Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.mft
File: xDzur3eV-33zSLBLIn5QpJoaG3w.mft (raw, json)
Hash identifier: ydWyaAloRshWqt1SWXZQpn6zD/eW86hJKveIRLeJWpY=
Subject key identifier: 2C:13:11:72:5A:2D:1C:FE:09:D2:90:B3:CD:E8:6E:A8:5F:F7:C8:68
Authority key identifier: C4:3C:EE:AF:77:95:FB:7D:F3:48:B0:4B:22:7E:50:A4:9A:1A:1B:7C
Certificate issuer: /CN=c43ceeaf7795fb7df348b04b227e50a49a1a1b7c
Certificate serial: 0197B77C7DF451FCD8313FE9309282D28A26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xDzur3eV-33zSLBLIn5QpJoaG3w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.mft
Manifest number: 12EF
Signing time: Sat 28 Jun 2025 17:01:18 +0000
Manifest this update: Sat 28 Jun 2025 17:01:18 +0000
Manifest next update: Sun 29 Jun 2025 17:01:18 +0000
Files and hashes: 1: xDzur3eV-33zSLBLIn5QpJoaG3w.crl (hash: ddXPCUVg70h46yA7+sIuZQ4dYvrHRZ2sAmkA6RuV1ac=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.mft
rsync://rpki.ripe.net/repository/DEFAULT/xDzur3eV-33zSLBLIn5QpJoaG3w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:7c:7d:f4:51:fc:d8:31:3f:e9:30:92:82:d2:8a:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c43ceeaf7795fb7df348b04b227e50a49a1a1b7c
Validity
Not Before: Jun 28 17:01:18 2025 GMT
Not After : Jun 29 17:01:18 2025 GMT
Subject: CN=2c1311725a2d1cfe09d290b3cde86ea85ff7c868
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:31:d9:e4:a4:f1:d5:a1:1e:6a:dc:75:34:9e:
5f:e7:6f:6d:cf:0f:d3:c4:dd:24:58:5b:57:cd:38:
21:9d:81:8a:1c:64:8e:59:5f:3f:4f:e8:80:68:6c:
67:91:ec:d2:fd:ee:cf:30:c3:b1:aa:67:e9:40:01:
28:ce:d1:e4:a4:01:94:7d:68:fd:4f:e6:8a:07:ac:
39:40:3d:c6:c3:e0:0f:02:fb:f7:8a:57:97:40:ba:
3b:8c:58:71:5a:98:19:f9:a9:fd:83:08:bd:f5:8a:
06:17:f7:55:90:b9:46:94:74:c3:6d:46:6f:8f:e2:
f0:a4:e6:a0:d5:05:af:4a:c3:b2:73:73:5e:22:62:
ce:2f:53:80:d2:b8:e3:ef:e2:0e:8e:cf:24:6c:ac:
c8:66:2a:1c:8f:ba:8e:52:2c:46:6d:34:88:04:50:
89:76:19:18:ca:fb:12:02:b6:e4:c2:86:9c:48:91:
07:0f:22:a9:a1:c2:af:67:1f:67:43:2b:a3:a9:e5:
76:63:a1:bf:49:0d:c3:d9:e3:93:79:1b:58:d2:73:
8b:dd:9b:04:9b:34:aa:ee:1d:69:f7:f0:d4:43:6d:
48:4f:c9:59:a2:25:19:29:35:a6:6c:7e:a0:9a:e0:
ff:00:7a:d4:db:e4:d3:f6:00:b9:bd:f2:fa:5f:8d:
f8:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:13:11:72:5A:2D:1C:FE:09:D2:90:B3:CD:E8:6E:A8:5F:F7:C8:68
X509v3 Authority Key Identifier:
keyid:C4:3C:EE:AF:77:95:FB:7D:F3:48:B0:4B:22:7E:50:A4:9A:1A:1B:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xDzur3eV-33zSLBLIn5QpJoaG3w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
99:4a:9f:d0:83:24:4c:ae:da:2e:cc:90:b0:4a:eb:25:f5:1f:
bb:57:99:34:b1:f3:d6:4d:a4:a4:f0:11:1b:4d:09:cc:cc:cb:
7d:33:de:22:8c:c1:6d:43:e7:87:75:0c:f6:0e:d0:d7:75:87:
de:1d:c2:bb:be:5b:f1:c1:ac:7b:c2:6e:6b:4d:a2:7d:f5:9e:
fa:9c:39:c1:ee:89:6a:c6:2b:1a:33:0e:4c:45:e3:4a:d6:b8:
92:82:8c:2e:e9:ae:96:04:58:e1:a1:57:07:a5:6b:10:00:40:
89:24:26:cc:fb:69:dd:59:47:a2:6e:bc:0a:db:7c:e8:c8:db:
e5:d5:a6:e5:05:0c:53:37:b5:30:60:e0:f1:c9:29:c1:8b:7d:
c2:ab:1c:68:8b:83:17:63:54:ae:5d:67:f3:0e:1d:4a:4b:5f:
9d:0c:12:85:9a:ae:1c:56:5c:46:9d:4c:1b:2f:78:d8:c3:10:
0d:a9:f3:58:d9:4b:eb:d4:47:f0:22:45:93:e7:51:ba:93:c9:
07:e4:57:29:92:88:eb:e1:6e:14:0a:11:b5:cb:82:36:51:b1:
34:99:56:f6:06:6a:d0:36:9e:a1:7b:20:da:ea:0a:ca:57:52:
ce:57:07:6c:5d:e8:31:70:96:4c:0f:53:dc:fd:9d:d3:c7:0e:
0d:a9:e3:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fH30UfzYMT/pMJKC0oomMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0M2NlZWFmNzc5NWZiN2RmMzQ4YjA0YjIyN2U1MGE0OWEx
YTFiN2MwHhcNMjUwNjI4MTcwMTE4WhcNMjUwNjI5MTcwMTE4WjAzMTEwLwYDVQQD
EygyYzEzMTE3MjVhMmQxY2ZlMDlkMjkwYjNjZGU4NmVhODVmZjdjODY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzHZ5KTx1aEeatx1NJ5f529tzw/T
xN0kWFtXzTghnYGKHGSOWV8/T+iAaGxnkezS/e7PMMOxqmfpQAEoztHkpAGUfWj9
T+aKB6w5QD3Gw+APAvv3ileXQLo7jFhxWpgZ+an9gwi99YoGF/dVkLlGlHTDbUZv
j+LwpOag1QWvSsOyc3NeImLOL1OA0rjj7+IOjs8kbKzIZiocj7qOUixGbTSIBFCJ
dhkYyvsSArbkwoacSJEHDyKpocKvZx9nQyujqeV2Y6G/SQ3D2eOTeRtY0nOL3ZsE
mzSq7h1p9/DUQ21IT8lZoiUZKTWmbH6gmuD/AHrU2+TT9gC5vfL6X434QQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCwTEXJaLRz+CdKQs83obqhf98hoMB8GA1UdIwQY
MBaAFMQ87q93lft980iwSyJ+UKSaGht8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveER6dXIzZVYtMzN6U0xCTEluNVFwSm9hRzN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS84YThkM2EtMDgwNC00NGQ3LTg2NTUt
MDhiYWUzYTU0ZmY2LzEveER6dXIzZVYtMzN6U0xCTEluNVFwSm9hRzN3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS84YThkM2EtMDgwNC00NGQ3LTg2NTUtMDhiYWUzYTU0ZmY2
LzEveER6dXIzZVYtMzN6U0xCTEluNVFwSm9hRzN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmUqf0IMk
TK7aLsyQsErrJfUfu1eZNLHz1k2kpPARG00JzMzLfTPeIozBbUPnh3UM9g7Q13WH
3h3Cu75b8cGse8Jua02iffWe+pw5we6JasYrGjMOTEXjSta4koKMLumulgRY4aFX
B6VrEABAiSQmzPtp3VlHom68Ctt86Mjb5dWm5QUMUze1MGDg8ckpwYt9wqscaIuD
F2NUrl1n8w4dSktfnQwShZquHFZcRp1MGy942MMQDanzWNlL69RH8CJFk+dRupPJ
B+RXKZKI6+FuFAoRtcuCNlGxNJlW9gZq0DaeoXsg2uoKyldSzlcHbF3oMXCWTA9T
3P2d08cODanjTg==
-----END CERTIFICATE-----
Generated at Sat Jun 28 21:36:45 2025 by rpki-client