Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft
File: q53IX5TKZH3g22TXTTE5lHzESbo.mft (raw, json)
Hash identifier: sW0D2ef3blNbI/WxQ6j8W1/iuEPkoakYqMPmbcBPslo=
Subject key identifier: A0:B0:9A:25:28:1E:18:A1:B3:D6:A3:4F:A6:7A:35:96:58:A8:A7:41
Authority key identifier: AB:9D:C8:5F:94:CA:64:7D:E0:DB:64:D7:4D:31:39:94:7C:C4:49:BA
Certificate issuer: /CN=ab9dc85f94ca647de0db64d74d3139947cc449ba
Certificate serial: 01988F5902BC8A921682FAFE46C5B2CB1A39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q53IX5TKZH3g22TXTTE5lHzESbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft
Manifest number: 1312
Signing time: Sat 09 Aug 2025 15:00:31 +0000
Manifest this update: Sat 09 Aug 2025 15:00:31 +0000
Manifest next update: Sun 10 Aug 2025 15:00:31 +0000
Files and hashes: 1: 3U4MivbAgZFFTzpri9v9qzr-9Dg.roa (hash: OpxoqQJPTPV/7nPesTeS09o0jfmFmQcqEJLqODzVTIM=)
2: q53IX5TKZH3g22TXTTE5lHzESbo.crl (hash: XvIRhtO0bRxWCBmKoZVTQQKyFxJLluGKEMpSHPUvML0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft
rsync://rpki.ripe.net/repository/DEFAULT/q53IX5TKZH3g22TXTTE5lHzESbo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 14:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:8f:59:02:bc:8a:92:16:82:fa:fe:46:c5:b2:cb:1a:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab9dc85f94ca647de0db64d74d3139947cc449ba
Validity
Not Before: Aug 9 15:00:31 2025 GMT
Not After : Aug 10 15:00:31 2025 GMT
Subject: CN=a0b09a25281e18a1b3d6a34fa67a359658a8a741
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:aa:2e:a6:f5:9a:6a:7e:c6:91:38:b3:6c:19:
81:4c:6a:b0:00:22:c5:28:5b:b2:1c:e8:be:76:21:
09:d7:0a:c9:9c:8b:a1:bd:7e:56:88:4e:ba:69:0a:
47:01:58:9c:34:67:da:8d:37:24:4c:e4:45:c3:40:
59:63:16:c3:24:2c:19:b0:a5:39:c6:ca:33:66:89:
f4:9b:b1:c4:da:eb:78:16:25:43:a7:7a:b6:f1:3f:
15:c8:c7:f2:a7:36:c7:65:ca:ad:d3:98:f8:3f:75:
eb:07:66:38:9e:de:f8:a7:13:37:67:62:3f:16:ca:
f4:6d:85:e0:6e:0f:c3:8d:6c:0d:f8:a6:a8:98:28:
6a:b1:89:80:fb:34:cc:90:c7:c1:80:f3:c4:59:33:
f9:0f:d5:f7:4f:ce:71:81:e0:b5:2e:ce:10:20:05:
45:cd:13:b5:ed:e9:ac:5a:77:66:ab:c9:24:24:a1:
ba:cb:9b:e2:07:4d:1c:14:54:7b:e0:1b:7a:7b:19:
d2:a8:dc:1c:f7:86:c3:6b:eb:f7:5c:e8:a1:5b:b9:
a8:e2:b6:34:33:6b:18:01:89:8b:18:fc:5b:39:8e:
40:75:8c:e5:1f:13:8b:da:bf:37:7c:8a:1e:21:e6:
f9:05:45:cd:01:d5:f8:81:fc:a5:5d:26:8a:c7:21:
b0:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:B0:9A:25:28:1E:18:A1:B3:D6:A3:4F:A6:7A:35:96:58:A8:A7:41
X509v3 Authority Key Identifier:
keyid:AB:9D:C8:5F:94:CA:64:7D:E0:DB:64:D7:4D:31:39:94:7C:C4:49:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q53IX5TKZH3g22TXTTE5lHzESbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9c:ca:8d:73:bc:eb:d3:48:2b:2c:e2:f6:9e:6e:d4:e7:ac:d9:
36:7a:f0:3b:c5:f5:da:6b:f2:11:00:04:10:ba:80:07:bd:b4:
9e:60:ed:eb:8e:6e:f2:5b:3d:9e:a4:c3:f0:bc:70:90:ca:2d:
43:70:e1:d0:2c:d4:c3:39:74:c3:73:6b:68:d3:68:7d:b8:88:
90:52:37:b4:56:c7:c4:d4:37:16:63:90:67:40:d4:10:97:3f:
de:00:7f:07:5e:6e:52:de:7b:ad:71:93:68:a2:01:34:57:41:
1d:56:39:a3:7a:e6:97:d8:98:58:3f:0c:5a:fa:8f:e7:e5:fb:
e2:50:f1:73:28:5d:b4:5d:79:29:06:88:07:f7:3a:7f:2b:8b:
2e:09:0f:64:89:05:d9:3e:f7:1f:97:e4:e8:e9:2d:d9:ac:46:
80:9d:6d:75:07:8b:c7:76:b9:7a:9a:c3:0d:48:fa:4e:a3:30:
6f:62:5e:91:9f:c8:f3:0b:e2:72:d2:d7:a9:5c:20:44:f7:60:
92:e6:5f:dc:63:d6:69:51:f5:f4:44:4b:dc:54:58:38:bc:48:
71:4b:d4:b2:43:6c:3f:b9:d5:f4:c9:c0:f5:58:1d:b3:8f:c3:
b0:79:ce:35:1c:14:cb:d2:a1:3c:7a:36:60:06:63:c5:0d:a6:
39:74:29:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiPWQK8ipIWgvr+RsWyyxo5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiOWRjODVmOTRjYTY0N2RlMGRiNjRkNzRkMzEzOTk0N2Nj
NDQ5YmEwHhcNMjUwODA5MTUwMDMxWhcNMjUwODEwMTUwMDMxWjAzMTEwLwYDVQQD
EyhhMGIwOWEyNTI4MWUxOGExYjNkNmEzNGZhNjdhMzU5NjU4YThhNzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsaoupvWaan7GkTizbBmBTGqwACLF
KFuyHOi+diEJ1wrJnIuhvX5WiE66aQpHAVicNGfajTckTORFw0BZYxbDJCwZsKU5
xsozZon0m7HE2ut4FiVDp3q28T8VyMfypzbHZcqt05j4P3XrB2Y4nt74pxM3Z2I/
Fsr0bYXgbg/DjWwN+KaomChqsYmA+zTMkMfBgPPEWTP5D9X3T85xgeC1Ls4QIAVF
zRO17emsWndmq8kkJKG6y5viB00cFFR74Bt6exnSqNwc94bDa+v3XOihW7mo4rY0
M2sYAYmLGPxbOY5AdYzlHxOL2r83fIoeIeb5BUXNAdX4gfylXSaKxyGwyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKCwmiUoHhihs9ajT6Z6NZZYqKdBMB8GA1UdIwQY
MBaAFKudyF+UymR94Ntk100xOZR8xEm6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTUzSVg1VEtaSDNnMjJUWFRURTVsSHpFU2JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy85YzgzYTUtM2E5YS00NzE1LTliMTYt
NDA0NjMyNDk3MGFmLzEvcTUzSVg1VEtaSDNnMjJUWFRURTVsSHpFU2JvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy85YzgzYTUtM2E5YS00NzE1LTliMTYtNDA0NjMyNDk3MGFm
LzEvcTUzSVg1VEtaSDNnMjJUWFRURTVsSHpFU2JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnMqNc7zr
00grLOL2nm7U56zZNnrwO8X12mvyEQAEELqAB720nmDt645u8ls9nqTD8LxwkMot
Q3Dh0CzUwzl0w3NraNNofbiIkFI3tFbHxNQ3FmOQZ0DUEJc/3gB/B15uUt57rXGT
aKIBNFdBHVY5o3rml9iYWD8MWvqP5+X74lDxcyhdtF15KQaIB/c6fyuLLgkPZIkF
2T73H5fk6Okt2axGgJ1tdQeLx3a5eprDDUj6TqMwb2JekZ/I8wvictLXqVwgRPdg
kuZf3GPWaVH19ERL3FRYOLxIcUvUskNsP7nV9MnA9Vgds4/DsHnONRwUy9KhPHo2
YAZjxQ2mOXQp7g==
-----END CERTIFICATE-----
Generated at Sat Aug 9 23:27:54 2025 by rpki-client