Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b043af-b492-4b5b-a250-301433ebe436/1/IT2HNcFEzxJWWEO2nrQKTRowGqU.mft
File: IT2HNcFEzxJWWEO2nrQKTRowGqU.mft (raw, json)
Hash identifier: BtZuKVBJaIqMkm/SGxPXCJUQ8FSIZ3hUOPYf5c9X6Wg=
Subject key identifier: 59:52:3C:19:25:2D:FB:2A:2C:96:16:CF:FD:E5:DA:FC:17:84:3C:0B
Authority key identifier: 21:3D:87:35:C1:44:CF:12:56:58:43:B6:9E:B4:0A:4D:1A:30:1A:A5
Certificate issuer: /CN=213d8735c144cf12565843b69eb40a4d1a301aa5
Certificate serial: 0198D54E00C46690682B73042B212CF4FECD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IT2HNcFEzxJWWEO2nrQKTRowGqU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b043af-b492-4b5b-a250-301433ebe436/1/IT2HNcFEzxJWWEO2nrQKTRowGqU.mft
Manifest number: 0FBA
Signing time: Sat 23 Aug 2025 05:01:55 +0000
Manifest this update: Sat 23 Aug 2025 05:01:55 +0000
Manifest next update: Sun 24 Aug 2025 05:01:55 +0000
Files and hashes: 1: IT2HNcFEzxJWWEO2nrQKTRowGqU.crl (hash: zO74ka92wAggKWHUEY+LspqBN4+yckcaO8Bjs1Ux2XY=)
2: oYl1-NMXXzEXtTi3L5l80mvOKew.roa (hash: HGKJcqJks4x1KvA9MPs1IeJtaKWdWbE52yFjhD/1Aak=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/b043af-b492-4b5b-a250-301433ebe436/1/IT2HNcFEzxJWWEO2nrQKTRowGqU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/b043af-b492-4b5b-a250-301433ebe436/1/IT2HNcFEzxJWWEO2nrQKTRowGqU.mft
rsync://rpki.ripe.net/repository/DEFAULT/IT2HNcFEzxJWWEO2nrQKTRowGqU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:4e:00:c4:66:90:68:2b:73:04:2b:21:2c:f4:fe:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=213d8735c144cf12565843b69eb40a4d1a301aa5
Validity
Not Before: Aug 23 05:01:55 2025 GMT
Not After : Aug 24 05:01:55 2025 GMT
Subject: CN=59523c19252dfb2a2c9616cffde5dafc17843c0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:37:94:e0:e9:c0:c9:8d:9c:a6:10:2a:d1:63:
45:2e:76:f5:c5:32:f0:44:b9:8e:bf:5d:bd:f1:37:
37:6c:3a:24:69:27:62:37:6b:fb:36:18:17:34:d7:
77:3a:ef:6f:23:e5:4c:5b:26:a2:cf:0a:46:b8:c7:
7b:86:0a:cc:58:ba:71:6f:05:48:b0:9b:dd:97:90:
dc:45:dd:70:17:f9:7e:30:85:ab:58:ec:e2:4a:c9:
db:0d:d1:ba:ea:4d:3a:4a:f4:9c:c8:f8:ec:b7:a6:
96:94:af:22:9e:e9:79:de:c3:af:2d:5c:1a:d2:32:
ce:00:99:dd:4f:ff:f3:e2:0f:1f:fa:8f:d2:26:72:
b1:df:50:1b:cc:49:bf:11:69:24:9e:d7:4e:a8:2a:
dc:d3:d8:49:55:73:f6:6b:9e:bf:9f:f6:0d:43:aa:
4e:d9:3d:08:f3:19:01:55:dc:46:00:4c:5a:47:72:
79:19:8b:ee:2a:64:61:13:ac:a8:67:93:79:0b:9e:
5a:80:8f:54:ce:e6:87:2b:e8:b5:bc:53:9f:90:6c:
14:f7:9c:b2:d4:23:88:aa:b6:7d:bc:8d:ea:18:8d:
e1:33:c4:c9:13:2a:f7:ea:12:f3:1a:e6:a4:3f:79:
55:0d:63:b0:cc:88:91:04:56:94:7b:4f:eb:11:db:
bc:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:52:3C:19:25:2D:FB:2A:2C:96:16:CF:FD:E5:DA:FC:17:84:3C:0B
X509v3 Authority Key Identifier:
keyid:21:3D:87:35:C1:44:CF:12:56:58:43:B6:9E:B4:0A:4D:1A:30:1A:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IT2HNcFEzxJWWEO2nrQKTRowGqU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b043af-b492-4b5b-a250-301433ebe436/1/IT2HNcFEzxJWWEO2nrQKTRowGqU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b043af-b492-4b5b-a250-301433ebe436/1/IT2HNcFEzxJWWEO2nrQKTRowGqU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
31:61:23:57:cf:5e:11:67:27:51:1b:18:f3:48:9a:bd:e7:72:
de:d4:12:e1:34:5c:bb:fd:50:1d:f4:9c:15:76:00:f5:ac:72:
92:4f:71:d9:e2:46:5b:97:9b:95:9c:5a:87:f5:7a:cd:63:74:
5b:f3:54:b2:9d:8f:6f:06:e0:be:5f:a2:05:bb:94:cf:a2:fd:
1c:b9:9b:d9:87:88:c3:0c:12:75:c5:8c:df:89:1c:04:f0:9f:
e2:b5:48:58:04:a3:6a:ec:cd:e5:0f:72:10:cf:33:01:a7:96:
33:4d:0e:0b:4d:21:b4:20:e7:ba:45:4f:2c:65:f4:d7:ab:16:
20:a2:2a:8f:36:68:01:4d:09:73:3c:25:cf:7e:54:56:13:ad:
fb:fb:10:82:da:df:af:2e:5d:17:63:2c:bc:b3:7d:3d:f3:32:
6e:81:ff:ea:96:59:4d:81:9c:9c:70:b3:38:65:c7:8b:f1:d1:
09:23:5a:bb:f6:bd:78:c1:77:24:74:1f:73:4c:2a:11:15:03:
7f:da:61:c6:bc:4a:52:61:aa:e1:e6:33:d8:56:94:c4:76:0d:
c2:7c:ba:fe:30:e4:79:30:9a:2b:e2:0f:fa:cf:ed:52:14:b6:
65:1a:20:74:a6:c9:ec:d9:59:77:92:2e:8f:00:54:c9:50:02:
fd:fa:cc:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTgDEZpBoK3MEKyEs9P7NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxM2Q4NzM1YzE0NGNmMTI1NjU4NDNiNjllYjQwYTRkMWEz
MDFhYTUwHhcNMjUwODIzMDUwMTU1WhcNMjUwODI0MDUwMTU1WjAzMTEwLwYDVQQD
Eyg1OTUyM2MxOTI1MmRmYjJhMmM5NjE2Y2ZmZGU1ZGFmYzE3ODQzYzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjeU4OnAyY2cphAq0WNFLnb1xTLw
RLmOv1298Tc3bDokaSdiN2v7NhgXNNd3Ou9vI+VMWyaizwpGuMd7hgrMWLpxbwVI
sJvdl5DcRd1wF/l+MIWrWOziSsnbDdG66k06SvScyPjst6aWlK8inul53sOvLVwa
0jLOAJndT//z4g8f+o/SJnKx31AbzEm/EWkkntdOqCrc09hJVXP2a56/n/YNQ6pO
2T0I8xkBVdxGAExaR3J5GYvuKmRhE6yoZ5N5C55agI9UzuaHK+i1vFOfkGwU95yy
1COIqrZ9vI3qGI3hM8TJEyr36hLzGuakP3lVDWOwzIiRBFaUe0/rEdu8ewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFlSPBklLfsqLJYWz/3l2vwXhDwLMB8GA1UdIwQY
MBaAFCE9hzXBRM8SVlhDtp60Ck0aMBqlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVQySE5jRkV6eEpXV0VPMm5yUUtUUm93R3FVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iMDQzYWYtYjQ5Mi00YjViLWEyNTAt
MzAxNDMzZWJlNDM2LzEvSVQySE5jRkV6eEpXV0VPMm5yUUtUUm93R3FVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iMDQzYWYtYjQ5Mi00YjViLWEyNTAtMzAxNDMzZWJlNDM2
LzEvSVQySE5jRkV6eEpXV0VPMm5yUUtUUm93R3FVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMWEjV89e
EWcnURsY80iavedy3tQS4TRcu/1QHfScFXYA9axykk9x2eJGW5eblZxah/V6zWN0
W/NUsp2Pbwbgvl+iBbuUz6L9HLmb2YeIwwwSdcWM34kcBPCf4rVIWASjauzN5Q9y
EM8zAaeWM00OC00htCDnukVPLGX016sWIKIqjzZoAU0Jczwlz35UVhOt+/sQgtrf
ry5dF2MsvLN9PfMyboH/6pZZTYGcnHCzOGXHi/HRCSNau/a9eMF3JHQfc0wqERUD
f9phxrxKUmGq4eYz2FaUxHYNwny6/jDkeTCaK+IP+s/tUhS2ZRogdKbJ7NlZd5Iu
jwBUyVAC/frMDg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:08:28 2025 by rpki-client