Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/e0a25c-d527-4c75-a1bb-3ef640f937c4/1/Dofl0zqbKL5_Gvi8nBOLFYCQ8Yk.mft
File: Dofl0zqbKL5_Gvi8nBOLFYCQ8Yk.mft (raw, json)
Hash identifier: GxpMVs44PpSvyKPd0W99LGli/5KC+0cnsjnXbJwtI8M=
Subject key identifier: 5B:20:7B:68:FC:D9:15:AE:D9:B1:0A:AD:40:4C:E0:41:BB:94:08:97
Authority key identifier: 0E:87:E5:D3:3A:9B:28:BE:7F:1A:F8:BC:9C:13:8B:15:80:90:F1:89
Certificate issuer: /CN=0e87e5d33a9b28be7f1af8bc9c138b158090f189
Certificate serial: 01988C8F1B69B536AA845CA0CC9EC34A976A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dofl0zqbKL5_Gvi8nBOLFYCQ8Yk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/e0a25c-d527-4c75-a1bb-3ef640f937c4/1/Dofl0zqbKL5_Gvi8nBOLFYCQ8Yk.mft
Manifest number: 0490
Signing time: Sat 09 Aug 2025 02:00:45 +0000
Manifest this update: Sat 09 Aug 2025 02:00:45 +0000
Manifest next update: Sun 10 Aug 2025 02:00:45 +0000
Files and hashes: 1: Dofl0zqbKL5_Gvi8nBOLFYCQ8Yk.crl (hash: 20gzBAOqcK/xGw5QFJ8t4kVfyOthCIvnjgeikh7gNtk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/e0a25c-d527-4c75-a1bb-3ef640f937c4/1/Dofl0zqbKL5_Gvi8nBOLFYCQ8Yk.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/e0a25c-d527-4c75-a1bb-3ef640f937c4/1/Dofl0zqbKL5_Gvi8nBOLFYCQ8Yk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Dofl0zqbKL5_Gvi8nBOLFYCQ8Yk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 02:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:8c:8f:1b:69:b5:36:aa:84:5c:a0:cc:9e:c3:4a:97:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e87e5d33a9b28be7f1af8bc9c138b158090f189
Validity
Not Before: Aug 9 02:00:45 2025 GMT
Not After : Aug 10 02:00:45 2025 GMT
Subject: CN=5b207b68fcd915aed9b10aad404ce041bb940897
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:e9:52:57:66:c1:a7:a6:dc:85:7c:4b:ac:fe:
c1:5f:4b:51:ee:c3:3d:df:92:63:62:0c:4c:d1:58:
84:5e:59:37:8d:e4:d0:61:44:b6:0e:6a:ab:95:de:
ae:db:96:80:e7:14:1c:45:11:5d:e1:d4:dd:25:dd:
f7:31:3d:36:e6:a2:e6:cf:e5:d8:3b:ac:c8:f2:51:
63:6e:a0:5e:d3:33:2a:0e:8f:6b:0b:e9:d3:76:ba:
32:88:8d:66:17:20:3f:b1:9a:fa:4c:58:bd:03:8d:
01:70:ad:6c:97:85:ad:79:8c:b2:79:29:45:fe:8e:
76:14:89:93:dc:21:dc:f2:a1:3f:c7:87:c3:5d:12:
71:2f:e0:74:e6:86:2d:c3:ab:34:ff:e2:26:8b:05:
83:ca:ca:75:09:4e:c3:62:5e:21:ff:29:90:91:01:
60:42:dc:99:7a:f7:41:17:18:d7:7e:d9:87:a4:6f:
7a:2d:d9:14:5c:d4:de:19:22:ae:40:28:f1:46:88:
85:9e:42:21:59:ae:83:2d:19:84:91:93:93:ae:57:
50:89:0c:30:6a:77:e2:01:84:dd:1a:80:ba:fc:25:
7f:12:2f:3d:c5:de:bc:17:fd:de:7d:f5:28:4a:91:
1d:46:ef:b4:f5:6b:d4:bf:97:1e:ee:f0:9a:77:7d:
07:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:20:7B:68:FC:D9:15:AE:D9:B1:0A:AD:40:4C:E0:41:BB:94:08:97
X509v3 Authority Key Identifier:
keyid:0E:87:E5:D3:3A:9B:28:BE:7F:1A:F8:BC:9C:13:8B:15:80:90:F1:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dofl0zqbKL5_Gvi8nBOLFYCQ8Yk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/e0a25c-d527-4c75-a1bb-3ef640f937c4/1/Dofl0zqbKL5_Gvi8nBOLFYCQ8Yk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/e0a25c-d527-4c75-a1bb-3ef640f937c4/1/Dofl0zqbKL5_Gvi8nBOLFYCQ8Yk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
21:5c:bd:2c:5c:73:4f:be:72:5d:2e:15:54:2d:af:51:39:43:
7a:c2:a3:08:e8:1c:9a:34:80:ed:cc:0d:b2:88:45:84:bc:d4:
74:0c:78:9c:ad:11:fc:79:f7:8a:8b:f1:69:a8:05:ea:6e:1f:
89:9f:90:06:70:b8:15:7e:70:76:b4:35:d7:43:bf:5d:02:ef:
71:00:cb:fb:7f:c5:84:70:e2:0c:44:d3:a5:1a:2e:e8:f2:0c:
dc:1a:5b:58:a4:04:dd:c0:df:76:6e:98:d4:5a:3c:50:79:c2:
13:6d:de:51:d3:0d:da:da:a1:6d:1a:37:20:9e:d7:9e:d4:3c:
11:eb:d5:bd:9f:ff:5c:72:47:25:b7:5d:76:dd:12:ea:70:70:
98:d1:85:37:8e:50:1f:bb:ac:54:38:c3:12:c3:cb:6b:33:51:
55:c8:8b:cc:7b:d9:aa:c6:cd:ab:e1:31:37:fb:f2:0b:d5:17:
70:7e:6a:71:40:ae:f0:b4:e0:0b:97:72:d7:d4:91:47:13:22:
e0:a3:b4:c5:d3:31:68:a1:ed:c0:fc:30:40:ab:e1:49:48:30:
d9:6a:19:82:07:00:64:37:53:5d:a4:c8:c6:d9:1a:d7:20:8f:
f5:82:cd:8c:6e:97:c8:ae:20:15:47:62:89:fe:f6:02:79:61:
8f:0f:94:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiMjxtptTaqhFygzJ7DSpdqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlODdlNWQzM2E5YjI4YmU3ZjFhZjhiYzljMTM4YjE1ODA5
MGYxODkwHhcNMjUwODA5MDIwMDQ1WhcNMjUwODEwMDIwMDQ1WjAzMTEwLwYDVQQD
Eyg1YjIwN2I2OGZjZDkxNWFlZDliMTBhYWQ0MDRjZTA0MWJiOTQwODk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOlSV2bBp6bchXxLrP7BX0tR7sM9
35JjYgxM0ViEXlk3jeTQYUS2Dmqrld6u25aA5xQcRRFd4dTdJd33MT025qLmz+XY
O6zI8lFjbqBe0zMqDo9rC+nTdroyiI1mFyA/sZr6TFi9A40BcK1sl4WteYyyeSlF
/o52FImT3CHc8qE/x4fDXRJxL+B05oYtw6s0/+ImiwWDysp1CU7DYl4h/ymQkQFg
QtyZevdBFxjXftmHpG96LdkUXNTeGSKuQCjxRoiFnkIhWa6DLRmEkZOTrldQiQww
anfiAYTdGoC6/CV/Ei89xd68F/3effUoSpEdRu+09WvUv5ce7vCad30HEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFsge2j82RWu2bEKrUBM4EG7lAiXMB8GA1UdIwQY
MBaAFA6H5dM6myi+fxr4vJwTixWAkPGJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG9mbDB6cWJLTDVfR3ZpOG5CT0xGWUNROFlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9lMGEyNWMtZDUyNy00Yzc1LWExYmIt
M2VmNjQwZjkzN2M0LzEvRG9mbDB6cWJLTDVfR3ZpOG5CT0xGWUNROFlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9lMGEyNWMtZDUyNy00Yzc1LWExYmItM2VmNjQwZjkzN2M0
LzEvRG9mbDB6cWJLTDVfR3ZpOG5CT0xGWUNROFlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIVy9LFxz
T75yXS4VVC2vUTlDesKjCOgcmjSA7cwNsohFhLzUdAx4nK0R/Hn3iovxaagF6m4f
iZ+QBnC4FX5wdrQ110O/XQLvcQDL+3/FhHDiDETTpRou6PIM3BpbWKQE3cDfdm6Y
1Fo8UHnCE23eUdMN2tqhbRo3IJ7XntQ8EevVvZ//XHJHJbdddt0S6nBwmNGFN45Q
H7usVDjDEsPLazNRVciLzHvZqsbNq+ExN/vyC9UXcH5qcUCu8LTgC5dy19SRRxMi
4KO0xdMxaKHtwPwwQKvhSUgw2WoZggcAZDdTXaTIxtka1yCP9YLNjG6XyK4gFUdi
if72Anlhjw+UHw==
-----END CERTIFICATE-----
Generated at Sat Aug 9 10:31:30 2025 by rpki-client