Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft
File: XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft (raw, json)
Hash identifier: ace3yQmHCkpdVo4RLRC1B+PedQ7PVbhQJT8caTQmLKE=
Subject key identifier: D9:0F:F1:DE:A5:7D:40:7F:82:83:37:C5:3F:8A:B6:AB:83:A8:4D:DB
Authority key identifier: 5E:D6:77:2B:90:21:2E:57:72:49:F7:35:6C:21:8E:D1:06:8B:67:76
Certificate issuer: /CN=5ed6772b90212e577249f7356c218ed1068b6776
Certificate serial: 0198D47341B2BDCF473FF7D497D37B415539
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft
Manifest number: 1647
Signing time: Sat 23 Aug 2025 01:02:59 +0000
Manifest this update: Sat 23 Aug 2025 01:02:59 +0000
Manifest next update: Sun 24 Aug 2025 01:02:59 +0000
Files and hashes: 1: XtZ3K5AhLldySfc1bCGO0QaLZ3Y.crl (hash: d+w2tGG4wdmWnvDcIyNuFk8scDy2G/tc/PlDPj3gT6E=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d4:73:41:b2:bd:cf:47:3f:f7:d4:97:d3:7b:41:55:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ed6772b90212e577249f7356c218ed1068b6776
Validity
Not Before: Aug 23 01:02:59 2025 GMT
Not After : Aug 24 01:02:59 2025 GMT
Subject: CN=d90ff1dea57d407f828337c53f8ab6ab83a84ddb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:7b:d4:2b:8e:82:23:db:2c:6b:b1:fd:a9:4d:
73:43:92:b5:8d:63:94:0f:4d:ff:45:2c:84:d8:36:
6e:bb:15:89:5a:c6:77:81:fe:d7:7f:2d:94:db:9d:
b5:95:a0:17:bc:11:04:b2:8a:6f:e2:bb:0e:14:95:
ba:96:e4:f7:22:c6:33:53:07:9a:a3:74:78:bc:5a:
36:3b:48:e7:46:ab:ec:ba:5c:14:4f:18:ea:e4:97:
b6:70:b5:7e:16:87:78:6a:79:0d:21:db:c9:65:38:
cb:38:f5:ab:ee:d0:5d:6f:84:4a:90:93:f1:36:b7:
76:fe:85:b2:e9:0e:7f:7a:28:8f:1f:cc:d8:d6:ea:
dc:fd:4e:83:f8:86:5e:20:d4:fe:f6:0d:11:50:72:
2a:4d:ae:59:4c:24:66:d0:3e:a0:2c:1d:fc:66:c0:
47:0e:5c:55:81:3a:4c:98:57:91:9e:5b:ae:e9:22:
74:8f:be:da:94:f4:9f:05:40:11:9c:62:a8:1f:20:
b8:88:66:12:bc:7c:c2:f7:3e:d1:c1:72:8d:33:15:
9a:10:56:ea:aa:52:c2:9a:d8:0c:bb:56:d2:d9:2f:
1e:12:14:bc:ff:1b:c9:58:6e:9b:fc:40:07:c1:e9:
97:65:07:2e:9a:af:07:d1:66:cc:be:4b:f4:fb:8b:
49:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:0F:F1:DE:A5:7D:40:7F:82:83:37:C5:3F:8A:B6:AB:83:A8:4D:DB
X509v3 Authority Key Identifier:
keyid:5E:D6:77:2B:90:21:2E:57:72:49:F7:35:6C:21:8E:D1:06:8B:67:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5a:41:51:26:17:24:75:92:4c:17:11:2d:69:61:d4:a9:19:cd:
b0:62:36:fd:8c:fa:46:59:2f:df:26:55:d4:33:6b:45:06:56:
42:07:6c:44:bb:be:ab:d5:99:10:db:42:a1:28:a6:5e:b4:b3:
5a:a1:c9:bc:63:2e:2d:00:20:a7:69:68:30:f6:e2:44:bb:6a:
2a:15:fd:8a:91:d2:c2:c7:cd:05:b4:66:31:fb:34:54:94:66:
90:16:d4:a9:7c:60:88:2f:bb:44:71:85:81:a1:af:eb:30:3a:
65:d8:cc:ae:d7:a2:6b:9d:cf:0a:af:6d:d9:45:3c:e9:49:b1:
8e:97:89:47:12:be:a7:07:e2:e6:21:b1:17:27:bf:ed:43:7c:
18:32:04:da:d7:9e:4b:31:5b:6e:67:74:6d:d5:bf:74:fe:cd:
4e:44:77:09:3a:7a:2a:0d:a8:5b:60:e9:70:35:22:4c:42:57:
fc:e0:08:90:79:d1:6f:94:93:37:e1:94:99:d6:bc:39:f4:e6:
09:1d:62:cc:c9:f1:78:e1:18:19:69:74:2e:b2:a1:f9:1e:a1:
55:ad:c8:58:ef:a0:6f:97:15:22:7a:5d:1a:65:17:6b:07:e0:
f9:5b:9e:0a:c1:98:f9:4a:c4:be:df:a5:74:45:c4:5c:8d:6a:
32:a9:80:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUc0Gyvc9HP/fUl9N7QVU5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZDY3NzJiOTAyMTJlNTc3MjQ5ZjczNTZjMjE4ZWQxMDY4
YjY3NzYwHhcNMjUwODIzMDEwMjU5WhcNMjUwODI0MDEwMjU5WjAzMTEwLwYDVQQD
EyhkOTBmZjFkZWE1N2Q0MDdmODI4MzM3YzUzZjhhYjZhYjgzYTg0ZGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXvUK46CI9ssa7H9qU1zQ5K1jWOU
D03/RSyE2DZuuxWJWsZ3gf7Xfy2U2521laAXvBEEsopv4rsOFJW6luT3IsYzUwea
o3R4vFo2O0jnRqvsulwUTxjq5Je2cLV+Fod4ankNIdvJZTjLOPWr7tBdb4RKkJPx
Nrd2/oWy6Q5/eiiPH8zY1urc/U6D+IZeINT+9g0RUHIqTa5ZTCRm0D6gLB38ZsBH
DlxVgTpMmFeRnluu6SJ0j77alPSfBUARnGKoHyC4iGYSvHzC9z7RwXKNMxWaEFbq
qlLCmtgMu1bS2S8eEhS8/xvJWG6b/EAHwemXZQcumq8H0WbMvkv0+4tJoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNkP8d6lfUB/goM3xT+KtquDqE3bMB8GA1UdIwQY
MBaAFF7WdyuQIS5Xckn3NWwhjtEGi2d2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHRaM0s1QWhMbGR5U2ZjMWJDR08wUWFMWjNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mNWVlNzYtZWVhZS00MzZjLTg4NDMt
ODYyMTA2ODUzODYwLzEvWHRaM0s1QWhMbGR5U2ZjMWJDR08wUWFMWjNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mNWVlNzYtZWVhZS00MzZjLTg4NDMtODYyMTA2ODUzODYw
LzEvWHRaM0s1QWhMbGR5U2ZjMWJDR08wUWFMWjNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWkFRJhck
dZJMFxEtaWHUqRnNsGI2/Yz6Rlkv3yZV1DNrRQZWQgdsRLu+q9WZENtCoSimXrSz
WqHJvGMuLQAgp2loMPbiRLtqKhX9ipHSwsfNBbRmMfs0VJRmkBbUqXxgiC+7RHGF
gaGv6zA6ZdjMrteia53PCq9t2UU86UmxjpeJRxK+pwfi5iGxFye/7UN8GDIE2tee
SzFbbmd0bdW/dP7NTkR3CTp6Kg2oW2DpcDUiTEJX/OAIkHnRb5STN+GUmda8OfTm
CR1izMnxeOEYGWl0LrKh+R6hVa3IWO+gb5cVInpdGmUXawfg+VueCsGY+UrEvt+l
dEXEXI1qMqmAcw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:26:45 2025 by rpki-client