Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/1737fc-b221-4ff0-bfa7-5d674caddd6f/1/2nOjmg4EXd-u9QLx_ZHGzBZQlFk.mft
File: 2nOjmg4EXd-u9QLx_ZHGzBZQlFk.mft (raw, json)
Hash identifier: Cfgk047fPvsDJNV6DP09RyeW8Ir3LVx8LYhoPqg58zg=
Subject key identifier: 5C:23:4B:5C:CE:28:7C:BC:52:5F:1E:BD:13:3A:6C:7A:B7:B4:0A:54
Authority key identifier: DA:73:A3:9A:0E:04:5D:DF:AE:F5:02:F1:FD:91:C6:CC:16:50:94:59
Certificate issuer: /CN=da73a39a0e045ddfaef502f1fd91c6cc16509459
Certificate serial: 019848C062A55AE91B677EF3A2933FE4B2F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2nOjmg4EXd-u9QLx_ZHGzBZQlFk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/1737fc-b221-4ff0-bfa7-5d674caddd6f/1/2nOjmg4EXd-u9QLx_ZHGzBZQlFk.mft
Manifest number: 0D90
Signing time: Sat 26 Jul 2025 22:00:24 +0000
Manifest this update: Sat 26 Jul 2025 22:00:24 +0000
Manifest next update: Sun 27 Jul 2025 22:00:24 +0000
Files and hashes: 1: 2nOjmg4EXd-u9QLx_ZHGzBZQlFk.crl (hash: RuGZ4rUWpuIRJAAiDguvB8qdaoSSGUs03ktAblwJbro=)
2: nEst59VNXuZ4VJfEimqfkDoIWMw.roa (hash: MVYyTOwc+4oCrDyXY6sI17JYzQycO6fjKklmhjG1KnA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/1737fc-b221-4ff0-bfa7-5d674caddd6f/1/2nOjmg4EXd-u9QLx_ZHGzBZQlFk.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/1737fc-b221-4ff0-bfa7-5d674caddd6f/1/2nOjmg4EXd-u9QLx_ZHGzBZQlFk.mft
rsync://rpki.ripe.net/repository/DEFAULT/2nOjmg4EXd-u9QLx_ZHGzBZQlFk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 20:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:48:c0:62:a5:5a:e9:1b:67:7e:f3:a2:93:3f:e4:b2:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da73a39a0e045ddfaef502f1fd91c6cc16509459
Validity
Not Before: Jul 26 22:00:24 2025 GMT
Not After : Jul 27 22:00:24 2025 GMT
Subject: CN=5c234b5cce287cbc525f1ebd133a6c7ab7b40a54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:3d:1c:c6:38:52:e1:97:20:43:33:e5:fe:58:
c0:11:35:4f:4a:2f:4e:49:e0:ce:a1:94:9f:ac:04:
41:b1:fd:7a:a9:38:de:8b:17:ad:8d:50:8a:1d:95:
b2:29:b0:28:a4:ea:d8:0f:51:2a:c0:81:71:49:cb:
ad:41:2a:f5:f2:74:6b:5d:e0:c9:2b:0e:23:af:2a:
49:df:9b:c7:e9:e3:1b:74:b8:ee:95:62:92:5a:be:
ee:9d:6d:31:bc:13:32:de:be:f4:f2:7b:72:83:54:
a5:c7:c3:20:6f:92:07:82:76:81:9b:20:93:14:53:
7b:b3:34:61:63:72:bf:cc:eb:19:03:e7:b5:1b:73:
a9:79:e9:be:b0:24:79:06:3a:1a:75:3a:f4:6a:ad:
15:68:fd:ea:f0:1b:fc:3a:39:83:08:6d:20:89:c0:
15:8c:4e:0d:f5:68:bf:5c:ff:12:4c:2e:83:65:c7:
6b:b1:e8:d8:84:82:a2:3a:f5:c0:0d:8a:cb:00:b8:
ae:4b:e5:77:e7:2c:51:fe:f2:ef:8a:ee:96:cc:49:
37:b7:22:7f:18:18:cf:6e:f2:bd:69:74:8f:56:c6:
e5:84:16:78:8d:df:63:2d:bd:ab:57:04:19:4a:0b:
1f:fe:de:d6:44:3f:bd:af:4f:46:4c:fb:4b:36:02:
20:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:23:4B:5C:CE:28:7C:BC:52:5F:1E:BD:13:3A:6C:7A:B7:B4:0A:54
X509v3 Authority Key Identifier:
keyid:DA:73:A3:9A:0E:04:5D:DF:AE:F5:02:F1:FD:91:C6:CC:16:50:94:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2nOjmg4EXd-u9QLx_ZHGzBZQlFk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/1737fc-b221-4ff0-bfa7-5d674caddd6f/1/2nOjmg4EXd-u9QLx_ZHGzBZQlFk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/1737fc-b221-4ff0-bfa7-5d674caddd6f/1/2nOjmg4EXd-u9QLx_ZHGzBZQlFk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8d:a7:c0:71:be:c6:32:e1:fc:9e:73:a9:c9:b5:a3:80:2c:83:
7d:77:bd:0b:1f:a1:03:ef:e4:62:31:1f:4e:6a:d8:8d:81:8e:
81:ad:24:2f:e6:29:cc:cd:03:5f:62:7b:7c:92:1b:13:eb:8b:
fd:de:82:3f:61:e9:73:a5:5a:cc:de:d8:f6:a9:ad:eb:91:98:
3d:7a:74:6f:95:d7:9e:1c:b4:08:66:7e:fa:94:f7:f0:21:91:
97:88:bd:fc:02:33:3f:84:47:27:d0:92:2f:f9:8e:43:df:8f:
64:5d:fe:66:62:79:37:b1:a5:b6:f5:84:97:b1:ed:2d:cc:a1:
24:1e:bc:8d:7c:92:b2:2a:3a:16:5a:f1:0e:ba:de:c6:6d:29:
a2:2b:6c:b1:a4:2d:d1:67:39:33:7b:57:1a:a3:5c:d8:5e:25:
89:42:47:a7:53:b2:3d:4a:f5:32:b4:98:6c:22:3d:58:07:1b:
8c:17:b4:9a:fc:47:8b:19:53:0e:05:28:ae:98:b7:ee:a0:96:
dd:f1:96:22:be:70:e0:76:62:ad:93:7b:d5:58:c6:5e:6a:59:
c4:70:47:88:c5:e4:9e:1a:74:2c:ef:b0:0d:eb:ca:a4:d4:80:
e2:ee:25:bc:09:9d:8a:a1:c0:37:ef:72:8f:65:7b:e5:b0:ac:
d7:4b:bf:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhIwGKlWukbZ37zopM/5LLzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNzNhMzlhMGUwNDVkZGZhZWY1MDJmMWZkOTFjNmNjMTY1
MDk0NTkwHhcNMjUwNzI2MjIwMDI0WhcNMjUwNzI3MjIwMDI0WjAzMTEwLwYDVQQD
Eyg1YzIzNGI1Y2NlMjg3Y2JjNTI1ZjFlYmQxMzNhNmM3YWI3YjQwYTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArD0cxjhS4ZcgQzPl/ljAETVPSi9O
SeDOoZSfrARBsf16qTjeixetjVCKHZWyKbAopOrYD1EqwIFxScutQSr18nRrXeDJ
Kw4jrypJ35vH6eMbdLjulWKSWr7unW0xvBMy3r708ntyg1Slx8Mgb5IHgnaBmyCT
FFN7szRhY3K/zOsZA+e1G3Opeem+sCR5BjoadTr0aq0VaP3q8Bv8OjmDCG0gicAV
jE4N9Wi/XP8STC6DZcdrsejYhIKiOvXADYrLALiuS+V35yxR/vLviu6WzEk3tyJ/
GBjPbvK9aXSPVsblhBZ4jd9jLb2rVwQZSgsf/t7WRD+9r09GTPtLNgIgjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFwjS1zOKHy8Ul8evRM6bHq3tApUMB8GA1UdIwQY
MBaAFNpzo5oOBF3frvUC8f2RxswWUJRZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm5Pam1nNEVYZC11OVFMeF9aSEd6QlpRbEZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8xNzM3ZmMtYjIyMS00ZmYwLWJmYTct
NWQ2NzRjYWRkZDZmLzEvMm5Pam1nNEVYZC11OVFMeF9aSEd6QlpRbEZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8xNzM3ZmMtYjIyMS00ZmYwLWJmYTctNWQ2NzRjYWRkZDZm
LzEvMm5Pam1nNEVYZC11OVFMeF9aSEd6QlpRbEZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjafAcb7G
MuH8nnOpybWjgCyDfXe9Cx+hA+/kYjEfTmrYjYGOga0kL+YpzM0DX2J7fJIbE+uL
/d6CP2Hpc6VazN7Y9qmt65GYPXp0b5XXnhy0CGZ++pT38CGRl4i9/AIzP4RHJ9CS
L/mOQ9+PZF3+ZmJ5N7GltvWEl7HtLcyhJB68jXySsio6FlrxDrrexm0poitssaQt
0Wc5M3tXGqNc2F4liUJHp1OyPUr1MrSYbCI9WAcbjBe0mvxHixlTDgUorpi37qCW
3fGWIr5w4HZirZN71VjGXmpZxHBHiMXknhp0LO+wDevKpNSA4u4lvAmdiqHAN+9y
j2V75bCs10u/SA==
-----END CERTIFICATE-----
Generated at Sun Jul 27 05:14:55 2025 by rpki-client