Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.mft
File: TQiJTKQFMefSApQJEojnetEsKXk.mft (raw, json)
Hash identifier: Wrcwcf4KSuF/xYkLp4I5cJ9WSg8NRrhJI2/dPILQhr0=
Subject key identifier: 94:72:E5:45:DF:D5:53:31:06:81:CA:D6:84:ED:C7:D4:94:D9:A2:90
Authority key identifier: 4D:08:89:4C:A4:05:31:E7:D2:02:94:09:12:88:E7:7A:D1:2C:29:79
Certificate issuer: /CN=4d08894ca40531e7d20294091288e77ad12c2979
Certificate serial: 01976BBD850DCE80096B5ACB3287E4E0E156
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TQiJTKQFMefSApQJEojnetEsKXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.mft
Manifest number: 0655
Signing time: Sat 14 Jun 2025 00:01:11 +0000
Manifest this update: Sat 14 Jun 2025 00:01:11 +0000
Manifest next update: Sun 15 Jun 2025 00:01:11 +0000
Files and hashes: 1: 9vSYuCdAG_e0E6RGGzb6agTE0BM.roa (hash: QacZLKOpB/Eo9Q8tjYWI0KN++SKGpTz/tW+UR9tDqD0=)
2: TQiJTKQFMefSApQJEojnetEsKXk.crl (hash: QKAyDNo84JrfLp0WTxUcPlFpPlqtBHkO+XzxZlMijE4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.mft
rsync://rpki.ripe.net/repository/DEFAULT/TQiJTKQFMefSApQJEojnetEsKXk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 00:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:6b:bd:85:0d:ce:80:09:6b:5a:cb:32:87:e4:e0:e1:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d08894ca40531e7d20294091288e77ad12c2979
Validity
Not Before: Jun 14 00:01:11 2025 GMT
Not After : Jun 15 00:01:11 2025 GMT
Subject: CN=9472e545dfd553310681cad684edc7d494d9a290
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:07:6c:a5:30:f0:dd:5e:c7:4f:d6:87:19:ed:
a0:63:cb:a5:63:01:4b:8d:60:5e:1f:31:79:72:4b:
d0:12:48:a3:10:21:9f:a5:04:b6:37:6f:7a:a7:62:
a4:4a:d5:15:ec:c4:62:5d:e4:39:ab:4d:e8:22:6b:
ef:16:98:db:eb:b8:2e:0d:15:75:99:c5:33:3a:bd:
54:85:a4:f7:62:91:19:08:61:23:27:ef:ea:b4:d0:
90:4e:a5:a9:41:a3:d1:f1:93:8b:9f:40:80:3a:22:
ec:68:28:f1:f0:e4:97:6b:5b:32:ae:f4:b9:04:6c:
68:0c:60:4c:8b:05:b2:86:bd:8a:f7:b2:dc:69:3c:
53:e7:ca:8b:9c:5d:96:12:45:72:f5:fe:bc:6c:2a:
c4:14:94:64:71:c7:3c:aa:2b:c7:64:88:c2:c4:e3:
7a:12:a6:2a:e4:8f:ae:cb:68:99:78:ac:ef:3f:dd:
d6:2a:1a:1c:9d:a6:47:02:eb:18:ff:1f:ae:41:9a:
6b:d0:f4:39:0e:a3:5c:85:5d:31:67:e1:42:c9:ce:
06:b6:6e:2f:62:37:89:01:9b:86:aa:81:63:8b:db:
c0:5a:97:70:31:53:b8:30:72:5e:d7:68:b4:55:3e:
bd:14:1c:35:c7:a2:fe:29:98:e4:2f:c1:9d:56:e6:
1d:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:72:E5:45:DF:D5:53:31:06:81:CA:D6:84:ED:C7:D4:94:D9:A2:90
X509v3 Authority Key Identifier:
keyid:4D:08:89:4C:A4:05:31:E7:D2:02:94:09:12:88:E7:7A:D1:2C:29:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TQiJTKQFMefSApQJEojnetEsKXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9e:be:04:76:68:e2:d1:d6:4f:28:1a:96:42:18:4a:22:e8:01:
38:ab:ca:72:6e:12:db:8e:76:73:ee:dc:20:c2:8d:ac:1b:8b:
a1:a6:f2:ea:6d:a5:51:e9:8a:41:fa:df:67:9e:19:c3:75:2c:
a6:94:ef:db:68:d1:2f:f8:e6:3c:08:91:dd:60:b2:9e:d4:43:
73:be:98:27:e8:53:f9:0f:14:8f:ba:0e:69:ab:15:bc:6d:d5:
b1:69:f5:5b:6e:fd:ca:57:b5:26:a0:91:d7:a6:81:26:40:54:
ff:18:ce:c4:e7:f0:66:4c:f2:1b:33:58:2e:13:3c:c0:21:19:
3c:71:9d:0d:10:ac:4f:18:8f:19:f0:39:ea:20:66:f4:79:1f:
bd:9c:f2:bb:db:30:94:31:65:95:fa:d7:bc:f4:09:ce:74:a8:
82:03:bb:ea:6d:ed:1b:0c:0c:be:59:d1:ca:01:f5:b3:f3:c6:
96:5d:66:52:93:6c:5d:8c:fc:42:a8:92:5e:d3:d0:98:f4:0a:
bf:08:61:08:90:bf:b8:aa:6c:52:b5:9a:f2:73:64:45:66:87:
e5:db:1f:5f:40:3f:8d:20:39:6b:2e:58:06:48:de:08:d7:34:
be:bd:cd:b3:7d:70:12:3f:00:fb:88:82:56:f3:e8:e6:db:33:
4a:1e:30:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdrvYUNzoAJa1rLMofk4OFWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMDg4OTRjYTQwNTMxZTdkMjAyOTQwOTEyODhlNzdhZDEy
YzI5NzkwHhcNMjUwNjE0MDAwMTExWhcNMjUwNjE1MDAwMTExWjAzMTEwLwYDVQQD
Eyg5NDcyZTU0NWRmZDU1MzMxMDY4MWNhZDY4NGVkYzdkNDk0ZDlhMjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowdspTDw3V7HT9aHGe2gY8ulYwFL
jWBeHzF5ckvQEkijECGfpQS2N296p2KkStUV7MRiXeQ5q03oImvvFpjb67guDRV1
mcUzOr1UhaT3YpEZCGEjJ+/qtNCQTqWpQaPR8ZOLn0CAOiLsaCjx8OSXa1syrvS5
BGxoDGBMiwWyhr2K97LcaTxT58qLnF2WEkVy9f68bCrEFJRkccc8qivHZIjCxON6
EqYq5I+uy2iZeKzvP93WKhocnaZHAusY/x+uQZpr0PQ5DqNchV0xZ+FCyc4Gtm4v
YjeJAZuGqoFji9vAWpdwMVO4MHJe12i0VT69FBw1x6L+KZjkL8GdVuYdOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJRy5UXf1VMxBoHK1oTtx9SU2aKQMB8GA1UdIwQY
MBaAFE0IiUykBTHn0gKUCRKI53rRLCl5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFFpSlRLUUZNZWZTQXBRSkVvam5ldEVzS1hrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85YTA4YjAtY2ZlYy00YzkxLWI4ZWIt
NGFiYWRiNWFlYTlhLzEvVFFpSlRLUUZNZWZTQXBRSkVvam5ldEVzS1hrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85YTA4YjAtY2ZlYy00YzkxLWI4ZWItNGFiYWRiNWFlYTlh
LzEvVFFpSlRLUUZNZWZTQXBRSkVvam5ldEVzS1hrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnr4Edmji
0dZPKBqWQhhKIugBOKvKcm4S2452c+7cIMKNrBuLoaby6m2lUemKQfrfZ54Zw3Us
ppTv22jRL/jmPAiR3WCyntRDc76YJ+hT+Q8Uj7oOaasVvG3VsWn1W279yle1JqCR
16aBJkBU/xjOxOfwZkzyGzNYLhM8wCEZPHGdDRCsTxiPGfA56iBm9HkfvZzyu9sw
lDFllfrXvPQJznSoggO76m3tGwwMvlnRygH1s/PGll1mUpNsXYz8QqiSXtPQmPQK
vwhhCJC/uKpsUrWa8nNkRWaH5dsfX0A/jSA5ay5YBkjeCNc0vr3Ns31wEj8A+4iC
VvPo5tszSh4w0A==
-----END CERTIFICATE-----
Generated at Sat Jun 14 09:58:30 2025 by rpki-client