Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.mft
File: QB0ZYVrOK7vPoJFpCAgIdipksX4.mft (raw, json)
Hash identifier: 2+xr4Oh8O0Bl731bp8KHer1vARtkzipKpIriQZ6hFcU=
Subject key identifier: B1:8E:CD:89:B9:D6:12:B3:8B:BA:DA:61:10:47:FE:50:D0:8A:E4:2F
Authority key identifier: 40:1D:19:61:5A:CE:2B:BB:CF:A0:91:69:08:08:08:76:2A:64:B1:7E
Certificate issuer: /CN=401d19615ace2bbbcfa09169080808762a64b17e
Certificate serial: 01977609B849784C2681C5E210950A26368C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QB0ZYVrOK7vPoJFpCAgIdipksX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.mft
Manifest number: 0462
Signing time: Mon 16 Jun 2025 00:00:37 +0000
Manifest this update: Mon 16 Jun 2025 00:00:37 +0000
Manifest next update: Tue 17 Jun 2025 00:00:37 +0000
Files and hashes: 1: KrtTh6gsfptfdAcGq3CmJjqfV2o.roa (hash: eRRAdGSdFwP7Zvo2rxHWeAe37W0cOjnKNlia+tVBb+M=)
2: QB0ZYVrOK7vPoJFpCAgIdipksX4.crl (hash: qGCLOgBcRkAJHaLoXehiWf0r7/WipoOfoRhCl0rf8oQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.mft
rsync://rpki.ripe.net/repository/DEFAULT/QB0ZYVrOK7vPoJFpCAgIdipksX4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 17 Jun 2025 00:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:76:09:b8:49:78:4c:26:81:c5:e2:10:95:0a:26:36:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=401d19615ace2bbbcfa09169080808762a64b17e
Validity
Not Before: Jun 16 00:00:37 2025 GMT
Not After : Jun 17 00:00:37 2025 GMT
Subject: CN=b18ecd89b9d612b38bbada611047fe50d08ae42f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b7:c8:fd:5e:56:8d:3e:56:db:a7:2c:4b:91:
36:72:fd:8a:96:25:82:ca:3a:20:20:f1:83:92:00:
38:a2:a6:7a:a5:39:81:72:43:be:03:f4:d9:63:f0:
d3:2a:5a:8f:c9:89:1c:c6:dc:5c:d9:2c:78:15:83:
f1:ed:17:68:45:54:ab:d5:e8:75:4d:5f:8d:d7:79:
30:a2:36:ce:df:56:46:25:cb:45:0a:13:97:be:c5:
bc:4c:dc:0f:ef:5b:72:80:1b:4e:56:7b:cb:6c:09:
04:e6:42:cc:be:90:b7:b8:da:24:e2:9c:f4:cb:fb:
39:ef:b7:d3:56:78:7f:f2:4c:7b:e0:0d:69:aa:d3:
eb:84:85:86:70:50:9f:88:e2:1b:e1:84:58:c2:9d:
6f:58:29:4a:a7:36:00:6f:7c:d9:45:ed:39:90:b5:
fd:06:15:3e:37:f1:08:89:c5:17:50:52:a4:3b:5d:
85:01:79:00:9d:e5:d6:1f:55:f8:66:aa:b6:c7:a2:
f6:a0:4c:45:d8:73:25:e0:c6:73:5f:5c:6e:34:ac:
50:60:71:56:cd:9f:07:24:89:f1:86:5f:40:5d:10:
cb:67:c3:48:9e:80:76:3a:2f:b6:15:71:9e:fd:2c:
bf:15:4b:43:b1:0d:00:15:0c:64:5d:32:d5:2b:29:
c8:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:8E:CD:89:B9:D6:12:B3:8B:BA:DA:61:10:47:FE:50:D0:8A:E4:2F
X509v3 Authority Key Identifier:
keyid:40:1D:19:61:5A:CE:2B:BB:CF:A0:91:69:08:08:08:76:2A:64:B1:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QB0ZYVrOK7vPoJFpCAgIdipksX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
39:18:d5:64:7d:7f:1f:7a:03:98:0a:71:0c:9b:83:da:42:ea:
b4:e8:11:4a:ab:67:fe:8b:d5:d9:51:f6:41:2f:e9:e1:75:da:
09:7d:c5:a8:82:52:19:39:ef:4f:a8:14:e8:a2:67:21:5f:85:
b6:5f:a0:2d:44:31:a1:65:06:e8:79:1d:ba:c8:f7:ca:6c:fa:
30:6e:28:12:0f:e3:33:0b:01:4f:e2:ec:29:84:cc:95:76:0b:
0d:ff:aa:57:aa:af:a8:e3:09:bb:bf:b5:7b:fa:bb:83:24:9c:
9a:b6:f2:71:98:9a:0f:06:7b:49:f3:15:ea:c7:f6:17:60:bd:
7d:b3:e2:28:21:77:a7:2a:78:d0:80:12:34:07:b9:f1:4d:25:
16:64:06:10:f4:67:5c:b7:24:73:74:ea:83:54:f6:0d:18:d9:
7f:41:4b:fd:6a:47:f2:4f:f0:93:41:7a:60:18:c3:a0:51:18:
e0:cc:04:17:82:b5:c0:4a:29:66:9c:55:a0:fa:55:cd:c0:09:
44:e4:36:45:a3:d0:fd:5c:7d:c0:13:be:64:7b:9c:9b:5f:f8:
f0:ff:2b:a0:0e:51:53:96:5f:70:5a:8e:a5:47:96:e3:f9:bb:
56:63:3c:62:c4:58:13:60:37:b4:de:b2:db:8f:fb:62:f9:c8:
b0:d2:34:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd2CbhJeEwmgcXiEJUKJjaMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMWQxOTYxNWFjZTJiYmJjZmEwOTE2OTA4MDgwODc2MmE2
NGIxN2UwHhcNMjUwNjE2MDAwMDM3WhcNMjUwNjE3MDAwMDM3WjAzMTEwLwYDVQQD
EyhiMThlY2Q4OWI5ZDYxMmIzOGJiYWRhNjExMDQ3ZmU1MGQwOGFlNDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrfI/V5WjT5W26csS5E2cv2KliWC
yjogIPGDkgA4oqZ6pTmBckO+A/TZY/DTKlqPyYkcxtxc2Sx4FYPx7RdoRVSr1eh1
TV+N13kwojbO31ZGJctFChOXvsW8TNwP71tygBtOVnvLbAkE5kLMvpC3uNok4pz0
y/s577fTVnh/8kx74A1pqtPrhIWGcFCfiOIb4YRYwp1vWClKpzYAb3zZRe05kLX9
BhU+N/EIicUXUFKkO12FAXkAneXWH1X4Zqq2x6L2oExF2HMl4MZzX1xuNKxQYHFW
zZ8HJInxhl9AXRDLZ8NInoB2Oi+2FXGe/Sy/FUtDsQ0AFQxkXTLVKynI8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLGOzYm51hKzi7raYRBH/lDQiuQvMB8GA1UdIwQY
MBaAFEAdGWFaziu7z6CRaQgICHYqZLF+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUIwWllWck9LN3ZQb0pGcENBZ0lkaXBrc1g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9iNWRhNzAtNDIxMC00NjNlLTlkYzYt
OTc5OTcyYTAwMTRkLzEvUUIwWllWck9LN3ZQb0pGcENBZ0lkaXBrc1g0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9iNWRhNzAtNDIxMC00NjNlLTlkYzYtOTc5OTcyYTAwMTRk
LzEvUUIwWllWck9LN3ZQb0pGcENBZ0lkaXBrc1g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAORjVZH1/
H3oDmApxDJuD2kLqtOgRSqtn/ovV2VH2QS/p4XXaCX3FqIJSGTnvT6gU6KJnIV+F
tl+gLUQxoWUG6Hkdusj3ymz6MG4oEg/jMwsBT+LsKYTMlXYLDf+qV6qvqOMJu7+1
e/q7gyScmrbycZiaDwZ7SfMV6sf2F2C9fbPiKCF3pyp40IASNAe58U0lFmQGEPRn
XLckc3Tqg1T2DRjZf0FL/WpH8k/wk0F6YBjDoFEY4MwEF4K1wEopZpxVoPpVzcAJ
ROQ2RaPQ/Vx9wBO+ZHucm1/48P8roA5RU5ZfcFqOpUeW4/m7VmM8YsRYE2A3tN6y
24/7YvnIsNI0/Q==
-----END CERTIFICATE-----
Generated at Mon Jun 16 09:25:18 2025 by rpki-client