Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
File: XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft (raw, json)
Hash identifier: xFzQMO+kSJnycD+YSDJQT0KO4EYF/nLSRHbsO/APih0=
Subject key identifier: 71:8C:58:84:A3:B6:52:7A:7A:8D:A0:B6:33:39:6C:B3:E6:95:86:F3
Authority key identifier: 5E:BB:65:36:7D:82:42:B0:15:9A:25:39:CB:5A:02:33:54:2E:F9:63
Certificate issuer: /CN=5ebb65367d8242b0159a2539cb5a0233542ef963
Certificate serial: 0197B933B9EB99E2D8AF24CEE7EA219ED045
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
Manifest number: 068B
Signing time: Sun 29 Jun 2025 01:01:04 +0000
Manifest this update: Sun 29 Jun 2025 01:01:04 +0000
Manifest next update: Mon 30 Jun 2025 01:01:04 +0000
Files and hashes: 1: XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl (hash: YIdlwjQe9mdvg9b9nnzk50Rj6hds+s0YwC7bTv9zjbY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b9:33:b9:eb:99:e2:d8:af:24:ce:e7:ea:21:9e:d0:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ebb65367d8242b0159a2539cb5a0233542ef963
Validity
Not Before: Jun 29 01:01:04 2025 GMT
Not After : Jun 30 01:01:04 2025 GMT
Subject: CN=718c5884a3b6527a7a8da0b633396cb3e69586f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:58:20:25:d8:07:9f:8d:71:55:25:f9:35:3f:
5b:e2:13:ab:53:c2:86:3b:a4:5b:75:e7:9e:7a:2c:
35:14:08:d0:6e:0a:d3:c9:a8:1b:ae:3a:cf:06:44:
b1:96:b9:24:61:7e:f7:0d:9e:a9:1a:6b:b1:56:76:
10:51:6b:a9:a0:23:a1:3a:53:8f:58:ba:6f:bc:3b:
66:22:a6:30:21:69:c1:8d:df:02:df:2c:65:59:8b:
82:e4:fb:88:65:bc:ab:ed:0c:02:1c:28:57:43:c9:
50:3b:96:c7:28:d3:48:10:b7:7f:e1:ea:6b:c3:8e:
03:74:a1:06:8a:d1:1a:36:ec:8f:1a:fd:9d:7e:70:
3b:31:9e:78:bf:75:28:85:93:3e:63:61:ec:ee:c4:
e3:0d:26:a3:63:9b:0f:8a:02:7b:f0:50:90:06:61:
68:f0:af:69:0d:bc:00:fe:2c:d8:c5:00:c2:8f:73:
bb:bb:fb:3b:54:ef:78:e2:0c:52:7b:2c:6c:1c:38:
45:22:2b:cd:f0:88:b6:8d:d4:11:70:41:c7:25:94:
34:19:06:61:69:4e:74:e9:ba:4a:6f:00:ac:d3:fa:
cc:d4:24:c0:ed:dc:7f:e0:0d:89:5c:76:e9:59:ba:
19:00:2b:3b:8a:07:40:74:cf:20:55:6c:a2:d8:cf:
59:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:8C:58:84:A3:B6:52:7A:7A:8D:A0:B6:33:39:6C:B3:E6:95:86:F3
X509v3 Authority Key Identifier:
keyid:5E:BB:65:36:7D:82:42:B0:15:9A:25:39:CB:5A:02:33:54:2E:F9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ae:fa:19:b3:c3:35:2b:27:81:63:9a:2a:9f:5f:ca:cc:c5:5a:
15:24:61:e3:f7:6e:0a:3c:dd:91:65:d5:68:03:32:c4:b5:63:
36:7d:a8:c2:d2:e4:df:18:61:33:eb:a3:2a:6e:9b:e5:c5:85:
76:2a:97:70:c5:94:04:c6:f2:88:25:71:f2:60:5c:2d:7d:09:
89:6e:4f:6d:cc:5f:41:8c:7c:cd:01:78:42:0e:c9:2e:00:a6:
e4:1d:1d:aa:d1:7c:30:be:fb:83:01:fa:7d:44:ac:51:1e:dc:
cf:14:35:16:45:e7:83:e4:c6:70:66:1f:11:94:28:0d:d4:80:
4e:81:99:e1:c2:6f:25:b1:c4:7a:13:ae:46:2a:45:d1:d3:b2:
80:68:b2:77:45:c2:ff:5e:b9:bc:92:c8:99:06:4d:86:bc:91:
b9:ac:7a:c6:54:2a:2e:da:05:ce:ca:af:b0:f4:18:06:32:e5:
09:17:a5:03:14:db:d6:10:6d:bf:af:cf:91:b2:ba:c2:e4:ad:
b1:23:49:ef:c6:eb:14:bc:69:76:fd:f5:08:f2:cb:d6:4e:0c:
e3:9e:4b:b9:72:44:a6:81:12:ac:e0:67:e0:15:ad:6d:92:ab:
8c:9e:a9:3e:3c:29:0c:8e:a7:d4:94:93:18:15:c7:37:92:59:
dd:19:41:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe5M7nrmeLYryTO5+ohntBFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYmI2NTM2N2Q4MjQyYjAxNTlhMjUzOWNiNWEwMjMzNTQy
ZWY5NjMwHhcNMjUwNjI5MDEwMTA0WhcNMjUwNjMwMDEwMTA0WjAzMTEwLwYDVQQD
Eyg3MThjNTg4NGEzYjY1MjdhN2E4ZGEwYjYzMzM5NmNiM2U2OTU4NmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0lggJdgHn41xVSX5NT9b4hOrU8KG
O6Rbdeeeeiw1FAjQbgrTyagbrjrPBkSxlrkkYX73DZ6pGmuxVnYQUWupoCOhOlOP
WLpvvDtmIqYwIWnBjd8C3yxlWYuC5PuIZbyr7QwCHChXQ8lQO5bHKNNIELd/4epr
w44DdKEGitEaNuyPGv2dfnA7MZ54v3UohZM+Y2Hs7sTjDSajY5sPigJ78FCQBmFo
8K9pDbwA/izYxQDCj3O7u/s7VO944gxSeyxsHDhFIivN8Ii2jdQRcEHHJZQ0GQZh
aU506bpKbwCs0/rM1CTA7dx/4A2JXHbpWboZACs7igdAdM8gVWyi2M9ZNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHGMWISjtlJ6eo2gtjM5bLPmlYbzMB8GA1UdIwQY
MBaAFF67ZTZ9gkKwFZolOctaAjNULvljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy81NDMwZDYtZWRjMC00NDI4LWIyNGEt
MzAwZjVjYWJlZTExLzEvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy81NDMwZDYtZWRjMC00NDI4LWIyNGEtMzAwZjVjYWJlZTEx
LzEvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArvoZs8M1
KyeBY5oqn1/KzMVaFSRh4/duCjzdkWXVaAMyxLVjNn2owtLk3xhhM+ujKm6b5cWF
diqXcMWUBMbyiCVx8mBcLX0JiW5PbcxfQYx8zQF4Qg7JLgCm5B0dqtF8ML77gwH6
fUSsUR7czxQ1FkXng+TGcGYfEZQoDdSAToGZ4cJvJbHEehOuRipF0dOygGiyd0XC
/165vJLImQZNhryRuax6xlQqLtoFzsqvsPQYBjLlCRelAxTb1hBtv6/PkbK6wuSt
sSNJ78brFLxpdv31CPLL1k4M455LuXJEpoESrOBn4BWtbZKrjJ6pPjwpDI6n1JST
GBXHN5JZ3RlBCQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:21:16 2025 by rpki-client