Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft
File: 2iTzVyHKMag-L26TfhdAjm57LGE.mft (raw, json)
Hash identifier: ezjfnVvx7R8zh7XTOxWQDqqpQXJgr/N0EfYzGQHkPN0=
Subject key identifier: 23:CB:39:CB:C1:CC:69:0C:32:DF:1C:FD:96:1D:98:DC:D7:AA:32:CB
Authority key identifier: DA:24:F3:57:21:CA:31:A8:3E:2F:6E:93:7E:17:40:8E:6E:7B:2C:61
Certificate issuer: /CN=da24f35721ca31a83e2f6e937e17408e6e7b2c61
Certificate serial: 0198D4A7B92CC891848463C3347E7BEF2EBF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft
Manifest number: 164E
Signing time: Sat 23 Aug 2025 02:00:18 +0000
Manifest this update: Sat 23 Aug 2025 02:00:18 +0000
Manifest next update: Sun 24 Aug 2025 02:00:18 +0000
Files and hashes: 1: 2iTzVyHKMag-L26TfhdAjm57LGE.crl (hash: gMXX20gEqlGCl8ojLys9Ug2s4DBv3MQyZMbIkZaIeHc=)
2: I11yOf8621A4bMVjivGCunNhodU.roa (hash: zD+DtTuh65HplID/p8Q/zTlZEI94dke+hM79PxEcBgg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft
rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 02:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d4:a7:b9:2c:c8:91:84:84:63:c3:34:7e:7b:ef:2e:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da24f35721ca31a83e2f6e937e17408e6e7b2c61
Validity
Not Before: Aug 23 02:00:18 2025 GMT
Not After : Aug 24 02:00:18 2025 GMT
Subject: CN=23cb39cbc1cc690c32df1cfd961d98dcd7aa32cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c3:3c:25:69:d0:e8:d8:ab:70:52:f6:fa:94:
1d:2a:1d:a9:52:07:23:17:1b:88:6f:20:8a:43:fb:
39:34:99:76:b1:19:c5:7a:df:20:ae:91:93:4d:cf:
93:6d:c7:a0:ef:1e:93:08:46:aa:80:89:41:c1:75:
00:76:cf:fb:d2:1a:43:c8:ec:66:8d:a8:03:92:31:
8d:8d:3c:b6:d0:72:d0:a6:d8:1d:8f:df:4a:89:20:
0a:ee:8d:4f:6c:e5:26:da:51:27:5c:a7:33:1d:37:
12:a3:a5:a4:46:0d:33:bf:b6:50:5a:11:de:69:2f:
fc:2d:f7:b7:a6:ad:00:2c:d4:7e:26:6b:4b:79:cb:
ee:0b:c6:98:32:e9:61:05:47:75:23:5a:97:d1:66:
c2:9c:cb:24:88:5b:04:98:df:e9:93:db:ee:8e:23:
55:08:93:31:fc:e7:cd:ba:93:a8:bd:df:d2:cc:48:
ec:40:df:f1:ab:49:96:e6:d4:eb:f6:92:7f:7a:2a:
0e:df:db:14:2e:dd:e3:7a:ee:c8:01:01:b2:ac:58:
14:00:7c:69:67:9b:30:fa:fd:8c:99:c4:62:48:93:
44:2a:80:58:e7:94:e4:e1:0b:74:18:34:67:31:3e:
f8:fa:84:ef:91:87:d3:62:2a:6b:47:e3:ce:09:8c:
e6:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:CB:39:CB:C1:CC:69:0C:32:DF:1C:FD:96:1D:98:DC:D7:AA:32:CB
X509v3 Authority Key Identifier:
keyid:DA:24:F3:57:21:CA:31:A8:3E:2F:6E:93:7E:17:40:8E:6E:7B:2C:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3b:7c:87:de:57:e2:84:1a:e9:bd:02:dd:bd:04:2f:89:4b:52:
60:c3:15:75:34:7f:c6:76:76:d7:45:1d:8e:c8:d4:3e:23:65:
41:7d:bf:bc:d0:96:61:e4:74:0b:49:a9:dc:df:a8:e6:19:5c:
b7:ed:70:02:b0:62:48:1d:07:02:1c:42:0c:7f:ef:6a:62:76:
c4:d2:a3:95:1f:6b:48:26:bf:16:57:2a:34:af:91:c3:5e:49:
42:df:c8:4f:21:53:7f:96:69:e4:32:b2:a0:8c:a7:6c:f5:d2:
8c:81:e7:6e:20:af:09:72:df:0a:04:57:30:64:bc:96:ac:c9:
c0:6d:bc:c5:57:3e:fc:f4:0e:e7:43:28:3d:37:12:85:41:03:
f3:15:99:56:67:f5:38:bd:c4:e1:af:ae:59:aa:f1:16:91:27:
6e:a2:14:83:de:d5:03:8f:29:4a:d3:3b:47:96:03:99:b3:8f:
af:5f:a0:93:5d:05:6c:a0:f4:52:2a:52:cd:9f:66:d1:ab:f3:
ab:18:48:08:3f:1a:40:f3:54:e6:5d:63:ce:7a:a6:93:b4:84:
e2:cb:fb:75:75:8c:42:0e:c4:fc:5b:48:85:8d:65:d7:09:93:
c7:10:b9:f7:2b:ee:31:25:2c:dd:c2:e9:61:7c:1c:6a:d4:98:
2e:7d:11:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUp7ksyJGEhGPDNH577y6/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMjRmMzU3MjFjYTMxYTgzZTJmNmU5MzdlMTc0MDhlNmU3
YjJjNjEwHhcNMjUwODIzMDIwMDE4WhcNMjUwODI0MDIwMDE4WjAzMTEwLwYDVQQD
EygyM2NiMzljYmMxY2M2OTBjMzJkZjFjZmQ5NjFkOThkY2Q3YWEzMmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcM8JWnQ6NircFL2+pQdKh2pUgcj
FxuIbyCKQ/s5NJl2sRnFet8grpGTTc+Tbceg7x6TCEaqgIlBwXUAds/70hpDyOxm
jagDkjGNjTy20HLQptgdj99KiSAK7o1PbOUm2lEnXKczHTcSo6WkRg0zv7ZQWhHe
aS/8Lfe3pq0ALNR+JmtLecvuC8aYMulhBUd1I1qX0WbCnMskiFsEmN/pk9vujiNV
CJMx/OfNupOovd/SzEjsQN/xq0mW5tTr9pJ/eioO39sULt3jeu7IAQGyrFgUAHxp
Z5sw+v2MmcRiSJNEKoBY55Tk4Qt0GDRnMT74+oTvkYfTYiprR+POCYzmeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCPLOcvBzGkMMt8c/ZYdmNzXqjLLMB8GA1UdIwQY
MBaAFNok81chyjGoPi9uk34XQI5ueyxhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9lY2VjZjQtZTkzMC00MTkyLTg0ZGQt
ODBmMzFkM2VhMTUyLzEvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9lY2VjZjQtZTkzMC00MTkyLTg0ZGQtODBmMzFkM2VhMTUy
LzEvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO3yH3lfi
hBrpvQLdvQQviUtSYMMVdTR/xnZ210UdjsjUPiNlQX2/vNCWYeR0C0mp3N+o5hlc
t+1wArBiSB0HAhxCDH/vamJ2xNKjlR9rSCa/FlcqNK+Rw15JQt/ITyFTf5Zp5DKy
oIynbPXSjIHnbiCvCXLfCgRXMGS8lqzJwG28xVc+/PQO50MoPTcShUED8xWZVmf1
OL3E4a+uWarxFpEnbqIUg97VA48pStM7R5YDmbOPr1+gk10FbKD0UipSzZ9m0avz
qxhICD8aQPNU5l1jznqmk7SE4sv7dXWMQg7E/FtIhY1l1wmTxxC59yvuMSUs3cLp
YXwcatSYLn0RuQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:11:20 2025 by rpki-client