Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/373e4c-d885-44fa-8c4b-a6eedfa9a4fc/1/lZCfz5xup2MAznHQlNMl9X1knL8.mft
File: lZCfz5xup2MAznHQlNMl9X1knL8.mft (raw, json)
Hash identifier: t6xyGgTebKVhgZb1qQAZReOhAmhQ4qBVbtLGmbhwgAo=
Subject key identifier: 2F:46:48:7D:8A:C2:B0:6E:D9:DD:B3:09:04:5A:85:29:39:D9:68:F0
Authority key identifier: 95:90:9F:CF:9C:6E:A7:63:00:CE:71:D0:94:D3:25:F5:7D:64:9C:BF
Certificate issuer: /CN=95909fcf9c6ea76300ce71d094d325f57d649cbf
Certificate serial: 0198A04CE54D4C845254803FC6B74B6D40F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lZCfz5xup2MAznHQlNMl9X1knL8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/373e4c-d885-44fa-8c4b-a6eedfa9a4fc/1/lZCfz5xup2MAznHQlNMl9X1knL8.mft
Manifest number: 1365
Signing time: Tue 12 Aug 2025 22:00:50 +0000
Manifest this update: Tue 12 Aug 2025 22:00:50 +0000
Manifest next update: Wed 13 Aug 2025 22:00:50 +0000
Files and hashes: 1: lZCfz5xup2MAznHQlNMl9X1knL8.crl (hash: 6aZ839XGtV6s8KovTYm6sJtpVRPEfWiVkY9qklJbmaU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/373e4c-d885-44fa-8c4b-a6eedfa9a4fc/1/lZCfz5xup2MAznHQlNMl9X1knL8.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/373e4c-d885-44fa-8c4b-a6eedfa9a4fc/1/lZCfz5xup2MAznHQlNMl9X1knL8.mft
rsync://rpki.ripe.net/repository/DEFAULT/lZCfz5xup2MAznHQlNMl9X1knL8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 Aug 2025 22:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a0:4c:e5:4d:4c:84:52:54:80:3f:c6:b7:4b:6d:40:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95909fcf9c6ea76300ce71d094d325f57d649cbf
Validity
Not Before: Aug 12 22:00:50 2025 GMT
Not After : Aug 13 22:00:50 2025 GMT
Subject: CN=2f46487d8ac2b06ed9ddb309045a852939d968f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:fb:67:2b:6d:93:e8:b5:f5:ff:95:99:a6:e2:
22:05:e0:60:85:f7:59:7f:3b:e5:36:5d:d6:b2:16:
24:2c:e6:66:1c:79:ca:a8:43:72:9f:97:ba:6d:ed:
ee:6d:3f:07:82:e2:42:50:b4:e0:1e:75:f3:e7:54:
9e:69:45:8f:16:17:75:8c:8c:c7:4b:82:a7:3c:bf:
78:fd:6e:37:0a:3f:c3:1e:7a:79:91:0a:38:83:f3:
fc:0f:4a:a9:8f:2e:7c:c1:68:92:21:f5:9a:ba:b4:
54:21:87:72:59:81:4c:3f:cb:e5:4c:62:f4:04:6f:
f0:81:5c:21:f3:4c:78:8f:cd:33:9f:06:32:f0:4b:
e4:70:af:9c:6e:3d:24:6b:d7:2f:a0:58:16:61:43:
b7:20:de:97:97:43:39:ce:ce:29:65:43:35:13:98:
6e:b8:63:8f:74:e9:93:c1:fe:7d:04:05:c3:b8:6a:
2d:5a:44:15:38:d5:a0:5a:7c:61:57:95:0d:f2:ef:
20:2f:3a:2d:ca:11:d4:a2:ec:1b:a6:a0:49:87:a5:
3f:0e:e8:db:00:b8:45:b9:ed:2a:7d:a1:32:c8:76:
75:ea:44:cd:59:cb:8b:e4:bc:ed:7c:3c:0e:0e:9c:
df:1b:13:06:2c:b9:bd:61:54:9e:b3:6d:83:45:b8:
f9:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:46:48:7D:8A:C2:B0:6E:D9:DD:B3:09:04:5A:85:29:39:D9:68:F0
X509v3 Authority Key Identifier:
keyid:95:90:9F:CF:9C:6E:A7:63:00:CE:71:D0:94:D3:25:F5:7D:64:9C:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lZCfz5xup2MAznHQlNMl9X1knL8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/373e4c-d885-44fa-8c4b-a6eedfa9a4fc/1/lZCfz5xup2MAznHQlNMl9X1knL8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/373e4c-d885-44fa-8c4b-a6eedfa9a4fc/1/lZCfz5xup2MAznHQlNMl9X1knL8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b2:13:9c:67:e7:55:b9:2d:69:98:92:cc:4b:14:96:3f:19:2e:
4e:06:f3:a7:46:07:5f:5e:2e:2e:33:ab:71:d9:a4:bc:38:cf:
09:52:0f:d5:87:70:27:cb:d6:b7:e0:5d:06:19:5e:bd:f0:40:
a1:3a:22:ae:f6:4c:de:fd:cb:01:a9:78:45:43:bf:47:57:9d:
2e:03:7f:e7:15:0b:e9:55:ad:a1:a6:31:60:31:db:a1:6d:2d:
9e:7a:9e:4a:7b:29:d1:e2:6e:a8:15:e6:d2:d6:71:ec:05:d7:
b5:8b:59:84:3f:4b:da:65:cf:f3:8c:21:f4:5a:8e:a8:1c:e7:
cf:41:4e:ad:a0:5f:bc:81:84:52:0e:9a:09:ac:e1:33:91:70:
ed:5a:dd:aa:78:7f:db:66:95:95:6f:6e:79:fe:0e:dc:cb:86:
a8:2e:f8:88:02:1b:bc:34:b8:e1:b6:92:37:f0:fd:6f:27:f1:
e5:e5:cd:82:8f:a2:e2:25:81:aa:d8:ed:a1:4b:08:ee:f9:4f:
78:59:75:19:9e:e8:81:d7:e4:b9:ef:52:33:de:c9:7b:18:05:
5a:be:90:c7:ee:b7:5a:26:b6:c8:65:47:49:ea:6f:47:d4:8f:
dd:ca:c5:5d:c2:6e:d9:ba:5d:bf:51:a8:ce:2f:2a:cd:e8:a0:
b3:19:62:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZigTOVNTIRSVIA/xrdLbUDwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1OTA5ZmNmOWM2ZWE3NjMwMGNlNzFkMDk0ZDMyNWY1N2Q2
NDljYmYwHhcNMjUwODEyMjIwMDUwWhcNMjUwODEzMjIwMDUwWjAzMTEwLwYDVQQD
EygyZjQ2NDg3ZDhhYzJiMDZlZDlkZGIzMDkwNDVhODUyOTM5ZDk2OGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvtnK22T6LX1/5WZpuIiBeBghfdZ
fzvlNl3WshYkLOZmHHnKqENyn5e6be3ubT8HguJCULTgHnXz51SeaUWPFhd1jIzH
S4KnPL94/W43Cj/DHnp5kQo4g/P8D0qpjy58wWiSIfWaurRUIYdyWYFMP8vlTGL0
BG/wgVwh80x4j80znwYy8EvkcK+cbj0ka9cvoFgWYUO3IN6Xl0M5zs4pZUM1E5hu
uGOPdOmTwf59BAXDuGotWkQVONWgWnxhV5UN8u8gLzotyhHUouwbpqBJh6U/Dujb
ALhFue0qfaEyyHZ16kTNWcuL5LztfDwODpzfGxMGLLm9YVSes22DRbj5ZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC9GSH2KwrBu2d2zCQRahSk52WjwMB8GA1UdIwQY
MBaAFJWQn8+cbqdjAM5x0JTTJfV9ZJy/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFpDZno1eHVwMk1Bem5IUWxOTWw5WDFrbkw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8zNzNlNGMtZDg4NS00NGZhLThjNGIt
YTZlZWRmYTlhNGZjLzEvbFpDZno1eHVwMk1Bem5IUWxOTWw5WDFrbkw4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8zNzNlNGMtZDg4NS00NGZhLThjNGItYTZlZWRmYTlhNGZj
LzEvbFpDZno1eHVwMk1Bem5IUWxOTWw5WDFrbkw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAshOcZ+dV
uS1pmJLMSxSWPxkuTgbzp0YHX14uLjOrcdmkvDjPCVIP1YdwJ8vWt+BdBhlevfBA
oToirvZM3v3LAal4RUO/R1edLgN/5xUL6VWtoaYxYDHboW0tnnqeSnsp0eJuqBXm
0tZx7AXXtYtZhD9L2mXP84wh9FqOqBznz0FOraBfvIGEUg6aCazhM5Fw7Vrdqnh/
22aVlW9uef4O3MuGqC74iAIbvDS44baSN/D9byfx5eXNgo+i4iWBqtjtoUsI7vlP
eFl1GZ7ogdfkue9SM97JexgFWr6Qx+63Wia2yGVHSepvR9SP3crFXcJu2bpdv1Go
zi8qzeigsxliNA==
-----END CERTIFICATE-----
Generated at Wed Aug 13 02:42:17 2025 by rpki-client