Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft
File: 2iTzVyHKMag-L26TfhdAjm57LGE.mft (raw, json)
Hash identifier: DMMWg7e2dIrnvUWAbvcVVgZZAwNXUaAnfta2BimmfzM=
Subject key identifier: 75:CE:D9:57:E5:CC:BC:4A:CD:74:C7:D4:00:AC:57:80:5D:8D:81:A1
Authority key identifier: DA:24:F3:57:21:CA:31:A8:3E:2F:6E:93:7E:17:40:8E:6E:7B:2C:61
Certificate issuer: /CN=da24f35721ca31a83e2f6e937e17408e6e7b2c61
Certificate serial: 0199FE1042DCEFD05A3C507FAA5099535B4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft
Manifest number: 16E8
Signing time: Sun 19 Oct 2025 20:01:42 +0000
Manifest this update: Sun 19 Oct 2025 20:01:42 +0000
Manifest next update: Mon 20 Oct 2025 20:01:42 +0000
Files and hashes: 1: 2iTzVyHKMag-L26TfhdAjm57LGE.crl (hash: w6HEWvP6sRF2jECzs1uC0q/VXoHViUHcWS99xQxw9Lw=)
2: I11yOf8621A4bMVjivGCunNhodU.roa (hash: zD+DtTuh65HplID/p8Q/zTlZEI94dke+hM79PxEcBgg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft
rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fe:10:42:dc:ef:d0:5a:3c:50:7f:aa:50:99:53:5b:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da24f35721ca31a83e2f6e937e17408e6e7b2c61
Validity
Not Before: Oct 19 20:01:42 2025 GMT
Not After : Oct 20 20:01:42 2025 GMT
Subject: CN=75ced957e5ccbc4acd74c7d400ac57805d8d81a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:eb:d3:4d:82:78:d1:83:79:1a:1c:a8:4f:64:
c5:ad:79:c5:c4:17:21:59:05:a4:0a:d6:7e:2f:21:
5d:49:01:4f:61:30:a6:1c:46:39:93:07:34:6e:29:
e9:a7:8d:3d:42:ea:a6:f6:e4:ea:5f:d7:95:f3:69:
d5:eb:e1:d8:b7:ca:14:57:38:e1:90:cb:be:ef:2f:
db:91:80:17:f0:5d:15:ac:34:92:c1:1e:87:3f:73:
f9:ef:c0:c8:2e:30:c8:67:c5:29:56:cf:6d:19:28:
de:5e:a0:8e:68:43:fd:0e:d7:30:91:7b:58:b0:48:
1a:12:81:6d:21:64:a4:00:db:fe:76:48:74:24:97:
d5:22:b6:ca:ec:74:ed:8e:de:27:de:20:fc:2f:4f:
80:16:6e:f4:c8:cf:61:fc:03:74:8b:54:31:ea:07:
60:55:6d:46:ca:70:bb:71:88:58:c6:aa:4a:62:fd:
3f:1e:da:2e:c4:58:0a:31:1a:5a:7e:c1:13:33:2d:
e3:de:0b:78:b4:e7:ab:15:4f:a9:2f:55:7d:ff:93:
39:bf:d5:f3:3a:3b:ed:c6:65:b5:f3:67:be:2e:3a:
57:bf:63:b9:72:35:49:dc:cf:01:f4:29:2d:82:d9:
77:97:73:7e:1b:63:59:f1:30:4a:90:fd:fd:28:e8:
26:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:CE:D9:57:E5:CC:BC:4A:CD:74:C7:D4:00:AC:57:80:5D:8D:81:A1
X509v3 Authority Key Identifier:
keyid:DA:24:F3:57:21:CA:31:A8:3E:2F:6E:93:7E:17:40:8E:6E:7B:2C:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2a:73:1f:90:0d:7c:69:e7:1a:0c:e9:21:32:d2:74:d6:27:bf:
28:14:4a:00:91:42:ec:08:a6:9b:e6:ad:f1:52:92:8d:8c:6b:
91:84:59:b6:6f:1e:ce:b8:5f:eb:de:78:36:71:b1:3c:a7:d1:
4b:0e:a1:2d:51:c1:9d:f8:35:24:4b:7a:3c:8c:8d:50:d2:38:
6c:c2:de:18:4d:65:fd:da:34:4a:a6:87:34:22:4a:3b:ba:14:
6e:ba:da:87:5a:2f:ab:54:ca:00:36:f3:b2:ac:9e:55:91:2a:
d9:7a:42:a3:12:a2:1a:a0:71:d3:37:53:90:58:5f:20:b0:c3:
a5:be:0e:3c:51:b3:23:19:74:63:9f:e0:f0:0e:e6:2a:39:79:
ac:83:af:66:7e:d7:05:b8:30:57:23:d1:67:62:84:ad:8c:7c:
6d:d3:72:a9:80:76:07:b8:ac:0f:ae:a4:aa:da:f4:00:b1:90:
0e:0e:3e:03:08:e0:76:fe:f2:c5:31:c6:1a:01:9b:ba:e9:ca:
e9:76:8e:df:5c:12:27:40:27:8b:7a:0a:c0:23:6b:45:1a:bf:
a6:33:57:07:47:12:a5:66:e5:3c:cd:f9:44:05:b1:87:ed:d8:
99:01:a4:6d:7a:29:50:48:ec:d6:59:91:52:f7:df:58:d2:ff:
be:77:2a:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+EELc79BaPFB/qlCZU1tMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMjRmMzU3MjFjYTMxYTgzZTJmNmU5MzdlMTc0MDhlNmU3
YjJjNjEwHhcNMjUxMDE5MjAwMTQyWhcNMjUxMDIwMjAwMTQyWjAzMTEwLwYDVQQD
Eyg3NWNlZDk1N2U1Y2NiYzRhY2Q3NGM3ZDQwMGFjNTc4MDVkOGQ4MWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkuvTTYJ40YN5GhyoT2TFrXnFxBch
WQWkCtZ+LyFdSQFPYTCmHEY5kwc0binpp409Quqm9uTqX9eV82nV6+HYt8oUVzjh
kMu+7y/bkYAX8F0VrDSSwR6HP3P578DILjDIZ8UpVs9tGSjeXqCOaEP9DtcwkXtY
sEgaEoFtIWSkANv+dkh0JJfVIrbK7HTtjt4n3iD8L0+AFm70yM9h/AN0i1Qx6gdg
VW1GynC7cYhYxqpKYv0/HtouxFgKMRpafsETMy3j3gt4tOerFU+pL1V9/5M5v9Xz
OjvtxmW182e+LjpXv2O5cjVJ3M8B9Cktgtl3l3N+G2NZ8TBKkP39KOgmXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHXO2VflzLxKzXTH1ACsV4BdjYGhMB8GA1UdIwQY
MBaAFNok81chyjGoPi9uk34XQI5ueyxhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9lY2VjZjQtZTkzMC00MTkyLTg0ZGQt
ODBmMzFkM2VhMTUyLzEvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9lY2VjZjQtZTkzMC00MTkyLTg0ZGQtODBmMzFkM2VhMTUy
LzEvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKnMfkA18
aecaDOkhMtJ01ie/KBRKAJFC7Aimm+at8VKSjYxrkYRZtm8ezrhf6954NnGxPKfR
Sw6hLVHBnfg1JEt6PIyNUNI4bMLeGE1l/do0SqaHNCJKO7oUbrrah1ovq1TKADbz
sqyeVZEq2XpCoxKiGqBx0zdTkFhfILDDpb4OPFGzIxl0Y5/g8A7mKjl5rIOvZn7X
BbgwVyPRZ2KErYx8bdNyqYB2B7isD66kqtr0ALGQDg4+Awjgdv7yxTHGGgGbuunK
6XaO31wSJ0Ani3oKwCNrRRq/pjNXB0cSpWblPM35RAWxh+3YmQGkbXopUEjs1lmR
UvffWNL/vncqCg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 06:30:15 2025 by rpki-client