Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/33aa24-35ea-4adc-8c05-5a34e52b0b10/1/2HGZiqFAq3wf8kDqsMkjWRPJboo.mft
File: 2HGZiqFAq3wf8kDqsMkjWRPJboo.mft (raw, json)
Hash identifier: cTTb4s1z2WbnB5P4GF/e2ESy01/qy3vJ0O/4S5iO4CY=
Subject key identifier: FA:0D:2C:AD:1E:1E:4E:D6:16:FC:D9:88:B2:CD:B1:7C:E3:50:75:52
Authority key identifier: D8:71:99:8A:A1:40:AB:7C:1F:F2:40:EA:B0:C9:23:59:13:C9:6E:8A
Certificate issuer: /CN=d871998aa140ab7c1ff240eab0c9235913c96e8a
Certificate serial: 0197B6A234FCBB8A0B7D9EF4EB90685A64B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2HGZiqFAq3wf8kDqsMkjWRPJboo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/33aa24-35ea-4adc-8c05-5a34e52b0b10/1/2HGZiqFAq3wf8kDqsMkjWRPJboo.mft
Manifest number: 12C2
Signing time: Sat 28 Jun 2025 13:02:52 +0000
Manifest this update: Sat 28 Jun 2025 13:02:52 +0000
Manifest next update: Sun 29 Jun 2025 13:02:52 +0000
Files and hashes: 1: 2HGZiqFAq3wf8kDqsMkjWRPJboo.crl (hash: Ji4HvXSxuStCC+BVWXeb2TzhWTjKFxkUnr+1ujVpJF4=)
2: ogQz1j5jLQsKEpzhS2JSyEZnZ6I.roa (hash: B7xqxcI+bkCsaT71C5rhEWIjLfcjAKzC1lxv7kehuvo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/33aa24-35ea-4adc-8c05-5a34e52b0b10/1/2HGZiqFAq3wf8kDqsMkjWRPJboo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/33aa24-35ea-4adc-8c05-5a34e52b0b10/1/2HGZiqFAq3wf8kDqsMkjWRPJboo.mft
rsync://rpki.ripe.net/repository/DEFAULT/2HGZiqFAq3wf8kDqsMkjWRPJboo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 13:02:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b6:a2:34:fc:bb:8a:0b:7d:9e:f4:eb:90:68:5a:64:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d871998aa140ab7c1ff240eab0c9235913c96e8a
Validity
Not Before: Jun 28 13:02:52 2025 GMT
Not After : Jun 29 13:02:52 2025 GMT
Subject: CN=fa0d2cad1e1e4ed616fcd988b2cdb17ce3507552
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b5:bb:ea:6d:70:bc:11:e3:ad:2b:08:2d:df:
60:7f:04:2f:3e:60:21:f8:ed:83:92:b8:0a:70:0b:
a9:9c:67:f4:9e:5d:a9:80:bc:c0:95:76:ab:5f:96:
d7:cd:cc:84:5e:c9:3c:f8:15:ba:5e:8e:74:44:ba:
98:a6:fa:e5:7a:29:13:64:88:75:89:b0:81:33:5a:
36:2a:13:c6:ab:f8:ce:19:a3:32:0b:94:99:e7:44:
1f:fb:96:71:f8:ea:c1:9e:61:70:93:f0:64:b8:28:
ee:2e:6b:07:15:27:7e:20:c5:93:9c:61:66:9d:74:
bf:0e:08:5e:9f:49:97:0d:b5:61:a0:0f:e2:44:07:
54:13:9c:8e:a3:85:47:4a:22:d3:fb:90:f9:3d:ff:
e5:38:a3:1a:74:77:e0:ba:8b:e3:a8:b3:8f:16:31:
86:37:8f:30:58:6f:1b:a6:0c:d7:6b:e8:c5:e0:72:
be:c8:46:e0:ea:f9:a5:79:89:4d:55:aa:84:b6:3a:
c9:d3:79:69:e9:dd:85:5f:e6:88:a2:e1:5f:a5:3d:
b7:7d:3f:ca:56:86:5e:ab:f2:55:c7:73:44:1c:ee:
d6:11:03:1a:7c:67:ab:25:38:9d:e0:14:cc:ea:8b:
be:04:bf:54:46:77:17:cd:b0:e9:17:de:bb:57:b0:
6e:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:0D:2C:AD:1E:1E:4E:D6:16:FC:D9:88:B2:CD:B1:7C:E3:50:75:52
X509v3 Authority Key Identifier:
keyid:D8:71:99:8A:A1:40:AB:7C:1F:F2:40:EA:B0:C9:23:59:13:C9:6E:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2HGZiqFAq3wf8kDqsMkjWRPJboo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/33aa24-35ea-4adc-8c05-5a34e52b0b10/1/2HGZiqFAq3wf8kDqsMkjWRPJboo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/33aa24-35ea-4adc-8c05-5a34e52b0b10/1/2HGZiqFAq3wf8kDqsMkjWRPJboo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7f:48:e0:2f:75:f2:d5:9e:0e:0c:63:7b:63:82:5c:8e:ad:b7:
f9:f8:a2:f0:b4:ee:3e:7f:03:a7:9d:69:bd:cd:ce:0a:26:7a:
0f:e5:5f:7b:64:67:6a:49:2b:c1:a7:bb:97:67:df:a6:96:3d:
71:58:31:3f:69:65:99:f9:3d:4e:87:11:d8:ea:a8:f3:d4:5f:
4a:ea:28:1b:17:25:50:5d:d3:0c:32:e3:b6:8d:4a:ac:95:9a:
95:68:10:de:16:60:72:67:97:b1:3a:21:98:8f:a7:91:47:78:
d5:34:3c:71:99:74:1b:2d:eb:ec:29:99:ed:13:7f:9e:13:45:
0d:bf:57:08:83:a9:57:1e:15:33:cf:ff:6d:9e:34:46:b4:e9:
ce:43:47:18:52:26:aa:e4:94:7e:10:6a:6c:75:40:a0:97:29:
ca:c6:26:ed:e2:a6:59:6b:f1:cb:94:77:e1:97:f7:dc:3e:b6:
f0:54:89:36:50:3f:ff:79:46:dc:5d:f2:60:52:05:f3:de:bd:
87:84:74:9f:e1:77:57:ae:25:ff:25:b8:90:9c:e8:96:3e:10:
cf:71:5a:8b:e1:62:ff:14:fd:50:2e:fd:60:6a:78:68:25:b4:
ae:08:08:a8:19:f0:0a:aa:6c:78:59:22:61:5d:25:52:63:91:
a7:24:ef:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2ojT8u4oLfZ7065BoWmSwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NzE5OThhYTE0MGFiN2MxZmYyNDBlYWIwYzkyMzU5MTNj
OTZlOGEwHhcNMjUwNjI4MTMwMjUyWhcNMjUwNjI5MTMwMjUyWjAzMTEwLwYDVQQD
EyhmYTBkMmNhZDFlMWU0ZWQ2MTZmY2Q5ODhiMmNkYjE3Y2UzNTA3NTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLW76m1wvBHjrSsILd9gfwQvPmAh
+O2DkrgKcAupnGf0nl2pgLzAlXarX5bXzcyEXsk8+BW6Xo50RLqYpvrleikTZIh1
ibCBM1o2KhPGq/jOGaMyC5SZ50Qf+5Zx+OrBnmFwk/BkuCjuLmsHFSd+IMWTnGFm
nXS/Dghen0mXDbVhoA/iRAdUE5yOo4VHSiLT+5D5Pf/lOKMadHfguovjqLOPFjGG
N48wWG8bpgzXa+jF4HK+yEbg6vmleYlNVaqEtjrJ03lp6d2FX+aIouFfpT23fT/K
VoZeq/JVx3NEHO7WEQMafGerJTid4BTM6ou+BL9URncXzbDpF967V7Bu0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPoNLK0eHk7WFvzZiLLNsXzjUHVSMB8GA1UdIwQY
MBaAFNhxmYqhQKt8H/JA6rDJI1kTyW6KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkhHWmlxRkFxM3dmOGtEcXNNa2pXUlBKYm9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi8zM2FhMjQtMzVlYS00YWRjLThjMDUt
NWEzNGU1MmIwYjEwLzEvMkhHWmlxRkFxM3dmOGtEcXNNa2pXUlBKYm9vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi8zM2FhMjQtMzVlYS00YWRjLThjMDUtNWEzNGU1MmIwYjEw
LzEvMkhHWmlxRkFxM3dmOGtEcXNNa2pXUlBKYm9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf0jgL3Xy
1Z4ODGN7Y4Jcjq23+fii8LTuPn8Dp51pvc3OCiZ6D+Vfe2Rnakkrwae7l2ffppY9
cVgxP2llmfk9TocR2Oqo89RfSuooGxclUF3TDDLjto1KrJWalWgQ3hZgcmeXsToh
mI+nkUd41TQ8cZl0Gy3r7CmZ7RN/nhNFDb9XCIOpVx4VM8//bZ40RrTpzkNHGFIm
quSUfhBqbHVAoJcpysYm7eKmWWvxy5R34Zf33D628FSJNlA//3lG3F3yYFIF8969
h4R0n+F3V64l/yW4kJzolj4Qz3Fai+Fi/xT9UC79YGp4aCW0rggIqBnwCqpseFki
YV0lUmORpyTvYg==
-----END CERTIFICATE-----
Generated at Sat Jun 28 22:01:51 2025 by rpki-client