Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/01642e-c0ad-4bae-a545-8401952ac897/1/LdrykZbO5YxjJjDwK-69C1p1qdk.mft
File: LdrykZbO5YxjJjDwK-69C1p1qdk.mft (raw, json)
Hash identifier: /85VkH7A2V0+4xvk0XkjLqhzaTiuPLNXzNn/llpRidM=
Subject key identifier: D5:AC:40:D4:77:6D:59:7D:63:D4:60:03:55:60:F7:92:84:6B:EB:EE
Authority key identifier: 2D:DA:F2:91:96:CE:E5:8C:63:26:30:F0:2B:EE:BD:0B:5A:75:A9:D9
Certificate issuer: /CN=2ddaf29196cee58c632630f02beebd0b5a75a9d9
Certificate serial: 0198D660D41C8E7A9D2C5F0A0391541399F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LdrykZbO5YxjJjDwK-69C1p1qdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/01642e-c0ad-4bae-a545-8401952ac897/1/LdrykZbO5YxjJjDwK-69C1p1qdk.mft
Manifest number: D9
Signing time: Sat 23 Aug 2025 10:02:06 +0000
Manifest this update: Sat 23 Aug 2025 10:02:06 +0000
Manifest next update: Sun 24 Aug 2025 10:02:06 +0000
Files and hashes: 1: LdrykZbO5YxjJjDwK-69C1p1qdk.crl (hash: 3oBnFn/PUx7p2CVYcCjufBxGmCYFs1/gGP2iJkQbu14=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/01642e-c0ad-4bae-a545-8401952ac897/1/LdrykZbO5YxjJjDwK-69C1p1qdk.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/01642e-c0ad-4bae-a545-8401952ac897/1/LdrykZbO5YxjJjDwK-69C1p1qdk.mft
rsync://rpki.ripe.net/repository/DEFAULT/LdrykZbO5YxjJjDwK-69C1p1qdk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d6:60:d4:1c:8e:7a:9d:2c:5f:0a:03:91:54:13:99:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ddaf29196cee58c632630f02beebd0b5a75a9d9
Validity
Not Before: Aug 23 10:02:06 2025 GMT
Not After : Aug 24 10:02:06 2025 GMT
Subject: CN=d5ac40d4776d597d63d460035560f792846bebee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:74:06:b2:19:50:85:a5:58:90:6f:c7:62:f4:
66:93:bb:af:d0:85:f8:e3:38:4c:37:ee:55:7e:ae:
ab:d5:03:97:cb:ee:22:02:08:e3:85:0f:30:71:37:
3c:7e:03:7b:1e:cb:98:d7:c2:23:44:33:a1:08:f4:
47:1d:e3:e6:d3:e0:fd:ca:fd:b5:b3:f5:cd:82:ba:
47:5b:f1:2d:a9:3c:ac:77:46:86:68:08:ea:f0:24:
43:48:fa:9d:31:fd:d8:91:fb:b8:2b:55:9c:c8:3f:
82:fd:0d:cc:78:d1:64:99:36:b1:79:e6:f7:7a:26:
c4:78:21:30:72:f8:c3:a6:73:d2:0c:0e:ad:e5:aa:
47:4b:8b:a0:48:3a:34:34:ea:03:3b:d6:1d:1d:fc:
af:85:c9:56:80:8a:ca:0a:78:75:7b:63:db:6c:23:
bc:bf:e3:6e:3d:0c:9b:c3:0a:50:10:2c:b2:5c:d3:
46:cf:e2:6d:c6:2f:95:77:ad:56:a2:53:84:17:d2:
30:ed:5f:e2:0e:65:d2:0e:0b:d7:26:f9:0b:c0:b5:
3d:e8:d7:e2:3a:d7:69:2f:30:91:0a:a6:d8:2b:4d:
eb:61:72:e9:52:c6:f0:f6:80:1a:ea:80:b4:a1:d8:
6a:87:77:78:bf:a9:b2:3f:9f:e7:52:e4:f8:9f:ea:
38:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:AC:40:D4:77:6D:59:7D:63:D4:60:03:55:60:F7:92:84:6B:EB:EE
X509v3 Authority Key Identifier:
keyid:2D:DA:F2:91:96:CE:E5:8C:63:26:30:F0:2B:EE:BD:0B:5A:75:A9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LdrykZbO5YxjJjDwK-69C1p1qdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/01642e-c0ad-4bae-a545-8401952ac897/1/LdrykZbO5YxjJjDwK-69C1p1qdk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/01642e-c0ad-4bae-a545-8401952ac897/1/LdrykZbO5YxjJjDwK-69C1p1qdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
17:1c:eb:af:19:44:1e:df:09:2c:63:11:63:1f:0b:35:30:3b:
80:db:14:e4:59:c8:47:82:de:c8:32:b4:c4:b3:d4:65:a5:53:
5c:06:ee:68:75:2b:43:f0:ee:4e:37:09:37:55:2e:50:c5:a3:
3e:d6:05:a8:b6:ad:a8:3d:9a:7e:b5:bf:cd:ac:64:37:dd:b3:
37:ca:f6:07:6a:6b:b7:f1:6b:09:e1:86:35:bf:a7:73:e8:a8:
c4:a0:08:f5:e7:52:ac:ba:1b:d0:eb:a2:1e:4c:80:aa:da:93:
06:53:56:d3:3c:5a:28:69:13:19:40:ce:41:05:f2:f7:7b:4a:
59:15:48:59:2a:cc:cc:52:ac:91:01:1f:05:11:a3:d4:ee:81:
89:5e:4a:43:e2:49:ec:4a:27:a2:02:b7:2b:2a:95:af:04:8f:
6a:28:04:39:87:5f:de:0a:36:79:03:81:9e:6b:68:5b:37:b3:
6e:2e:4f:d2:dd:c0:7d:79:d0:9e:f8:d8:e1:2e:e6:09:86:8f:
fc:6a:84:dd:c7:0e:4e:66:37:fe:1c:5a:f6:2e:84:73:79:38:
8e:9c:c6:e6:69:d2:a9:3e:0f:62:0a:b9:59:fc:a1:ca:5e:76:
b1:bf:08:6f:38:e0:c7:1f:f2:a6:15:5f:74:01:b7:ee:34:27:
75:35:b1:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYNQcjnqdLF8KA5FUE5n0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkZGFmMjkxOTZjZWU1OGM2MzI2MzBmMDJiZWViZDBiNWE3
NWE5ZDkwHhcNMjUwODIzMTAwMjA2WhcNMjUwODI0MTAwMjA2WjAzMTEwLwYDVQQD
EyhkNWFjNDBkNDc3NmQ1OTdkNjNkNDYwMDM1NTYwZjc5Mjg0NmJlYmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA13QGshlQhaVYkG/HYvRmk7uv0IX4
4zhMN+5Vfq6r1QOXy+4iAgjjhQ8wcTc8fgN7HsuY18IjRDOhCPRHHePm0+D9yv21
s/XNgrpHW/EtqTysd0aGaAjq8CRDSPqdMf3Ykfu4K1WcyD+C/Q3MeNFkmTaxeeb3
eibEeCEwcvjDpnPSDA6t5apHS4ugSDo0NOoDO9YdHfyvhclWgIrKCnh1e2PbbCO8
v+NuPQybwwpQECyyXNNGz+Jtxi+Vd61WolOEF9Iw7V/iDmXSDgvXJvkLwLU96Nfi
OtdpLzCRCqbYK03rYXLpUsbw9oAa6oC0odhqh3d4v6myP5/nUuT4n+o4/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNWsQNR3bVl9Y9RgA1Vg95KEa+vuMB8GA1UdIwQY
MBaAFC3a8pGWzuWMYyYw8CvuvQtadanZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGRyeWtaYk81WXhqSmpEd0stNjlDMXAxcWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8wMTY0MmUtYzBhZC00YmFlLWE1NDUt
ODQwMTk1MmFjODk3LzEvTGRyeWtaYk81WXhqSmpEd0stNjlDMXAxcWRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8wMTY0MmUtYzBhZC00YmFlLWE1NDUtODQwMTk1MmFjODk3
LzEvTGRyeWtaYk81WXhqSmpEd0stNjlDMXAxcWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFxzrrxlE
Ht8JLGMRYx8LNTA7gNsU5FnIR4LeyDK0xLPUZaVTXAbuaHUrQ/DuTjcJN1UuUMWj
PtYFqLatqD2afrW/zaxkN92zN8r2B2prt/FrCeGGNb+nc+ioxKAI9edSrLob0Oui
HkyAqtqTBlNW0zxaKGkTGUDOQQXy93tKWRVIWSrMzFKskQEfBRGj1O6BiV5KQ+JJ
7EonogK3KyqVrwSPaigEOYdf3go2eQOBnmtoWzezbi5P0t3AfXnQnvjY4S7mCYaP
/GqE3ccOTmY3/hxa9i6Ec3k4jpzG5mnSqT4PYgq5Wfyhyl52sb8Ibzjgxx/yphVf
dAG37jQndTWxDQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:18:10 2025 by rpki-client