Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
File: XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft (raw, json)
Hash identifier: LqgurFiiw5J4KgCMhs74Up33gCJP1oZZovSvIY5LGkk=
Subject key identifier: 79:7C:57:67:2C:93:FE:E9:32:4F:FD:BC:61:A4:C0:1D:C4:DE:31:40
Authority key identifier: 5E:BB:65:36:7D:82:42:B0:15:9A:25:39:CB:5A:02:33:54:2E:F9:63
Certificate issuer: /CN=5ebb65367d8242b0159a2539cb5a0233542ef963
Certificate serial: 019872983E865BDA2EEBAB9CEA0B69726237
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
Manifest number: 06EB
Signing time: Mon 04 Aug 2025 01:00:36 +0000
Manifest this update: Mon 04 Aug 2025 01:00:36 +0000
Manifest next update: Tue 05 Aug 2025 01:00:36 +0000
Files and hashes: 1: XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl (hash: ZFmy77+0hsggFFfBTFWgr+oaS50mTEYIE0onBqVXHeo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 01:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:72:98:3e:86:5b:da:2e:eb:ab:9c:ea:0b:69:72:62:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ebb65367d8242b0159a2539cb5a0233542ef963
Validity
Not Before: Aug 4 01:00:36 2025 GMT
Not After : Aug 5 01:00:36 2025 GMT
Subject: CN=797c57672c93fee9324ffdbc61a4c01dc4de3140
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:03:26:8e:67:cd:ab:04:32:1b:b2:ad:18:04:
77:94:40:5f:b5:b4:c4:88:75:fa:49:21:72:0a:72:
96:ff:20:33:71:9a:95:8b:8d:7a:1d:21:7e:a4:1b:
0b:1f:de:29:b6:63:e7:9f:75:94:88:d5:d6:85:04:
16:d7:83:af:8e:72:f5:87:d5:27:d5:4e:cd:6c:75:
84:5e:29:e8:66:c6:5b:72:c8:aa:6f:5e:f8:35:f6:
be:9f:64:69:0f:df:9a:49:07:72:50:06:7b:ba:9a:
56:be:b8:fd:11:6d:d8:6a:ae:bf:26:2e:22:bc:d7:
c8:c6:7f:b6:c7:4a:a0:2f:33:b6:15:48:ce:13:e2:
57:5e:7e:0a:e3:70:90:aa:22:4f:16:57:19:43:6e:
15:a5:a7:52:ce:b7:e2:64:28:d9:99:99:02:a3:86:
38:d2:04:96:42:50:a0:5b:fe:c2:11:c6:c1:6d:08:
fd:78:f0:92:34:5e:8a:86:29:c0:58:9c:ee:55:d5:
d3:66:15:a1:58:39:ce:71:b9:6a:6b:bd:99:82:ea:
48:fd:8d:6d:61:e9:13:ad:40:f4:60:ed:22:32:32:
e4:51:33:4f:fc:a6:5a:2b:97:c5:7b:99:fe:b3:ff:
0f:c1:f5:e2:4d:49:f5:9d:1f:df:75:55:a5:ed:dc:
b9:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:7C:57:67:2C:93:FE:E9:32:4F:FD:BC:61:A4:C0:1D:C4:DE:31:40
X509v3 Authority Key Identifier:
keyid:5E:BB:65:36:7D:82:42:B0:15:9A:25:39:CB:5A:02:33:54:2E:F9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1b:c0:fc:77:62:e6:2e:17:0e:4c:86:a6:09:53:61:13:cb:45:
2e:a5:e6:35:05:81:77:5d:7d:cc:51:34:d2:fe:6d:ef:6a:89:
a0:fe:2d:5a:3c:d8:12:02:9e:d2:3a:8d:70:8a:71:eb:fb:ed:
07:50:63:89:34:9c:2c:75:48:3a:7c:32:1e:5a:90:9d:55:29:
53:30:82:28:f2:34:40:6a:b7:2e:1e:3c:c1:dc:1e:15:84:a1:
ac:07:0a:a4:f8:2f:9a:58:25:7a:48:eb:5b:d2:30:42:e0:f7:
3f:1e:ed:98:d8:42:88:96:0b:59:97:e3:a6:05:75:58:e3:10:
d2:5c:db:ae:c0:34:a4:a8:f2:47:94:e8:b6:9f:b9:f9:b3:b3:
07:64:c5:ea:10:cd:e8:d2:7e:ba:bd:1d:8d:61:e1:06:c0:c7:
42:6f:fd:95:14:e4:2d:17:4e:f4:80:26:ba:2a:f8:4e:47:eb:
fe:fd:41:95:64:15:c0:0f:ed:b9:25:db:65:b8:eb:b7:f3:4f:
3b:7a:5b:37:12:cb:07:4e:dd:79:ba:8c:48:87:a4:b8:b5:bc:
1d:40:97:1f:ef:a2:7a:a5:45:be:fc:7a:cd:43:ae:f4:20:44:
83:fb:62:e2:60:03:5b:3a:04:34:48:9d:65:87:71:2e:f5:67:
02:4a:07:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhymD6GW9ou66uc6gtpcmI3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYmI2NTM2N2Q4MjQyYjAxNTlhMjUzOWNiNWEwMjMzNTQy
ZWY5NjMwHhcNMjUwODA0MDEwMDM2WhcNMjUwODA1MDEwMDM2WjAzMTEwLwYDVQQD
Eyg3OTdjNTc2NzJjOTNmZWU5MzI0ZmZkYmM2MWE0YzAxZGM0ZGUzMTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzAMmjmfNqwQyG7KtGAR3lEBftbTE
iHX6SSFyCnKW/yAzcZqVi416HSF+pBsLH94ptmPnn3WUiNXWhQQW14OvjnL1h9Un
1U7NbHWEXinoZsZbcsiqb174Nfa+n2RpD9+aSQdyUAZ7uppWvrj9EW3Yaq6/Ji4i
vNfIxn+2x0qgLzO2FUjOE+JXXn4K43CQqiJPFlcZQ24VpadSzrfiZCjZmZkCo4Y4
0gSWQlCgW/7CEcbBbQj9ePCSNF6KhinAWJzuVdXTZhWhWDnOcblqa72ZgupI/Y1t
YekTrUD0YO0iMjLkUTNP/KZaK5fFe5n+s/8PwfXiTUn1nR/fdVWl7dy5QQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHl8V2csk/7pMk/9vGGkwB3E3jFAMB8GA1UdIwQY
MBaAFF67ZTZ9gkKwFZolOctaAjNULvljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy81NDMwZDYtZWRjMC00NDI4LWIyNGEt
MzAwZjVjYWJlZTExLzEvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy81NDMwZDYtZWRjMC00NDI4LWIyNGEtMzAwZjVjYWJlZTEx
LzEvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG8D8d2Lm
LhcOTIamCVNhE8tFLqXmNQWBd119zFE00v5t72qJoP4tWjzYEgKe0jqNcIpx6/vt
B1BjiTScLHVIOnwyHlqQnVUpUzCCKPI0QGq3Lh48wdweFYShrAcKpPgvmlglekjr
W9IwQuD3Px7tmNhCiJYLWZfjpgV1WOMQ0lzbrsA0pKjyR5Totp+5+bOzB2TF6hDN
6NJ+ur0djWHhBsDHQm/9lRTkLRdO9IAmuir4Tkfr/v1BlWQVwA/tuSXbZbjrt/NP
O3pbNxLLB07debqMSIekuLW8HUCXH++ieqVFvvx6zUOu9CBEg/ti4mADWzoENEid
ZYdxLvVnAkoHnw==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:17:28 2025 by rpki-client