Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/2pxnKeHomJmE3YAtGpDonOL-Nzw.mft
File: 2pxnKeHomJmE3YAtGpDonOL-Nzw.mft (raw, json)
Hash identifier: /FN6zPBT5o5V7LhY8FRvNNdQQgjTGmPMNKu/XEawSoM=
Subject key identifier: 7D:E5:82:02:52:DF:72:A5:7D:59:26:86:CE:16:64:87:2A:9C:6E:8C
Authority key identifier: DA:9C:67:29:E1:E8:98:99:84:DD:80:2D:1A:90:E8:9C:E2:FE:37:3C
Certificate issuer: /CN=da9c6729e1e8989984dd802d1a90e89ce2fe373c
Certificate serial: 0198D583A59A6BBA52192B0F5A0822680428
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2pxnKeHomJmE3YAtGpDonOL-Nzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/2pxnKeHomJmE3YAtGpDonOL-Nzw.mft
Manifest number: 1649
Signing time: Sat 23 Aug 2025 06:00:31 +0000
Manifest this update: Sat 23 Aug 2025 06:00:31 +0000
Manifest next update: Sun 24 Aug 2025 06:00:31 +0000
Files and hashes: 1: 24_mmtOlkG05yQ7mb26MLLzNTPk.roa (hash: NN9FJFjMrEoXgY4DCGNqxgbjsbFf0mQojMZSGAkFQFg=)
2: 2pxnKeHomJmE3YAtGpDonOL-Nzw.crl (hash: drdaUAiqPzfiktarYf/fHneKtsfFm7+SzhG5z7mY980=)
3: bhkCmw6Utz1WDIi1a3ZQnDXW25w.roa (hash: vuvSrc/xAi8bu4mOjDMbPo9yb6kp8ev2fK1dkeS76Yo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/2pxnKeHomJmE3YAtGpDonOL-Nzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/2pxnKeHomJmE3YAtGpDonOL-Nzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/2pxnKeHomJmE3YAtGpDonOL-Nzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:83:a5:9a:6b:ba:52:19:2b:0f:5a:08:22:68:04:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da9c6729e1e8989984dd802d1a90e89ce2fe373c
Validity
Not Before: Aug 23 06:00:31 2025 GMT
Not After : Aug 24 06:00:31 2025 GMT
Subject: CN=7de5820252df72a57d592686ce1664872a9c6e8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:68:9e:73:54:22:d4:c6:04:7f:d9:b5:24:eb:
ea:18:19:9e:c3:3f:9f:91:96:b5:99:82:99:10:4e:
88:82:e5:a4:f8:aa:7a:e8:53:09:f3:15:57:46:82:
05:bc:23:e8:6b:4f:64:d8:fe:d5:13:28:62:33:a8:
91:8d:59:0a:b0:40:fe:c9:a5:fd:dd:92:bd:a8:aa:
ac:19:bc:c0:e3:64:21:a9:ea:fd:42:07:2b:d8:f6:
26:b7:5f:bd:f3:21:5d:30:eb:63:88:a0:92:2e:c5:
57:c8:57:ac:24:d6:fe:dc:33:2b:04:0c:61:92:30:
34:ba:e4:ee:9c:a6:cc:62:9d:d8:cc:44:03:42:06:
3e:f4:02:1e:f8:f8:2d:da:0f:b6:52:b9:7d:ee:a4:
ed:dd:2c:45:29:f0:7d:dd:25:5e:26:ae:75:01:9c:
79:96:4d:5e:a3:55:51:06:8c:4a:24:a2:da:9e:30:
0e:49:13:86:23:fe:bb:36:6c:1b:64:41:06:83:81:
d0:31:e9:a6:6e:8a:53:21:94:0a:3c:ac:9a:c2:13:
7a:cd:07:20:41:4f:98:88:fb:04:ba:8a:fb:cc:00:
b4:da:8f:7b:bc:dc:89:c8:a4:31:07:0f:9e:3b:5a:
74:17:d5:74:da:1a:a0:8a:92:5f:56:3d:73:53:03:
75:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:E5:82:02:52:DF:72:A5:7D:59:26:86:CE:16:64:87:2A:9C:6E:8C
X509v3 Authority Key Identifier:
keyid:DA:9C:67:29:E1:E8:98:99:84:DD:80:2D:1A:90:E8:9C:E2:FE:37:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2pxnKeHomJmE3YAtGpDonOL-Nzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/2pxnKeHomJmE3YAtGpDonOL-Nzw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/2pxnKeHomJmE3YAtGpDonOL-Nzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
03:36:3c:0d:62:7f:19:b2:3f:a9:84:48:d9:15:28:59:e4:1e:
a3:df:37:28:56:da:1a:81:a3:f9:de:1c:dc:89:a9:13:d4:f3:
89:e9:1e:29:24:53:72:39:54:06:06:23:67:24:8c:d1:d3:96:
91:7a:31:77:ac:13:29:44:9c:94:3e:90:8b:46:83:07:9c:12:
c7:ca:4b:00:26:26:be:71:2b:aa:6e:5f:d5:0d:0f:40:77:bc:
51:75:0c:b0:ac:4b:bd:05:c3:72:21:8a:45:a6:c9:12:9c:49:
32:a1:ac:e4:a6:1e:fb:27:32:39:2e:ad:80:45:12:71:87:46:
83:ad:42:05:77:5c:17:d8:cb:fd:c4:4c:b4:81:99:1c:f4:6e:
4f:68:57:78:20:54:87:4f:fa:b9:a6:c4:04:25:cb:0d:bc:4c:
64:7c:3c:0b:93:23:ee:eb:b9:5a:f0:7d:1f:c0:17:57:9f:8c:
9d:3b:aa:7e:9f:66:df:55:76:3d:07:eb:31:98:20:89:7b:b2:
40:a2:f0:d5:d4:0e:ac:4b:ff:28:40:8a:7e:cf:9d:f0:81:cf:
19:4c:d5:6e:b4:b3:b1:66:13:df:b2:0d:75:a7:20:2c:da:f8:
5e:07:7d:84:b3:d7:c1:19:e4:d8:36:7f:ff:0d:b6:d8:18:cf:
29:ad:b5:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVg6Waa7pSGSsPWggiaAQoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOWM2NzI5ZTFlODk4OTk4NGRkODAyZDFhOTBlODljZTJm
ZTM3M2MwHhcNMjUwODIzMDYwMDMxWhcNMjUwODI0MDYwMDMxWjAzMTEwLwYDVQQD
Eyg3ZGU1ODIwMjUyZGY3MmE1N2Q1OTI2ODZjZTE2NjQ4NzJhOWM2ZThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGiec1Qi1MYEf9m1JOvqGBmewz+f
kZa1mYKZEE6IguWk+Kp66FMJ8xVXRoIFvCPoa09k2P7VEyhiM6iRjVkKsED+yaX9
3ZK9qKqsGbzA42Qhqer9Qgcr2PYmt1+98yFdMOtjiKCSLsVXyFesJNb+3DMrBAxh
kjA0uuTunKbMYp3YzEQDQgY+9AIe+Pgt2g+2Url97qTt3SxFKfB93SVeJq51AZx5
lk1eo1VRBoxKJKLanjAOSROGI/67NmwbZEEGg4HQMemmbopTIZQKPKyawhN6zQcg
QU+YiPsEuor7zAC02o97vNyJyKQxBw+eO1p0F9V02hqgipJfVj1zUwN1mQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH3lggJS33KlfVkmhs4WZIcqnG6MMB8GA1UdIwQY
MBaAFNqcZynh6JiZhN2ALRqQ6Jzi/jc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnB4bktlSG9tSm1FM1lBdEdwRG9uT0wtTnp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC83NTVjNTUtYzRmNS00Y2I3LTg3MWQt
NjljNjhlMmVmMjdkLzEvMnB4bktlSG9tSm1FM1lBdEdwRG9uT0wtTnp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC83NTVjNTUtYzRmNS00Y2I3LTg3MWQtNjljNjhlMmVmMjdk
LzEvMnB4bktlSG9tSm1FM1lBdEdwRG9uT0wtTnp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAzY8DWJ/
GbI/qYRI2RUoWeQeo983KFbaGoGj+d4c3ImpE9TziekeKSRTcjlUBgYjZySM0dOW
kXoxd6wTKUSclD6Qi0aDB5wSx8pLACYmvnErqm5f1Q0PQHe8UXUMsKxLvQXDciGK
RabJEpxJMqGs5KYe+ycyOS6tgEUScYdGg61CBXdcF9jL/cRMtIGZHPRuT2hXeCBU
h0/6uabEBCXLDbxMZHw8C5Mj7uu5WvB9H8AXV5+MnTuqfp9m31V2PQfrMZggiXuy
QKLw1dQOrEv/KECKfs+d8IHPGUzVbrSzsWYT37INdacgLNr4Xgd9hLPXwRnk2DZ/
/w222BjPKa21LQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:22:30 2025 by rpki-client