Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/28343c-a4e4-4db0-92be-b58617e1888b/1/Xt--3qwGsBxaP3hM6gRuWiyVyl4.mft
File: Xt--3qwGsBxaP3hM6gRuWiyVyl4.mft (raw, json)
Hash identifier: LC1w+HL6BVu9pCjxb9HnPd/bdP3v7GMHImBNWg+MVFI=
Subject key identifier: CB:AD:EF:AE:21:78:D3:FF:96:82:DA:0F:36:EF:4E:11:82:A2:DD:DC
Authority key identifier: 5E:DF:BE:DE:AC:06:B0:1C:5A:3F:78:4C:EA:04:6E:5A:2C:95:CA:5E
Certificate issuer: /CN=5edfbedeac06b01c5a3f784cea046e5a2c95ca5e
Certificate serial: 0199FC58F9264E76D893A29A6859D2476777
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xt--3qwGsBxaP3hM6gRuWiyVyl4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/28343c-a4e4-4db0-92be-b58617e1888b/1/Xt--3qwGsBxaP3hM6gRuWiyVyl4.mft
Manifest number: 0A41
Signing time: Sun 19 Oct 2025 12:01:53 +0000
Manifest this update: Sun 19 Oct 2025 12:01:53 +0000
Manifest next update: Mon 20 Oct 2025 12:01:53 +0000
Files and hashes: 1: Xt--3qwGsBxaP3hM6gRuWiyVyl4.crl (hash: XUCd498xGqD92rU2pgAe4kW0+USFhx8zoMMqt9qnP8U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/28343c-a4e4-4db0-92be-b58617e1888b/1/Xt--3qwGsBxaP3hM6gRuWiyVyl4.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/28343c-a4e4-4db0-92be-b58617e1888b/1/Xt--3qwGsBxaP3hM6gRuWiyVyl4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xt--3qwGsBxaP3hM6gRuWiyVyl4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:58:f9:26:4e:76:d8:93:a2:9a:68:59:d2:47:67:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5edfbedeac06b01c5a3f784cea046e5a2c95ca5e
Validity
Not Before: Oct 19 12:01:53 2025 GMT
Not After : Oct 20 12:01:53 2025 GMT
Subject: CN=cbadefae2178d3ff9682da0f36ef4e1182a2dddc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:be:92:87:aa:45:0f:ac:4a:97:65:52:c6:0f:
02:df:75:53:c2:29:b4:01:a5:f5:d2:1e:0b:e3:5a:
ee:4a:cf:10:f8:97:30:57:ee:2d:f9:57:8f:d7:5b:
cb:0c:a7:9e:37:ee:ae:c1:96:c4:4f:61:1b:f9:35:
7a:ac:c2:c0:3b:1f:aa:d8:c9:57:d5:a6:40:e0:a9:
89:7e:8d:0c:17:9d:c9:94:52:a9:0f:05:7b:c6:0d:
a8:55:6a:f5:e5:7f:6b:98:35:85:d5:17:99:19:d9:
60:da:b0:bb:d1:f9:99:8a:2d:18:10:29:5b:2e:60:
f0:19:c8:45:cd:7c:15:68:f5:f3:ea:3c:8b:23:cf:
4c:19:48:3c:9b:6c:f0:01:69:e0:d8:38:3a:58:2e:
23:30:cd:a8:4d:b6:3a:4c:6f:01:82:76:40:c2:a8:
86:66:f6:6e:dc:d9:1c:cf:fb:30:c7:18:90:9d:cf:
0e:c8:6c:fb:6a:ad:c5:d4:b0:36:7d:0a:ae:99:11:
bb:5d:26:a2:15:17:31:55:39:65:ed:c3:88:5c:1e:
c1:e0:d7:a3:13:bd:8f:c4:bc:d7:cf:00:72:89:10:
d0:1f:f0:1b:49:6f:83:20:b5:98:cf:a4:d8:29:78:
e8:c4:bd:f5:9a:e4:20:b9:86:67:1e:a6:85:4b:c3:
8d:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:AD:EF:AE:21:78:D3:FF:96:82:DA:0F:36:EF:4E:11:82:A2:DD:DC
X509v3 Authority Key Identifier:
keyid:5E:DF:BE:DE:AC:06:B0:1C:5A:3F:78:4C:EA:04:6E:5A:2C:95:CA:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xt--3qwGsBxaP3hM6gRuWiyVyl4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/28343c-a4e4-4db0-92be-b58617e1888b/1/Xt--3qwGsBxaP3hM6gRuWiyVyl4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/28343c-a4e4-4db0-92be-b58617e1888b/1/Xt--3qwGsBxaP3hM6gRuWiyVyl4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6e:60:0b:1b:a1:a0:be:48:bd:04:ef:a0:20:0e:18:d3:57:0b:
3e:01:96:26:d1:a4:07:9d:5c:a6:c0:14:80:32:d7:f2:64:78:
92:84:c5:31:d5:f3:81:2d:27:e4:24:ef:9e:44:a8:e4:43:b2:
c6:ff:16:16:a4:59:19:85:1f:2d:b3:b3:37:37:c8:2b:f7:c2:
77:8f:a9:67:d6:69:db:dd:96:ee:e5:3f:b8:0f:a3:e6:84:a8:
88:d3:4c:e6:69:b0:d1:22:d3:73:f2:63:82:3c:66:ab:df:e9:
11:dd:66:41:02:c4:11:4c:65:41:68:20:91:1a:12:c0:f2:fa:
aa:c8:52:1a:f3:85:2e:cd:80:00:c3:80:82:43:82:68:0b:ae:
e8:59:cc:ec:9c:5c:65:09:25:5d:e0:cf:44:d5:f9:fd:5c:19:
3d:82:cb:10:43:2f:51:8b:bb:cd:d6:55:40:a4:48:3a:e2:bf:
b7:ea:7a:65:a7:6f:ae:af:1a:cd:2a:5c:c8:1c:5e:c8:94:46:
36:d3:a4:81:f0:73:cc:7b:c5:f4:f7:55:a7:3f:19:3a:ea:b5:
ba:c1:50:fe:e4:f1:12:ad:32:78:22:2e:fb:a8:8d:6b:ff:90:
01:85:32:15:73:8d:97:78:09:0e:3e:4e:5c:27:b6:bd:0c:23:
05:ba:d5:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WPkmTnbYk6KaaFnSR2d3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZGZiZWRlYWMwNmIwMWM1YTNmNzg0Y2VhMDQ2ZTVhMmM5
NWNhNWUwHhcNMjUxMDE5MTIwMTUzWhcNMjUxMDIwMTIwMTUzWjAzMTEwLwYDVQQD
EyhjYmFkZWZhZTIxNzhkM2ZmOTY4MmRhMGYzNmVmNGUxMTgyYTJkZGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo76Sh6pFD6xKl2VSxg8C33VTwim0
AaX10h4L41ruSs8Q+JcwV+4t+VeP11vLDKeeN+6uwZbET2Eb+TV6rMLAOx+q2MlX
1aZA4KmJfo0MF53JlFKpDwV7xg2oVWr15X9rmDWF1ReZGdlg2rC70fmZii0YEClb
LmDwGchFzXwVaPXz6jyLI89MGUg8m2zwAWng2Dg6WC4jMM2oTbY6TG8BgnZAwqiG
ZvZu3Nkcz/swxxiQnc8OyGz7aq3F1LA2fQqumRG7XSaiFRcxVTll7cOIXB7B4Nej
E72PxLzXzwByiRDQH/AbSW+DILWYz6TYKXjoxL31muQguYZnHqaFS8ONHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMut764heNP/loLaDzbvThGCot3cMB8GA1UdIwQY
MBaAFF7fvt6sBrAcWj94TOoEbloslcpeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHQtLTNxd0dzQnhhUDNoTTZnUnVXaXlWeWw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8yODM0M2MtYTRlNC00ZGIwLTkyYmUt
YjU4NjE3ZTE4ODhiLzEvWHQtLTNxd0dzQnhhUDNoTTZnUnVXaXlWeWw0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8yODM0M2MtYTRlNC00ZGIwLTkyYmUtYjU4NjE3ZTE4ODhi
LzEvWHQtLTNxd0dzQnhhUDNoTTZnUnVXaXlWeWw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbmALG6Gg
vki9BO+gIA4Y01cLPgGWJtGkB51cpsAUgDLX8mR4koTFMdXzgS0n5CTvnkSo5EOy
xv8WFqRZGYUfLbOzNzfIK/fCd4+pZ9Zp292W7uU/uA+j5oSoiNNM5mmw0SLTc/Jj
gjxmq9/pEd1mQQLEEUxlQWggkRoSwPL6qshSGvOFLs2AAMOAgkOCaAuu6FnM7Jxc
ZQklXeDPRNX5/VwZPYLLEEMvUYu7zdZVQKRIOuK/t+p6Zadvrq8azSpcyBxeyJRG
NtOkgfBzzHvF9PdVpz8ZOuq1usFQ/uTxEq0yeCIu+6iNa/+QAYUyFXONl3gJDj5O
XCe2vQwjBbrViQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:27:24 2025 by rpki-client