Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/654b89-37c1-4061-90b3-6b95500da23b/1/QxfdFbYr3XESWZuBQjNg7uegEpY.mft
File: QxfdFbYr3XESWZuBQjNg7uegEpY.mft (raw, json)
Hash identifier: /5kBnpe4Amz1/ZaxGf49ZIlv3YtoQLouraF1GjhNWY4=
Subject key identifier: A8:DC:2C:FA:FD:E6:C9:F3:CE:48:57:1B:7D:0A:49:4B:03:06:11:B6
Authority key identifier: 43:17:DD:15:B6:2B:DD:71:12:59:9B:81:42:33:60:EE:E7:A0:12:96
Certificate issuer: /CN=4317dd15b62bdd7112599b81423360eee7a01296
Certificate serial: 019893DB317AB45F4A1BEF96FA401CBBB087
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QxfdFbYr3XESWZuBQjNg7uegEpY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/654b89-37c1-4061-90b3-6b95500da23b/1/QxfdFbYr3XESWZuBQjNg7uegEpY.mft
Manifest number: 078D
Signing time: Sun 10 Aug 2025 12:01:12 +0000
Manifest this update: Sun 10 Aug 2025 12:01:12 +0000
Manifest next update: Mon 11 Aug 2025 12:01:12 +0000
Files and hashes: 1: DRGQu6VcNUxgbC-i_8UH42qgDUM.roa (hash: Tkt8CjSKbVkubPBErWJwsPegnkm3xx4+YfHW6WMiPHA=)
2: QxfdFbYr3XESWZuBQjNg7uegEpY.crl (hash: a74tBs+Jd0GO+SEUxLexIYH0snuDCSwWDZExgiSNo8U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/654b89-37c1-4061-90b3-6b95500da23b/1/QxfdFbYr3XESWZuBQjNg7uegEpY.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/654b89-37c1-4061-90b3-6b95500da23b/1/QxfdFbYr3XESWZuBQjNg7uegEpY.mft
rsync://rpki.ripe.net/repository/DEFAULT/QxfdFbYr3XESWZuBQjNg7uegEpY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 08:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:93:db:31:7a:b4:5f:4a:1b:ef:96:fa:40:1c:bb:b0:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4317dd15b62bdd7112599b81423360eee7a01296
Validity
Not Before: Aug 10 12:01:12 2025 GMT
Not After : Aug 11 12:01:12 2025 GMT
Subject: CN=a8dc2cfafde6c9f3ce48571b7d0a494b030611b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:4f:a6:34:13:e2:9f:52:5c:65:28:b1:cd:41:
5d:28:60:9f:47:8f:b0:d1:5a:4a:60:07:56:93:c4:
d5:08:d2:24:ca:3e:b3:03:bd:86:b2:5c:17:10:e9:
21:48:26:d7:3f:37:18:1d:a1:f8:bb:61:92:2d:ef:
6f:32:e6:c2:64:3f:8b:47:1b:d3:fd:b7:77:63:7b:
d7:e1:de:d1:23:04:c9:48:59:b4:77:33:03:27:99:
87:97:95:31:85:a1:d8:d3:c0:4d:ac:fe:80:57:fc:
b3:d6:f8:41:67:40:48:39:a6:d3:44:0c:c1:3d:29:
2f:e3:7b:ee:ac:c6:a2:d4:30:aa:f8:5a:23:5d:22:
e3:f1:cb:86:97:19:f7:6e:4a:04:86:68:ce:e4:27:
92:e1:8c:8f:3c:68:87:37:18:dd:76:ba:8b:a1:0b:
bc:15:e0:6a:e8:8c:2b:26:64:01:f6:34:8b:d4:d6:
92:c0:a4:23:7c:1c:0e:11:de:62:d1:e9:92:93:20:
17:9c:c2:88:85:34:db:70:2e:08:74:90:5c:94:30:
0a:c6:03:82:1b:87:23:b9:ef:fe:e3:cd:e7:68:10:
1a:c4:23:41:b6:d7:ea:9f:51:fa:53:fc:5e:87:fe:
5f:e9:e6:8f:85:2c:d1:1d:25:b6:50:12:e3:5a:8f:
4f:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:DC:2C:FA:FD:E6:C9:F3:CE:48:57:1B:7D:0A:49:4B:03:06:11:B6
X509v3 Authority Key Identifier:
keyid:43:17:DD:15:B6:2B:DD:71:12:59:9B:81:42:33:60:EE:E7:A0:12:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QxfdFbYr3XESWZuBQjNg7uegEpY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/654b89-37c1-4061-90b3-6b95500da23b/1/QxfdFbYr3XESWZuBQjNg7uegEpY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/654b89-37c1-4061-90b3-6b95500da23b/1/QxfdFbYr3XESWZuBQjNg7uegEpY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3d:2d:f0:06:16:c0:17:a1:bd:36:46:13:1d:e1:70:bd:21:33:
0e:37:00:c3:17:f1:c0:83:b8:16:2f:00:7f:b5:8f:3c:00:47:
b3:70:af:48:1c:fe:89:96:71:17:0d:b7:1b:4c:99:26:c7:5e:
e1:f1:b1:fb:83:03:6a:95:a9:13:4b:af:a3:d1:36:24:5a:e1:
23:dd:ae:a4:d8:ae:0c:bc:e3:5a:9c:33:33:da:15:ea:e4:6b:
e1:58:de:a7:04:82:5f:1e:78:2d:7a:11:b8:c3:ad:1c:60:2d:
d3:f2:88:66:1f:e4:8b:84:9f:66:ed:2f:d1:64:61:9d:32:87:
9f:54:66:ef:78:03:33:57:6b:3e:25:97:07:e2:eb:ef:6f:3d:
0d:6c:98:fb:88:2b:73:cc:8e:86:b6:2f:38:50:38:0f:9b:05:
47:c4:ef:cd:e7:56:85:5b:4e:f2:fd:f8:db:08:c5:63:34:b7:
98:d6:01:aa:2f:5a:e9:47:a4:58:f6:b9:85:05:c3:16:17:19:
85:d0:71:ca:f6:f8:13:97:21:e7:00:55:e8:61:ae:0d:05:82:
5b:a1:99:5a:5e:3b:d9:71:f3:23:4b:cf:ff:da:c2:99:40:d6:
5a:2a:ce:84:5c:df:7d:fe:ca:73:8d:99:ce:b8:e4:26:5c:27:
6e:c5:99:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiT2zF6tF9KG++W+kAcu7CHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMTdkZDE1YjYyYmRkNzExMjU5OWI4MTQyMzM2MGVlZTdh
MDEyOTYwHhcNMjUwODEwMTIwMTEyWhcNMjUwODExMTIwMTEyWjAzMTEwLwYDVQQD
EyhhOGRjMmNmYWZkZTZjOWYzY2U0ODU3MWI3ZDBhNDk0YjAzMDYxMWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0+mNBPin1JcZSixzUFdKGCfR4+w
0VpKYAdWk8TVCNIkyj6zA72GslwXEOkhSCbXPzcYHaH4u2GSLe9vMubCZD+LRxvT
/bd3Y3vX4d7RIwTJSFm0dzMDJ5mHl5UxhaHY08BNrP6AV/yz1vhBZ0BIOabTRAzB
PSkv43vurMai1DCq+FojXSLj8cuGlxn3bkoEhmjO5CeS4YyPPGiHNxjddrqLoQu8
FeBq6IwrJmQB9jSL1NaSwKQjfBwOEd5i0emSkyAXnMKIhTTbcC4IdJBclDAKxgOC
G4cjue/+483naBAaxCNBttfqn1H6U/xeh/5f6eaPhSzRHSW2UBLjWo9PewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKjcLPr95snzzkhXG30KSUsDBhG2MB8GA1UdIwQY
MBaAFEMX3RW2K91xElmbgUIzYO7noBKWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXhmZEZiWXIzWEVTV1p1QlFqTmc3dWVnRXBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi82NTRiODktMzdjMS00MDYxLTkwYjMt
NmI5NTUwMGRhMjNiLzEvUXhmZEZiWXIzWEVTV1p1QlFqTmc3dWVnRXBZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi82NTRiODktMzdjMS00MDYxLTkwYjMtNmI5NTUwMGRhMjNi
LzEvUXhmZEZiWXIzWEVTV1p1QlFqTmc3dWVnRXBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPS3wBhbA
F6G9NkYTHeFwvSEzDjcAwxfxwIO4Fi8Af7WPPABHs3CvSBz+iZZxFw23G0yZJsde
4fGx+4MDapWpE0uvo9E2JFrhI92upNiuDLzjWpwzM9oV6uRr4VjepwSCXx54LXoR
uMOtHGAt0/KIZh/ki4SfZu0v0WRhnTKHn1Rm73gDM1drPiWXB+Lr7289DWyY+4gr
c8yOhrYvOFA4D5sFR8TvzedWhVtO8v342wjFYzS3mNYBqi9a6UekWPa5hQXDFhcZ
hdBxyvb4E5ch5wBV6GGuDQWCW6GZWl472XHzI0vP/9rCmUDWWirOhFzfff7Kc42Z
zrjkJlwnbsWZRg==
-----END CERTIFICATE-----
Generated at Sun Aug 10 16:11:10 2025 by rpki-client