Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.mft
File: Lr_2z7gya0RylaEbEHhoIS5mX90.mft (raw, json)
Hash identifier: OEswjRyjgT5s5Se7iIk3CWHbkI5MigorOsaMtMWJeBY=
Subject key identifier: 66:C1:E4:05:3C:C7:C3:83:46:F6:92:A2:E8:4C:C7:DC:44:A3:AF:EB
Authority key identifier: 2E:BF:F6:CF:B8:32:6B:44:72:95:A1:1B:10:78:68:21:2E:66:5F:DD
Certificate issuer: /CN=2ebff6cfb8326b447295a11b107868212e665fdd
Certificate serial: 01976282CD25921C9AC090EA9EF8DDCA3C94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lr_2z7gya0RylaEbEHhoIS5mX90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.mft
Manifest number: 0669
Signing time: Thu 12 Jun 2025 05:00:28 +0000
Manifest this update: Thu 12 Jun 2025 05:00:28 +0000
Manifest next update: Fri 13 Jun 2025 05:00:28 +0000
Files and hashes: 1: 2EHY0ANqI6GjPJ3q8F_H43sabIk.roa (hash: 6KKbNu6n/lBjRM28xxVSQgucF7edE6uzeJUy5fL1Psg=)
2: Lr_2z7gya0RylaEbEHhoIS5mX90.crl (hash: jrVZ8D1W38Z7/0nO4BDSAifoQItqoErb5GTj+P9p4kg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.mft
rsync://rpki.ripe.net/repository/DEFAULT/Lr_2z7gya0RylaEbEHhoIS5mX90.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Jun 2025 05:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:62:82:cd:25:92:1c:9a:c0:90:ea:9e:f8:dd:ca:3c:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ebff6cfb8326b447295a11b107868212e665fdd
Validity
Not Before: Jun 12 05:00:28 2025 GMT
Not After : Jun 13 05:00:28 2025 GMT
Subject: CN=66c1e4053cc7c38346f692a2e84cc7dc44a3afeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:2b:89:58:60:61:d3:1b:0c:81:8e:54:0f:da:
2e:77:88:0a:c2:06:33:c9:4c:a5:14:04:b1:9c:00:
0e:11:03:35:13:5d:e7:0f:ae:06:26:a3:2e:81:35:
88:b7:13:e8:da:ef:14:b9:b3:fc:97:b3:f5:0c:5c:
7d:f6:b8:10:ff:a6:bd:4c:00:d9:aa:f1:f2:aa:29:
c3:16:42:6a:19:ce:cf:14:c0:fb:eb:9c:5c:75:6a:
89:62:dc:25:4c:b6:fe:ce:e3:a5:52:9a:a1:b9:a2:
ba:e7:34:5c:95:80:ed:9c:8e:5d:48:bf:60:88:f2:
38:3c:78:f3:f4:cd:a7:ec:3d:33:d5:e7:2a:45:22:
4e:79:e6:a1:4b:af:57:4e:a8:f4:64:73:c2:f3:78:
ae:46:41:f7:b4:d9:cf:cb:83:0e:c9:7b:e7:1e:9f:
ff:04:6c:f4:83:07:a6:5b:a6:57:ae:22:d7:c1:e7:
b5:e9:2d:67:87:d1:3e:35:4e:84:2a:cf:c0:c8:f3:
e1:1a:76:2a:89:50:2d:b6:3a:bc:00:d4:b3:1f:96:
bc:01:a5:7b:95:0f:44:4b:fe:95:75:c5:7f:85:37:
3e:32:39:60:d3:ab:05:71:e4:3b:92:6d:47:c3:82:
22:b9:24:ae:dd:20:e1:1f:d4:b0:7b:c0:96:00:24:
ba:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:C1:E4:05:3C:C7:C3:83:46:F6:92:A2:E8:4C:C7:DC:44:A3:AF:EB
X509v3 Authority Key Identifier:
keyid:2E:BF:F6:CF:B8:32:6B:44:72:95:A1:1B:10:78:68:21:2E:66:5F:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lr_2z7gya0RylaEbEHhoIS5mX90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4e:0e:1f:70:1f:05:25:58:72:5c:39:28:e9:03:88:22:6d:43:
8b:c3:e5:85:0c:e7:58:88:7e:ab:be:49:38:2c:87:c3:8b:56:
d9:c7:e7:75:e5:94:6b:81:b5:09:1a:4d:08:c7:9f:d7:58:04:
3e:fb:65:79:fc:b4:d2:7e:fd:1c:75:c2:6a:ed:0a:05:0d:35:
ef:d7:69:dd:c4:d4:c4:12:5d:0d:62:f8:b0:6d:34:26:b8:9d:
37:4f:81:39:14:f8:a2:74:7e:dd:26:c2:1f:f2:14:8a:79:41:
70:4b:0d:6b:a6:46:3d:59:38:cc:01:87:0c:0a:1c:19:a4:da:
69:ac:8b:00:40:b9:c8:19:f8:72:44:af:ee:41:64:56:25:d1:
9a:68:3f:d6:32:a1:a9:cb:dd:ab:dc:bf:eb:c7:61:44:6c:03:
db:a8:e7:4c:f7:d0:03:a5:fc:34:9c:85:09:c0:5c:28:20:28:
36:71:7d:4f:c3:0f:6f:42:62:a6:55:5e:d3:27:cf:ce:50:d2:
b3:c7:bd:d9:69:ff:e6:af:9d:fb:08:c4:41:da:2f:df:bf:b1:
4c:54:4d:fd:70:3e:16:6d:80:96:83:48:03:38:ce:a3:4a:bd:
e4:71:bf:d6:5c:08:5e:d4:e7:f2:6d:08:5f:3b:91:c3:dc:c3:
b4:d5:12:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdigs0lkhyawJDqnvjdyjyUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlYmZmNmNmYjgzMjZiNDQ3Mjk1YTExYjEwNzg2ODIxMmU2
NjVmZGQwHhcNMjUwNjEyMDUwMDI4WhcNMjUwNjEzMDUwMDI4WjAzMTEwLwYDVQQD
Eyg2NmMxZTQwNTNjYzdjMzgzNDZmNjkyYTJlODRjYzdkYzQ0YTNhZmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCuJWGBh0xsMgY5UD9oud4gKwgYz
yUylFASxnAAOEQM1E13nD64GJqMugTWItxPo2u8UubP8l7P1DFx99rgQ/6a9TADZ
qvHyqinDFkJqGc7PFMD765xcdWqJYtwlTLb+zuOlUpqhuaK65zRclYDtnI5dSL9g
iPI4PHjz9M2n7D0z1ecqRSJOeeahS69XTqj0ZHPC83iuRkH3tNnPy4MOyXvnHp//
BGz0gwemW6ZXriLXwee16S1nh9E+NU6EKs/AyPPhGnYqiVAttjq8ANSzH5a8AaV7
lQ9ES/6VdcV/hTc+Mjlg06sFceQ7km1Hw4IiuSSu3SDhH9Swe8CWACS62wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGbB5AU8x8ODRvaSouhMx9xEo6/rMB8GA1UdIwQY
MBaAFC6/9s+4MmtEcpWhGxB4aCEuZl/dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHJfMno3Z3lhMFJ5bGFFYkVIaG9JUzVtWDkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8yZGFmYmMtNTJlZS00YzdiLWIwMDYt
YTc4NmNlYmUyMGQzLzEvTHJfMno3Z3lhMFJ5bGFFYkVIaG9JUzVtWDkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8yZGFmYmMtNTJlZS00YzdiLWIwMDYtYTc4NmNlYmUyMGQz
LzEvTHJfMno3Z3lhMFJ5bGFFYkVIaG9JUzVtWDkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATg4fcB8F
JVhyXDko6QOIIm1Di8PlhQznWIh+q75JOCyHw4tW2cfndeWUa4G1CRpNCMef11gE
Pvtlefy00n79HHXCau0KBQ0179dp3cTUxBJdDWL4sG00JridN0+BORT4onR+3SbC
H/IUinlBcEsNa6ZGPVk4zAGHDAocGaTaaayLAEC5yBn4ckSv7kFkViXRmmg/1jKh
qcvdq9y/68dhRGwD26jnTPfQA6X8NJyFCcBcKCAoNnF9T8MPb0JiplVe0yfPzlDS
s8e92Wn/5q+d+wjEQdov37+xTFRN/XA+Fm2AloNIAzjOo0q95HG/1lwIXtTn8m0I
XzuRw9zDtNUSEQ==
-----END CERTIFICATE-----
Generated at Thu Jun 12 14:10:10 2025 by rpki-client