATE-----
Generated at Fri Jun 13 19:19:30 2025 by rpki-client