Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/28343c-a4e4-4db0-92be-b58617e1888b/1/Xt--3qwGsBxaP3hM6gRuWiyVyl4.mft
File: Xt--3qwGsBxaP3hM6gRuWiyVyl4.mft (raw, json)
Hash identifier: iTB4WmbO7wN+6zlgfbF1IgPgxKx8r8bErdVKH/LX5ck=
Subject key identifier: 07:BA:79:AF:AC:A4:3E:E3:AC:6F:28:52:9A:76:B1:59:4B:2E:CA:C2
Authority key identifier: 5E:DF:BE:DE:AC:06:B0:1C:5A:3F:78:4C:EA:04:6E:5A:2C:95:CA:5E
Certificate issuer: /CN=5edfbedeac06b01c5a3f784cea046e5a2c95ca5e
Certificate serial: 0198D6CD88EAD8F8F5EF324488AEDEA43E02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xt--3qwGsBxaP3hM6gRuWiyVyl4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/28343c-a4e4-4db0-92be-b58617e1888b/1/Xt--3qwGsBxaP3hM6gRuWiyVyl4.mft
Manifest number: 09A9
Signing time: Sat 23 Aug 2025 12:00:50 +0000
Manifest this update: Sat 23 Aug 2025 12:00:50 +0000
Manifest next update: Sun 24 Aug 2025 12:00:50 +0000
Files and hashes: 1: Xt--3qwGsBxaP3hM6gRuWiyVyl4.crl (hash: hhZOseOdl838DO7rYkSHJ+wu3zAvwXcqZGjYjmIxXso=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/28343c-a4e4-4db0-92be-b58617e1888b/1/Xt--3qwGsBxaP3hM6gRuWiyVyl4.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/28343c-a4e4-4db0-92be-b58617e1888b/1/Xt--3qwGsBxaP3hM6gRuWiyVyl4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xt--3qwGsBxaP3hM6gRuWiyVyl4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d6:cd:88:ea:d8:f8:f5:ef:32:44:88:ae:de:a4:3e:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5edfbedeac06b01c5a3f784cea046e5a2c95ca5e
Validity
Not Before: Aug 23 12:00:50 2025 GMT
Not After : Aug 24 12:00:50 2025 GMT
Subject: CN=07ba79afaca43ee3ac6f28529a76b1594b2ecac2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:11:07:c0:ea:a0:81:76:6f:a2:84:7f:22:5b:
ef:9b:bc:c3:1c:a0:32:23:52:b3:4c:f6:d1:36:c6:
d3:43:e1:4e:5d:a6:f9:27:15:25:cc:e3:b3:fb:00:
2d:b0:e4:d1:eb:99:df:34:6d:cb:b9:45:21:d1:26:
2d:2b:28:a4:e9:38:a3:4f:58:13:a8:e1:5b:1c:5b:
d8:ce:70:67:68:cb:63:1c:e7:0d:14:f3:26:fc:98:
99:71:70:8d:8b:cc:f6:3e:1c:b0:58:b0:1c:4a:52:
e1:2a:5a:ae:94:04:99:cc:c1:43:bb:be:00:0d:75:
a1:22:87:a9:3f:34:50:f0:6d:ca:c8:14:6f:0c:f8:
7f:d0:9d:d0:ca:25:74:4b:b5:46:a9:e6:86:95:04:
d7:97:21:29:63:d5:08:3b:65:31:d6:0d:74:ad:42:
89:f9:08:1f:98:44:2e:00:ad:b9:3a:ee:2f:0f:79:
6b:62:79:a5:0f:fb:29:00:c7:83:1d:40:19:7a:77:
aa:b0:32:03:4a:d1:c4:f8:26:b1:16:e9:f8:3d:cb:
44:f7:b9:b2:70:91:b4:73:9b:6e:3a:04:ac:16:78:
53:82:d6:d2:b2:33:23:79:8c:9f:94:75:df:9e:3d:
4b:b0:e4:78:d1:b8:3c:f7:ca:4f:6d:bf:e0:95:d7:
1f:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:BA:79:AF:AC:A4:3E:E3:AC:6F:28:52:9A:76:B1:59:4B:2E:CA:C2
X509v3 Authority Key Identifier:
keyid:5E:DF:BE:DE:AC:06:B0:1C:5A:3F:78:4C:EA:04:6E:5A:2C:95:CA:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xt--3qwGsBxaP3hM6gRuWiyVyl4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/28343c-a4e4-4db0-92be-b58617e1888b/1/Xt--3qwGsBxaP3hM6gRuWiyVyl4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/28343c-a4e4-4db0-92be-b58617e1888b/1/Xt--3qwGsBxaP3hM6gRuWiyVyl4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
51:09:df:79:fb:76:3a:88:04:c0:14:cc:e2:4b:3e:64:4c:89:
e2:00:f2:98:0d:33:8a:96:6a:2a:f5:08:18:8d:20:b4:b6:68:
92:d7:fc:55:97:73:1a:e6:08:7f:7e:15:3c:3f:8b:6b:0f:2d:
e1:d3:0b:0e:95:52:9b:28:e5:73:11:38:eb:dc:82:a3:a6:af:
2f:66:bd:bb:03:59:6e:7a:02:62:0a:6c:53:ff:a4:b5:c1:96:
c5:b6:e3:32:bd:d2:7e:5f:fd:13:f8:73:df:09:45:f7:cc:c2:
3b:27:6a:19:e7:bc:cf:5e:04:c4:8f:00:69:08:f3:cc:b8:81:
ed:9e:8e:e7:e6:2c:c4:04:2b:3c:2f:61:23:c8:f1:45:bb:6a:
c1:0f:bd:de:db:fc:b0:28:c3:d5:c1:5c:d6:de:5b:e1:75:c0:
e7:8b:ca:3e:0a:b5:35:16:5e:e6:2a:82:f3:6f:6c:ae:8c:06:
c0:af:95:9a:44:1e:6b:92:7d:11:fd:74:44:87:78:a0:e7:31:
4a:81:92:de:b0:60:19:75:e3:0e:bf:50:52:6d:3c:97:0c:c4:
80:48:fe:c8:e9:d8:b2:75:8e:f1:b5:df:1f:f3:c9:d8:4c:d1:
2b:db:36:56:56:1a:8e:bb:20:09:8a:98:60:c0:bb:2e:ea:ea:
41:a9:74:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzYjq2Pj17zJEiK7epD4CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZGZiZWRlYWMwNmIwMWM1YTNmNzg0Y2VhMDQ2ZTVhMmM5
NWNhNWUwHhcNMjUwODIzMTIwMDUwWhcNMjUwODI0MTIwMDUwWjAzMTEwLwYDVQQD
EygwN2JhNzlhZmFjYTQzZWUzYWM2ZjI4NTI5YTc2YjE1OTRiMmVjYWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBEHwOqggXZvooR/Ilvvm7zDHKAy
I1KzTPbRNsbTQ+FOXab5JxUlzOOz+wAtsOTR65nfNG3LuUUh0SYtKyik6TijT1gT
qOFbHFvYznBnaMtjHOcNFPMm/JiZcXCNi8z2PhywWLAcSlLhKlqulASZzMFDu74A
DXWhIoepPzRQ8G3KyBRvDPh/0J3QyiV0S7VGqeaGlQTXlyEpY9UIO2Ux1g10rUKJ
+QgfmEQuAK25Ou4vD3lrYnmlD/spAMeDHUAZeneqsDIDStHE+CaxFun4PctE97my
cJG0c5tuOgSsFnhTgtbSsjMjeYyflHXfnj1LsOR40bg898pPbb/gldcfwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAe6ea+spD7jrG8oUpp2sVlLLsrCMB8GA1UdIwQY
MBaAFF7fvt6sBrAcWj94TOoEbloslcpeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHQtLTNxd0dzQnhhUDNoTTZnUnVXaXlWeWw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8yODM0M2MtYTRlNC00ZGIwLTkyYmUt
YjU4NjE3ZTE4ODhiLzEvWHQtLTNxd0dzQnhhUDNoTTZnUnVXaXlWeWw0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8yODM0M2MtYTRlNC00ZGIwLTkyYmUtYjU4NjE3ZTE4ODhi
LzEvWHQtLTNxd0dzQnhhUDNoTTZnUnVXaXlWeWw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUQnfeft2
OogEwBTM4ks+ZEyJ4gDymA0zipZqKvUIGI0gtLZoktf8VZdzGuYIf34VPD+Law8t
4dMLDpVSmyjlcxE469yCo6avL2a9uwNZbnoCYgpsU/+ktcGWxbbjMr3Sfl/9E/hz
3wlF98zCOydqGee8z14ExI8AaQjzzLiB7Z6O5+YsxAQrPC9hI8jxRbtqwQ+93tv8
sCjD1cFc1t5b4XXA54vKPgq1NRZe5iqC829srowGwK+VmkQea5J9Ef10RId4oOcx
SoGS3rBgGXXjDr9QUm08lwzEgEj+yOnYsnWO8bXfH/PJ2EzRK9s2VlYajrsgCYqY
YMC7LurqQal0Hg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:30:24 2025 by rpki-client