Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/33aa24-35ea-4adc-8c05-5a34e52b0b10/1/2HGZiqFAq3wf8kDqsMkjWRPJboo.mft
File: 2HGZiqFAq3wf8kDqsMkjWRPJboo.mft (raw, json)
Hash identifier: 1+jHkHcGDJkG1db3KZqFFwh+s0x/l2d5O8oyJX77caE=
Subject key identifier: 21:F7:0E:A3:92:7C:42:E5:D9:BD:F2:DC:71:DF:99:B3:25:1F:D1:1D
Authority key identifier: D8:71:99:8A:A1:40:AB:7C:1F:F2:40:EA:B0:C9:23:59:13:C9:6E:8A
Certificate issuer: /CN=d871998aa140ab7c1ff240eab0c9235913c96e8a
Certificate serial: 019A71B81BDD09B016DE33B6E1125F48A86E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2HGZiqFAq3wf8kDqsMkjWRPJboo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/33aa24-35ea-4adc-8c05-5a34e52b0b10/1/2HGZiqFAq3wf8kDqsMkjWRPJboo.mft
Manifest number: 142C
Signing time: Tue 11 Nov 2025 07:01:22 +0000
Manifest this update: Tue 11 Nov 2025 07:01:22 +0000
Manifest next update: Wed 12 Nov 2025 07:01:22 +0000
Files and hashes: 1: 2HGZiqFAq3wf8kDqsMkjWRPJboo.crl (hash: Mg+BM+HiyPyBR/Rnn71WThRboQgZ2e4IKdpu40ifpMw=)
2: ogQz1j5jLQsKEpzhS2JSyEZnZ6I.roa (hash: B7xqxcI+bkCsaT71C5rhEWIjLfcjAKzC1lxv7kehuvo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/33aa24-35ea-4adc-8c05-5a34e52b0b10/1/2HGZiqFAq3wf8kDqsMkjWRPJboo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/33aa24-35ea-4adc-8c05-5a34e52b0b10/1/2HGZiqFAq3wf8kDqsMkjWRPJboo.mft
rsync://rpki.ripe.net/repository/DEFAULT/2HGZiqFAq3wf8kDqsMkjWRPJboo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:1b:dd:09:b0:16:de:33:b6:e1:12:5f:48:a8:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d871998aa140ab7c1ff240eab0c9235913c96e8a
Validity
Not Before: Nov 11 07:01:22 2025 GMT
Not After : Nov 12 07:01:22 2025 GMT
Subject: CN=21f70ea3927c42e5d9bdf2dc71df99b3251fd11d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:58:1b:5c:50:49:ad:1a:d4:60:4f:90:04:5a:
5a:19:56:42:d4:a2:ca:55:38:07:4e:11:f7:86:83:
b7:b7:2c:14:62:94:a7:5f:74:04:96:a3:42:f9:29:
7f:50:86:11:d7:d5:e8:ba:0f:c7:4a:20:3e:6a:15:
6c:3e:09:7d:58:3e:91:35:cb:39:88:dc:d8:59:5b:
8e:4c:22:63:8a:b7:0f:73:ca:eb:59:b0:53:2b:f5:
00:ff:93:67:98:d6:c6:80:fd:e0:e0:be:08:b9:03:
02:fc:49:b7:1f:8c:e0:2e:1c:a3:69:30:92:be:b1:
1e:bf:ea:c8:2c:66:35:3c:00:ce:6a:cc:04:cc:d5:
b5:0b:20:68:e6:a0:60:c7:51:6c:5c:20:16:23:c4:
91:91:cb:dd:9d:a6:a1:7e:26:94:1a:78:4c:c7:5d:
28:d9:24:3a:98:07:2f:df:21:4c:60:cf:bc:3c:b0:
63:18:6b:d6:4d:1a:be:27:7d:56:5c:b8:dd:99:85:
da:cf:1e:e9:17:fa:a0:40:ca:b2:1e:5b:9e:6c:9a:
4e:38:44:a3:13:96:4e:80:f3:67:59:5e:cb:93:2c:
0b:6c:b1:ce:8c:b4:0a:98:ee:68:d8:63:1a:37:7e:
9c:9f:27:f9:a8:a3:df:91:e5:03:a4:0e:f0:87:05:
b7:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:F7:0E:A3:92:7C:42:E5:D9:BD:F2:DC:71:DF:99:B3:25:1F:D1:1D
X509v3 Authority Key Identifier:
keyid:D8:71:99:8A:A1:40:AB:7C:1F:F2:40:EA:B0:C9:23:59:13:C9:6E:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2HGZiqFAq3wf8kDqsMkjWRPJboo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/33aa24-35ea-4adc-8c05-5a34e52b0b10/1/2HGZiqFAq3wf8kDqsMkjWRPJboo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/33aa24-35ea-4adc-8c05-5a34e52b0b10/1/2HGZiqFAq3wf8kDqsMkjWRPJboo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2f:1c:7a:2f:01:30:3b:a8:1c:59:db:d3:d1:9c:d4:ba:df:cf:
9b:06:b4:52:fa:6f:26:d1:eb:9d:5f:24:9b:22:44:4d:91:92:
7c:e2:0c:b1:b3:19:d3:1f:4c:64:06:15:56:d2:97:08:e7:41:
34:57:fe:ec:03:07:0c:75:0f:58:13:9c:36:e5:a7:28:c6:73:
51:53:94:1e:28:8b:ec:24:57:37:cc:91:32:ae:b0:78:cc:d7:
f4:7f:a0:e6:b4:5a:10:b0:fc:2a:de:3a:3d:00:fa:77:42:56:
0c:ed:72:3a:48:a8:29:89:2e:68:b6:d5:58:51:df:69:23:ba:
4c:c7:6a:4a:1c:ca:96:52:58:e9:19:29:07:e2:49:2d:68:5f:
47:e1:7f:f3:e8:60:65:aa:56:da:20:47:77:df:2e:18:11:f5:
8d:9d:a1:ac:28:3c:80:f4:77:28:bc:b4:eb:e8:7f:a2:4b:8c:
66:a8:66:b9:43:22:ff:fb:4e:40:e8:3d:ac:4f:8b:26:78:1a:
4f:7a:eb:9f:fb:8c:80:e9:b5:18:01:42:f2:2f:49:fe:da:3f:
de:16:7c:aa:42:12:6b:41:73:25:46:f4:63:02:96:4c:35:dc:
2b:ec:26:41:44:17:65:49:67:49:a6:89:1f:2a:e4:c0:ea:7c:
8a:3e:7e:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuBvdCbAW3jO24RJfSKhuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NzE5OThhYTE0MGFiN2MxZmYyNDBlYWIwYzkyMzU5MTNj
OTZlOGEwHhcNMjUxMTExMDcwMTIyWhcNMjUxMTEyMDcwMTIyWjAzMTEwLwYDVQQD
EygyMWY3MGVhMzkyN2M0MmU1ZDliZGYyZGM3MWRmOTliMzI1MWZkMTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVgbXFBJrRrUYE+QBFpaGVZC1KLK
VTgHThH3hoO3tywUYpSnX3QElqNC+Sl/UIYR19Xoug/HSiA+ahVsPgl9WD6RNcs5
iNzYWVuOTCJjircPc8rrWbBTK/UA/5NnmNbGgP3g4L4IuQMC/Em3H4zgLhyjaTCS
vrEev+rILGY1PADOaswEzNW1CyBo5qBgx1FsXCAWI8SRkcvdnaahfiaUGnhMx10o
2SQ6mAcv3yFMYM+8PLBjGGvWTRq+J31WXLjdmYXazx7pF/qgQMqyHluebJpOOESj
E5ZOgPNnWV7LkywLbLHOjLQKmO5o2GMaN36cnyf5qKPfkeUDpA7whwW3yQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCH3DqOSfELl2b3y3HHfmbMlH9EdMB8GA1UdIwQY
MBaAFNhxmYqhQKt8H/JA6rDJI1kTyW6KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkhHWmlxRkFxM3dmOGtEcXNNa2pXUlBKYm9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi8zM2FhMjQtMzVlYS00YWRjLThjMDUt
NWEzNGU1MmIwYjEwLzEvMkhHWmlxRkFxM3dmOGtEcXNNa2pXUlBKYm9vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi8zM2FhMjQtMzVlYS00YWRjLThjMDUtNWEzNGU1MmIwYjEw
LzEvMkhHWmlxRkFxM3dmOGtEcXNNa2pXUlBKYm9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALxx6LwEw
O6gcWdvT0ZzUut/Pmwa0UvpvJtHrnV8kmyJETZGSfOIMsbMZ0x9MZAYVVtKXCOdB
NFf+7AMHDHUPWBOcNuWnKMZzUVOUHiiL7CRXN8yRMq6weMzX9H+g5rRaELD8Kt46
PQD6d0JWDO1yOkioKYkuaLbVWFHfaSO6TMdqShzKllJY6RkpB+JJLWhfR+F/8+hg
ZapW2iBHd98uGBH1jZ2hrCg8gPR3KLy06+h/okuMZqhmuUMi//tOQOg9rE+LJnga
T3rrn/uMgOm1GAFC8i9J/to/3hZ8qkISa0FzJUb0YwKWTDXcK+wmQUQXZUlnSaaJ
HyrkwOp8ij5+gw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 17:12:16 2025 by rpki-client