Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/7bb038-01bc-4d85-9f04-d22274bba713/1/qklDGDthG-Ogd1OCUJSQBIsK1zg.mft
File: qklDGDthG-Ogd1OCUJSQBIsK1zg.mft (raw, json)
Hash identifier: O9nsGQHY/VyEcpFjlDL9NgrHRQN93AyMUXLrruR7/D4=
Subject key identifier: 28:57:BB:A9:74:0E:09:01:9F:7F:CD:53:37:00:52:4E:D4:CD:D0:5C
Authority key identifier: AA:49:43:18:3B:61:1B:E3:A0:77:53:82:50:94:90:04:8B:0A:D7:38
Certificate issuer: /CN=aa4943183b611be3a0775382509490048b0ad738
Certificate serial: 019874F4C51F4D04AF69A8D595C3AA26A685
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qklDGDthG-Ogd1OCUJSQBIsK1zg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/7bb038-01bc-4d85-9f04-d22274bba713/1/qklDGDthG-Ogd1OCUJSQBIsK1zg.mft
Manifest number: 161A
Signing time: Mon 04 Aug 2025 12:00:54 +0000
Manifest this update: Mon 04 Aug 2025 12:00:54 +0000
Manifest next update: Tue 05 Aug 2025 12:00:54 +0000
Files and hashes: 1: _b9uzDBnaBhrr4RiKYd-HrjhIyY.roa (hash: zuVo5YCjE6oxIWEPlMV6dA4fTWapSfHiFlgPsUG/qhk=)
2: qklDGDthG-Ogd1OCUJSQBIsK1zg.crl (hash: HAfGTjlLh0ZFRL9QZNdvM1hP4PDGYfGm+WfQHCKzP1Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/7bb038-01bc-4d85-9f04-d22274bba713/1/qklDGDthG-Ogd1OCUJSQBIsK1zg.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/7bb038-01bc-4d85-9f04-d22274bba713/1/qklDGDthG-Ogd1OCUJSQBIsK1zg.mft
rsync://rpki.ripe.net/repository/DEFAULT/qklDGDthG-Ogd1OCUJSQBIsK1zg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:74:f4:c5:1f:4d:04:af:69:a8:d5:95:c3:aa:26:a6:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa4943183b611be3a0775382509490048b0ad738
Validity
Not Before: Aug 4 12:00:54 2025 GMT
Not After : Aug 5 12:00:54 2025 GMT
Subject: CN=2857bba9740e09019f7fcd533700524ed4cdd05c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:05:99:e3:e3:0e:61:27:be:75:73:e3:38:8c:
bc:e8:d9:0b:a4:56:4f:67:26:59:29:c0:4e:91:f0:
cc:d2:b1:67:3e:f9:62:88:e8:67:62:ee:ba:92:36:
92:86:04:48:c2:23:f3:6a:62:e5:ec:f7:25:bb:48:
7c:37:d2:53:22:93:e5:2e:2b:ab:41:61:30:30:83:
69:76:2d:5e:a6:b8:ff:98:60:d6:ee:9a:f9:5b:bb:
a3:a7:d9:8e:dd:0d:57:f5:b6:b8:66:b8:57:c0:5d:
a8:07:36:c2:df:a9:1f:9c:30:8e:ac:e1:b3:f7:57:
b7:d8:82:89:f4:50:08:17:1d:64:59:31:d5:cb:92:
d1:de:16:34:b1:72:b1:bb:7f:6e:9f:fd:89:a2:a2:
7e:c6:63:b6:a0:29:3b:92:4e:f0:0e:16:31:8a:63:
c5:06:06:4a:9b:d8:40:6e:c7:5f:04:a9:8c:19:ea:
d3:3e:d7:b6:c8:5c:22:c6:dc:27:17:c0:4a:7d:c2:
50:ed:5e:19:de:4d:fe:72:1d:a7:86:37:57:c5:0f:
58:9a:92:c9:a8:bc:d1:e7:84:62:94:7a:af:95:60:
ff:62:20:d6:2f:70:18:8f:1b:f0:04:1f:df:09:dc:
b2:e8:84:55:b3:56:c0:5f:9f:73:6f:87:5a:e1:21:
8d:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:57:BB:A9:74:0E:09:01:9F:7F:CD:53:37:00:52:4E:D4:CD:D0:5C
X509v3 Authority Key Identifier:
keyid:AA:49:43:18:3B:61:1B:E3:A0:77:53:82:50:94:90:04:8B:0A:D7:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qklDGDthG-Ogd1OCUJSQBIsK1zg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/7bb038-01bc-4d85-9f04-d22274bba713/1/qklDGDthG-Ogd1OCUJSQBIsK1zg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/7bb038-01bc-4d85-9f04-d22274bba713/1/qklDGDthG-Ogd1OCUJSQBIsK1zg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
71:cc:e6:30:c8:de:12:9f:45:46:4f:75:69:20:e5:df:cc:ff:
42:21:7e:22:b4:2f:34:67:ab:3c:f6:12:c6:93:8e:80:0f:71:
cc:87:4e:f4:e2:45:30:eb:90:cc:1a:8e:fd:8f:fb:ae:b8:5e:
a7:9c:a8:9c:e7:1e:ee:04:92:c0:d5:7a:90:43:2b:05:72:d1:
56:dc:80:10:cb:60:fa:df:ee:1b:10:de:f7:2c:b8:ad:d7:87:
68:ff:94:08:02:5c:f1:f7:f3:50:b0:62:4f:06:97:e2:27:58:
58:6a:bf:e5:6a:a8:db:91:1b:f7:f8:16:a7:fd:2a:3d:53:19:
aa:aa:85:13:55:63:8d:c4:0b:40:87:96:b9:a6:cf:a2:51:09:
fa:4d:78:9f:16:48:51:ba:6f:f2:20:7b:aa:ad:b3:f3:a7:4a:
1b:5b:8b:ce:4f:5d:fa:02:f8:d6:2a:94:da:70:0e:91:bd:4b:
2f:f7:0b:2c:b2:24:5d:55:9f:06:98:ac:cc:9a:45:19:b5:ff:
f7:4f:7b:c7:2b:15:08:3c:68:d5:b6:69:5e:25:97:39:52:79:
b2:8d:e3:8b:ac:6f:1d:68:a2:b5:02:6d:dc:db:d1:2f:77:0a:
62:82:c7:15:c7:6d:45:51:4e:54:37:91:72:74:bc:79:ba:e7:
80:53:cb:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh09MUfTQSvaajVlcOqJqaFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNDk0MzE4M2I2MTFiZTNhMDc3NTM4MjUwOTQ5MDA0OGIw
YWQ3MzgwHhcNMjUwODA0MTIwMDU0WhcNMjUwODA1MTIwMDU0WjAzMTEwLwYDVQQD
EygyODU3YmJhOTc0MGUwOTAxOWY3ZmNkNTMzNzAwNTI0ZWQ0Y2RkMDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwWZ4+MOYSe+dXPjOIy86NkLpFZP
ZyZZKcBOkfDM0rFnPvliiOhnYu66kjaShgRIwiPzamLl7Pclu0h8N9JTIpPlLiur
QWEwMINpdi1eprj/mGDW7pr5W7ujp9mO3Q1X9ba4ZrhXwF2oBzbC36kfnDCOrOGz
91e32IKJ9FAIFx1kWTHVy5LR3hY0sXKxu39un/2JoqJ+xmO2oCk7kk7wDhYximPF
BgZKm9hAbsdfBKmMGerTPte2yFwixtwnF8BKfcJQ7V4Z3k3+ch2nhjdXxQ9YmpLJ
qLzR54RilHqvlWD/YiDWL3AYjxvwBB/fCdyy6IRVs1bAX59zb4da4SGNWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFChXu6l0DgkBn3/NUzcAUk7UzdBcMB8GA1UdIwQY
MBaAFKpJQxg7YRvjoHdTglCUkASLCtc4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWtsREdEdGhHLU9nZDFPQ1VKU1FCSXNLMXpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS83YmIwMzgtMDFiYy00ZDg1LTlmMDQt
ZDIyMjc0YmJhNzEzLzEvcWtsREdEdGhHLU9nZDFPQ1VKU1FCSXNLMXpnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS83YmIwMzgtMDFiYy00ZDg1LTlmMDQtZDIyMjc0YmJhNzEz
LzEvcWtsREdEdGhHLU9nZDFPQ1VKU1FCSXNLMXpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcczmMMje
Ep9FRk91aSDl38z/QiF+IrQvNGerPPYSxpOOgA9xzIdO9OJFMOuQzBqO/Y/7rrhe
p5yonOce7gSSwNV6kEMrBXLRVtyAEMtg+t/uGxDe9yy4rdeHaP+UCAJc8ffzULBi
TwaX4idYWGq/5Wqo25Eb9/gWp/0qPVMZqqqFE1VjjcQLQIeWuabPolEJ+k14nxZI
Ubpv8iB7qq2z86dKG1uLzk9d+gL41iqU2nAOkb1LL/cLLLIkXVWfBpiszJpFGbX/
9097xysVCDxo1bZpXiWXOVJ5so3ji6xvHWiitQJt3NvRL3cKYoLHFcdtRVFOVDeR
cnS8ebrngFPLhA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 16:06:42 2025 by rpki-client