
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
File: 2gKPaUMDSrdg84rkIJFU4iVciek.mft (raw, json)
Hash identifier: 68U/KXgQ5gtfl0b68yzJMCzdwd742e7CJNBuboZQWrI=
Subject key identifier: DB:A9:86:F5:58:FD:13:63:99:68:EA:B1:45:9F:80:15:29:00:84:BA
Authority key identifier: DA:02:8F:69:43:03:4A:B7:60:F3:8A:E4:20:91:54:E2:25:5C:89:E9
Certificate issuer: /CN=da028f6943034ab760f38ae4209154e2255c89e9
Certificate serial: 0199FF227CE6FE08F51DD27F4A4F153BFAED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
Manifest number: 0644
Signing time: Mon 20 Oct 2025 01:01:14 +0000
Manifest this update: Mon 20 Oct 2025 01:01:14 +0000
Manifest next update: Tue 21 Oct 2025 01:01:14 +0000
Files and hashes: 1: 2gKPaUMDSrdg84rkIJFU4iVciek.crl (hash: qiC2zP37plMmlzmARnslPiN4iTcm/o5kkZnYSZDUzFs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 01:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ff:22:7c:e6:fe:08:f5:1d:d2:7f:4a:4f:15:3b:fa:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da028f6943034ab760f38ae4209154e2255c89e9
Validity
Not Before: Oct 20 01:01:14 2025 GMT
Not After : Oct 21 01:01:14 2025 GMT
Subject: CN=dba986f558fd13639968eab1459f8015290084ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:1e:f0:1d:8c:e6:34:c5:73:af:29:29:2a:69:
c2:5e:99:65:ee:9e:d2:65:b1:35:16:5c:29:2b:f5:
cb:af:75:c9:bf:8d:4a:9c:91:12:0f:fa:77:55:5d:
48:cd:79:ad:58:d0:03:ca:02:cd:3d:4d:2b:0e:ce:
a9:79:ff:df:c4:8f:f8:e3:5d:86:b2:c9:17:0a:ba:
36:07:89:62:f0:47:61:4f:17:54:ad:76:97:0b:5c:
24:1b:d9:2e:76:96:58:7b:38:6c:55:ec:3b:ea:84:
2c:34:d4:c6:b4:23:d2:0a:4c:67:08:79:5a:2c:60:
12:66:7c:3f:02:c2:f7:34:a9:b1:b2:a2:cc:e4:2e:
9d:64:49:95:af:42:71:e4:ad:b0:76:c8:72:11:6a:
54:d9:df:d1:ee:b9:c4:57:aa:24:4f:db:11:c2:57:
be:21:95:62:81:fc:b6:9e:cc:bc:a2:79:d3:f7:aa:
c8:00:25:5a:d1:59:58:bd:f9:6f:10:f2:63:b8:db:
1d:23:e0:13:d2:78:ea:c3:24:a8:6e:bf:ab:a8:bb:
90:a9:00:a9:45:99:de:9f:b6:76:93:71:8e:af:6f:
0e:1b:8e:b8:14:82:97:02:17:fe:dd:d6:17:90:bb:
63:6c:9a:7b:58:e4:76:41:55:91:1d:7e:11:7f:29:
22:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:A9:86:F5:58:FD:13:63:99:68:EA:B1:45:9F:80:15:29:00:84:BA
X509v3 Authority Key Identifier:
keyid:DA:02:8F:69:43:03:4A:B7:60:F3:8A:E4:20:91:54:E2:25:5C:89:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
db:93:02:74:4d:1f:e8:71:15:2a:14:f3:79:34:25:be:15:f8:
15:e5:3b:f4:8b:d3:dc:2d:3a:29:4c:a7:2d:2b:05:4d:b4:5d:
ad:35:13:07:95:93:aa:10:07:6e:4d:19:9c:cf:a0:be:0a:cd:
8d:41:c3:2c:cc:4d:7e:c1:09:eb:b6:3f:cb:c0:76:ff:ed:98:
e4:66:f4:10:25:3d:d0:9c:09:bf:c0:64:8b:a2:94:50:8b:9b:
1b:43:fd:a3:65:dc:5b:29:da:f3:2a:f6:dd:88:86:a6:c6:aa:
fc:45:6f:92:a8:31:3c:4f:90:2e:7a:8d:38:52:3c:ba:02:a2:
ec:a3:68:20:08:53:b0:79:c9:c2:47:07:94:5e:24:39:36:fc:
7f:81:64:74:4f:5f:79:b0:e6:7a:e6:e0:c0:61:0e:ef:90:ba:
ba:4d:2d:6a:ce:ea:e6:3d:6a:bc:70:aa:28:bc:b0:5b:dd:4b:
dd:dd:6d:fe:ae:41:9a:db:14:d2:26:a6:1a:21:83:47:f0:ec:
67:dd:00:3f:98:b3:97:66:25:7d:04:20:ea:6a:fc:ed:5b:16:
d9:05:82:52:85:24:3a:a4:33:84:49:c3:e0:55:8e:d3:24:e3:
78:2e:d2:c8:b0:8b:a1:77:06:a6:d3:d4:4f:bf:fd:ef:32:59:
43:16:6e:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/Inzm/gj1HdJ/Sk8VO/rtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDI4ZjY5NDMwMzRhYjc2MGYzOGFlNDIwOTE1NGUyMjU1
Yzg5ZTkwHhcNMjUxMDIwMDEwMTE0WhcNMjUxMDIxMDEwMTE0WjAzMTEwLwYDVQQD
EyhkYmE5ODZmNTU4ZmQxMzYzOTk2OGVhYjE0NTlmODAxNTI5MDA4NGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsh7wHYzmNMVzrykpKmnCXpll7p7S
ZbE1FlwpK/XLr3XJv41KnJESD/p3VV1IzXmtWNADygLNPU0rDs6pef/fxI/4412G
sskXCro2B4li8EdhTxdUrXaXC1wkG9kudpZYezhsVew76oQsNNTGtCPSCkxnCHla
LGASZnw/AsL3NKmxsqLM5C6dZEmVr0Jx5K2wdshyEWpU2d/R7rnEV6okT9sRwle+
IZVigfy2nsy8onnT96rIACVa0VlYvflvEPJjuNsdI+AT0njqwySobr+rqLuQqQCp
RZnen7Z2k3GOr28OG464FIKXAhf+3dYXkLtjbJp7WOR2QVWRHX4Rfyki0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNuphvVY/RNjmWjqsUWfgBUpAIS6MB8GA1UdIwQY
MBaAFNoCj2lDA0q3YPOK5CCRVOIlXInpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9lYWZhNjEtN2ZlOS00YjE2LWJjOWIt
ZjZmM2MyNTc5YzYwLzEvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9lYWZhNjEtN2ZlOS00YjE2LWJjOWItZjZmM2MyNTc5YzYw
LzEvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA25MCdE0f
6HEVKhTzeTQlvhX4FeU79IvT3C06KUynLSsFTbRdrTUTB5WTqhAHbk0ZnM+gvgrN
jUHDLMxNfsEJ67Y/y8B2/+2Y5Gb0ECU90JwJv8Bki6KUUIubG0P9o2XcWyna8yr2
3YiGpsaq/EVvkqgxPE+QLnqNOFI8ugKi7KNoIAhTsHnJwkcHlF4kOTb8f4FkdE9f
ebDmeubgwGEO75C6uk0tas7q5j1qvHCqKLywW91L3d1t/q5BmtsU0iamGiGDR/Ds
Z90AP5izl2YlfQQg6mr87VsW2QWCUoUkOqQzhEnD4FWO0yTjeC7SyLCLoXcGptPU
T7/97zJZQxZuuA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:14:08 2025 by rpki-client