Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft
File: bLdrU2M4PWjlVeUnClkx2DQOGA0.mft (raw, json)
Hash identifier: itvE0KYX+SP6UWZRxIYlGzF0IOXmcwoSuyoMgefs6mg=
Subject key identifier: 66:2A:BA:A3:20:2E:AE:53:3A:94:A0:68:37:F2:3D:58:99:0E:FB:6C
Authority key identifier: 6C:B7:6B:53:63:38:3D:68:E5:55:E5:27:0A:59:31:D8:34:0E:18:0D
Certificate issuer: /CN=6cb76b5363383d68e555e5270a5931d8340e180d
Certificate serial: 0198D66055AA188BC17FD2DF9A1C409A7A4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bLdrU2M4PWjlVeUnClkx2DQOGA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft
Manifest number: 0DD7
Signing time: Sat 23 Aug 2025 10:01:34 +0000
Manifest this update: Sat 23 Aug 2025 10:01:34 +0000
Manifest next update: Sun 24 Aug 2025 10:01:34 +0000
Files and hashes: 1: bLdrU2M4PWjlVeUnClkx2DQOGA0.crl (hash: xquInqFBkZ7wKsMQERwYaJsIPy1ltfgjUUdQIiYCVW4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/bLdrU2M4PWjlVeUnClkx2DQOGA0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d6:60:55:aa:18:8b:c1:7f:d2:df:9a:1c:40:9a:7a:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cb76b5363383d68e555e5270a5931d8340e180d
Validity
Not Before: Aug 23 10:01:34 2025 GMT
Not After : Aug 24 10:01:34 2025 GMT
Subject: CN=662abaa3202eae533a94a06837f23d58990efb6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:1e:a3:43:67:7e:5e:c9:3b:65:71:e6:56:77:
f2:a9:1f:cd:ae:b8:f5:52:fb:f3:7c:e8:04:69:2c:
2a:d0:ec:d2:77:15:24:5b:23:d3:1d:35:68:d7:1a:
c6:e1:12:0b:18:8a:22:54:d6:9e:1b:89:0b:dc:cf:
32:06:7b:26:00:52:be:c5:74:a3:56:6c:35:e4:7d:
37:fb:cc:f4:ef:07:ac:21:77:ac:cf:d6:83:87:e2:
88:68:e6:c1:d2:b3:29:a3:ec:19:e3:62:5f:37:81:
49:d8:f3:1b:1b:43:be:8b:ab:ef:29:81:46:50:af:
83:6d:98:e1:53:ba:2c:be:ed:37:fe:7b:74:94:a2:
72:e9:b0:e6:16:b4:c9:3b:9e:cc:71:93:19:17:12:
6e:d8:1f:2a:2a:4a:89:05:b8:72:40:8f:dd:c3:e0:
9b:e9:d7:9b:ec:5a:67:51:10:97:86:89:0e:90:16:
03:b1:3b:bd:a5:13:91:ba:9a:d5:23:f8:58:19:9d:
36:87:29:08:24:93:c8:7f:c6:35:34:2c:61:d4:6f:
53:7a:62:24:37:86:4f:0c:3d:e9:e8:e1:33:5f:a9:
56:ce:f2:c1:88:d8:60:5c:81:2c:59:dc:d7:bd:0b:
46:64:27:53:eb:0b:ca:9f:6f:99:b6:61:da:ec:36:
ef:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:2A:BA:A3:20:2E:AE:53:3A:94:A0:68:37:F2:3D:58:99:0E:FB:6C
X509v3 Authority Key Identifier:
keyid:6C:B7:6B:53:63:38:3D:68:E5:55:E5:27:0A:59:31:D8:34:0E:18:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bLdrU2M4PWjlVeUnClkx2DQOGA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
00:14:41:c5:84:5c:b4:92:65:c8:47:df:1b:1c:61:4f:ce:a9:
88:0b:2d:3e:ce:95:aa:c9:60:e9:cb:d5:59:85:95:70:9f:e1:
92:be:68:e6:37:53:86:01:f9:7a:b4:6a:2a:53:20:f4:56:52:
f5:b2:a4:9d:c5:e0:71:17:a9:97:d4:52:79:f4:e6:91:be:6f:
b4:03:ad:48:4d:86:7b:c0:dc:d5:dc:39:17:77:34:b7:5d:d8:
a6:7b:c2:79:aa:35:54:e7:07:52:f0:3b:61:05:16:7a:d7:e3:
1d:13:7f:f1:9c:6f:7e:76:fb:c6:f9:75:60:5f:0b:ff:34:88:
ab:92:2f:d9:98:b6:9e:53:b4:83:ff:5a:d9:5d:9b:47:c0:87:
65:db:d6:89:17:c0:52:40:e4:2b:24:94:99:ee:39:82:59:61:
24:89:e0:c0:0c:be:45:37:9c:8e:1c:60:b2:54:88:53:e0:96:
a2:c8:2b:16:51:e3:bf:90:ca:1c:f5:5e:fc:da:fa:00:b3:eb:
c7:2b:07:ab:5f:38:8b:1b:b2:84:77:25:9d:aa:b6:3a:c5:7b:
2c:2d:4d:29:28:46:3a:12:ed:64:91:88:09:0f:91:fb:2e:aa:
20:8c:fe:f2:aa:69:e9:8b:4d:41:e2:bf:eb:17:ce:ee:57:b8:
2a:57:02:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYFWqGIvBf9LfmhxAmnpOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYjc2YjUzNjMzODNkNjhlNTU1ZTUyNzBhNTkzMWQ4MzQw
ZTE4MGQwHhcNMjUwODIzMTAwMTM0WhcNMjUwODI0MTAwMTM0WjAzMTEwLwYDVQQD
Eyg2NjJhYmFhMzIwMmVhZTUzM2E5NGEwNjgzN2YyM2Q1ODk5MGVmYjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzh6jQ2d+Xsk7ZXHmVnfyqR/Nrrj1
UvvzfOgEaSwq0OzSdxUkWyPTHTVo1xrG4RILGIoiVNaeG4kL3M8yBnsmAFK+xXSj
Vmw15H03+8z07wesIXesz9aDh+KIaObB0rMpo+wZ42JfN4FJ2PMbG0O+i6vvKYFG
UK+DbZjhU7osvu03/nt0lKJy6bDmFrTJO57McZMZFxJu2B8qKkqJBbhyQI/dw+Cb
6deb7FpnURCXhokOkBYDsTu9pRORuprVI/hYGZ02hykIJJPIf8Y1NCxh1G9TemIk
N4ZPDD3p6OEzX6lWzvLBiNhgXIEsWdzXvQtGZCdT6wvKn2+ZtmHa7DbvJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGYquqMgLq5TOpSgaDfyPViZDvtsMB8GA1UdIwQY
MBaAFGy3a1NjOD1o5VXlJwpZMdg0DhgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkxkclUyTTRQV2psVmVVbkNsa3gyRFFPR0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My82ZGU3MjktOGMyZC00ZTEyLTg3YWEt
Y2I0NTI2ZmIxN2QwLzEvYkxkclUyTTRQV2psVmVVbkNsa3gyRFFPR0EwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My82ZGU3MjktOGMyZC00ZTEyLTg3YWEtY2I0NTI2ZmIxN2Qw
LzEvYkxkclUyTTRQV2psVmVVbkNsa3gyRFFPR0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAABRBxYRc
tJJlyEffGxxhT86piAstPs6Vqslg6cvVWYWVcJ/hkr5o5jdThgH5erRqKlMg9FZS
9bKkncXgcRepl9RSefTmkb5vtAOtSE2Ge8Dc1dw5F3c0t13YpnvCeao1VOcHUvA7
YQUWetfjHRN/8Zxvfnb7xvl1YF8L/zSIq5Iv2Zi2nlO0g/9a2V2bR8CHZdvWiRfA
UkDkKySUme45gllhJIngwAy+RTecjhxgslSIU+CWosgrFlHjv5DKHPVe/Nr6ALPr
xysHq184ixuyhHclnaq2OsV7LC1NKShGOhLtZJGICQ+R+y6qIIz+8qpp6YtNQeK/
6xfO7le4KlcCXw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:37:43 2025 by rpki-client