Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/654b89-37c1-4061-90b3-6b95500da23b/1/QxfdFbYr3XESWZuBQjNg7uegEpY.mft
File: QxfdFbYr3XESWZuBQjNg7uegEpY.mft (raw, json)
Hash identifier: A2pz+rTsrCyAiA2MEZb1sgOwTKkj5yrP2lykpqWeXNE=
Subject key identifier: 32:D3:32:E5:7A:36:EA:6C:FE:89:C6:37:3C:D6:9B:DF:2D:9D:A3:51
Authority key identifier: 43:17:DD:15:B6:2B:DD:71:12:59:9B:81:42:33:60:EE:E7:A0:12:96
Certificate issuer: /CN=4317dd15b62bdd7112599b81423360eee7a01296
Certificate serial: 01969228895F460CEC358C5909CB90814334
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QxfdFbYr3XESWZuBQjNg7uegEpY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/654b89-37c1-4061-90b3-6b95500da23b/1/QxfdFbYr3XESWZuBQjNg7uegEpY.mft
Manifest number: 0683
Signing time: Fri 02 May 2025 18:00:52 +0000
Manifest this update: Fri 02 May 2025 18:00:52 +0000
Manifest next update: Sat 03 May 2025 18:00:52 +0000
Files and hashes: 1: DRGQu6VcNUxgbC-i_8UH42qgDUM.roa (hash: Tkt8CjSKbVkubPBErWJwsPegnkm3xx4+YfHW6WMiPHA=)
2: QxfdFbYr3XESWZuBQjNg7uegEpY.crl (hash: kZ8GszmxnJDs0qBHps9wVBPhl/hRiLAnrAEXYg1O75c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/654b89-37c1-4061-90b3-6b95500da23b/1/QxfdFbYr3XESWZuBQjNg7uegEpY.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/654b89-37c1-4061-90b3-6b95500da23b/1/QxfdFbYr3XESWZuBQjNg7uegEpY.mft
rsync://rpki.ripe.net/repository/DEFAULT/QxfdFbYr3XESWZuBQjNg7uegEpY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 03 May 2025 14:24:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:92:28:89:5f:46:0c:ec:35:8c:59:09:cb:90:81:43:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4317dd15b62bdd7112599b81423360eee7a01296
Validity
Not Before: May 2 18:00:52 2025 GMT
Not After : May 3 18:00:52 2025 GMT
Subject: CN=32d332e57a36ea6cfe89c6373cd69bdf2d9da351
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:dc:67:6f:9b:ca:2b:67:a8:74:86:b1:48:c2:
b1:1b:df:c1:f9:b7:f1:e8:dd:e3:c7:f7:c6:4f:b9:
60:70:35:4a:d2:59:b7:37:b3:0c:30:26:7d:ca:3a:
8b:b0:9f:62:ad:41:8a:4c:8f:0f:ad:19:63:55:6c:
59:69:af:2f:88:f1:5b:03:8a:b5:6f:95:32:c8:e4:
e9:c1:0d:13:af:1b:53:75:7e:3d:b6:29:7f:09:dc:
d7:4b:11:6e:d6:1a:cc:b3:58:3a:3f:f9:8e:38:de:
4a:a8:b7:18:98:92:9e:a7:9a:e6:43:f7:03:01:dd:
c8:20:53:70:73:d2:80:f3:8a:9c:63:bf:69:67:81:
bd:68:73:6e:da:6d:24:02:fe:b4:00:5b:57:a6:7e:
b6:90:11:32:13:a5:e4:0e:c9:d7:f2:38:56:08:67:
e0:d7:0a:f0:c6:10:42:18:66:51:ec:2b:af:7b:cc:
b3:ba:da:b2:d9:93:0b:3d:49:64:3a:f0:90:97:73:
9c:e0:f8:39:27:e5:da:de:74:e7:24:ca:14:30:8f:
7c:5e:df:c1:f8:7a:c8:e7:d1:1f:5f:eb:a9:d4:62:
03:2b:d2:45:96:b5:e1:3a:63:e7:16:01:de:fd:e6:
fd:16:01:9d:78:33:d7:20:76:b9:ba:18:85:f5:62:
2e:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:D3:32:E5:7A:36:EA:6C:FE:89:C6:37:3C:D6:9B:DF:2D:9D:A3:51
X509v3 Authority Key Identifier:
keyid:43:17:DD:15:B6:2B:DD:71:12:59:9B:81:42:33:60:EE:E7:A0:12:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QxfdFbYr3XESWZuBQjNg7uegEpY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/654b89-37c1-4061-90b3-6b95500da23b/1/QxfdFbYr3XESWZuBQjNg7uegEpY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/654b89-37c1-4061-90b3-6b95500da23b/1/QxfdFbYr3XESWZuBQjNg7uegEpY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
30:ea:2d:92:65:08:cf:05:ed:e7:c2:8d:e7:cb:41:61:4f:9b:
9d:a6:c0:63:45:86:1b:b4:49:61:ff:b4:ff:c3:56:12:ae:5e:
76:fa:7f:d6:43:8d:1e:6b:b8:eb:8f:7b:a0:d7:62:c1:6e:70:
49:5b:d7:88:5e:f2:76:e4:e1:be:2d:56:de:67:ec:b4:97:5d:
b8:bb:9b:0e:25:91:7f:26:4c:26:c5:ce:43:a6:0e:bc:64:b2:
99:51:5a:1a:3a:f7:84:40:d1:d9:aa:f8:42:b3:3c:b6:dc:09:
34:9b:f9:2b:fb:09:50:da:9d:d4:1b:eb:c3:e1:95:72:13:7b:
a3:f0:8e:f6:87:81:e1:37:f0:ba:a5:34:a6:90:a1:65:e4:58:
9b:a5:8f:b9:e5:e4:1b:2c:fc:66:26:be:58:a9:c5:69:60:76:
e8:c4:e6:e7:fe:05:40:a4:d6:a4:9b:95:d2:cb:f9:b0:a9:96:
3d:d5:7a:ed:8a:8a:08:a8:63:60:28:b3:4b:63:1a:33:44:79:
b5:30:70:e1:cd:e2:d2:27:f3:bb:84:0b:11:a1:7d:be:fe:94:
cc:29:e7:eb:f6:83:60:d3:d9:48:35:3e:ca:78:62:de:43:82:
b3:f2:14:2a:27:f5:14:09:1f:d2:67:27:c2:71:4c:ef:b8:89:
09:66:87:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaSKIlfRgzsNYxZCcuQgUM0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMTdkZDE1YjYyYmRkNzExMjU5OWI4MTQyMzM2MGVlZTdh
MDEyOTYwHhcNMjUwNTAyMTgwMDUyWhcNMjUwNTAzMTgwMDUyWjAzMTEwLwYDVQQD
EygzMmQzMzJlNTdhMzZlYTZjZmU4OWM2MzczY2Q2OWJkZjJkOWRhMzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9xnb5vKK2eodIaxSMKxG9/B+bfx
6N3jx/fGT7lgcDVK0lm3N7MMMCZ9yjqLsJ9irUGKTI8PrRljVWxZaa8viPFbA4q1
b5UyyOTpwQ0TrxtTdX49til/CdzXSxFu1hrMs1g6P/mOON5KqLcYmJKep5rmQ/cD
Ad3IIFNwc9KA84qcY79pZ4G9aHNu2m0kAv60AFtXpn62kBEyE6XkDsnX8jhWCGfg
1wrwxhBCGGZR7Cuve8yzutqy2ZMLPUlkOvCQl3Oc4Pg5J+Xa3nTnJMoUMI98Xt/B
+HrI59EfX+up1GIDK9JFlrXhOmPnFgHe/eb9FgGdeDPXIHa5uhiF9WIu2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDLTMuV6Nups/onGNzzWm98tnaNRMB8GA1UdIwQY
MBaAFEMX3RW2K91xElmbgUIzYO7noBKWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXhmZEZiWXIzWEVTV1p1QlFqTmc3dWVnRXBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi82NTRiODktMzdjMS00MDYxLTkwYjMt
NmI5NTUwMGRhMjNiLzEvUXhmZEZiWXIzWEVTV1p1QlFqTmc3dWVnRXBZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi82NTRiODktMzdjMS00MDYxLTkwYjMtNmI5NTUwMGRhMjNi
LzEvUXhmZEZiWXIzWEVTV1p1QlFqTmc3dWVnRXBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMOotkmUI
zwXt58KN58tBYU+bnabAY0WGG7RJYf+0/8NWEq5edvp/1kONHmu46497oNdiwW5w
SVvXiF7yduThvi1W3mfstJdduLubDiWRfyZMJsXOQ6YOvGSymVFaGjr3hEDR2ar4
QrM8ttwJNJv5K/sJUNqd1Bvrw+GVchN7o/CO9oeB4TfwuqU0ppChZeRYm6WPueXk
Gyz8Zia+WKnFaWB26MTm5/4FQKTWpJuV0sv5sKmWPdV67YqKCKhjYCizS2MaM0R5
tTBw4c3i0ifzu4QLEaF9vv6UzCnn6/aDYNPZSDU+ynhi3kOCs/IUKif1FAkf0mcn
wnFM77iJCWaHmg==
-----END CERTIFICATE-----
Generated at Fri May 2 21:05:00 2025 by rpki-client