Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.mft
File: QB0ZYVrOK7vPoJFpCAgIdipksX4.mft (raw, json)
Hash identifier: BSqejMjfTiT5bxpx06GXuHmgwAMbDzh9eXj0gKS8/bM=
Subject key identifier: 58:E7:C8:FB:4E:FA:51:F4:19:0F:D0:0C:AC:C2:23:60:4A:D8:E6:6B
Authority key identifier: 40:1D:19:61:5A:CE:2B:BB:CF:A0:91:69:08:08:08:76:2A:64:B1:7E
Certificate issuer: /CN=401d19615ace2bbbcfa09169080808762a64b17e
Certificate serial: 019897B74055EDC20069448006AD75A751A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QB0ZYVrOK7vPoJFpCAgIdipksX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.mft
Manifest number: 04F8
Signing time: Mon 11 Aug 2025 06:00:25 +0000
Manifest this update: Mon 11 Aug 2025 06:00:25 +0000
Manifest next update: Tue 12 Aug 2025 06:00:25 +0000
Files and hashes: 1: KrtTh6gsfptfdAcGq3CmJjqfV2o.roa (hash: eRRAdGSdFwP7Zvo2rxHWeAe37W0cOjnKNlia+tVBb+M=)
2: QB0ZYVrOK7vPoJFpCAgIdipksX4.crl (hash: l/8xFY3iwP/cYcs4L1Gnztyz+3klusj0EtmM1w34am0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.mft
rsync://rpki.ripe.net/repository/DEFAULT/QB0ZYVrOK7vPoJFpCAgIdipksX4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Aug 2025 02:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:97:b7:40:55:ed:c2:00:69:44:80:06:ad:75:a7:51:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=401d19615ace2bbbcfa09169080808762a64b17e
Validity
Not Before: Aug 11 06:00:25 2025 GMT
Not After : Aug 12 06:00:25 2025 GMT
Subject: CN=58e7c8fb4efa51f4190fd00cacc223604ad8e66b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:de:70:7e:c3:fd:90:5a:6f:c7:74:82:29:f3:
d2:98:bb:c0:e1:ef:77:02:2b:ff:61:7a:13:b8:99:
ca:a8:4d:99:a5:27:e8:8b:6e:de:82:8f:74:f0:7d:
43:aa:b7:73:e2:c7:a0:f6:a3:23:fc:53:a4:6e:6e:
14:f9:69:8c:ea:c5:9f:00:9c:cb:70:85:a0:32:77:
ff:ad:b7:f0:ad:2f:3a:ec:b7:67:55:82:0a:d0:2f:
d9:6f:43:87:4f:f0:8c:b7:5d:4f:91:b3:04:0e:aa:
09:f9:4a:c9:a0:85:ec:0f:b0:e5:55:8a:03:2a:5c:
38:54:12:2c:be:c8:b7:c6:5a:f4:47:8a:a6:fb:cb:
58:5e:b2:3f:10:61:8c:0b:29:1d:1e:e4:24:01:32:
f9:a1:be:24:a7:f5:15:8d:65:fc:8b:eb:05:d0:aa:
8e:09:0c:4a:37:f5:54:89:1e:d5:df:fe:ae:e1:b5:
c0:1d:39:93:9c:6b:41:1d:dd:a7:4c:cd:ac:2b:04:
05:5c:b5:d1:2f:0d:ae:12:93:c8:5b:9e:02:d4:be:
20:1f:65:7e:7a:4a:da:b2:ee:0c:6b:15:7a:1c:9f:
ed:ba:4c:32:03:19:44:d3:89:66:32:4b:ea:40:d5:
e5:90:2c:d2:65:45:59:3a:8b:f4:24:17:ba:58:e3:
1a:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:E7:C8:FB:4E:FA:51:F4:19:0F:D0:0C:AC:C2:23:60:4A:D8:E6:6B
X509v3 Authority Key Identifier:
keyid:40:1D:19:61:5A:CE:2B:BB:CF:A0:91:69:08:08:08:76:2A:64:B1:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QB0ZYVrOK7vPoJFpCAgIdipksX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
98:ba:e2:92:69:67:11:cf:d5:2e:d0:44:a3:f0:6f:96:69:f1:
32:cf:48:31:68:fb:87:e5:75:64:71:f2:a4:a2:3d:de:82:96:
90:39:e4:ab:0a:30:d2:04:74:ea:5e:6d:70:4a:e5:7d:1c:34:
98:14:0b:f5:bc:9c:32:94:d0:14:20:dc:d3:a7:e2:42:c6:7c:
bc:0b:fa:a2:9c:8b:f0:58:cb:5b:c6:42:d0:0c:a8:16:f2:57:
b6:9c:45:af:cc:61:81:b2:02:a3:15:c8:e0:56:9c:f4:cb:06:
1f:13:b7:57:ea:ef:53:26:fe:47:1d:e7:2b:0b:24:dd:c3:a8:
85:b3:c9:ab:dc:6c:98:5f:5b:4c:f8:57:c9:f8:40:b7:70:2e:
68:64:38:4e:21:c1:7a:2b:6b:7f:e8:ef:cd:19:36:50:11:c8:
dd:9e:f0:8b:9b:e5:44:b5:f2:26:43:8c:e5:a9:90:c8:c0:32:
3b:35:a2:5c:af:52:3c:64:8c:14:3f:a6:60:37:0d:92:18:88:
f4:90:e6:50:56:fc:50:03:38:9e:f8:28:11:f7:98:08:5d:06:
97:2c:28:10:47:85:8f:59:b0:7b:42:0b:c8:05:e6:82:d2:be:
58:2d:d3:cd:6e:cd:f6:f0:31:4b:d6:65:43:90:1d:8b:4b:f4:
54:c3:a2:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiXt0BV7cIAaUSABq11p1GoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMWQxOTYxNWFjZTJiYmJjZmEwOTE2OTA4MDgwODc2MmE2
NGIxN2UwHhcNMjUwODExMDYwMDI1WhcNMjUwODEyMDYwMDI1WjAzMTEwLwYDVQQD
Eyg1OGU3YzhmYjRlZmE1MWY0MTkwZmQwMGNhY2MyMjM2MDRhZDhlNjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArd5wfsP9kFpvx3SCKfPSmLvA4e93
Aiv/YXoTuJnKqE2ZpSfoi27ego908H1Dqrdz4seg9qMj/FOkbm4U+WmM6sWfAJzL
cIWgMnf/rbfwrS867LdnVYIK0C/Zb0OHT/CMt11PkbMEDqoJ+UrJoIXsD7DlVYoD
Klw4VBIsvsi3xlr0R4qm+8tYXrI/EGGMCykdHuQkATL5ob4kp/UVjWX8i+sF0KqO
CQxKN/VUiR7V3/6u4bXAHTmTnGtBHd2nTM2sKwQFXLXRLw2uEpPIW54C1L4gH2V+
ekrasu4MaxV6HJ/tukwyAxlE04lmMkvqQNXlkCzSZUVZOov0JBe6WOMa+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFjnyPtO+lH0GQ/QDKzCI2BK2OZrMB8GA1UdIwQY
MBaAFEAdGWFaziu7z6CRaQgICHYqZLF+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUIwWllWck9LN3ZQb0pGcENBZ0lkaXBrc1g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9iNWRhNzAtNDIxMC00NjNlLTlkYzYt
OTc5OTcyYTAwMTRkLzEvUUIwWllWck9LN3ZQb0pGcENBZ0lkaXBrc1g0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9iNWRhNzAtNDIxMC00NjNlLTlkYzYtOTc5OTcyYTAwMTRk
LzEvUUIwWllWck9LN3ZQb0pGcENBZ0lkaXBrc1g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmLrikmln
Ec/VLtBEo/BvlmnxMs9IMWj7h+V1ZHHypKI93oKWkDnkqwow0gR06l5tcErlfRw0
mBQL9bycMpTQFCDc06fiQsZ8vAv6opyL8FjLW8ZC0AyoFvJXtpxFr8xhgbICoxXI
4Fac9MsGHxO3V+rvUyb+Rx3nKwsk3cOohbPJq9xsmF9bTPhXyfhAt3AuaGQ4TiHB
eitrf+jvzRk2UBHI3Z7wi5vlRLXyJkOM5amQyMAyOzWiXK9SPGSMFD+mYDcNkhiI
9JDmUFb8UAM4nvgoEfeYCF0GlywoEEeFj1mwe0ILyAXmgtK+WC3TzW7N9vAxS9Zl
Q5Adi0v0VMOitA==
-----END CERTIFICATE-----
Generated at Mon Aug 11 08:45:11 2025 by rpki-client