Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/1b132e-b79e-4e58-9380-9e5fd43935b7/1/2krNipcsDnNxGs9H4MhFmhz3JgY.mft
File: 2krNipcsDnNxGs9H4MhFmhz3JgY.mft (raw, json)
Hash identifier: LBpryicuHm5SPO84/58exacWtguMrYtrC2uVb/6p/dw=
Subject key identifier: 18:70:AF:0A:72:33:28:AE:23:18:0D:C7:13:CA:53:C5:FA:FE:4B:6F
Authority key identifier: DA:4A:CD:8A:97:2C:0E:73:71:1A:CF:47:E0:C8:45:9A:1C:F7:26:06
Certificate issuer: /CN=da4acd8a972c0e73711acf47e0c8459a1cf72606
Certificate serial: 019922553B4CF38E070BEB60B9990DCA9F6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2krNipcsDnNxGs9H4MhFmhz3JgY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/1b132e-b79e-4e58-9380-9e5fd43935b7/1/2krNipcsDnNxGs9H4MhFmhz3JgY.mft
Manifest number: 15CE
Signing time: Sun 07 Sep 2025 04:00:35 +0000
Manifest this update: Sun 07 Sep 2025 04:00:35 +0000
Manifest next update: Mon 08 Sep 2025 04:00:35 +0000
Files and hashes: 1: 2krNipcsDnNxGs9H4MhFmhz3JgY.crl (hash: Oz/QThO4tx3pI575x70RTACznw8dYhpJa7c977542i8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/1b132e-b79e-4e58-9380-9e5fd43935b7/1/2krNipcsDnNxGs9H4MhFmhz3JgY.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/1b132e-b79e-4e58-9380-9e5fd43935b7/1/2krNipcsDnNxGs9H4MhFmhz3JgY.mft
rsync://rpki.ripe.net/repository/DEFAULT/2krNipcsDnNxGs9H4MhFmhz3JgY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 04:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:55:3b:4c:f3:8e:07:0b:eb:60:b9:99:0d:ca:9f:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da4acd8a972c0e73711acf47e0c8459a1cf72606
Validity
Not Before: Sep 7 04:00:35 2025 GMT
Not After : Sep 8 04:00:35 2025 GMT
Subject: CN=1870af0a723328ae23180dc713ca53c5fafe4b6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:50:da:10:60:5b:a6:7f:d1:32:93:ef:0d:2c:
0c:3b:53:32:3d:13:d8:54:04:71:b3:f1:0c:44:06:
f5:3d:d2:73:16:0f:bc:88:9f:7e:9a:34:46:2b:bf:
10:ea:2d:02:c9:e1:5c:33:00:a1:da:ac:11:06:6f:
73:67:69:40:37:ad:ea:d7:7c:64:a4:de:b0:ff:aa:
29:9b:97:47:22:44:08:20:d2:ba:15:6e:7c:cd:f4:
10:c2:59:df:00:7c:d6:bb:04:39:36:e4:7b:b9:dc:
bb:94:39:ef:32:7c:bf:18:2c:2b:8f:d7:75:d5:fa:
d8:bf:4d:0e:2f:ba:3a:42:ef:9e:94:11:97:48:d1:
d7:d9:90:ef:1a:fd:a3:50:d4:f5:8b:4f:4a:7a:c3:
f4:bc:aa:a4:1c:bf:64:32:14:c1:28:33:dc:bf:ec:
6d:b3:f4:e0:b2:50:58:79:87:2c:f5:62:ab:c5:bd:
be:2a:5a:fd:3a:6f:26:05:b1:16:72:f8:c7:96:97:
19:e2:87:91:a8:d6:00:bc:80:a5:6f:a6:e5:d3:2a:
79:ee:51:97:76:7a:61:ab:b8:03:49:9f:30:43:b2:
c6:fe:45:c6:31:7c:a1:8c:f0:6f:4b:ef:50:4c:58:
9c:04:c1:fe:eb:bc:74:1d:36:3b:ed:6d:54:e0:77:
7a:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:70:AF:0A:72:33:28:AE:23:18:0D:C7:13:CA:53:C5:FA:FE:4B:6F
X509v3 Authority Key Identifier:
keyid:DA:4A:CD:8A:97:2C:0E:73:71:1A:CF:47:E0:C8:45:9A:1C:F7:26:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2krNipcsDnNxGs9H4MhFmhz3JgY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/1b132e-b79e-4e58-9380-9e5fd43935b7/1/2krNipcsDnNxGs9H4MhFmhz3JgY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/1b132e-b79e-4e58-9380-9e5fd43935b7/1/2krNipcsDnNxGs9H4MhFmhz3JgY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9e:bd:ff:c9:23:87:e2:ea:0d:51:69:8c:74:b9:fb:63:34:d5:
93:d8:eb:78:3c:c0:2d:d9:4d:55:ca:a5:5c:f2:4b:a7:81:51:
00:72:cd:dc:51:ec:c4:c7:51:e6:5d:a1:55:7f:d9:fb:85:27:
44:1b:35:a7:5d:ed:a7:ac:b2:78:9c:e3:8e:57:66:2b:62:ff:
bd:19:33:99:49:5e:c8:7e:73:60:b7:22:ce:f5:e4:a4:fd:9f:
99:f4:04:dc:f1:df:40:45:07:d7:1e:64:b7:e3:f7:c3:06:64:
74:17:1d:7c:2b:c4:bd:c1:43:44:b1:0d:04:85:de:14:b8:06:
54:54:81:82:e5:7f:85:fd:7e:69:66:83:8f:a4:5e:42:74:91:
32:6f:06:2d:d4:52:bf:29:96:f2:97:54:47:8a:bd:93:dd:31:
4c:e2:08:62:a0:58:e0:0d:25:f5:1f:23:ca:36:c6:01:70:af:
74:c0:5b:21:0a:24:b8:aa:ab:04:12:9c:ea:cd:cb:65:e1:55:
a4:82:3f:95:f4:e7:a5:dd:8b:42:b9:12:6f:8f:d3:9d:98:5d:
a1:dd:bc:6e:cd:c6:84:d8:82:e2:bb:63:a7:72:ec:b5:73:83:
66:84:4b:e4:1a:03:79:74:38:90:b0:5b:43:2e:0a:09:f5:31:
c2:09:bf:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVTtM844HC+tguZkNyp9sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNGFjZDhhOTcyYzBlNzM3MTFhY2Y0N2UwYzg0NTlhMWNm
NzI2MDYwHhcNMjUwOTA3MDQwMDM1WhcNMjUwOTA4MDQwMDM1WjAzMTEwLwYDVQQD
EygxODcwYWYwYTcyMzMyOGFlMjMxODBkYzcxM2NhNTNjNWZhZmU0YjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzlDaEGBbpn/RMpPvDSwMO1MyPRPY
VARxs/EMRAb1PdJzFg+8iJ9+mjRGK78Q6i0CyeFcMwCh2qwRBm9zZ2lAN63q13xk
pN6w/6opm5dHIkQIINK6FW58zfQQwlnfAHzWuwQ5NuR7udy7lDnvMny/GCwrj9d1
1frYv00OL7o6Qu+elBGXSNHX2ZDvGv2jUNT1i09KesP0vKqkHL9kMhTBKDPcv+xt
s/TgslBYeYcs9WKrxb2+Klr9Om8mBbEWcvjHlpcZ4oeRqNYAvIClb6bl0yp57lGX
dnphq7gDSZ8wQ7LG/kXGMXyhjPBvS+9QTFicBMH+67x0HTY77W1U4Hd6RQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBhwrwpyMyiuIxgNxxPKU8X6/ktvMB8GA1UdIwQY
MBaAFNpKzYqXLA5zcRrPR+DIRZoc9yYGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmtyTmlwY3NEbk54R3M5SDRNaEZtaHozSmdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8xYjEzMmUtYjc5ZS00ZTU4LTkzODAt
OWU1ZmQ0MzkzNWI3LzEvMmtyTmlwY3NEbk54R3M5SDRNaEZtaHozSmdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC8xYjEzMmUtYjc5ZS00ZTU4LTkzODAtOWU1ZmQ0MzkzNWI3
LzEvMmtyTmlwY3NEbk54R3M5SDRNaEZtaHozSmdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnr3/ySOH
4uoNUWmMdLn7YzTVk9jreDzALdlNVcqlXPJLp4FRAHLN3FHsxMdR5l2hVX/Z+4Un
RBs1p13tp6yyeJzjjldmK2L/vRkzmUleyH5zYLcizvXkpP2fmfQE3PHfQEUH1x5k
t+P3wwZkdBcdfCvEvcFDRLENBIXeFLgGVFSBguV/hf1+aWaDj6ReQnSRMm8GLdRS
vymW8pdUR4q9k90xTOIIYqBY4A0l9R8jyjbGAXCvdMBbIQokuKqrBBKc6s3LZeFV
pII/lfTnpd2LQrkSb4/TnZhdod28bs3GhNiC4rtjp3LstXODZoRL5BoDeXQ4kLBb
Qy4KCfUxwgm/Ng==
-----END CERTIFICATE-----
Generated at Sun Sep 7 13:52:51 2025 by rpki-client