Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft
File: 2iTzVyHKMag-L26TfhdAjm57LGE.mft (raw, json)
Hash identifier: yL18U0Ta8H98nhjnpXEbxYMfI4cIChgT3LD2GdM63oo=
Subject key identifier: BB:AF:31:9A:B0:49:E8:1E:36:EA:60:2A:A8:78:7C:02:D7:8B:1A:B4
Authority key identifier: DA:24:F3:57:21:CA:31:A8:3E:2F:6E:93:7E:17:40:8E:6E:7B:2C:61
Certificate issuer: /CN=da24f35721ca31a83e2f6e937e17408e6e7b2c61
Certificate serial: 019A71EEB1E7CEB192C1AB15612C3DD495EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft
Manifest number: 1724
Signing time: Tue 11 Nov 2025 08:00:59 +0000
Manifest this update: Tue 11 Nov 2025 08:00:59 +0000
Manifest next update: Wed 12 Nov 2025 08:00:59 +0000
Files and hashes: 1: 2iTzVyHKMag-L26TfhdAjm57LGE.crl (hash: BUyWPUHBDOX4Lae18t/umZvNK57XM5FtdcA3ZewWZtg=)
2: I11yOf8621A4bMVjivGCunNhodU.roa (hash: zD+DtTuh65HplID/p8Q/zTlZEI94dke+hM79PxEcBgg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft
rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:b1:e7:ce:b1:92:c1:ab:15:61:2c:3d:d4:95:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da24f35721ca31a83e2f6e937e17408e6e7b2c61
Validity
Not Before: Nov 11 08:00:59 2025 GMT
Not After : Nov 12 08:00:59 2025 GMT
Subject: CN=bbaf319ab049e81e36ea602aa8787c02d78b1ab4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:4a:6b:b9:e0:4b:f8:1e:d5:b7:e5:94:8b:a1:
5a:29:f6:d4:6d:ca:b3:6c:4d:48:7d:01:86:b5:10:
3c:d2:4b:a4:47:7a:db:52:8d:3b:b5:84:bd:1a:f0:
af:00:8e:e9:b6:ce:a2:b4:a4:95:fc:d7:e6:ef:83:
61:b8:07:60:66:72:0d:c2:4f:b0:d9:4f:d8:0b:b5:
21:38:16:9a:96:c0:6f:a4:3d:e9:29:9e:fa:1a:ba:
0e:0a:06:54:be:bc:2f:3f:81:60:15:b4:8a:6c:fe:
ab:17:88:85:7f:05:e0:07:b4:61:c7:c5:be:b8:e7:
29:29:5a:3a:a1:43:e6:d4:91:38:96:c6:ba:eb:3e:
15:f7:aa:63:9e:5c:34:f6:b1:94:5b:a1:e5:66:40:
4f:57:cd:90:25:44:cb:7e:f3:3e:30:ec:35:65:2d:
5d:88:78:7d:4c:b9:90:f0:21:8f:f6:98:9f:92:d3:
20:cb:7d:aa:d7:10:cf:51:4b:f9:91:b5:20:a8:37:
22:ed:2e:88:c2:26:e3:4f:c3:f1:5c:bc:45:f9:53:
1e:ab:d2:96:72:d3:c5:18:19:f3:09:57:9d:c2:26:
21:13:10:82:45:40:6c:aa:a2:0c:c8:33:69:67:4a:
9b:c9:0f:d9:d4:af:15:a2:bb:9f:7b:d0:b9:5e:00:
e2:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:AF:31:9A:B0:49:E8:1E:36:EA:60:2A:A8:78:7C:02:D7:8B:1A:B4
X509v3 Authority Key Identifier:
keyid:DA:24:F3:57:21:CA:31:A8:3E:2F:6E:93:7E:17:40:8E:6E:7B:2C:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
53:12:41:d8:32:b8:27:08:bc:5c:ab:45:f3:a8:df:1a:b9:10:
63:72:a8:cd:84:36:fb:5c:74:11:58:64:e5:63:ed:b7:01:b7:
74:6f:fd:82:23:a8:cc:7e:40:f9:7a:e0:01:40:ec:b8:c6:58:
27:df:39:ed:38:c9:f4:ac:c6:a6:a3:c1:2b:8b:17:bf:f4:da:
a4:94:e2:63:41:67:71:9e:33:21:c2:3c:30:89:17:5b:dd:00:
1f:19:b5:20:99:0c:1c:e0:ba:12:f6:a1:d7:29:12:22:08:8c:
07:5e:a6:d1:2b:86:13:b6:97:b6:a9:e7:59:62:cf:f7:44:97:
b3:ab:75:47:fc:22:4b:a2:2a:13:a5:77:3e:be:0e:bd:2c:35:
db:5e:c8:a5:00:4f:88:3f:12:8e:4e:4e:f3:13:07:03:0b:c1:
6f:93:cb:d7:23:cd:b9:fc:05:53:6d:34:55:7b:a2:51:86:40:
17:f6:b2:58:23:4d:61:aa:8f:8a:ba:a6:22:23:da:48:8b:ee:
3a:68:2e:92:71:d5:00:7d:d2:a4:0b:e3:28:51:3a:76:80:53:
1b:67:52:5d:46:1c:00:1b:3a:e8:91:30:2b:48:ca:ad:d3:7a:
dd:51:b8:80:af:11:4f:a6:75:c3:60:fa:fc:b5:fd:4b:87:55:
ca:42:11:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7rHnzrGSwasVYSw91JXuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMjRmMzU3MjFjYTMxYTgzZTJmNmU5MzdlMTc0MDhlNmU3
YjJjNjEwHhcNMjUxMTExMDgwMDU5WhcNMjUxMTEyMDgwMDU5WjAzMTEwLwYDVQQD
EyhiYmFmMzE5YWIwNDllODFlMzZlYTYwMmFhODc4N2MwMmQ3OGIxYWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkprueBL+B7Vt+WUi6FaKfbUbcqz
bE1IfQGGtRA80kukR3rbUo07tYS9GvCvAI7pts6itKSV/Nfm74NhuAdgZnINwk+w
2U/YC7UhOBaalsBvpD3pKZ76GroOCgZUvrwvP4FgFbSKbP6rF4iFfwXgB7Rhx8W+
uOcpKVo6oUPm1JE4lsa66z4V96pjnlw09rGUW6HlZkBPV82QJUTLfvM+MOw1ZS1d
iHh9TLmQ8CGP9pifktMgy32q1xDPUUv5kbUgqDci7S6IwibjT8PxXLxF+VMeq9KW
ctPFGBnzCVedwiYhExCCRUBsqqIMyDNpZ0qbyQ/Z1K8Vorufe9C5XgDiNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLuvMZqwSegeNupgKqh4fALXixq0MB8GA1UdIwQY
MBaAFNok81chyjGoPi9uk34XQI5ueyxhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9lY2VjZjQtZTkzMC00MTkyLTg0ZGQt
ODBmMzFkM2VhMTUyLzEvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9lY2VjZjQtZTkzMC00MTkyLTg0ZGQtODBmMzFkM2VhMTUy
LzEvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUxJB2DK4
Jwi8XKtF86jfGrkQY3KozYQ2+1x0EVhk5WPttwG3dG/9giOozH5A+XrgAUDsuMZY
J9857TjJ9KzGpqPBK4sXv/TapJTiY0FncZ4zIcI8MIkXW90AHxm1IJkMHOC6Evah
1ykSIgiMB16m0SuGE7aXtqnnWWLP90SXs6t1R/wiS6IqE6V3Pr4OvSw1217IpQBP
iD8Sjk5O8xMHAwvBb5PL1yPNufwFU200VXuiUYZAF/ayWCNNYaqPirqmIiPaSIvu
OmguknHVAH3SpAvjKFE6doBTG2dSXUYcABs66JEwK0jKrdN63VG4gK8RT6Z1w2D6
/LX9S4dVykIRvw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:32:22 2025 by rpki-client