Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b043af-b492-4b5b-a250-301433ebe436/1/IT2HNcFEzxJWWEO2nrQKTRowGqU.mft
File: IT2HNcFEzxJWWEO2nrQKTRowGqU.mft (raw, json)
Hash identifier: S3z7szXY3bCIW966NaXqXbaFXacjUIMrzrjF2KTzELw=
Subject key identifier: B0:28:C6:CF:3B:DA:71:22:9D:FB:88:93:5A:FB:14:04:D4:58:F8:F3
Authority key identifier: 21:3D:87:35:C1:44:CF:12:56:58:43:B6:9E:B4:0A:4D:1A:30:1A:A5
Certificate issuer: /CN=213d8735c144cf12565843b69eb40a4d1a301aa5
Certificate serial: 019A706E0613A6091DE6EDF65F1B15BA7C02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IT2HNcFEzxJWWEO2nrQKTRowGqU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b043af-b492-4b5b-a250-301433ebe436/1/IT2HNcFEzxJWWEO2nrQKTRowGqU.mft
Manifest number: 108F
Signing time: Tue 11 Nov 2025 01:00:49 +0000
Manifest this update: Tue 11 Nov 2025 01:00:49 +0000
Manifest next update: Wed 12 Nov 2025 01:00:49 +0000
Files and hashes: 1: IT2HNcFEzxJWWEO2nrQKTRowGqU.crl (hash: OE8pbGVFXlP4diicixHmLBBRn9x2RgoVDGrsXhE/M/A=)
2: oYl1-NMXXzEXtTi3L5l80mvOKew.roa (hash: HGKJcqJks4x1KvA9MPs1IeJtaKWdWbE52yFjhD/1Aak=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/b043af-b492-4b5b-a250-301433ebe436/1/IT2HNcFEzxJWWEO2nrQKTRowGqU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/b043af-b492-4b5b-a250-301433ebe436/1/IT2HNcFEzxJWWEO2nrQKTRowGqU.mft
rsync://rpki.ripe.net/repository/DEFAULT/IT2HNcFEzxJWWEO2nrQKTRowGqU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:6e:06:13:a6:09:1d:e6:ed:f6:5f:1b:15:ba:7c:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=213d8735c144cf12565843b69eb40a4d1a301aa5
Validity
Not Before: Nov 11 01:00:49 2025 GMT
Not After : Nov 12 01:00:49 2025 GMT
Subject: CN=b028c6cf3bda71229dfb88935afb1404d458f8f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:92:97:7a:d0:af:7e:22:13:93:8c:f5:8a:4e:
c1:53:5d:5b:f8:1c:51:a5:c6:9b:6e:6a:67:af:98:
6f:c7:52:58:5f:0b:db:29:28:03:08:0e:d2:c6:57:
21:a3:7e:c5:70:31:f1:04:0d:9b:3b:c1:ff:e9:a3:
f6:92:c2:c9:17:32:49:d4:61:30:95:7c:7b:21:7a:
99:68:15:17:87:48:75:6a:37:5e:39:34:ef:0f:06:
ff:ca:be:0a:29:8c:2c:cc:18:39:8f:cb:3d:00:63:
33:9b:65:a1:94:33:d3:8b:0c:ea:00:5d:ea:12:dd:
6d:e1:96:71:95:a3:11:a1:ae:96:75:7d:d8:81:0c:
78:e8:25:8e:65:19:22:d9:5c:16:9e:2c:fa:e1:96:
05:0b:91:04:39:3f:85:25:19:66:9c:a2:d2:1a:a3:
df:3b:04:62:ac:7a:4c:34:2d:d6:de:11:82:f4:4a:
a1:86:1a:35:79:b8:c5:76:16:e4:77:b4:29:cc:1d:
70:11:b4:b0:f5:89:ea:ef:87:73:f0:29:b3:9b:13:
d0:da:53:50:3f:eb:92:74:72:f7:91:6b:ea:a3:f8:
b0:6a:75:8a:cd:d3:ba:2b:cd:76:07:e2:bb:1f:06:
50:5a:ad:3d:6b:f9:55:80:40:7b:8a:f9:bd:1f:2e:
25:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:28:C6:CF:3B:DA:71:22:9D:FB:88:93:5A:FB:14:04:D4:58:F8:F3
X509v3 Authority Key Identifier:
keyid:21:3D:87:35:C1:44:CF:12:56:58:43:B6:9E:B4:0A:4D:1A:30:1A:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IT2HNcFEzxJWWEO2nrQKTRowGqU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b043af-b492-4b5b-a250-301433ebe436/1/IT2HNcFEzxJWWEO2nrQKTRowGqU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b043af-b492-4b5b-a250-301433ebe436/1/IT2HNcFEzxJWWEO2nrQKTRowGqU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
62:2b:60:90:cc:68:bb:ed:fb:55:93:52:04:a1:b3:fa:53:57:
c4:a3:a5:b4:50:32:df:b7:c7:2e:26:d0:6d:46:e9:7f:c0:a9:
50:00:c5:77:26:f2:07:fb:6a:e8:1d:94:2a:35:6f:da:d4:c0:
a6:cc:35:d9:b5:35:15:e4:f3:b6:a3:eb:a9:ad:8c:1f:5c:7d:
ab:90:cb:cc:4f:93:73:90:a2:eb:28:fd:b6:d5:9e:94:11:fb:
4a:5f:c3:f9:67:f3:80:4f:15:25:52:6d:3c:f9:ce:c1:87:3c:
0a:b4:5e:62:d7:6a:58:ed:64:12:0a:bf:ec:3c:e9:6c:64:5e:
29:8b:87:9a:d0:ad:1f:5c:7a:47:02:c6:7a:6b:dc:e4:67:88:
63:ac:32:00:d7:00:84:e3:f8:4c:6b:c7:bb:58:da:ec:e4:ad:
f7:fc:b1:87:86:8b:dc:c8:e2:66:5c:6f:e6:f9:eb:f5:64:7d:
4d:f7:85:94:a3:1c:b6:b5:fc:fa:07:91:f9:9f:6c:a4:72:73:
cf:2c:fe:49:c1:a0:9b:12:ba:ff:28:9d:e3:7b:62:4b:87:99:
f6:a7:7e:e0:f7:0d:93:42:38:bc:1f:90:94:c6:0f:d6:9c:d4:
6c:cd:16:84:82:97:cc:e3:db:8f:6f:98:e9:4c:cb:93:5f:aa:
8d:07:30:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwbgYTpgkd5u32XxsVunwCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxM2Q4NzM1YzE0NGNmMTI1NjU4NDNiNjllYjQwYTRkMWEz
MDFhYTUwHhcNMjUxMTExMDEwMDQ5WhcNMjUxMTEyMDEwMDQ5WjAzMTEwLwYDVQQD
EyhiMDI4YzZjZjNiZGE3MTIyOWRmYjg4OTM1YWZiMTQwNGQ0NThmOGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ZKXetCvfiITk4z1ik7BU11b+BxR
pcabbmpnr5hvx1JYXwvbKSgDCA7Sxlcho37FcDHxBA2bO8H/6aP2ksLJFzJJ1GEw
lXx7IXqZaBUXh0h1ajdeOTTvDwb/yr4KKYwszBg5j8s9AGMzm2WhlDPTiwzqAF3q
Et1t4ZZxlaMRoa6WdX3YgQx46CWOZRki2VwWniz64ZYFC5EEOT+FJRlmnKLSGqPf
OwRirHpMNC3W3hGC9Eqhhho1ebjFdhbkd7QpzB1wEbSw9Ynq74dz8CmzmxPQ2lNQ
P+uSdHL3kWvqo/iwanWKzdO6K812B+K7HwZQWq09a/lVgEB7ivm9Hy4lMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLAoxs872nEinfuIk1r7FATUWPjzMB8GA1UdIwQY
MBaAFCE9hzXBRM8SVlhDtp60Ck0aMBqlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVQySE5jRkV6eEpXV0VPMm5yUUtUUm93R3FVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iMDQzYWYtYjQ5Mi00YjViLWEyNTAt
MzAxNDMzZWJlNDM2LzEvSVQySE5jRkV6eEpXV0VPMm5yUUtUUm93R3FVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iMDQzYWYtYjQ5Mi00YjViLWEyNTAtMzAxNDMzZWJlNDM2
LzEvSVQySE5jRkV6eEpXV0VPMm5yUUtUUm93R3FVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYitgkMxo
u+37VZNSBKGz+lNXxKOltFAy37fHLibQbUbpf8CpUADFdybyB/tq6B2UKjVv2tTA
psw12bU1FeTztqPrqa2MH1x9q5DLzE+Tc5Ci6yj9ttWelBH7Sl/D+WfzgE8VJVJt
PPnOwYc8CrReYtdqWO1kEgq/7DzpbGReKYuHmtCtH1x6RwLGemvc5GeIY6wyANcA
hOP4TGvHu1ja7OSt9/yxh4aL3MjiZlxv5vnr9WR9TfeFlKMctrX8+geR+Z9spHJz
zyz+ScGgmxK6/yid43tiS4eZ9qd+4PcNk0I4vB+QlMYP1pzUbM0WhIKXzOPbj2+Y
6UzLk1+qjQcwHA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:46:29 2025 by rpki-client