Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/01642e-c0ad-4bae-a545-8401952ac897/1/LdrykZbO5YxjJjDwK-69C1p1qdk.mft
File: LdrykZbO5YxjJjDwK-69C1p1qdk.mft (raw, json)
Hash identifier: z+SJ/9GTqztkOPIAoQ9op7MSVEacOEz9yclCmlbvghQ=
Subject key identifier: 72:EE:A3:12:F5:12:A7:0D:7B:3F:A3:45:C9:F6:5A:38:FF:86:7A:4E
Authority key identifier: 2D:DA:F2:91:96:CE:E5:8C:63:26:30:F0:2B:EE:BD:0B:5A:75:A9:D9
Certificate issuer: /CN=2ddaf29196cee58c632630f02beebd0b5a75a9d9
Certificate serial: 019A01B49E91E3D3A8E997B8F47531E76ABE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LdrykZbO5YxjJjDwK-69C1p1qdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/01642e-c0ad-4bae-a545-8401952ac897/1/LdrykZbO5YxjJjDwK-69C1p1qdk.mft
Manifest number: 0174
Signing time: Mon 20 Oct 2025 13:00:05 +0000
Manifest this update: Mon 20 Oct 2025 13:00:05 +0000
Manifest next update: Tue 21 Oct 2025 13:00:05 +0000
Files and hashes: 1: LdrykZbO5YxjJjDwK-69C1p1qdk.crl (hash: 1eTjMSvZlOQ+WFPJNiRXrsZT64Ys/Awkr/WTqLPsJ2I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/01642e-c0ad-4bae-a545-8401952ac897/1/LdrykZbO5YxjJjDwK-69C1p1qdk.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/01642e-c0ad-4bae-a545-8401952ac897/1/LdrykZbO5YxjJjDwK-69C1p1qdk.mft
rsync://rpki.ripe.net/repository/DEFAULT/LdrykZbO5YxjJjDwK-69C1p1qdk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:01:b4:9e:91:e3:d3:a8:e9:97:b8:f4:75:31:e7:6a:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ddaf29196cee58c632630f02beebd0b5a75a9d9
Validity
Not Before: Oct 20 13:00:05 2025 GMT
Not After : Oct 21 13:00:05 2025 GMT
Subject: CN=72eea312f512a70d7b3fa345c9f65a38ff867a4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:aa:df:a9:8e:45:6c:14:ce:1e:2d:e6:d7:01:
c2:f4:7f:df:1c:8f:5a:d1:08:be:cd:8f:b2:71:cd:
3b:11:8b:d9:f2:12:b8:f5:e0:bc:90:81:56:35:9f:
7a:a4:28:4b:70:6b:13:8d:a7:69:ff:1c:7d:94:51:
03:ef:d6:43:68:6b:f2:5c:47:27:9d:45:3f:c0:c4:
9a:9c:80:50:23:8e:03:49:59:c1:ef:04:b6:1c:d3:
62:02:02:03:0f:48:68:da:ab:38:fd:65:b1:c4:20:
21:a8:cb:1f:36:72:22:47:15:0d:e8:b0:1d:c2:a1:
5a:07:65:0f:be:d5:26:39:4e:83:b4:c0:2b:de:2c:
80:06:9e:35:c3:19:d3:d8:c9:34:7f:9c:98:29:91:
5d:30:49:b1:c7:50:e9:3f:92:2e:a7:9f:28:29:4d:
05:d0:b4:4f:ab:c6:b3:5c:87:dc:27:c7:44:dc:0c:
d9:27:b0:25:30:ca:65:ac:0d:15:31:98:8a:2b:3f:
d6:de:ec:ed:19:ea:8f:e9:0a:35:55:bb:92:9a:ee:
00:9e:84:c5:bf:8d:4e:c2:4a:d4:04:5a:10:00:83:
46:a7:d0:d6:93:75:26:3f:a0:49:2d:51:b8:02:6c:
fb:fa:eb:8a:38:48:fa:24:32:da:9e:56:44:5a:86:
82:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:EE:A3:12:F5:12:A7:0D:7B:3F:A3:45:C9:F6:5A:38:FF:86:7A:4E
X509v3 Authority Key Identifier:
keyid:2D:DA:F2:91:96:CE:E5:8C:63:26:30:F0:2B:EE:BD:0B:5A:75:A9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LdrykZbO5YxjJjDwK-69C1p1qdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/01642e-c0ad-4bae-a545-8401952ac897/1/LdrykZbO5YxjJjDwK-69C1p1qdk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/01642e-c0ad-4bae-a545-8401952ac897/1/LdrykZbO5YxjJjDwK-69C1p1qdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2a:35:a2:00:75:2c:40:79:77:f3:ee:aa:1c:67:c2:28:6e:d6:
a1:ce:7c:49:9c:cf:3c:be:bc:5c:6a:e0:a1:37:75:8f:81:c2:
11:94:65:89:36:d7:fb:7c:cb:7d:c6:06:0d:58:6d:81:c0:d9:
d4:a2:87:e0:ae:8a:93:f9:e4:be:2e:5b:2d:0c:19:66:ae:56:
da:93:56:e7:05:9b:fa:a3:39:b9:20:0b:57:d6:64:de:80:64:
23:ae:8c:f8:fb:d3:c6:90:9e:5c:8f:3c:3e:06:5a:ab:61:06:
80:7b:93:91:da:fc:94:6e:86:8e:26:d7:fc:c7:22:e9:45:5c:
7f:9e:c7:af:4c:e9:f9:fd:26:3b:bb:32:8c:ad:ae:3d:d5:07:
5b:56:d7:b7:0e:75:e4:db:a5:49:7d:17:5f:2f:29:10:25:8d:
49:e5:46:5f:bd:f5:b5:35:1d:c6:2a:d1:59:52:37:1d:99:99:
02:b8:f0:d4:1f:a6:a0:6e:0c:a4:d3:b8:56:a2:8a:1a:15:40:
17:99:1c:26:88:04:1e:bf:41:7e:37:30:88:09:18:55:8c:a9:
10:6a:7d:2e:60:c4:de:31:df:08:43:bf:98:e0:7c:ff:28:26:
a9:a8:b7:a5:f9:6c:0f:2b:8e:bb:1d:36:96:a3:49:26:55:1b:
98:cf:3c:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoBtJ6R49Oo6Ze49HUx52q+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkZGFmMjkxOTZjZWU1OGM2MzI2MzBmMDJiZWViZDBiNWE3
NWE5ZDkwHhcNMjUxMDIwMTMwMDA1WhcNMjUxMDIxMTMwMDA1WjAzMTEwLwYDVQQD
Eyg3MmVlYTMxMmY1MTJhNzBkN2IzZmEzNDVjOWY2NWEzOGZmODY3YTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6rfqY5FbBTOHi3m1wHC9H/fHI9a
0Qi+zY+ycc07EYvZ8hK49eC8kIFWNZ96pChLcGsTjadp/xx9lFED79ZDaGvyXEcn
nUU/wMSanIBQI44DSVnB7wS2HNNiAgIDD0ho2qs4/WWxxCAhqMsfNnIiRxUN6LAd
wqFaB2UPvtUmOU6DtMAr3iyABp41wxnT2Mk0f5yYKZFdMEmxx1DpP5Iup58oKU0F
0LRPq8azXIfcJ8dE3AzZJ7AlMMplrA0VMZiKKz/W3uztGeqP6Qo1VbuSmu4AnoTF
v41OwkrUBFoQAINGp9DWk3UmP6BJLVG4Amz7+uuKOEj6JDLanlZEWoaCxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHLuoxL1EqcNez+jRcn2Wjj/hnpOMB8GA1UdIwQY
MBaAFC3a8pGWzuWMYyYw8CvuvQtadanZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGRyeWtaYk81WXhqSmpEd0stNjlDMXAxcWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8wMTY0MmUtYzBhZC00YmFlLWE1NDUt
ODQwMTk1MmFjODk3LzEvTGRyeWtaYk81WXhqSmpEd0stNjlDMXAxcWRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8wMTY0MmUtYzBhZC00YmFlLWE1NDUtODQwMTk1MmFjODk3
LzEvTGRyeWtaYk81WXhqSmpEd0stNjlDMXAxcWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKjWiAHUs
QHl38+6qHGfCKG7Woc58SZzPPL68XGrgoTd1j4HCEZRliTbX+3zLfcYGDVhtgcDZ
1KKH4K6Kk/nkvi5bLQwZZq5W2pNW5wWb+qM5uSALV9Zk3oBkI66M+PvTxpCeXI88
PgZaq2EGgHuTkdr8lG6GjibX/Mci6UVcf57Hr0zp+f0mO7syjK2uPdUHW1bXtw51
5NulSX0XXy8pECWNSeVGX731tTUdxirRWVI3HZmZArjw1B+moG4MpNO4VqKKGhVA
F5kcJogEHr9BfjcwiAkYVYypEGp9LmDE3jHfCEO/mOB8/ygmqai3pflsDyuOux02
lqNJJlUbmM88tw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:26:51 2025 by rpki-client