Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft
File: 2iTzVyHKMag-L26TfhdAjm57LGE.mft (raw, json)
Hash identifier: kJ5eWhEL3Y0RosPJZ4kQdg46EC2b+F+ATJFHadgCb/g=
Subject key identifier: BD:0E:70:96:FB:13:80:9C:9F:EF:9D:4E:31:63:28:61:28:90:67:FF
Authority key identifier: DA:24:F3:57:21:CA:31:A8:3E:2F:6E:93:7E:17:40:8E:6E:7B:2C:61
Certificate issuer: /CN=da24f35721ca31a83e2f6e937e17408e6e7b2c61
Certificate serial: 019921E7650A029F5CB19CD52FD647CACE23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft
Manifest number: 1676
Signing time: Sun 07 Sep 2025 02:00:36 +0000
Manifest this update: Sun 07 Sep 2025 02:00:36 +0000
Manifest next update: Mon 08 Sep 2025 02:00:36 +0000
Files and hashes: 1: 2iTzVyHKMag-L26TfhdAjm57LGE.crl (hash: fVffPu14xwWphKPnu++w/JkOZ7n/GOHyiC7a+5mrsCk=)
2: I11yOf8621A4bMVjivGCunNhodU.roa (hash: zD+DtTuh65HplID/p8Q/zTlZEI94dke+hM79PxEcBgg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft
rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 02:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:21:e7:65:0a:02:9f:5c:b1:9c:d5:2f:d6:47:ca:ce:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da24f35721ca31a83e2f6e937e17408e6e7b2c61
Validity
Not Before: Sep 7 02:00:36 2025 GMT
Not After : Sep 8 02:00:36 2025 GMT
Subject: CN=bd0e7096fb13809c9fef9d4e31632861289067ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:64:19:91:0c:83:a7:d8:e3:c8:86:82:f1:d8:
64:71:3a:76:40:2e:90:24:2e:4e:cc:f2:b2:89:8a:
3c:2a:dd:b3:61:73:08:26:53:b4:91:8e:02:e4:65:
e5:78:4b:63:04:e1:d8:97:22:9e:48:bb:da:46:d6:
fb:c4:af:40:a8:d0:4e:13:a8:c1:7b:1f:12:f4:62:
1a:ae:f2:6b:99:ef:26:96:b6:e9:6d:41:44:c8:67:
9d:44:73:db:33:33:d4:ab:7c:84:4d:49:9b:b0:63:
3d:b5:8e:fa:05:43:36:b0:21:5f:cd:1f:2e:cd:8d:
e4:d5:25:49:30:66:40:1f:1d:af:b7:c2:7f:21:93:
7b:5d:77:3d:b4:58:f3:4c:52:ef:86:4d:04:13:a2:
d6:d1:78:5f:0e:6a:68:f1:fb:b3:62:b2:47:98:25:
f6:31:61:30:3a:1d:df:aa:41:d2:39:68:74:17:cd:
a4:7d:c3:89:94:85:e6:6d:fa:44:54:cf:1d:44:62:
72:8c:13:8f:55:b5:a4:03:81:95:21:cb:8d:21:c5:
a0:be:77:74:7e:25:00:98:a3:97:7f:bc:60:c7:2f:
cb:97:c1:76:54:47:1e:54:ca:1a:6a:73:cf:06:96:
50:af:f5:46:75:15:3c:44:64:00:04:62:ff:07:60:
2e:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:0E:70:96:FB:13:80:9C:9F:EF:9D:4E:31:63:28:61:28:90:67:FF
X509v3 Authority Key Identifier:
keyid:DA:24:F3:57:21:CA:31:A8:3E:2F:6E:93:7E:17:40:8E:6E:7B:2C:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
54:71:a3:cf:09:d8:f4:9f:52:0c:a1:85:29:e4:80:cc:6a:68:
70:0a:de:58:8d:d9:4a:c6:0b:03:84:35:31:2a:2c:58:9f:cc:
44:70:d6:04:fb:70:91:a2:be:b5:8f:6c:e7:e4:19:5f:59:f5:
36:2f:63:0c:d0:31:f9:ce:78:3a:e7:63:30:53:e3:e3:b1:09:
fe:81:3f:4c:1c:4c:ee:c8:16:81:ba:85:d4:35:44:5f:f4:86:
d9:80:78:90:31:15:2d:fc:51:b2:85:d1:aa:69:d4:0e:39:d1:
55:cd:05:8c:ee:c3:60:06:a7:db:18:c1:a7:90:76:84:51:ca:
35:eb:9b:24:43:e3:bd:aa:54:e3:49:50:74:69:5f:57:91:a3:
d0:0b:0d:52:8a:b5:9e:b5:67:b5:f9:7d:69:a4:4e:9b:da:31:
a9:92:63:0f:9b:19:5d:0f:fc:e9:16:f5:78:1c:09:cd:82:dc:
2c:8a:33:09:17:ee:1e:ed:15:b5:9c:d3:c0:2f:4f:58:9c:23:
36:0c:4f:82:3b:5d:2a:12:69:e6:54:8e:5f:b7:ff:66:0c:bd:
73:ce:72:b1:00:cb:b0:3a:5c:81:47:cf:2b:01:5c:fa:ef:64:
ec:f2:23:fa:97:40:69:77:15:e7:d3:9f:71:a6:11:d1:b2:cd:
18:e3:29:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkh52UKAp9csZzVL9ZHys4jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMjRmMzU3MjFjYTMxYTgzZTJmNmU5MzdlMTc0MDhlNmU3
YjJjNjEwHhcNMjUwOTA3MDIwMDM2WhcNMjUwOTA4MDIwMDM2WjAzMTEwLwYDVQQD
EyhiZDBlNzA5NmZiMTM4MDljOWZlZjlkNGUzMTYzMjg2MTI4OTA2N2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmQZkQyDp9jjyIaC8dhkcTp2QC6Q
JC5OzPKyiYo8Kt2zYXMIJlO0kY4C5GXleEtjBOHYlyKeSLvaRtb7xK9AqNBOE6jB
ex8S9GIarvJrme8mlrbpbUFEyGedRHPbMzPUq3yETUmbsGM9tY76BUM2sCFfzR8u
zY3k1SVJMGZAHx2vt8J/IZN7XXc9tFjzTFLvhk0EE6LW0XhfDmpo8fuzYrJHmCX2
MWEwOh3fqkHSOWh0F82kfcOJlIXmbfpEVM8dRGJyjBOPVbWkA4GVIcuNIcWgvnd0
fiUAmKOXf7xgxy/Ll8F2VEceVMoaanPPBpZQr/VGdRU8RGQABGL/B2AuaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL0OcJb7E4Ccn++dTjFjKGEokGf/MB8GA1UdIwQY
MBaAFNok81chyjGoPi9uk34XQI5ueyxhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9lY2VjZjQtZTkzMC00MTkyLTg0ZGQt
ODBmMzFkM2VhMTUyLzEvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9lY2VjZjQtZTkzMC00MTkyLTg0ZGQtODBmMzFkM2VhMTUy
LzEvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVHGjzwnY
9J9SDKGFKeSAzGpocAreWI3ZSsYLA4Q1MSosWJ/MRHDWBPtwkaK+tY9s5+QZX1n1
Ni9jDNAx+c54OudjMFPj47EJ/oE/TBxM7sgWgbqF1DVEX/SG2YB4kDEVLfxRsoXR
qmnUDjnRVc0FjO7DYAan2xjBp5B2hFHKNeubJEPjvapU40lQdGlfV5Gj0AsNUoq1
nrVntfl9aaROm9oxqZJjD5sZXQ/86Rb1eBwJzYLcLIozCRfuHu0VtZzTwC9PWJwj
NgxPgjtdKhJp5lSOX7f/Zgy9c85ysQDLsDpcgUfPKwFc+u9k7PIj+pdAaXcV59Of
caYR0bLNGOMplA==
-----END CERTIFICATE-----
Generated at Sun Sep 7 11:16:08 2025 by rpki-client