Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/00a71e-def8-4a4f-a499-b60fbb14c19d/1/2JtE4sBX8BqZJh-Uu_baG_GGXzk.mft
File: 2JtE4sBX8BqZJh-Uu_baG_GGXzk.mft (raw, json)
Hash identifier: oGgtXQDTzPkHu8UsgbyesmQGXvsydE+O9ezxMg6exKE=
Subject key identifier: 19:88:36:F6:B9:ED:11:7E:AB:BD:48:DC:0F:8A:83:1C:89:51:9E:4C
Authority key identifier: D8:9B:44:E2:C0:57:F0:1A:99:26:1F:94:BB:F6:DA:1B:F1:86:5F:39
Certificate issuer: /CN=d89b44e2c057f01a99261f94bbf6da1bf1865f39
Certificate serial: 0197B6A07D8A8853141DE5C837F48AEE381E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2JtE4sBX8BqZJh-Uu_baG_GGXzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/00a71e-def8-4a4f-a499-b60fbb14c19d/1/2JtE4sBX8BqZJh-Uu_baG_GGXzk.mft
Manifest number: 0B1B
Signing time: Sat 28 Jun 2025 13:01:00 +0000
Manifest this update: Sat 28 Jun 2025 13:01:00 +0000
Manifest next update: Sun 29 Jun 2025 13:01:00 +0000
Files and hashes: 1: 2JtE4sBX8BqZJh-Uu_baG_GGXzk.crl (hash: mkYwQwuRx+4PVoEJFFn9BQGKc+OOOUDeGudvQgF/UZo=)
2: pEoCff1DtYoEMHzC9EANzQRBsC8.roa (hash: +m2VMtZgdFPS2/0zJPg1ZLBtRhUd6KXSgxAw6jiEMMI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/00a71e-def8-4a4f-a499-b60fbb14c19d/1/2JtE4sBX8BqZJh-Uu_baG_GGXzk.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/00a71e-def8-4a4f-a499-b60fbb14c19d/1/2JtE4sBX8BqZJh-Uu_baG_GGXzk.mft
rsync://rpki.ripe.net/repository/DEFAULT/2JtE4sBX8BqZJh-Uu_baG_GGXzk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 10:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b6:a0:7d:8a:88:53:14:1d:e5:c8:37:f4:8a:ee:38:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d89b44e2c057f01a99261f94bbf6da1bf1865f39
Validity
Not Before: Jun 28 13:01:00 2025 GMT
Not After : Jun 29 13:01:00 2025 GMT
Subject: CN=198836f6b9ed117eabbd48dc0f8a831c89519e4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:fa:44:65:2b:a4:39:dd:2d:c2:31:f4:b8:9a:
0d:4b:e1:c8:f2:eb:ac:3d:22:de:12:65:02:13:cd:
f7:ec:71:c9:ff:e9:29:ca:fd:2f:c5:f5:2b:88:c5:
18:f8:20:a5:8d:65:26:06:b0:80:1a:aa:ef:37:ee:
40:56:f7:b4:02:9d:f7:8a:22:89:bc:0f:37:ce:4a:
4a:1c:de:c8:56:dc:2e:f6:b3:3a:03:a6:f3:f4:0b:
41:86:83:8a:57:de:77:ff:56:f5:cc:71:52:28:fa:
06:91:35:2b:ee:8b:f6:00:6a:10:dd:2e:0d:f3:4a:
c7:dd:d4:62:52:77:0d:53:6c:ac:09:68:af:c8:55:
0e:05:59:50:24:be:18:4b:91:98:18:59:87:07:9c:
d3:c2:2e:32:62:53:f7:0d:f8:e9:05:25:32:dc:0b:
0d:6b:47:57:25:ec:bd:62:a3:6d:c2:11:e0:e8:b9:
47:2d:64:3c:83:33:e2:a1:ad:93:e0:e2:04:80:0b:
f0:0c:5b:17:71:ce:81:64:ee:f3:2b:f0:be:1a:0c:
c9:7d:08:6c:a8:df:d0:b5:30:8d:7e:53:6b:15:bc:
1b:31:2d:9b:3d:c6:b3:82:2b:f7:2f:10:0b:ad:c4:
ce:91:14:93:fb:59:03:80:fd:52:57:cc:ba:1e:a4:
b3:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:88:36:F6:B9:ED:11:7E:AB:BD:48:DC:0F:8A:83:1C:89:51:9E:4C
X509v3 Authority Key Identifier:
keyid:D8:9B:44:E2:C0:57:F0:1A:99:26:1F:94:BB:F6:DA:1B:F1:86:5F:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2JtE4sBX8BqZJh-Uu_baG_GGXzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/00a71e-def8-4a4f-a499-b60fbb14c19d/1/2JtE4sBX8BqZJh-Uu_baG_GGXzk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/00a71e-def8-4a4f-a499-b60fbb14c19d/1/2JtE4sBX8BqZJh-Uu_baG_GGXzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
17:62:a4:10:93:9a:3c:12:6b:47:7d:5c:86:92:6f:b5:12:63:
18:6d:bb:e9:7b:68:fd:36:6d:5c:c8:34:e1:97:7d:53:d2:5d:
f2:14:4f:27:72:56:25:25:f4:88:8a:fd:72:ca:3e:96:f7:b7:
d8:83:be:48:74:87:87:b4:04:d2:cf:bf:f3:3a:54:25:57:6c:
d4:d8:ba:e5:4a:98:40:95:5e:09:2a:ba:64:44:af:66:fc:07:
19:bc:8c:17:22:be:af:bc:ee:eb:d2:7a:7a:af:18:3e:7c:cb:
dd:8c:f3:d8:6b:30:41:be:e5:47:ac:9d:44:af:f0:d7:c0:bc:
a4:59:28:cd:bc:43:fd:e2:43:a3:ff:70:57:c4:8a:28:d4:5e:
19:fb:c4:a0:e0:2e:0b:cf:2e:09:eb:e4:44:b5:bb:2c:b8:d0:
cb:aa:8b:67:b0:bb:c0:31:c8:64:77:62:a2:44:62:a9:ce:d6:
f1:b1:c0:b7:dd:6b:a5:d8:43:b3:3d:96:5d:ab:21:39:3b:c2:
a7:8c:4a:ea:ab:5b:3d:a0:66:75:3f:5a:75:34:ca:2a:d6:69:
c1:77:be:c3:c1:07:16:e5:88:7c:e5:3c:ac:86:4d:c6:c4:65:
29:50:ff:da:3f:9a:ff:94:5b:9c:cd:a6:a0:41:dc:53:53:c2:
77:9b:f4:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oH2KiFMUHeXIN/SK7jgeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4OWI0NGUyYzA1N2YwMWE5OTI2MWY5NGJiZjZkYTFiZjE4
NjVmMzkwHhcNMjUwNjI4MTMwMTAwWhcNMjUwNjI5MTMwMTAwWjAzMTEwLwYDVQQD
EygxOTg4MzZmNmI5ZWQxMTdlYWJiZDQ4ZGMwZjhhODMxYzg5NTE5ZTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvpEZSukOd0twjH0uJoNS+HI8uus
PSLeEmUCE8337HHJ/+kpyv0vxfUriMUY+CCljWUmBrCAGqrvN+5AVve0Ap33iiKJ
vA83zkpKHN7IVtwu9rM6A6bz9AtBhoOKV953/1b1zHFSKPoGkTUr7ov2AGoQ3S4N
80rH3dRiUncNU2ysCWivyFUOBVlQJL4YS5GYGFmHB5zTwi4yYlP3DfjpBSUy3AsN
a0dXJey9YqNtwhHg6LlHLWQ8gzPioa2T4OIEgAvwDFsXcc6BZO7zK/C+GgzJfQhs
qN/QtTCNflNrFbwbMS2bPcazgiv3LxALrcTOkRST+1kDgP1SV8y6HqSznQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBmINva57RF+q71I3A+KgxyJUZ5MMB8GA1UdIwQY
MBaAFNibROLAV/AamSYflLv22hvxhl85MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkp0RTRzQlg4QnFaSmgtVXVfYmFHX0dHWHprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8wMGE3MWUtZGVmOC00YTRmLWE0OTkt
YjYwZmJiMTRjMTlkLzEvMkp0RTRzQlg4QnFaSmgtVXVfYmFHX0dHWHprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8wMGE3MWUtZGVmOC00YTRmLWE0OTktYjYwZmJiMTRjMTlk
LzEvMkp0RTRzQlg4QnFaSmgtVXVfYmFHX0dHWHprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF2KkEJOa
PBJrR31chpJvtRJjGG276Xto/TZtXMg04Zd9U9Jd8hRPJ3JWJSX0iIr9cso+lve3
2IO+SHSHh7QE0s+/8zpUJVds1Ni65UqYQJVeCSq6ZESvZvwHGbyMFyK+r7zu69J6
eq8YPnzL3Yzz2GswQb7lR6ydRK/w18C8pFkozbxD/eJDo/9wV8SKKNReGfvEoOAu
C88uCevkRLW7LLjQy6qLZ7C7wDHIZHdiokRiqc7W8bHAt91rpdhDsz2WXashOTvC
p4xK6qtbPaBmdT9adTTKKtZpwXe+w8EHFuWIfOU8rIZNxsRlKVD/2j+a/5RbnM2m
oEHcU1PCd5v09w==
-----END CERTIFICATE-----
Generated at Sat Jun 28 19:35:33 2025 by rpki-client