Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.mft
File: QH0twQwC9ewk9pD59mBVVIZWLlk.mft (raw, json)
Hash identifier: QVh6tAI23aNimKFSGYXRJZ7uJT1tnre4kQRPBdp+bb8=
Subject key identifier: D1:1E:A3:CA:B4:53:F5:EC:CF:9F:CF:BB:7E:F5:64:1C:EF:A4:98:5E
Authority key identifier: 40:7D:2D:C1:0C:02:F5:EC:24:F6:90:F9:F6:60:55:54:86:56:2E:59
Certificate issuer: /CN=407d2dc10c02f5ec24f690f9f660555486562e59
Certificate serial: 0196789F4E5EECF259BB44140D3D93EBCC10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QH0twQwC9ewk9pD59mBVVIZWLlk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.mft
Manifest number: 120F
Signing time: Sun 27 Apr 2025 19:00:28 +0000
Manifest this update: Sun 27 Apr 2025 19:00:28 +0000
Manifest next update: Mon 28 Apr 2025 19:00:28 +0000
Files and hashes: 1: H0bQgySRSVEBMsUFWG1LFpsoHvo.roa (hash: xkMnmqfm74JviA1Eb+MeDPeuGBKpBqJAXaeRNQIX3FU=)
2: QH0twQwC9ewk9pD59mBVVIZWLlk.crl (hash: uTqM0dKJG88aqU0aceqH3GSzXpijZzBcYwADRwz5PAY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.mft
rsync://rpki.ripe.net/repository/DEFAULT/QH0twQwC9ewk9pD59mBVVIZWLlk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 14:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:78:9f:4e:5e:ec:f2:59:bb:44:14:0d:3d:93:eb:cc:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=407d2dc10c02f5ec24f690f9f660555486562e59
Validity
Not Before: Apr 27 19:00:28 2025 GMT
Not After : Apr 28 19:00:28 2025 GMT
Subject: CN=d11ea3cab453f5eccf9fcfbb7ef5641cefa4985e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:05:2e:5c:07:cc:02:5e:2b:17:19:d9:be:8e:
2d:68:0b:66:1c:47:ae:8d:45:5d:bb:92:12:fd:f6:
07:13:16:8e:8e:3e:65:e2:79:39:70:0e:b8:c1:9d:
4f:61:0c:5a:16:67:4c:af:ac:d2:a8:71:32:8c:d3:
eb:52:da:eb:a3:cb:1f:8b:f1:1b:88:1a:c8:30:82:
27:43:8c:66:6a:8f:bc:66:ac:1e:48:e1:6c:74:04:
10:0d:b5:42:93:95:71:58:43:5d:85:68:9d:54:cc:
ab:84:45:63:b2:10:ed:bb:eb:c0:2e:0f:ac:cc:ad:
65:78:2f:a7:da:ae:5b:8c:69:8c:fc:ff:67:c2:6b:
cc:af:56:6c:b2:2d:85:eb:5e:9e:35:e3:b4:c9:c3:
92:5a:4d:83:d0:aa:d3:cd:1b:40:af:db:cc:8f:9f:
80:da:c5:65:3a:44:0b:76:8c:16:bc:17:e1:7b:ef:
39:f8:3f:f7:0e:e0:b2:ab:15:37:93:c1:ed:7c:9b:
cf:3d:de:87:a6:1f:92:b8:04:c7:76:e0:f9:b5:07:
02:8e:a2:0c:8b:7c:fa:4c:a6:d5:d4:56:24:8c:b5:
79:0e:71:3b:bf:a6:aa:5e:71:13:ea:b1:c9:c4:e1:
3c:e5:30:f7:2f:d1:45:bc:ea:c4:05:7a:f3:72:f2:
90:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:1E:A3:CA:B4:53:F5:EC:CF:9F:CF:BB:7E:F5:64:1C:EF:A4:98:5E
X509v3 Authority Key Identifier:
keyid:40:7D:2D:C1:0C:02:F5:EC:24:F6:90:F9:F6:60:55:54:86:56:2E:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QH0twQwC9ewk9pD59mBVVIZWLlk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
81:54:ef:08:a2:2b:0d:3a:2b:39:5f:6d:14:51:c3:bf:e0:e9:
cf:73:7e:d5:95:48:44:0f:02:d5:d5:48:bb:ed:0e:8c:de:25:
f4:91:f9:c1:55:68:f6:30:3e:c8:c0:fc:1f:2a:b8:88:5a:26:
24:2d:34:c0:29:bd:dc:20:d0:9b:28:8b:3a:d2:5f:b3:2d:6d:
75:dc:bd:14:75:13:1b:f2:50:02:57:e9:ec:00:c7:8a:26:bc:
02:ed:18:6d:1d:af:3f:d9:da:ec:5b:80:17:ae:7f:55:47:cf:
b2:94:cf:4d:7f:0f:58:c0:0d:9f:83:a5:f1:5b:aa:5d:24:ed:
8e:b7:c4:6b:13:a2:71:95:0c:7b:37:65:30:e0:a9:4c:66:31:
f2:0d:88:0a:3c:30:6d:a1:4a:fb:10:82:71:dc:06:5e:2e:ba:
98:52:4f:a8:6c:6b:c9:ab:a9:fa:01:9a:41:e3:d5:46:1d:3b:
ff:1f:e4:72:e6:1a:05:ad:af:61:21:a2:57:17:3f:26:63:b1:
35:6d:18:be:bd:7f:e8:e5:9d:2e:7b:7a:69:f1:13:6a:9b:b2:
85:c0:03:71:e0:dd:3a:52:b2:d6:fb:88:df:cf:4a:dd:31:dc:
e7:a5:f5:98:c9:1d:9b:b8:8e:d9:cb:87:f8:c3:17:9d:72:73:
5a:62:86:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ4n05e7PJZu0QUDT2T68wQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwN2QyZGMxMGMwMmY1ZWMyNGY2OTBmOWY2NjA1NTU0ODY1
NjJlNTkwHhcNMjUwNDI3MTkwMDI4WhcNMjUwNDI4MTkwMDI4WjAzMTEwLwYDVQQD
EyhkMTFlYTNjYWI0NTNmNWVjY2Y5ZmNmYmI3ZWY1NjQxY2VmYTQ5ODVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowUuXAfMAl4rFxnZvo4taAtmHEeu
jUVdu5IS/fYHExaOjj5l4nk5cA64wZ1PYQxaFmdMr6zSqHEyjNPrUtrro8sfi/Eb
iBrIMIInQ4xmao+8ZqweSOFsdAQQDbVCk5VxWENdhWidVMyrhEVjshDtu+vALg+s
zK1leC+n2q5bjGmM/P9nwmvMr1Zssi2F616eNeO0ycOSWk2D0KrTzRtAr9vMj5+A
2sVlOkQLdowWvBfhe+85+D/3DuCyqxU3k8HtfJvPPd6Hph+SuATHduD5tQcCjqIM
i3z6TKbV1FYkjLV5DnE7v6aqXnET6rHJxOE85TD3L9FFvOrEBXrzcvKQbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNEeo8q0U/Xsz5/Pu371ZBzvpJheMB8GA1UdIwQY
MBaAFEB9LcEMAvXsJPaQ+fZgVVSGVi5ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUgwdHdRd0M5ZXdrOXBENTltQlZWSVpXTGxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9hNmZjYzktZDI1MS00MmRjLWFkMDIt
OTY3YzIyODVlYTYyLzEvUUgwdHdRd0M5ZXdrOXBENTltQlZWSVpXTGxrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9hNmZjYzktZDI1MS00MmRjLWFkMDItOTY3YzIyODVlYTYy
LzEvUUgwdHdRd0M5ZXdrOXBENTltQlZWSVpXTGxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgVTvCKIr
DTorOV9tFFHDv+Dpz3N+1ZVIRA8C1dVIu+0OjN4l9JH5wVVo9jA+yMD8Hyq4iFom
JC00wCm93CDQmyiLOtJfsy1tddy9FHUTG/JQAlfp7ADHiia8Au0YbR2vP9na7FuA
F65/VUfPspTPTX8PWMANn4Ol8VuqXSTtjrfEaxOicZUMezdlMOCpTGYx8g2ICjww
baFK+xCCcdwGXi66mFJPqGxryaup+gGaQePVRh07/x/kcuYaBa2vYSGiVxc/JmOx
NW0Yvr1/6OWdLnt6afETapuyhcADceDdOlKy1vuI389K3THc56X1mMkdm7iO2cuH
+MMXnXJzWmKGsg==
-----END CERTIFICATE-----
Generated at Sun Apr 27 23:01:17 2025 by rpki-client