Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.mft
File: 2KPKzfjzNRS-Or3FLFDshkZ16VU.mft (raw, json)
Hash identifier: 38avflFAr577G5vIsevi+eArdE3un1+9YppO3fa8i9Q=
Subject key identifier: 1C:12:44:C6:3C:75:12:97:89:31:60:6E:A8:D9:33:E9:1A:2E:D2:8E
Authority key identifier: D8:A3:CA:CD:F8:F3:35:14:BE:3A:BD:C5:2C:50:EC:86:46:75:E9:55
Certificate issuer: /CN=d8a3cacdf8f33514be3abdc52c50ec864675e955
Certificate serial: 019751FD88CB2EF99C9D46DD936935E6B490
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2KPKzfjzNRS-Or3FLFDshkZ16VU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.mft
Manifest number: 0AD9
Signing time: Mon 09 Jun 2025 00:00:59 +0000
Manifest this update: Mon 09 Jun 2025 00:00:59 +0000
Manifest next update: Tue 10 Jun 2025 00:00:59 +0000
Files and hashes: 1: 2KPKzfjzNRS-Or3FLFDshkZ16VU.crl (hash: aG10PtV3oyX3C2dpzZT473SZPeTTdv8R0hFDDYV5Y+4=)
2: YfAgsC_cdxTTdTc3lRuKLUA9Ek4.roa (hash: 6JxCw6QKy553BkYrq5SFqTFyUQePShSh+1QhYyHxmes=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.mft
rsync://rpki.ripe.net/repository/DEFAULT/2KPKzfjzNRS-Or3FLFDshkZ16VU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 21:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:51:fd:88:cb:2e:f9:9c:9d:46:dd:93:69:35:e6:b4:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8a3cacdf8f33514be3abdc52c50ec864675e955
Validity
Not Before: Jun 9 00:00:59 2025 GMT
Not After : Jun 10 00:00:59 2025 GMT
Subject: CN=1c1244c63c7512978931606ea8d933e91a2ed28e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:7a:4d:5d:1c:41:32:4f:ee:c7:84:a5:da:87:
29:d5:f3:ad:b3:b8:81:d6:88:f9:b8:1c:81:49:f8:
96:47:ee:8d:82:34:0c:15:0d:25:c0:62:e1:13:cf:
1d:ae:5d:7d:44:2f:95:f5:a4:e5:7d:5b:aa:be:31:
c0:31:b9:58:a4:e2:7c:3d:2d:d1:9b:fb:55:db:a5:
c6:f5:38:48:66:db:7d:90:d7:ac:80:b9:ab:7d:7c:
17:58:07:09:cb:10:54:47:86:bd:61:8d:86:b3:b3:
e9:86:fd:c8:2c:a0:5a:82:e8:e1:ae:e5:6e:24:5f:
4e:7f:64:f5:a1:24:fc:b4:f0:82:62:2d:52:a3:08:
87:7c:e6:69:3d:19:5e:aa:81:53:e2:94:54:81:33:
fe:bb:c9:3c:60:eb:57:f3:58:fd:27:d0:b1:12:3d:
b7:e8:cc:22:f5:84:e8:a7:91:b7:e0:c6:75:02:6a:
e9:20:5d:a5:f4:aa:7f:88:60:bc:cf:bf:80:04:b0:
98:41:2d:e6:18:ff:51:42:a0:0e:d1:73:59:a2:ff:
32:ea:4d:1c:a7:ab:07:43:98:81:21:01:02:66:af:
a5:50:33:ec:22:77:8a:33:4e:57:e9:eb:f2:6e:54:
21:9c:51:94:76:0f:ca:5c:8d:3e:2b:37:fa:c4:73:
65:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:12:44:C6:3C:75:12:97:89:31:60:6E:A8:D9:33:E9:1A:2E:D2:8E
X509v3 Authority Key Identifier:
keyid:D8:A3:CA:CD:F8:F3:35:14:BE:3A:BD:C5:2C:50:EC:86:46:75:E9:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2KPKzfjzNRS-Or3FLFDshkZ16VU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1c:e1:7a:8a:94:74:c2:2c:49:85:a3:13:09:28:2d:29:c4:43:
0f:ac:2b:b5:2f:dc:48:44:28:02:81:ea:d1:f5:17:5b:e9:f7:
e0:08:92:19:32:d2:ec:22:5e:67:4c:27:66:5d:27:c2:48:5d:
97:a4:35:3c:6a:67:19:47:36:74:2c:ed:4c:a8:56:e4:00:93:
e9:da:fe:a4:8e:91:30:f8:cd:a6:99:aa:c2:9b:30:72:c2:35:
48:f7:f0:8b:a9:87:76:a0:a9:f4:8d:fa:c1:5b:3d:6a:a4:1b:
bb:26:56:bd:23:2f:2a:0d:c3:ad:e6:3a:ee:e6:e3:11:ce:64:
58:a3:0d:0a:cb:e3:59:58:01:be:b2:5a:0c:d3:a3:e8:03:29:
f8:0a:3d:fa:8a:a6:f1:67:01:02:1c:8f:00:f9:06:f3:8a:54:
a2:3c:02:91:71:59:3f:4f:90:29:56:eb:3a:e6:43:9c:4d:38:
58:b3:79:04:69:b7:51:c7:42:d4:82:2d:da:fb:1b:8e:09:75:
d6:ef:82:b0:f2:41:0a:8c:83:b7:e5:aa:0a:e5:f0:f2:2f:22:
86:3e:36:eb:9b:93:39:d8:d4:98:97:01:8d:bc:c4:16:f7:34:
a0:0a:f5:6d:af:1f:69:19:c6:49:99:d5:a0:88:1e:e9:39:3c:
25:9a:d7:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdR/YjLLvmcnUbdk2k15rSQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YTNjYWNkZjhmMzM1MTRiZTNhYmRjNTJjNTBlYzg2NDY3
NWU5NTUwHhcNMjUwNjA5MDAwMDU5WhcNMjUwNjEwMDAwMDU5WjAzMTEwLwYDVQQD
EygxYzEyNDRjNjNjNzUxMjk3ODkzMTYwNmVhOGQ5MzNlOTFhMmVkMjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHpNXRxBMk/ux4Sl2ocp1fOts7iB
1oj5uByBSfiWR+6NgjQMFQ0lwGLhE88drl19RC+V9aTlfVuqvjHAMblYpOJ8PS3R
m/tV26XG9ThIZtt9kNesgLmrfXwXWAcJyxBUR4a9YY2Gs7Pphv3ILKBagujhruVu
JF9Of2T1oST8tPCCYi1SowiHfOZpPRleqoFT4pRUgTP+u8k8YOtX81j9J9CxEj23
6Mwi9YTop5G34MZ1AmrpIF2l9Kp/iGC8z7+ABLCYQS3mGP9RQqAO0XNZov8y6k0c
p6sHQ5iBIQECZq+lUDPsIneKM05X6evyblQhnFGUdg/KXI0+Kzf6xHNlmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBwSRMY8dRKXiTFgbqjZM+kaLtKOMB8GA1UdIwQY
MBaAFNijys348zUUvjq9xSxQ7IZGdelVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMktQS3pmanpOUlMtT3IzRkxGRHNoa1oxNlZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8zMzNjMWEtZTRhNS00OTZkLTlhODEt
Yjc5MWI5ODlhZjI5LzEvMktQS3pmanpOUlMtT3IzRkxGRHNoa1oxNlZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8zMzNjMWEtZTRhNS00OTZkLTlhODEtYjc5MWI5ODlhZjI5
LzEvMktQS3pmanpOUlMtT3IzRkxGRHNoa1oxNlZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHOF6ipR0
wixJhaMTCSgtKcRDD6wrtS/cSEQoAoHq0fUXW+n34AiSGTLS7CJeZ0wnZl0nwkhd
l6Q1PGpnGUc2dCztTKhW5ACT6dr+pI6RMPjNppmqwpswcsI1SPfwi6mHdqCp9I36
wVs9aqQbuyZWvSMvKg3DreY67ubjEc5kWKMNCsvjWVgBvrJaDNOj6AMp+Ao9+oqm
8WcBAhyPAPkG84pUojwCkXFZP0+QKVbrOuZDnE04WLN5BGm3UcdC1IIt2vsbjgl1
1u+CsPJBCoyDt+WqCuXw8i8ihj4265uTOdjUmJcBjbzEFvc0oAr1ba8faRnGSZnV
oIge6Tk8JZrX9w==
-----END CERTIFICATE-----
Generated at Mon Jun 9 06:45:02 2025 by rpki-client