Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.mft
File: 2KPKzfjzNRS-Or3FLFDshkZ16VU.mft (raw, json)
Hash identifier: q3GCxO19Sl4PmiVSSNteIT6uRd+qd+wExfm8QenmfIk=
Subject key identifier: 01:E8:EF:BE:8A:79:E4:D2:5C:CC:CE:1A:32:B7:11:C8:4E:63:22:9A
Authority key identifier: D8:A3:CA:CD:F8:F3:35:14:BE:3A:BD:C5:2C:50:EC:86:46:75:E9:55
Certificate issuer: /CN=d8a3cacdf8f33514be3abdc52c50ec864675e955
Certificate serial: 019923A0AD08D4F1435C7B6664756C9ADCBD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2KPKzfjzNRS-Or3FLFDshkZ16VU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.mft
Manifest number: 0BCA
Signing time: Sun 07 Sep 2025 10:02:36 +0000
Manifest this update: Sun 07 Sep 2025 10:02:36 +0000
Manifest next update: Mon 08 Sep 2025 10:02:36 +0000
Files and hashes: 1: 2KPKzfjzNRS-Or3FLFDshkZ16VU.crl (hash: DaBzG+CD1RxjgFU+XmVmoc+xAEl9lFR2OMbbz9Mt9BI=)
2: YfAgsC_cdxTTdTc3lRuKLUA9Ek4.roa (hash: 6JxCw6QKy553BkYrq5SFqTFyUQePShSh+1QhYyHxmes=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.mft
rsync://rpki.ripe.net/repository/DEFAULT/2KPKzfjzNRS-Or3FLFDshkZ16VU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:23:a0:ad:08:d4:f1:43:5c:7b:66:64:75:6c:9a:dc:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8a3cacdf8f33514be3abdc52c50ec864675e955
Validity
Not Before: Sep 7 10:02:36 2025 GMT
Not After : Sep 8 10:02:36 2025 GMT
Subject: CN=01e8efbe8a79e4d25cccce1a32b711c84e63229a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:54:ee:e4:86:b8:bf:87:01:95:fe:34:9e:69:
7a:71:ef:5d:15:2a:5c:cf:81:7e:b4:39:a0:b0:8e:
a4:71:01:1f:35:6f:c3:52:5b:69:c7:dd:95:30:8f:
d0:33:6f:95:4f:59:dd:3e:a5:40:41:e1:bb:4a:a6:
92:b2:c2:72:3c:b0:8a:0c:85:26:85:3c:28:06:35:
fc:79:d3:bc:2f:a2:57:e6:38:ce:7b:4d:d5:f2:b3:
f7:0d:75:1a:1d:c3:17:59:60:55:44:8e:16:36:58:
58:d9:71:4d:ba:74:8e:b8:4d:98:e8:0f:2b:40:95:
14:3b:d7:81:81:46:58:b5:1a:0b:1c:93:a7:73:e6:
58:a6:d0:13:1b:25:fc:35:67:12:e0:b4:20:9d:42:
ef:bf:dc:fd:bc:bb:9c:19:33:75:95:2c:c7:a7:5c:
e6:58:e7:92:5a:a5:82:a0:c9:23:f7:92:4d:5f:77:
f4:bc:39:17:e9:0c:b9:1d:b3:24:ed:7d:80:fd:53:
9b:c4:7a:c5:b7:d4:f5:12:f1:96:7b:72:6b:33:34:
8f:e2:9d:73:60:a7:c6:ed:03:22:8a:62:5c:c1:71:
71:e5:41:17:b3:62:5a:b4:6c:d0:46:01:cf:af:8d:
d2:59:90:7b:76:18:6d:65:21:a1:71:55:e6:8b:48:
9d:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:E8:EF:BE:8A:79:E4:D2:5C:CC:CE:1A:32:B7:11:C8:4E:63:22:9A
X509v3 Authority Key Identifier:
keyid:D8:A3:CA:CD:F8:F3:35:14:BE:3A:BD:C5:2C:50:EC:86:46:75:E9:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2KPKzfjzNRS-Or3FLFDshkZ16VU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5d:d7:f3:4f:8c:98:a4:07:2b:df:11:f8:45:a3:47:d0:21:ae:
3c:23:b2:8c:b2:1f:f1:cc:89:74:98:37:2a:df:6b:01:78:54:
4b:20:7c:27:ea:37:6a:53:42:5c:ca:ec:05:4f:62:08:38:42:
16:8b:f4:27:56:7d:3a:28:3a:93:c8:56:3e:8b:79:28:32:de:
41:b9:97:7f:67:33:58:85:0b:cc:66:90:0b:18:71:48:72:65:
c6:10:ab:16:13:cd:6e:ef:b5:03:74:c9:c6:70:a1:c3:95:a0:
89:b3:68:84:23:76:f1:6d:b4:0b:a2:8b:db:3e:53:51:3a:96:
3d:29:92:7c:c0:67:c0:17:63:56:f9:30:61:c2:86:a0:52:1a:
b2:d0:b5:5d:86:b5:c5:6b:b3:59:86:ee:cd:a3:8e:49:4b:6c:
29:7f:1a:09:63:12:c7:f0:cb:b5:05:b2:6d:c0:15:8c:1d:8d:
cf:28:e3:4b:b3:21:25:08:40:8a:37:8d:e8:6c:e0:a8:b1:98:
e6:c6:17:90:b8:6b:6a:aa:63:9e:b9:d5:7e:90:06:ce:a4:5e:
35:2d:8a:60:1c:24:df:23:cb:13:9f:10:bf:5f:24:15:34:7b:
f3:e3:0c:8e:f0:f0:e3:67:de:16:3a:99:ba:e9:1e:c5:76:0d:
34:da:4f:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoK0I1PFDXHtmZHVsmty9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YTNjYWNkZjhmMzM1MTRiZTNhYmRjNTJjNTBlYzg2NDY3
NWU5NTUwHhcNMjUwOTA3MTAwMjM2WhcNMjUwOTA4MTAwMjM2WjAzMTEwLwYDVQQD
EygwMWU4ZWZiZThhNzllNGQyNWNjY2NlMWEzMmI3MTFjODRlNjMyMjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFTu5Ia4v4cBlf40nml6ce9dFSpc
z4F+tDmgsI6kcQEfNW/DUltpx92VMI/QM2+VT1ndPqVAQeG7SqaSssJyPLCKDIUm
hTwoBjX8edO8L6JX5jjOe03V8rP3DXUaHcMXWWBVRI4WNlhY2XFNunSOuE2Y6A8r
QJUUO9eBgUZYtRoLHJOnc+ZYptATGyX8NWcS4LQgnULvv9z9vLucGTN1lSzHp1zm
WOeSWqWCoMkj95JNX3f0vDkX6Qy5HbMk7X2A/VObxHrFt9T1EvGWe3JrMzSP4p1z
YKfG7QMiimJcwXFx5UEXs2JatGzQRgHPr43SWZB7dhhtZSGhcVXmi0id0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAHo776KeeTSXMzOGjK3EchOYyKaMB8GA1UdIwQY
MBaAFNijys348zUUvjq9xSxQ7IZGdelVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMktQS3pmanpOUlMtT3IzRkxGRHNoa1oxNlZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8zMzNjMWEtZTRhNS00OTZkLTlhODEt
Yjc5MWI5ODlhZjI5LzEvMktQS3pmanpOUlMtT3IzRkxGRHNoa1oxNlZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8zMzNjMWEtZTRhNS00OTZkLTlhODEtYjc5MWI5ODlhZjI5
LzEvMktQS3pmanpOUlMtT3IzRkxGRHNoa1oxNlZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXdfzT4yY
pAcr3xH4RaNH0CGuPCOyjLIf8cyJdJg3Kt9rAXhUSyB8J+o3alNCXMrsBU9iCDhC
Fov0J1Z9Oig6k8hWPot5KDLeQbmXf2czWIULzGaQCxhxSHJlxhCrFhPNbu+1A3TJ
xnChw5WgibNohCN28W20C6KL2z5TUTqWPSmSfMBnwBdjVvkwYcKGoFIastC1XYa1
xWuzWYbuzaOOSUtsKX8aCWMSx/DLtQWybcAVjB2NzyjjS7MhJQhAijeN6GzgqLGY
5sYXkLhraqpjnrnVfpAGzqReNS2KYBwk3yPLE58Qv18kFTR78+MMjvDw42feFjqZ
uukexXYNNNpPFw==
-----END CERTIFICATE-----
Generated at Sun Sep 7 11:35:53 2025 by rpki-client