Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/7fcb35-4408-4218-9862-7f75a1b10ec3/1/2D73FCmY5OZWYFPixjpwgIxuojc.mft
File: 2D73FCmY5OZWYFPixjpwgIxuojc.mft (raw, json)
Hash identifier: v12RaJCjcuFYzdnwsuCHZoXLcN+vTR11FsmDAObH88A=
Subject key identifier: 2C:38:02:68:39:4B:B8:2D:F0:08:0B:9D:B4:DF:03:15:F0:73:50:62
Authority key identifier: D8:3E:F7:14:29:98:E4:E6:56:60:53:E2:C6:3A:70:80:8C:6E:A2:37
Certificate issuer: /CN=d83ef7142998e4e6566053e2c63a70808c6ea237
Certificate serial: 0197B7B3824A4E929E3DEC66095420B0C433
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2D73FCmY5OZWYFPixjpwgIxuojc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/7fcb35-4408-4218-9862-7f75a1b10ec3/1/2D73FCmY5OZWYFPixjpwgIxuojc.mft
Manifest number: 0135
Signing time: Sat 28 Jun 2025 18:01:23 +0000
Manifest this update: Sat 28 Jun 2025 18:01:23 +0000
Manifest next update: Sun 29 Jun 2025 18:01:23 +0000
Files and hashes: 1: 2D73FCmY5OZWYFPixjpwgIxuojc.crl (hash: PAf8t7lfXzZ8srWV5VrgDm3raA/eyJGyc5QCSxPYR7E=)
2: EWAO3dXqj4k_Zc24k1Bzcpcwlew.roa (hash: fG2UBrX6DjIKV9kptyQGomVTDY864OWJshOwmuCJfno=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/7fcb35-4408-4218-9862-7f75a1b10ec3/1/2D73FCmY5OZWYFPixjpwgIxuojc.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/7fcb35-4408-4218-9862-7f75a1b10ec3/1/2D73FCmY5OZWYFPixjpwgIxuojc.mft
rsync://rpki.ripe.net/repository/DEFAULT/2D73FCmY5OZWYFPixjpwgIxuojc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:b3:82:4a:4e:92:9e:3d:ec:66:09:54:20:b0:c4:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d83ef7142998e4e6566053e2c63a70808c6ea237
Validity
Not Before: Jun 28 18:01:23 2025 GMT
Not After : Jun 29 18:01:23 2025 GMT
Subject: CN=2c380268394bb82df0080b9db4df0315f0735062
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f3:81:3c:36:a7:56:d0:2a:04:de:58:c6:25:
64:54:3d:37:55:17:43:5a:3a:98:93:12:8c:e4:27:
3c:28:8e:a2:60:55:61:48:be:98:6b:5e:8c:95:2a:
03:a6:3e:e9:ca:17:d4:1f:86:2f:d3:34:ae:55:a2:
09:ad:7b:bb:3b:e7:8b:28:10:5a:26:1c:db:45:c1:
db:0a:7d:aa:37:13:3c:24:ff:0b:78:a1:a3:33:d7:
0d:18:92:e7:69:11:58:f3:a9:ce:43:4d:9c:dc:19:
d7:35:55:25:8e:3c:14:ff:6e:cf:69:17:f2:85:12:
bd:60:5c:c6:71:3c:54:e4:8f:fc:ca:04:ea:0f:2d:
67:c1:f4:6c:f1:8e:fc:a3:ad:7a:a3:ec:e8:10:49:
cc:3b:d5:e2:ea:71:a0:c4:1a:cb:fb:c1:3a:23:5f:
52:45:4d:55:4d:d6:64:63:1b:f7:ba:71:d6:72:ab:
42:fc:d1:1b:e1:76:ca:a3:6d:74:9e:41:6f:fe:80:
83:95:51:bd:9f:61:49:e8:5a:df:ec:44:1c:74:2b:
89:59:28:47:15:6c:22:76:21:75:04:0c:fe:46:fa:
2f:1d:c1:c5:70:93:f5:ac:8b:e5:ee:12:d9:01:1e:
76:13:a3:e4:d6:75:19:7a:eb:e8:c9:18:d8:44:3d:
ee:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:38:02:68:39:4B:B8:2D:F0:08:0B:9D:B4:DF:03:15:F0:73:50:62
X509v3 Authority Key Identifier:
keyid:D8:3E:F7:14:29:98:E4:E6:56:60:53:E2:C6:3A:70:80:8C:6E:A2:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2D73FCmY5OZWYFPixjpwgIxuojc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/7fcb35-4408-4218-9862-7f75a1b10ec3/1/2D73FCmY5OZWYFPixjpwgIxuojc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/7fcb35-4408-4218-9862-7f75a1b10ec3/1/2D73FCmY5OZWYFPixjpwgIxuojc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
20:db:1e:c2:b6:ef:47:b2:c6:3e:b5:c9:f4:7b:bb:a7:26:b2:
6b:f2:de:16:c8:17:3c:66:ad:b2:8b:41:f9:cc:38:51:15:53:
31:f4:e4:ee:9a:0e:80:3b:eb:e1:42:04:29:e6:6a:34:93:41:
83:ac:4b:2a:4b:1a:e8:ab:c1:20:38:4f:48:8c:05:27:52:f9:
22:05:f7:33:e6:ac:b3:66:10:cc:71:a7:36:46:fb:92:df:83:
28:42:4f:a2:ff:80:87:7a:57:d8:a9:c1:06:0c:72:aa:b9:f7:
89:a6:d8:44:41:d2:6a:a1:99:9e:27:22:34:c2:f9:2e:62:e4:
3a:37:9c:ce:fa:fc:c0:d0:03:0c:07:46:10:4f:f1:ca:9b:40:
8f:61:4d:a0:a2:ff:66:4f:ab:5d:a7:96:fd:3e:fa:5d:dd:03:
9f:f3:f0:4a:e3:3b:22:ae:a0:0f:0d:8e:f6:2c:58:d6:5e:2b:
9b:c0:b9:e8:ca:69:03:0e:43:0b:99:31:c8:87:dc:ff:e7:0d:
58:31:b3:fc:1f:67:87:9e:fe:94:66:05:20:19:05:4f:2d:39:
cb:52:72:4d:1f:44:79:4d:7f:d5:bd:e4:4e:36:ab:d0:96:22:
85:34:16:28:da:13:24:48:ed:1b:c9:ff:e4:e5:fb:12:64:10:
41:fb:b9:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3s4JKTpKePexmCVQgsMQzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4M2VmNzE0Mjk5OGU0ZTY1NjYwNTNlMmM2M2E3MDgwOGM2
ZWEyMzcwHhcNMjUwNjI4MTgwMTIzWhcNMjUwNjI5MTgwMTIzWjAzMTEwLwYDVQQD
EygyYzM4MDI2ODM5NGJiODJkZjAwODBiOWRiNGRmMDMxNWYwNzM1MDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPOBPDanVtAqBN5YxiVkVD03VRdD
WjqYkxKM5Cc8KI6iYFVhSL6Ya16MlSoDpj7pyhfUH4Yv0zSuVaIJrXu7O+eLKBBa
JhzbRcHbCn2qNxM8JP8LeKGjM9cNGJLnaRFY86nOQ02c3BnXNVUljjwU/27PaRfy
hRK9YFzGcTxU5I/8ygTqDy1nwfRs8Y78o616o+zoEEnMO9Xi6nGgxBrL+8E6I19S
RU1VTdZkYxv3unHWcqtC/NEb4XbKo210nkFv/oCDlVG9n2FJ6Frf7EQcdCuJWShH
FWwidiF1BAz+RvovHcHFcJP1rIvl7hLZAR52E6Pk1nUZeuvoyRjYRD3uTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCw4Amg5S7gt8AgLnbTfAxXwc1BiMB8GA1UdIwQY
MBaAFNg+9xQpmOTmVmBT4sY6cICMbqI3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkQ3M0ZDbVk1T1pXWUZQaXhqcHdnSXh1b2pjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy83ZmNiMzUtNDQwOC00MjE4LTk4NjIt
N2Y3NWExYjEwZWMzLzEvMkQ3M0ZDbVk1T1pXWUZQaXhqcHdnSXh1b2pjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy83ZmNiMzUtNDQwOC00MjE4LTk4NjItN2Y3NWExYjEwZWMz
LzEvMkQ3M0ZDbVk1T1pXWUZQaXhqcHdnSXh1b2pjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAINsewrbv
R7LGPrXJ9Hu7pyaya/LeFsgXPGatsotB+cw4URVTMfTk7poOgDvr4UIEKeZqNJNB
g6xLKksa6KvBIDhPSIwFJ1L5IgX3M+ass2YQzHGnNkb7kt+DKEJPov+Ah3pX2KnB
Bgxyqrn3iabYREHSaqGZniciNML5LmLkOjeczvr8wNADDAdGEE/xyptAj2FNoKL/
Zk+rXaeW/T76Xd0Dn/PwSuM7Iq6gDw2O9ixY1l4rm8C56MppAw5DC5kxyIfc/+cN
WDGz/B9nh57+lGYFIBkFTy05y1JyTR9EeU1/1b3kTjar0JYihTQWKNoTJEjtG8n/
5OX7EmQQQfu5pw==
-----END CERTIFICATE-----
Generated at Sat Jun 28 21:29:44 2025 by rpki-client