Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
File: XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft (raw, json)
Hash identifier: 0A7fO3kdf3s0Krh7AXN6WHCaU8Awa0eVwbg/Zy6pPf0=
Subject key identifier: 23:A4:55:A8:2A:7F:2F:A7:D4:A7:41:31:D6:11:64:28:70:11:11:5F
Authority key identifier: 5E:BB:65:36:7D:82:42:B0:15:9A:25:39:CB:5A:02:33:54:2E:F9:63
Certificate issuer: /CN=5ebb65367d8242b0159a2539cb5a0233542ef963
Certificate serial: 019A4DAB222F1D16DC7E55C52C9F3B37CA73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
Manifest number: 07E1
Signing time: Tue 04 Nov 2025 07:00:52 +0000
Manifest this update: Tue 04 Nov 2025 07:00:52 +0000
Manifest next update: Wed 05 Nov 2025 07:00:52 +0000
Files and hashes: 1: XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl (hash: SGTxRurj3cm+gDjcXWysr1lSQoyjckEFrg6bACXSAp8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 07:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:ab:22:2f:1d:16:dc:7e:55:c5:2c:9f:3b:37:ca:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ebb65367d8242b0159a2539cb5a0233542ef963
Validity
Not Before: Nov 4 07:00:52 2025 GMT
Not After : Nov 5 07:00:52 2025 GMT
Subject: CN=23a455a82a7f2fa7d4a74131d61164287011115f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:0f:5b:0e:61:de:f5:7f:8d:23:43:c7:76:6d:
66:b8:03:b5:ad:97:77:a2:6d:29:94:1d:4f:15:d8:
a1:79:8b:44:18:5f:27:74:1c:c5:45:85:46:26:e5:
ac:bf:f3:8d:27:77:60:c5:5d:7f:22:80:7f:4b:1c:
e2:13:95:df:32:27:61:90:a3:e6:b9:e9:53:ea:c8:
a9:89:d0:55:8d:bc:77:72:42:42:c7:c1:16:a0:be:
d3:f6:02:ff:9a:11:0b:dc:dd:50:a1:8c:fe:4b:68:
5e:65:7c:42:84:e1:e4:b7:88:e7:14:6d:c4:77:06:
c0:53:9d:dc:bf:cd:09:9b:40:38:7b:bc:18:58:20:
7d:37:2b:bd:0b:d8:3a:bb:d4:9b:24:52:e2:cf:10:
3b:48:eb:1a:bd:a6:36:cc:d8:dc:53:94:95:cf:25:
d2:30:38:d7:e6:18:17:a1:c1:49:9c:81:48:4f:27:
af:c0:0d:66:f3:89:5d:4b:6d:df:5c:f5:a4:ee:54:
29:ba:cc:3f:46:ea:30:90:4f:db:b7:03:e7:08:22:
fd:67:a0:1e:d6:ef:0c:d3:f3:5c:f2:50:c3:c4:19:
11:94:2b:ce:7e:4c:6e:d1:fd:f4:48:8d:98:0b:7d:
13:a0:96:62:6f:2c:73:db:65:ff:19:8d:72:2d:2c:
a8:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:A4:55:A8:2A:7F:2F:A7:D4:A7:41:31:D6:11:64:28:70:11:11:5F
X509v3 Authority Key Identifier:
keyid:5E:BB:65:36:7D:82:42:B0:15:9A:25:39:CB:5A:02:33:54:2E:F9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
20:a0:a0:25:d8:4c:02:3b:8b:6c:dd:20:32:57:ae:22:3d:ed:
f3:23:69:f5:a6:aa:37:ff:bd:85:84:7a:98:32:c1:d9:04:70:
fa:c3:62:f8:c6:83:09:a7:03:60:91:49:cd:b0:30:f7:0b:a5:
3f:7e:ae:7d:8b:be:26:7b:ac:16:be:42:28:de:b0:04:06:57:
61:c5:3e:0e:ed:41:9a:1f:3c:2d:25:e2:1e:56:78:eb:5d:72:
3b:75:35:0b:8b:f6:f0:c3:fe:92:a5:06:7e:12:1d:8a:38:97:
23:c6:c9:b1:eb:59:1d:da:5e:ff:d3:f0:c9:39:9e:d7:bc:ff:
64:7a:d0:2b:71:28:99:dd:7e:cc:fd:30:0d:57:42:5a:47:9c:
7d:b1:0c:31:d2:af:4b:9f:55:2c:e5:3c:b6:3a:d4:cd:a5:86:
14:ff:b4:6d:40:65:ef:48:f3:be:ec:45:95:48:fc:ec:70:aa:
02:be:0d:00:2a:d4:47:aa:05:f2:89:2d:7f:1c:99:60:9d:2b:
5c:74:71:11:68:8c:96:24:b3:1b:c4:4c:b8:78:48:e9:d9:11:
af:9b:25:12:5e:eb:b6:8e:35:7e:e9:d6:b9:06:e4:e5:a8:af:
c1:9f:a7:af:9a:e5:d8:31:9d:65:02:d9:54:cc:df:01:4c:ef:
29:bb:72:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNqyIvHRbcflXFLJ87N8pzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYmI2NTM2N2Q4MjQyYjAxNTlhMjUzOWNiNWEwMjMzNTQy
ZWY5NjMwHhcNMjUxMTA0MDcwMDUyWhcNMjUxMTA1MDcwMDUyWjAzMTEwLwYDVQQD
EygyM2E0NTVhODJhN2YyZmE3ZDRhNzQxMzFkNjExNjQyODcwMTExMTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQ9bDmHe9X+NI0PHdm1muAO1rZd3
om0plB1PFdiheYtEGF8ndBzFRYVGJuWsv/ONJ3dgxV1/IoB/SxziE5XfMidhkKPm
uelT6sipidBVjbx3ckJCx8EWoL7T9gL/mhEL3N1QoYz+S2heZXxChOHkt4jnFG3E
dwbAU53cv80Jm0A4e7wYWCB9Nyu9C9g6u9SbJFLizxA7SOsavaY2zNjcU5SVzyXS
MDjX5hgXocFJnIFITyevwA1m84ldS23fXPWk7lQpusw/RuowkE/btwPnCCL9Z6Ae
1u8M0/Nc8lDDxBkRlCvOfkxu0f30SI2YC30ToJZibyxz22X/GY1yLSyoJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCOkVagqfy+n1KdBMdYRZChwERFfMB8GA1UdIwQY
MBaAFF67ZTZ9gkKwFZolOctaAjNULvljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy81NDMwZDYtZWRjMC00NDI4LWIyNGEt
MzAwZjVjYWJlZTExLzEvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy81NDMwZDYtZWRjMC00NDI4LWIyNGEtMzAwZjVjYWJlZTEx
LzEvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIKCgJdhM
AjuLbN0gMleuIj3t8yNp9aaqN/+9hYR6mDLB2QRw+sNi+MaDCacDYJFJzbAw9wul
P36ufYu+JnusFr5CKN6wBAZXYcU+Du1Bmh88LSXiHlZ4611yO3U1C4v28MP+kqUG
fhIdijiXI8bJsetZHdpe/9PwyTme17z/ZHrQK3Eomd1+zP0wDVdCWkecfbEMMdKv
S59VLOU8tjrUzaWGFP+0bUBl70jzvuxFlUj87HCqAr4NACrUR6oF8oktfxyZYJ0r
XHRxEWiMliSzG8RMuHhI6dkRr5slEl7rto41funWuQbk5aivwZ+nr5rl2DGdZQLZ
VMzfAUzvKbtyzQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:05:52 2025 by rpki-client