Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft
File: 2iTzVyHKMag-L26TfhdAjm57LGE.mft (raw, json)
Hash identifier: TplC86aK1SPPpYG0O5JnMGEbNdoYuJEYaUmNp7uKVyk=
Subject key identifier: 7A:87:81:C9:37:BE:F6:07:D8:CF:00:FA:67:96:9D:1A:46:12:78:53
Authority key identifier: DA:24:F3:57:21:CA:31:A8:3E:2F:6E:93:7E:17:40:8E:6E:7B:2C:61
Certificate issuer: /CN=da24f35721ca31a83e2f6e937e17408e6e7b2c61
Certificate serial: 0196C53AE04941C52B05782901C2A63CA7D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft
Manifest number: 153C
Signing time: Mon 12 May 2025 16:01:32 +0000
Manifest this update: Mon 12 May 2025 16:01:32 +0000
Manifest next update: Tue 13 May 2025 16:01:32 +0000
Files and hashes: 1: 2iTzVyHKMag-L26TfhdAjm57LGE.crl (hash: oNNHnkaUynnNrhw0e3oqLeZYMXEJ6Q0H7yA/YvughzE=)
2: lr5jbDjaqu0iW63nm_TgYe8r0I0.roa (hash: T3EVn+q8uKMPho7QfZp0crU+xrdxlEjJ2MkqJEKn8k4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft
rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 14:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c5:3a:e0:49:41:c5:2b:05:78:29:01:c2:a6:3c:a7:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da24f35721ca31a83e2f6e937e17408e6e7b2c61
Validity
Not Before: May 12 16:01:32 2025 GMT
Not After : May 13 16:01:32 2025 GMT
Subject: CN=7a8781c937bef607d8cf00fa67969d1a46127853
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:0b:b8:6e:ce:74:63:74:db:c7:d3:f4:28:08:
97:f9:3e:b4:74:6d:32:c8:49:cc:06:bf:ea:95:3d:
56:94:4a:a8:ed:f5:58:49:77:2f:57:b6:8a:e8:ce:
28:af:2a:16:b8:30:db:d8:75:60:bd:37:d6:fd:a3:
76:c7:bd:c0:99:7c:9b:2b:fb:77:92:b8:fd:db:e8:
c0:c5:0e:8d:ef:d4:18:6c:52:0c:76:eb:83:73:94:
f9:8e:86:0e:50:6f:83:fd:78:0d:a9:e0:2e:20:8e:
85:6d:43:3c:32:91:4b:5b:5f:03:32:39:7a:19:04:
97:8e:e5:8a:14:1a:ad:f9:39:76:2a:e8:4c:5f:c5:
05:30:f6:56:30:08:4b:fc:05:39:b0:1f:c6:29:79:
d6:35:c6:ca:f2:b8:ef:a1:7f:29:c2:49:9c:3a:f3:
96:0b:37:08:a4:3e:02:38:0f:55:51:ce:a9:0d:32:
da:e1:25:0e:1b:a2:ea:9f:f8:13:f9:71:1a:0d:59:
22:76:96:fe:72:a2:82:34:8b:d0:6c:b5:4b:79:a9:
48:b0:24:78:14:25:d8:c8:61:3d:2d:c6:01:a6:1c:
ad:1a:65:3f:0d:63:5d:42:03:35:fc:09:69:26:b4:
59:dd:0f:94:fd:bf:33:17:74:f6:8d:e6:34:64:e9:
23:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:87:81:C9:37:BE:F6:07:D8:CF:00:FA:67:96:9D:1A:46:12:78:53
X509v3 Authority Key Identifier:
keyid:DA:24:F3:57:21:CA:31:A8:3E:2F:6E:93:7E:17:40:8E:6E:7B:2C:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4c:14:c1:40:ea:c5:f3:47:ee:cf:64:03:e4:65:da:9a:1f:11:
b9:26:65:52:ed:31:5f:a0:6c:ff:5e:df:7c:96:fc:ef:aa:e9:
04:54:03:6c:bc:12:68:42:df:d4:a8:c7:38:42:7a:23:90:c2:
7e:ce:fa:b8:0f:f4:4a:33:30:cb:ae:b7:27:1b:d9:9a:3e:01:
39:f9:2c:2e:af:4e:87:74:85:a8:3e:76:2c:23:04:30:05:3d:
39:1b:41:12:e2:86:a8:c0:ec:31:ac:34:29:ec:ff:8d:ba:5a:
fd:d5:e4:b6:f6:14:c8:a4:00:46:99:36:22:24:08:a2:4e:64:
54:29:d9:b9:f8:f7:3f:7a:27:5e:45:ff:c6:4d:c0:66:2f:81:
f5:c8:e9:de:c2:6c:ee:9d:a7:29:7a:20:88:07:79:63:10:4a:
c3:5f:96:e3:de:ed:65:36:71:2f:91:81:5c:e6:a4:d3:02:3b:
eb:b3:de:15:3d:5c:6f:8a:1a:2a:83:66:10:c9:b3:19:ec:16:
3e:64:f6:1a:e4:9a:d1:b5:eb:a0:e8:65:72:b6:9f:4f:1b:7d:
71:f1:71:7c:cb:07:db:95:a5:bf:c9:97:91:78:a7:8b:a4:f4:
82:e2:f6:a4:dc:b7:f3:e7:0b:fa:ca:c7:fc:e1:ae:d1:b9:72:
ee:5f:35:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbFOuBJQcUrBXgpAcKmPKfSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMjRmMzU3MjFjYTMxYTgzZTJmNmU5MzdlMTc0MDhlNmU3
YjJjNjEwHhcNMjUwNTEyMTYwMTMyWhcNMjUwNTEzMTYwMTMyWjAzMTEwLwYDVQQD
Eyg3YTg3ODFjOTM3YmVmNjA3ZDhjZjAwZmE2Nzk2OWQxYTQ2MTI3ODUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgu4bs50Y3Tbx9P0KAiX+T60dG0y
yEnMBr/qlT1WlEqo7fVYSXcvV7aK6M4oryoWuDDb2HVgvTfW/aN2x73AmXybK/t3
krj92+jAxQ6N79QYbFIMduuDc5T5joYOUG+D/XgNqeAuII6FbUM8MpFLW18DMjl6
GQSXjuWKFBqt+Tl2KuhMX8UFMPZWMAhL/AU5sB/GKXnWNcbK8rjvoX8pwkmcOvOW
CzcIpD4COA9VUc6pDTLa4SUOG6Lqn/gT+XEaDVkidpb+cqKCNIvQbLVLealIsCR4
FCXYyGE9LcYBphytGmU/DWNdQgM1/AlpJrRZ3Q+U/b8zF3T2jeY0ZOkjyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHqHgck3vvYH2M8A+meWnRpGEnhTMB8GA1UdIwQY
MBaAFNok81chyjGoPi9uk34XQI5ueyxhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9lY2VjZjQtZTkzMC00MTkyLTg0ZGQt
ODBmMzFkM2VhMTUyLzEvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9lY2VjZjQtZTkzMC00MTkyLTg0ZGQtODBmMzFkM2VhMTUy
LzEvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATBTBQOrF
80fuz2QD5GXamh8RuSZlUu0xX6Bs/17ffJb876rpBFQDbLwSaELf1KjHOEJ6I5DC
fs76uA/0SjMwy663JxvZmj4BOfksLq9Oh3SFqD52LCMEMAU9ORtBEuKGqMDsMaw0
Kez/jbpa/dXktvYUyKQARpk2IiQIok5kVCnZufj3P3onXkX/xk3AZi+B9cjp3sJs
7p2nKXogiAd5YxBKw1+W497tZTZxL5GBXOak0wI767PeFT1cb4oaKoNmEMmzGewW
PmT2GuSa0bXroOhlcrafTxt9cfFxfMsH25Wlv8mXkXini6T0guL2pNy38+cL+srH
/OGu0bly7l81Ew==
-----END CERTIFICATE-----
Generated at Mon May 12 20:06:46 2025 by rpki-client