Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.mft
File: 2BFKkiBvChn3M52guJZpxKX-Urk.mft (raw, json)
Hash identifier: flhUsjTWSNGYS55EkDSz3QO7+CKj3OBWBuTn85MfKaU=
Subject key identifier: 4F:B8:EC:E7:A5:47:73:8F:23:5F:D5:6B:37:4E:F9:B5:BC:22:A6:B3
Authority key identifier: D8:11:4A:92:20:6F:0A:19:F7:33:9D:A0:B8:96:69:C4:A5:FE:52:B9
Certificate issuer: /CN=d8114a92206f0a19f7339da0b89669c4a5fe52b9
Certificate serial: 01992255AFCA285D276DD7D7683B52B0CACD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2BFKkiBvChn3M52guJZpxKX-Urk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.mft
Manifest number: 53
Signing time: Sun 07 Sep 2025 04:01:04 +0000
Manifest this update: Sun 07 Sep 2025 04:01:04 +0000
Manifest next update: Mon 08 Sep 2025 04:01:04 +0000
Files and hashes: 1: 2BFKkiBvChn3M52guJZpxKX-Urk.crl (hash: iW5PHMDd96a+IVXQlF4dJviQac/XPIwd2R0s4I+5x8k=)
2: G9oTd4bBpmlm3pZMn3YyyXAVIyI.roa (hash: XC2pyO3ZNZCKadVf4J0EDWPKrfSqScmOhmM8oMNNkCI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.mft
rsync://rpki.ripe.net/repository/DEFAULT/2BFKkiBvChn3M52guJZpxKX-Urk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 04:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:55:af:ca:28:5d:27:6d:d7:d7:68:3b:52:b0:ca:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8114a92206f0a19f7339da0b89669c4a5fe52b9
Validity
Not Before: Sep 7 04:01:04 2025 GMT
Not After : Sep 8 04:01:04 2025 GMT
Subject: CN=4fb8ece7a547738f235fd56b374ef9b5bc22a6b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ec:14:8c:a5:5c:b6:49:44:08:03:94:b7:70:
90:a7:21:58:ae:ca:f7:b9:b5:0b:f5:e2:a5:ba:d8:
cf:03:b9:31:ee:cd:87:62:8d:44:83:85:e6:7b:c2:
97:67:15:d4:41:4f:ba:bc:19:89:68:e1:9a:d5:94:
90:82:55:c4:98:ba:fd:dc:95:fe:a2:9e:80:51:fa:
06:db:7f:e1:a5:73:3c:bc:0d:3c:0b:c4:dc:b0:68:
62:14:fa:2c:60:7b:ae:ea:84:c1:43:7f:21:f4:cc:
17:e5:ac:2f:97:da:a1:01:7f:5d:9b:b2:7f:d0:68:
7d:9a:63:1a:63:13:28:a0:26:75:11:38:7a:42:81:
c7:8b:d5:7e:66:51:18:32:60:a0:14:84:27:9b:b3:
dc:53:40:8d:9c:7b:a9:4a:06:cc:3b:c5:e3:2e:f8:
2b:52:d6:ea:41:ef:70:1b:a6:87:04:75:3c:54:d7:
22:b3:21:99:bb:8d:db:ed:1f:6e:6d:fe:13:54:26:
74:82:a5:8c:f3:6f:e6:92:8a:82:5d:a0:41:12:23:
ca:c7:52:86:5c:5b:7f:4c:d0:de:4e:f4:5d:46:8f:
fa:9a:9c:17:a8:5b:c5:f4:11:a6:63:98:97:5d:5b:
7a:a6:f1:07:00:9c:96:15:44:7b:b4:43:78:b8:58:
0d:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:B8:EC:E7:A5:47:73:8F:23:5F:D5:6B:37:4E:F9:B5:BC:22:A6:B3
X509v3 Authority Key Identifier:
keyid:D8:11:4A:92:20:6F:0A:19:F7:33:9D:A0:B8:96:69:C4:A5:FE:52:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2BFKkiBvChn3M52guJZpxKX-Urk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
aa:08:39:4c:bb:b0:66:44:ee:a1:e1:d8:13:fc:49:b9:ef:a4:
80:8a:74:7e:1f:9d:27:f1:c4:c9:0c:0d:2b:2b:b7:ea:6d:de:
70:66:4f:3c:76:3e:7c:92:e0:48:96:62:f0:46:be:cd:f3:b7:
94:35:0b:8a:ed:fb:29:76:54:c7:14:cf:93:45:16:2d:a7:22:
f6:ea:4b:d3:6a:72:bd:21:3d:de:8f:b3:0c:b2:97:6b:f0:b7:
26:f2:91:34:18:8d:4a:34:37:1b:fd:6b:1c:84:39:fc:ac:fd:
df:01:39:cd:58:1e:b5:22:2a:14:8e:9a:26:8c:b1:f1:4f:4c:
fa:0c:66:15:b4:cc:b8:0a:24:f7:28:4b:10:11:0a:5f:e9:7f:
06:d4:41:46:c7:db:3a:4e:a5:18:e4:b7:59:ba:70:d8:72:22:
69:67:34:11:97:33:13:01:77:82:77:c1:ae:4a:db:ad:f7:b1:
85:23:c9:7f:6b:12:51:b2:d1:1a:69:57:be:0a:24:b5:1d:73:
73:d0:7f:84:75:06:32:e7:f0:71:23:65:47:13:5b:64:f5:d8:
d5:ee:93:f1:5a:ec:a1:18:46:d7:6a:93:90:d3:1f:a4:e3:bb:
0f:82:0a:31:7b:bb:b2:84:d3:b2:ad:55:c8:99:90:3b:d5:45:
b6:94:30:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVa/KKF0nbdfXaDtSsMrNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MTE0YTkyMjA2ZjBhMTlmNzMzOWRhMGI4OTY2OWM0YTVm
ZTUyYjkwHhcNMjUwOTA3MDQwMTA0WhcNMjUwOTA4MDQwMTA0WjAzMTEwLwYDVQQD
Eyg0ZmI4ZWNlN2E1NDc3MzhmMjM1ZmQ1NmIzNzRlZjliNWJjMjJhNmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvuwUjKVctklECAOUt3CQpyFYrsr3
ubUL9eKlutjPA7kx7s2HYo1Eg4Xme8KXZxXUQU+6vBmJaOGa1ZSQglXEmLr93JX+
op6AUfoG23/hpXM8vA08C8TcsGhiFPosYHuu6oTBQ38h9MwX5awvl9qhAX9dm7J/
0Gh9mmMaYxMooCZ1ETh6QoHHi9V+ZlEYMmCgFIQnm7PcU0CNnHupSgbMO8XjLvgr
UtbqQe9wG6aHBHU8VNcisyGZu43b7R9ubf4TVCZ0gqWM82/mkoqCXaBBEiPKx1KG
XFt/TNDeTvRdRo/6mpwXqFvF9BGmY5iXXVt6pvEHAJyWFUR7tEN4uFgNZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE+47OelR3OPI1/VazdO+bW8IqazMB8GA1UdIwQY
MBaAFNgRSpIgbwoZ9zOdoLiWacSl/lK5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkJGS2tpQnZDaG4zTTUyZ3VKWnB4S1gtVXJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9mZGFjZTktODIxMi00Y2UxLWE5OTkt
NTIwOGQ5ODU0MzY0LzEvMkJGS2tpQnZDaG4zTTUyZ3VKWnB4S1gtVXJrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9mZGFjZTktODIxMi00Y2UxLWE5OTktNTIwOGQ5ODU0MzY0
LzEvMkJGS2tpQnZDaG4zTTUyZ3VKWnB4S1gtVXJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqgg5TLuw
ZkTuoeHYE/xJue+kgIp0fh+dJ/HEyQwNKyu36m3ecGZPPHY+fJLgSJZi8Ea+zfO3
lDULiu37KXZUxxTPk0UWLaci9upL02pyvSE93o+zDLKXa/C3JvKRNBiNSjQ3G/1r
HIQ5/Kz93wE5zVgetSIqFI6aJoyx8U9M+gxmFbTMuAok9yhLEBEKX+l/BtRBRsfb
Ok6lGOS3Wbpw2HIiaWc0EZczEwF3gnfBrkrbrfexhSPJf2sSUbLRGmlXvgoktR1z
c9B/hHUGMufwcSNlRxNbZPXY1e6T8VrsoRhG12qTkNMfpOO7D4IKMXu7soTTsq1V
yJmQO9VFtpQwCA==
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:26:08 2025 by rpki-client