Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft
File: 2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft (raw, json)
Hash identifier: wYnXJ5mOWH/VAJ1tCmQ3hmLobIdhCjh4/k8MueEPTrc=
Subject key identifier: 42:D1:95:5D:C9:BD:5E:19:62:12:2B:F4:0E:9C:34:B9:3F:A8:F6:94
Authority key identifier: DA:A6:7C:58:B4:A6:FE:21:2F:C2:0F:B7:56:94:9A:DD:C1:A9:A6:2C
Certificate issuer: /CN=daa67c58b4a6fe212fc20fb756949addc1a9a62c
Certificate serial: 01976E197E663EC180148997224D0D7AC433
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2qZ8WLSm_iEvwg-3VpSa3cGppiw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft
Manifest number: 03D1
Signing time: Sat 14 Jun 2025 11:00:53 +0000
Manifest this update: Sat 14 Jun 2025 11:00:53 +0000
Manifest next update: Sun 15 Jun 2025 11:00:53 +0000
Files and hashes: 1: 2qZ8WLSm_iEvwg-3VpSa3cGppiw.crl (hash: gjxqNQuV5p3kV0P/oViWg76v62hD28KvGJuyp6YaQFk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft
rsync://rpki.ripe.net/repository/DEFAULT/2qZ8WLSm_iEvwg-3VpSa3cGppiw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 10:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:6e:19:7e:66:3e:c1:80:14:89:97:22:4d:0d:7a:c4:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daa67c58b4a6fe212fc20fb756949addc1a9a62c
Validity
Not Before: Jun 14 11:00:53 2025 GMT
Not After : Jun 15 11:00:53 2025 GMT
Subject: CN=42d1955dc9bd5e1962122bf40e9c34b93fa8f694
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:11:35:85:a8:04:ea:6c:9d:e3:db:a4:3d:d1:
b2:d5:3f:2f:a4:f0:c7:26:83:a7:06:42:f6:fd:55:
81:10:4d:f7:7e:a7:fa:ec:76:df:a8:53:39:49:f8:
a3:0f:ba:6e:0a:20:e8:35:6c:59:5e:80:ae:91:9c:
a6:48:a4:da:19:7a:c3:49:0d:cb:06:27:e0:14:e6:
28:7f:01:70:a6:16:89:88:af:95:39:26:f1:86:5b:
ec:38:5d:f9:15:91:eb:4b:9c:71:05:b4:7c:2f:f6:
07:c4:88:9d:1e:e1:5f:7f:16:17:08:b3:30:32:df:
96:bc:c1:95:51:f4:6b:dc:99:64:53:fc:16:dd:0c:
4f:5a:16:04:8d:50:e8:af:0f:02:93:3b:ff:df:bc:
d8:c4:61:f9:ce:94:cc:23:2d:66:f1:b5:34:e3:ef:
71:29:df:05:6e:36:f4:ac:77:be:bd:39:84:20:de:
6a:14:b1:fa:a1:fd:57:a3:3d:d8:c1:ba:88:37:6d:
79:1b:bc:9a:3e:0c:b7:2c:78:b3:15:7b:95:c3:b3:
75:eb:de:b2:2c:21:d4:77:17:e6:e7:71:ac:b4:9e:
d7:5e:41:fe:6b:84:69:e2:31:a2:d8:64:ef:14:dd:
3b:82:e2:54:4b:1a:0d:31:ef:c4:80:c1:0c:f3:84:
67:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:D1:95:5D:C9:BD:5E:19:62:12:2B:F4:0E:9C:34:B9:3F:A8:F6:94
X509v3 Authority Key Identifier:
keyid:DA:A6:7C:58:B4:A6:FE:21:2F:C2:0F:B7:56:94:9A:DD:C1:A9:A6:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2qZ8WLSm_iEvwg-3VpSa3cGppiw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
75:f3:9c:9d:f3:a5:b3:17:b7:75:91:b2:01:0f:da:54:cf:71:
3a:9a:f0:51:03:9d:75:fb:af:e3:c5:9d:84:73:7e:3e:70:e8:
de:2e:5e:92:5c:1a:65:e6:6e:01:af:a3:fa:f6:a3:55:75:4b:
b0:67:2e:23:7b:64:12:4f:3d:6e:c9:a8:d0:f1:84:10:47:0e:
ee:c5:97:5f:65:e6:90:5f:6c:09:d4:64:13:b5:a6:4a:be:20:
89:c0:a2:b4:26:f7:0c:72:8a:8e:55:73:66:74:2c:56:6e:a2:
79:e4:8f:b9:df:61:ff:70:d5:4d:4e:90:de:7b:d4:23:07:37:
5d:96:4d:05:9e:7b:0e:4f:71:43:79:78:26:13:ef:f0:e4:2e:
e8:80:69:df:5c:9d:91:d9:c0:cb:c4:b3:5f:20:5b:78:82:6f:
b4:81:53:c4:1c:b1:17:da:0b:40:46:bc:f8:22:3c:c0:c1:b9:
74:23:b1:58:8c:66:fc:de:b0:77:91:78:a5:31:1a:47:9d:b8:
f2:34:79:fb:cd:ee:28:31:89:9e:fa:29:df:2d:5e:13:ea:5b:
c5:e5:5c:03:83:75:4a:05:bf:4a:d1:d9:c6:d3:7c:19:99:7d:
1c:76:b3:f9:e1:07:ea:2f:48:a5:2f:b2:cd:8e:c3:0e:d9:08:
7c:85:60:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZduGX5mPsGAFImXIk0NesQzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYTY3YzU4YjRhNmZlMjEyZmMyMGZiNzU2OTQ5YWRkYzFh
OWE2MmMwHhcNMjUwNjE0MTEwMDUzWhcNMjUwNjE1MTEwMDUzWjAzMTEwLwYDVQQD
Eyg0MmQxOTU1ZGM5YmQ1ZTE5NjIxMjJiZjQwZTljMzRiOTNmYThmNjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRE1hagE6myd49ukPdGy1T8vpPDH
JoOnBkL2/VWBEE33fqf67HbfqFM5SfijD7puCiDoNWxZXoCukZymSKTaGXrDSQ3L
BifgFOYofwFwphaJiK+VOSbxhlvsOF35FZHrS5xxBbR8L/YHxIidHuFffxYXCLMw
Mt+WvMGVUfRr3JlkU/wW3QxPWhYEjVDorw8Ckzv/37zYxGH5zpTMIy1m8bU04+9x
Kd8Fbjb0rHe+vTmEIN5qFLH6of1Xoz3YwbqIN215G7yaPgy3LHizFXuVw7N1696y
LCHUdxfm53GstJ7XXkH+a4Rp4jGi2GTvFN07guJUSxoNMe/EgMEM84Rn9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFELRlV3JvV4ZYhIr9A6cNLk/qPaUMB8GA1UdIwQY
MBaAFNqmfFi0pv4hL8IPt1aUmt3BqaYsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnFaOFdMU21faUV2d2ctM1ZwU2EzY0dwcGl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9mMjk1Y2UtODI2ZC00ZjU0LTk3MGYt
NTBmMzRmNDM1ZjAzLzEvMnFaOFdMU21faUV2d2ctM1ZwU2EzY0dwcGl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9mMjk1Y2UtODI2ZC00ZjU0LTk3MGYtNTBmMzRmNDM1ZjAz
LzEvMnFaOFdMU21faUV2d2ctM1ZwU2EzY0dwcGl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdfOcnfOl
sxe3dZGyAQ/aVM9xOprwUQOddfuv48WdhHN+PnDo3i5eklwaZeZuAa+j+vajVXVL
sGcuI3tkEk89bsmo0PGEEEcO7sWXX2XmkF9sCdRkE7WmSr4gicCitCb3DHKKjlVz
ZnQsVm6ieeSPud9h/3DVTU6Q3nvUIwc3XZZNBZ57Dk9xQ3l4JhPv8OQu6IBp31yd
kdnAy8SzXyBbeIJvtIFTxByxF9oLQEa8+CI8wMG5dCOxWIxm/N6wd5F4pTEaR524
8jR5+83uKDGJnvop3y1eE+pbxeVcA4N1SgW/StHZxtN8GZl9HHaz+eEH6i9IpS+y
zY7DDtkIfIVg/A==
-----END CERTIFICATE-----
Generated at Sat Jun 14 19:51:22 2025 by rpki-client