Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/2b3387-3b34-457e-ab1c-3ab52b3bcc3b/1/XbdXv1dG8moHySCHAbDVS2m8M2Q.mft
File: XbdXv1dG8moHySCHAbDVS2m8M2Q.mft (raw, json)
Hash identifier: EIaWbHuwIhyqzN1vByqAUXaduzCShajOYSD2lnpX3I0=
Subject key identifier: A7:23:EF:1F:1F:C1:A4:33:C9:A0:C9:7F:3B:77:3C:8B:1D:DA:86:30
Authority key identifier: 5D:B7:57:BF:57:46:F2:6A:07:C9:20:87:01:B0:D5:4B:69:BC:33:64
Certificate issuer: /CN=5db757bf5746f26a07c9208701b0d54b69bc3364
Certificate serial: 019A0411552BE144A4DF3550AACA4CDA233C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XbdXv1dG8moHySCHAbDVS2m8M2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/2b3387-3b34-457e-ab1c-3ab52b3bcc3b/1/XbdXv1dG8moHySCHAbDVS2m8M2Q.mft
Manifest number: 05B2
Signing time: Tue 21 Oct 2025 00:00:35 +0000
Manifest this update: Tue 21 Oct 2025 00:00:35 +0000
Manifest next update: Wed 22 Oct 2025 00:00:35 +0000
Files and hashes: 1: XbdXv1dG8moHySCHAbDVS2m8M2Q.crl (hash: hNvL4DyMM2Ul22wbrX+ku4sIKtSZyePwqE4kJtF79hg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/2b3387-3b34-457e-ab1c-3ab52b3bcc3b/1/XbdXv1dG8moHySCHAbDVS2m8M2Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/2b3387-3b34-457e-ab1c-3ab52b3bcc3b/1/XbdXv1dG8moHySCHAbDVS2m8M2Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/XbdXv1dG8moHySCHAbDVS2m8M2Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 22:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:04:11:55:2b:e1:44:a4:df:35:50:aa:ca:4c:da:23:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5db757bf5746f26a07c9208701b0d54b69bc3364
Validity
Not Before: Oct 21 00:00:35 2025 GMT
Not After : Oct 22 00:00:35 2025 GMT
Subject: CN=a723ef1f1fc1a433c9a0c97f3b773c8b1dda8630
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:6c:71:a5:4b:70:a4:04:65:52:0a:59:ca:43:
a3:94:57:4a:3d:d7:0f:24:f8:ac:e8:50:dc:22:8b:
17:dc:e4:dd:a3:aa:3f:5f:0c:0d:39:4f:3b:e7:3f:
53:c5:ab:8b:b5:b9:d8:34:81:07:01:d1:ac:7e:27:
81:e7:0c:e4:75:01:f1:6c:19:69:60:f7:92:6d:85:
da:7b:5c:ad:55:1f:19:98:2b:13:ce:39:ec:3a:98:
b8:2b:0b:0e:c9:54:7d:d2:13:a5:43:22:66:6f:b5:
09:08:ca:79:1d:c3:c9:55:7f:34:2c:b6:ac:40:d2:
ba:fc:03:06:f8:b4:25:8d:87:cd:2e:c9:fd:43:7c:
23:ff:b4:9f:fb:71:bd:8c:4d:95:05:46:a7:7a:fa:
10:c0:fa:3c:95:e6:9f:91:06:4e:15:ca:86:b4:36:
e9:64:74:95:de:13:8c:81:d2:3d:e4:35:43:f3:11:
d0:fd:9a:55:56:45:70:16:6a:e4:6e:bd:3f:a0:8c:
33:b5:dd:66:b2:0a:8b:b9:1c:05:c0:62:58:b6:66:
48:b5:1e:66:4b:dd:38:90:32:8a:14:84:0e:34:ae:
43:61:25:f1:ea:d2:99:a3:8b:1a:38:6c:f1:c5:f3:
c2:99:9e:5d:be:6e:5d:f6:45:23:aa:f4:c7:16:12:
17:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:23:EF:1F:1F:C1:A4:33:C9:A0:C9:7F:3B:77:3C:8B:1D:DA:86:30
X509v3 Authority Key Identifier:
keyid:5D:B7:57:BF:57:46:F2:6A:07:C9:20:87:01:B0:D5:4B:69:BC:33:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XbdXv1dG8moHySCHAbDVS2m8M2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/2b3387-3b34-457e-ab1c-3ab52b3bcc3b/1/XbdXv1dG8moHySCHAbDVS2m8M2Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/2b3387-3b34-457e-ab1c-3ab52b3bcc3b/1/XbdXv1dG8moHySCHAbDVS2m8M2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
47:a1:5e:1e:91:ba:cf:70:e4:9a:9c:de:8c:27:62:ce:e8:d9:
0c:95:17:91:83:68:7a:7e:21:b6:fc:80:3f:c4:f5:5a:80:65:
3b:d9:85:5c:c4:d7:ad:1c:29:6c:6d:33:85:5d:d7:36:cb:4e:
ac:f0:2b:eb:51:11:50:99:ab:ee:a5:e8:ee:9f:74:e9:71:de:
b5:b0:6c:cc:c9:03:39:d6:54:dc:61:aa:79:d3:1b:d4:ae:a5:
77:ca:67:dd:49:25:a2:fe:49:09:0d:63:13:47:5c:f7:3d:bf:
e2:03:5c:f4:b5:8f:2b:81:44:41:36:fc:53:b6:e2:b6:a1:52:
6d:c0:c8:72:fc:b7:2c:95:30:e6:da:ac:02:85:76:92:95:b6:
e9:5c:78:f3:9c:d8:c4:f4:e6:e3:c6:52:84:bd:10:83:09:2a:
5a:b4:c3:51:f9:cf:c4:83:fc:af:be:5d:ad:54:be:d1:b8:e5:
59:63:21:63:a2:47:34:2b:94:cf:ad:e4:4d:77:ce:f5:55:d6:
65:36:2d:19:06:2b:9c:f3:84:03:ad:88:dd:de:05:1d:27:05:
6d:36:70:25:2a:0e:12:69:51:09:ba:ec:01:84:0d:ff:8e:de:
ee:28:a0:d8:cb:c0:2a:96:c8:ea:87:60:f0:9f:5f:d9:54:92:
87:b7:7f:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoEEVUr4USk3zVQqspM2iM8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYjc1N2JmNTc0NmYyNmEwN2M5MjA4NzAxYjBkNTRiNjli
YzMzNjQwHhcNMjUxMDIxMDAwMDM1WhcNMjUxMDIyMDAwMDM1WjAzMTEwLwYDVQQD
EyhhNzIzZWYxZjFmYzFhNDMzYzlhMGM5N2YzYjc3M2M4YjFkZGE4NjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmxxpUtwpARlUgpZykOjlFdKPdcP
JPis6FDcIosX3OTdo6o/XwwNOU875z9TxauLtbnYNIEHAdGsfieB5wzkdQHxbBlp
YPeSbYXae1ytVR8ZmCsTzjnsOpi4KwsOyVR90hOlQyJmb7UJCMp5HcPJVX80LLas
QNK6/AMG+LQljYfNLsn9Q3wj/7Sf+3G9jE2VBUanevoQwPo8leafkQZOFcqGtDbp
ZHSV3hOMgdI95DVD8xHQ/ZpVVkVwFmrkbr0/oIwztd1msgqLuRwFwGJYtmZItR5m
S904kDKKFIQONK5DYSXx6tKZo4saOGzxxfPCmZ5dvm5d9kUjqvTHFhIXlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKcj7x8fwaQzyaDJfzt3PIsd2oYwMB8GA1UdIwQY
MBaAFF23V79XRvJqB8kghwGw1UtpvDNkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGJkWHYxZEc4bW9IeVNDSEFiRFZTMm04TTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8yYjMzODctM2IzNC00NTdlLWFiMWMt
M2FiNTJiM2JjYzNiLzEvWGJkWHYxZEc4bW9IeVNDSEFiRFZTMm04TTJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8yYjMzODctM2IzNC00NTdlLWFiMWMtM2FiNTJiM2JjYzNi
LzEvWGJkWHYxZEc4bW9IeVNDSEFiRFZTMm04TTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR6FeHpG6
z3DkmpzejCdizujZDJUXkYNoen4htvyAP8T1WoBlO9mFXMTXrRwpbG0zhV3XNstO
rPAr61ERUJmr7qXo7p906XHetbBszMkDOdZU3GGqedMb1K6ld8pn3Uklov5JCQ1j
E0dc9z2/4gNc9LWPK4FEQTb8U7bitqFSbcDIcvy3LJUw5tqsAoV2kpW26Vx485zY
xPTm48ZShL0QgwkqWrTDUfnPxIP8r75drVS+0bjlWWMhY6JHNCuUz63kTXfO9VXW
ZTYtGQYrnPOEA62I3d4FHScFbTZwJSoOEmlRCbrsAYQN/47e7iig2MvAKpbI6odg
8J9f2VSSh7d/0w==
-----END CERTIFICATE-----
Generated at Tue Oct 21 05:18:23 2025 by rpki-client