Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/2IKhlzQNNYTmrBfB-yqZAK5PYDw.mft
File: 2IKhlzQNNYTmrBfB-yqZAK5PYDw.mft (raw, json)
Hash identifier: 5/vUyvmxYjxrBd+EdQlcMNTfVM17auVzMOgjn38tnwo=
Subject key identifier: D6:40:10:60:F8:70:0F:80:1A:4E:47:F9:4B:FE:AC:EC:C0:E9:EA:93
Authority key identifier: D8:82:A1:97:34:0D:35:84:E6:AC:17:C1:FB:2A:99:00:AE:4F:60:3C
Certificate issuer: /CN=d882a197340d3584e6ac17c1fb2a9900ae4f603c
Certificate serial: 0197B6D7A829C7B1021DECD25800FAA88B04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2IKhlzQNNYTmrBfB-yqZAK5PYDw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/2IKhlzQNNYTmrBfB-yqZAK5PYDw.mft
Manifest number: 0306
Signing time: Sat 28 Jun 2025 14:01:16 +0000
Manifest this update: Sat 28 Jun 2025 14:01:16 +0000
Manifest next update: Sun 29 Jun 2025 14:01:16 +0000
Files and hashes: 1: 2IKhlzQNNYTmrBfB-yqZAK5PYDw.crl (hash: +Tj3PFXVf+B8Iu/lBroCjhjzBgJ7PfWiSOqbWenF0f8=)
2: RFpSEEfmfhQM7TNBHUvPYNYCE48.roa (hash: iHrN3ygMDkDOsg7Lw4ctlZrjgMs+0h97Al7X6knMEEI=)
3: UkLoRo0mP_K3Dh8gkYYP1OxkE_I.roa (hash: Q3D4Rh06gP+xE8oXAtIwLH3P2XhdWnZQyb1Lpy85O7s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/2IKhlzQNNYTmrBfB-yqZAK5PYDw.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/2IKhlzQNNYTmrBfB-yqZAK5PYDw.mft
rsync://rpki.ripe.net/repository/DEFAULT/2IKhlzQNNYTmrBfB-yqZAK5PYDw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 14:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b6:d7:a8:29:c7:b1:02:1d:ec:d2:58:00:fa:a8:8b:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d882a197340d3584e6ac17c1fb2a9900ae4f603c
Validity
Not Before: Jun 28 14:01:16 2025 GMT
Not After : Jun 29 14:01:16 2025 GMT
Subject: CN=d6401060f8700f801a4e47f94bfeacecc0e9ea93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:8d:55:92:5e:15:ca:8c:ef:c7:3e:0a:3c:3d:
02:27:8f:7b:2f:3d:49:b3:c8:74:ac:81:28:3b:ac:
fa:39:b5:c6:93:44:1b:7d:f4:4a:df:ba:61:a9:9e:
57:50:5f:97:e6:24:ce:9d:42:6b:62:6d:6a:37:29:
63:e1:e6:d9:03:fc:c3:ab:68:23:ba:2e:7a:ec:c9:
e7:1d:49:dc:11:37:2e:a3:a2:96:d4:53:10:4a:62:
79:a7:ef:f8:23:df:87:c7:9d:5f:1b:5c:47:98:35:
53:60:80:5c:8e:b9:1e:5c:88:23:22:56:f4:36:6c:
8d:28:6a:18:4f:0a:93:5b:b2:4f:41:da:d1:11:e7:
08:72:98:18:e5:03:c9:fb:c3:c4:88:33:03:61:d3:
c3:8b:8d:59:6c:13:ed:1c:43:af:1b:2b:5d:56:79:
16:ce:26:74:91:33:63:ad:9b:52:48:40:c2:f0:47:
90:47:44:a8:07:9f:58:1f:f1:e1:12:8e:9e:b7:cd:
5d:6c:0c:3c:b4:dd:d4:cd:89:91:61:30:d9:aa:e9:
e8:02:78:e9:38:33:4d:a5:79:4d:6a:91:75:c6:fe:
fd:ff:60:7c:ed:93:85:27:3f:8f:88:a4:a0:5c:2a:
17:c5:32:a1:63:2d:18:c7:94:03:f7:2d:b5:59:68:
e8:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:40:10:60:F8:70:0F:80:1A:4E:47:F9:4B:FE:AC:EC:C0:E9:EA:93
X509v3 Authority Key Identifier:
keyid:D8:82:A1:97:34:0D:35:84:E6:AC:17:C1:FB:2A:99:00:AE:4F:60:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2IKhlzQNNYTmrBfB-yqZAK5PYDw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/2IKhlzQNNYTmrBfB-yqZAK5PYDw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/2IKhlzQNNYTmrBfB-yqZAK5PYDw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
14:16:44:c3:6e:b1:c9:54:e4:fb:36:87:1c:48:33:af:87:1c:
97:74:b4:a7:93:71:1f:4a:07:11:21:ce:60:f1:7e:70:de:e7:
81:ef:8e:f6:39:33:6a:4f:e5:df:0e:38:ca:7b:14:ea:73:1b:
3e:00:57:2a:22:26:4d:58:cc:3e:94:0b:5f:c0:e6:08:0b:f0:
72:79:ee:68:ab:25:5f:7d:98:43:ac:01:9a:b2:67:ab:3c:59:
83:a5:ee:cf:96:6f:a6:c4:e3:57:58:2f:1f:a9:85:99:1e:50:
9f:17:a5:a1:67:2f:50:2a:02:a0:e2:93:da:74:a7:4a:75:5c:
3d:c6:3f:e9:ba:b4:a3:89:b0:a9:20:2d:c3:49:09:b4:ca:68:
ad:c3:0c:fc:e8:4f:db:75:18:b8:c4:3d:1f:6a:65:af:95:90:
c3:94:b9:47:b4:82:92:82:72:b1:9d:28:99:b5:be:47:5b:9a:
ef:90:9d:30:79:8e:39:01:25:ae:a6:d1:33:05:05:17:6c:e3:
75:11:44:cf:0b:7b:11:b3:1f:0f:6b:a2:b8:13:bf:60:27:e2:
e7:81:f5:b6:58:c5:ab:e6:b2:d5:e3:b4:c6:3e:7f:f6:47:28:
14:63:f5:d7:ae:af:e6:cd:7d:63:e7:61:6a:9e:c0:0a:35:76:
8b:8a:b2:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe216gpx7ECHezSWAD6qIsEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ODJhMTk3MzQwZDM1ODRlNmFjMTdjMWZiMmE5OTAwYWU0
ZjYwM2MwHhcNMjUwNjI4MTQwMTE2WhcNMjUwNjI5MTQwMTE2WjAzMTEwLwYDVQQD
EyhkNjQwMTA2MGY4NzAwZjgwMWE0ZTQ3Zjk0YmZlYWNlY2MwZTllYTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn41Vkl4Vyozvxz4KPD0CJ497Lz1J
s8h0rIEoO6z6ObXGk0QbffRK37phqZ5XUF+X5iTOnUJrYm1qNylj4ebZA/zDq2gj
ui567MnnHUncETcuo6KW1FMQSmJ5p+/4I9+Hx51fG1xHmDVTYIBcjrkeXIgjIlb0
NmyNKGoYTwqTW7JPQdrREecIcpgY5QPJ+8PEiDMDYdPDi41ZbBPtHEOvGytdVnkW
ziZ0kTNjrZtSSEDC8EeQR0SoB59YH/HhEo6et81dbAw8tN3UzYmRYTDZqunoAnjp
ODNNpXlNapF1xv79/2B87ZOFJz+PiKSgXCoXxTKhYy0Yx5QD9y21WWjoPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNZAEGD4cA+AGk5H+Uv+rOzA6eqTMB8GA1UdIwQY
MBaAFNiCoZc0DTWE5qwXwfsqmQCuT2A8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMklLaGx6UU5OWVRtckJmQi15cVpBSzVQWUR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS84NDFjNDMtMDI2OS00Mjg5LThmYTUt
YjA1YWU1Y2EyZDVlLzEvMklLaGx6UU5OWVRtckJmQi15cVpBSzVQWUR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS84NDFjNDMtMDI2OS00Mjg5LThmYTUtYjA1YWU1Y2EyZDVl
LzEvMklLaGx6UU5OWVRtckJmQi15cVpBSzVQWUR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFBZEw26x
yVTk+zaHHEgzr4ccl3S0p5NxH0oHESHOYPF+cN7nge+O9jkzak/l3w44ynsU6nMb
PgBXKiImTVjMPpQLX8DmCAvwcnnuaKslX32YQ6wBmrJnqzxZg6Xuz5ZvpsTjV1gv
H6mFmR5QnxeloWcvUCoCoOKT2nSnSnVcPcY/6bq0o4mwqSAtw0kJtMporcMM/OhP
23UYuMQ9H2plr5WQw5S5R7SCkoJysZ0ombW+R1ua75CdMHmOOQElrqbRMwUFF2zj
dRFEzwt7EbMfD2uiuBO/YCfi54H1tljFq+ay1eO0xj5/9kcoFGP1166v5s19Y+dh
ap7ACjV2i4qySg==
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:09:37 2025 by rpki-client