
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
File: XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft (raw, json)
Hash identifier: cQ9TOkfTGFciFFcnXZPQ6iDOBZ3OCMiBI6staoJFudk=
Subject key identifier: 0D:47:7D:BB:CD:E3:B8:EB:67:71:BF:26:A0:F6:9A:DB:A5:50:2F:59
Authority key identifier: 5E:BB:65:36:7D:82:42:B0:15:9A:25:39:CB:5A:02:33:54:2E:F9:63
Certificate issuer: /CN=5ebb65367d8242b0159a2539cb5a0233542ef963
Certificate serial: 0199FC8F8128819B103768A0366BCFC3610E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
Manifest number: 07B7
Signing time: Sun 19 Oct 2025 13:01:27 +0000
Manifest this update: Sun 19 Oct 2025 13:01:27 +0000
Manifest next update: Mon 20 Oct 2025 13:01:27 +0000
Files and hashes: 1: XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl (hash: gQaEXmtHbsQPJUu3HCrLqz2PbQjXpir1zhcOeISuKUA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:8f:81:28:81:9b:10:37:68:a0:36:6b:cf:c3:61:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ebb65367d8242b0159a2539cb5a0233542ef963
Validity
Not Before: Oct 19 13:01:27 2025 GMT
Not After : Oct 20 13:01:27 2025 GMT
Subject: CN=0d477dbbcde3b8eb6771bf26a0f69adba5502f59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:4f:bb:2a:16:e0:12:bb:ac:75:e9:d6:8e:b4:
a9:34:0f:fc:81:e6:2f:0a:66:c6:5e:19:64:4b:b1:
44:2e:56:ae:9e:b5:d5:23:f6:da:92:88:4a:1c:ca:
3d:98:cc:9b:86:2d:7d:dc:36:e0:0a:3d:4a:c7:57:
14:af:99:25:31:8b:62:3e:07:2c:38:db:a8:ff:5d:
4a:5c:4b:d0:f9:00:84:b9:0f:f2:0b:7a:6a:3c:20:
a8:8f:70:dd:c7:0f:7a:1f:8a:c9:0b:d9:eb:6a:57:
a2:8d:8f:c7:57:b4:3a:2f:af:0e:9d:e0:9c:cb:e2:
52:6d:04:00:3f:46:7b:b4:79:89:69:4c:ac:6c:83:
96:55:56:0b:25:7b:ab:92:a3:ce:8c:9c:39:a0:89:
86:2f:e4:33:43:6d:d0:7c:76:3f:9f:b2:ee:1e:89:
5e:72:f1:0d:e0:d3:5e:5f:be:25:44:0b:2c:7e:db:
75:94:18:32:c2:5b:f2:9f:60:3f:eb:82:f8:7f:e5:
53:8a:4a:67:2d:6b:ed:75:ad:19:b8:dd:99:a4:42:
f6:80:98:91:4f:8d:26:d8:fe:a4:2b:d4:12:27:36:
0f:46:5f:f5:5d:18:b0:4f:01:e8:07:84:69:92:09:
a7:e2:e4:f3:f9:40:b4:fc:f2:11:5b:0f:78:00:5a:
fa:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:47:7D:BB:CD:E3:B8:EB:67:71:BF:26:A0:F6:9A:DB:A5:50:2F:59
X509v3 Authority Key Identifier:
keyid:5E:BB:65:36:7D:82:42:B0:15:9A:25:39:CB:5A:02:33:54:2E:F9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
94:d5:6e:91:a8:ab:ab:f1:55:a3:2b:c0:c0:8a:d0:f9:32:3c:
84:5c:df:be:a0:43:ee:d8:9b:b7:c4:09:32:a9:8e:84:3d:cf:
b4:43:0d:7b:09:de:7f:89:51:8a:ae:2c:d4:a2:56:5d:99:7c:
5e:f9:e8:9b:05:83:1a:be:2e:a3:a3:1f:51:20:cc:88:ad:f1:
93:48:e1:b5:3b:77:47:58:96:be:21:cf:42:57:4f:af:b6:d8:
6c:cc:a7:b7:a0:e6:30:dd:b1:68:a6:44:9f:47:54:f3:36:0f:
0c:56:6a:0d:0f:1a:6c:5b:42:ac:1f:46:45:47:42:04:44:0f:
9e:bd:0a:38:18:35:b4:b3:5c:79:af:4e:66:37:d9:ea:fa:8a:
58:7d:7b:bf:ae:89:7e:7c:4a:b7:6e:59:d3:8d:ca:ee:8f:66:
cb:89:9b:3a:b8:f6:c2:8f:e2:66:69:11:29:96:4e:df:62:95:
c7:00:71:64:6a:b2:05:c0:43:09:86:27:44:cd:29:c7:37:5e:
d7:2e:a2:c6:d0:47:91:9a:e7:06:26:06:c1:ef:dd:2e:29:84:
3c:08:d6:0d:8c:f9:78:7e:4a:f2:b9:2e:5d:3e:a8:62:d9:87:
dd:ee:84:59:45:c5:66:b1:9e:69:30:9c:f6:62:dd:13:98:c5:
63:6c:91:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j4EogZsQN2igNmvPw2EOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYmI2NTM2N2Q4MjQyYjAxNTlhMjUzOWNiNWEwMjMzNTQy
ZWY5NjMwHhcNMjUxMDE5MTMwMTI3WhcNMjUxMDIwMTMwMTI3WjAzMTEwLwYDVQQD
EygwZDQ3N2RiYmNkZTNiOGViNjc3MWJmMjZhMGY2OWFkYmE1NTAyZjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzE+7KhbgErusdenWjrSpNA/8geYv
CmbGXhlkS7FELlaunrXVI/bakohKHMo9mMybhi193DbgCj1Kx1cUr5klMYtiPgcs
ONuo/11KXEvQ+QCEuQ/yC3pqPCCoj3Ddxw96H4rJC9nraleijY/HV7Q6L68OneCc
y+JSbQQAP0Z7tHmJaUysbIOWVVYLJXurkqPOjJw5oImGL+QzQ23QfHY/n7LuHole
cvEN4NNeX74lRAssftt1lBgywlvyn2A/64L4f+VTikpnLWvtda0ZuN2ZpEL2gJiR
T40m2P6kK9QSJzYPRl/1XRiwTwHoB4Rpkgmn4uTz+UC0/PIRWw94AFr6hwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA1HfbvN47jrZ3G/JqD2mtulUC9ZMB8GA1UdIwQY
MBaAFF67ZTZ9gkKwFZolOctaAjNULvljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy81NDMwZDYtZWRjMC00NDI4LWIyNGEt
MzAwZjVjYWJlZTExLzEvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy81NDMwZDYtZWRjMC00NDI4LWIyNGEtMzAwZjVjYWJlZTEx
LzEvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlNVukair
q/FVoyvAwIrQ+TI8hFzfvqBD7tibt8QJMqmOhD3PtEMNewnef4lRiq4s1KJWXZl8
XvnomwWDGr4uo6MfUSDMiK3xk0jhtTt3R1iWviHPQldPr7bYbMynt6DmMN2xaKZE
n0dU8zYPDFZqDQ8abFtCrB9GRUdCBEQPnr0KOBg1tLNcea9OZjfZ6vqKWH17v66J
fnxKt25Z043K7o9my4mbOrj2wo/iZmkRKZZO32KVxwBxZGqyBcBDCYYnRM0pxzde
1y6ixtBHkZrnBiYGwe/dLimEPAjWDYz5eH5K8rkuXT6oYtmH3e6EWUXFZrGeaTCc
9mLdE5jFY2yRgw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:22:04 2025 by rpki-client