Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/2IKhlzQNNYTmrBfB-yqZAK5PYDw.mft
File: 2IKhlzQNNYTmrBfB-yqZAK5PYDw.mft (raw, json)
Hash identifier: gvINrt7u5LdTaI0AFC4nbuL5cGzElMwG16eZRBP+6RE=
Subject key identifier: E8:A3:0A:5A:2C:72:E2:28:FC:CA:CE:17:18:9F:0A:9B:D9:66:09:28
Authority key identifier: D8:82:A1:97:34:0D:35:84:E6:AC:17:C1:FB:2A:99:00:AE:4F:60:3C
Certificate issuer: /CN=d882a197340d3584e6ac17c1fb2a9900ae4f603c
Certificate serial: 0198D4A819765EE6906E0EBCDC86469023A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2IKhlzQNNYTmrBfB-yqZAK5PYDw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/2IKhlzQNNYTmrBfB-yqZAK5PYDw.mft
Manifest number: 039A
Signing time: Sat 23 Aug 2025 02:00:43 +0000
Manifest this update: Sat 23 Aug 2025 02:00:43 +0000
Manifest next update: Sun 24 Aug 2025 02:00:43 +0000
Files and hashes: 1: 2IKhlzQNNYTmrBfB-yqZAK5PYDw.crl (hash: BKDJbXYXax0VpQIk0ddQ6lmOKoMFyjbX6A0T2wiDXmI=)
2: RFpSEEfmfhQM7TNBHUvPYNYCE48.roa (hash: iHrN3ygMDkDOsg7Lw4ctlZrjgMs+0h97Al7X6knMEEI=)
3: UkLoRo0mP_K3Dh8gkYYP1OxkE_I.roa (hash: Q3D4Rh06gP+xE8oXAtIwLH3P2XhdWnZQyb1Lpy85O7s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/2IKhlzQNNYTmrBfB-yqZAK5PYDw.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/2IKhlzQNNYTmrBfB-yqZAK5PYDw.mft
rsync://rpki.ripe.net/repository/DEFAULT/2IKhlzQNNYTmrBfB-yqZAK5PYDw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 02:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d4:a8:19:76:5e:e6:90:6e:0e:bc:dc:86:46:90:23:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d882a197340d3584e6ac17c1fb2a9900ae4f603c
Validity
Not Before: Aug 23 02:00:43 2025 GMT
Not After : Aug 24 02:00:43 2025 GMT
Subject: CN=e8a30a5a2c72e228fccace17189f0a9bd9660928
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:04:f6:18:9a:cf:67:19:7c:0e:6e:5d:5d:a9:
b9:ea:50:d6:42:c6:bf:b9:bb:76:50:7b:2d:52:75:
1b:72:2b:62:1e:b6:67:c6:79:01:eb:5b:45:5f:1e:
69:6e:67:d1:62:79:2b:f3:a3:5b:78:4a:32:88:78:
3a:cf:fa:75:2d:ae:29:a0:2e:06:fb:3c:84:cf:9c:
12:0f:c3:45:2a:d3:d4:33:4f:b0:a0:3a:76:fc:36:
70:8f:db:d9:bd:af:15:0a:c3:66:90:9e:90:64:11:
39:34:14:79:cc:73:8d:e6:83:21:16:b6:39:03:1d:
3d:a2:9d:b5:9c:b3:19:e0:95:a1:7e:0a:e8:8f:ec:
10:d6:db:8d:8c:58:78:23:59:08:ef:0c:14:99:4b:
cf:7a:9e:02:8c:f9:27:7b:9a:87:91:25:5d:80:a2:
36:ff:86:04:2a:40:0e:50:07:47:db:f7:ac:ba:b7:
fe:21:e9:2d:93:6d:f4:62:81:97:25:98:2b:6e:fb:
dd:ce:1d:d2:1a:36:85:87:19:36:fe:0f:68:7b:86:
7b:a2:b9:c3:70:df:c8:47:64:61:bb:76:98:5c:d4:
cb:df:70:00:2a:09:c7:58:42:5c:ef:54:63:e7:7c:
72:69:32:97:8e:57:d0:fa:7a:a3:83:77:cf:4a:be:
ec:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:A3:0A:5A:2C:72:E2:28:FC:CA:CE:17:18:9F:0A:9B:D9:66:09:28
X509v3 Authority Key Identifier:
keyid:D8:82:A1:97:34:0D:35:84:E6:AC:17:C1:FB:2A:99:00:AE:4F:60:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2IKhlzQNNYTmrBfB-yqZAK5PYDw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/2IKhlzQNNYTmrBfB-yqZAK5PYDw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/2IKhlzQNNYTmrBfB-yqZAK5PYDw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
75:d8:f5:33:b0:a8:ad:0f:25:3d:3c:4b:c5:2c:17:48:25:b0:
d4:0e:e7:05:f2:62:3e:71:04:da:a2:71:ed:72:24:63:8b:b6:
8a:26:33:a5:38:d5:18:a2:65:24:ea:bd:d5:e8:05:ae:bf:50:
10:ba:94:b7:71:2d:2f:f1:41:86:8e:e9:bc:bf:55:f3:84:a1:
5b:50:b4:8d:32:65:32:ca:19:d6:74:d1:bb:6e:f8:25:3b:95:
bd:61:c9:3d:79:51:cd:25:c1:99:41:cc:38:f1:ec:f1:15:ce:
a3:ff:7b:56:3c:09:d6:48:3a:b6:47:40:9d:15:f9:50:30:20:
0e:f6:de:88:44:0b:53:5b:84:90:c2:cd:3f:65:b5:4a:74:3d:
54:e0:ab:b9:64:3e:29:ee:b3:21:61:43:87:fb:a4:19:4e:a1:
c7:1a:c3:a6:4a:35:f6:26:30:ef:0e:dc:45:a8:16:9f:77:2d:
7d:5f:87:7f:56:2e:10:cf:bf:e5:d0:d2:d4:32:e4:3a:47:2f:
61:8a:a9:26:b8:81:0d:e3:01:a2:cf:06:a8:1c:6f:9c:0b:63:
e8:a9:16:bc:55:23:d7:60:36:5e:a2:5f:36:c9:27:03:5f:89:
c6:5c:83:7d:9c:02:cd:12:83:1a:4e:21:94:63:cf:c8:f9:eb:
28:d7:87:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUqBl2XuaQbg683IZGkCOoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ODJhMTk3MzQwZDM1ODRlNmFjMTdjMWZiMmE5OTAwYWU0
ZjYwM2MwHhcNMjUwODIzMDIwMDQzWhcNMjUwODI0MDIwMDQzWjAzMTEwLwYDVQQD
EyhlOGEzMGE1YTJjNzJlMjI4ZmNjYWNlMTcxODlmMGE5YmQ5NjYwOTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4gT2GJrPZxl8Dm5dXam56lDWQsa/
ubt2UHstUnUbcitiHrZnxnkB61tFXx5pbmfRYnkr86NbeEoyiHg6z/p1La4poC4G
+zyEz5wSD8NFKtPUM0+woDp2/DZwj9vZva8VCsNmkJ6QZBE5NBR5zHON5oMhFrY5
Ax09op21nLMZ4JWhfgroj+wQ1tuNjFh4I1kI7wwUmUvPep4CjPkne5qHkSVdgKI2
/4YEKkAOUAdH2/esurf+Iektk230YoGXJZgrbvvdzh3SGjaFhxk2/g9oe4Z7ornD
cN/IR2Rhu3aYXNTL33AAKgnHWEJc71Rj53xyaTKXjlfQ+nqjg3fPSr7srQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOijCloscuIo/MrOFxifCpvZZgkoMB8GA1UdIwQY
MBaAFNiCoZc0DTWE5qwXwfsqmQCuT2A8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMklLaGx6UU5OWVRtckJmQi15cVpBSzVQWUR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS84NDFjNDMtMDI2OS00Mjg5LThmYTUt
YjA1YWU1Y2EyZDVlLzEvMklLaGx6UU5OWVRtckJmQi15cVpBSzVQWUR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS84NDFjNDMtMDI2OS00Mjg5LThmYTUtYjA1YWU1Y2EyZDVl
LzEvMklLaGx6UU5OWVRtckJmQi15cVpBSzVQWUR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAddj1M7Co
rQ8lPTxLxSwXSCWw1A7nBfJiPnEE2qJx7XIkY4u2iiYzpTjVGKJlJOq91egFrr9Q
ELqUt3EtL/FBho7pvL9V84ShW1C0jTJlMsoZ1nTRu274JTuVvWHJPXlRzSXBmUHM
OPHs8RXOo/97VjwJ1kg6tkdAnRX5UDAgDvbeiEQLU1uEkMLNP2W1SnQ9VOCruWQ+
Ke6zIWFDh/ukGU6hxxrDpko19iYw7w7cRagWn3ctfV+Hf1YuEM+/5dDS1DLkOkcv
YYqpJriBDeMBos8GqBxvnAtj6KkWvFUj12A2XqJfNsknA1+JxlyDfZwCzRKDGk4h
lGPPyPnrKNeHhA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:29:43 2025 by rpki-client