Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft
File: XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft (raw, json)
Hash identifier: 2H7iZECdTzqj9fXITef+ya8vdZWtwz08hwf/nYQR/io=
Subject key identifier: A1:38:15:F9:49:BD:B0:02:8D:11:85:C2:86:8C:A8:8D:DF:21:9A:D6
Authority key identifier: 5E:D6:77:2B:90:21:2E:57:72:49:F7:35:6C:21:8E:D1:06:8B:67:76
Certificate issuer: /CN=5ed6772b90212e577249f7356c218ed1068b6776
Certificate serial: 019A71B9351CA7D4828D2E09EE2B7F74EE36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft
Manifest number: 171D
Signing time: Tue 11 Nov 2025 07:02:34 +0000
Manifest this update: Tue 11 Nov 2025 07:02:34 +0000
Manifest next update: Wed 12 Nov 2025 07:02:34 +0000
Files and hashes: 1: XtZ3K5AhLldySfc1bCGO0QaLZ3Y.crl (hash: lgpHzjzSQA934R3V/e5dfLF2MDXxiwf04bBH7qSfjWc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b9:35:1c:a7:d4:82:8d:2e:09:ee:2b:7f:74:ee:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ed6772b90212e577249f7356c218ed1068b6776
Validity
Not Before: Nov 11 07:02:34 2025 GMT
Not After : Nov 12 07:02:34 2025 GMT
Subject: CN=a13815f949bdb0028d1185c2868ca88ddf219ad6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:72:af:c1:69:f7:8d:97:b9:13:ce:e7:11:35:
a8:28:17:8d:da:ac:fd:cf:29:84:f3:f1:7b:47:87:
1b:b7:4e:12:87:8c:31:06:ea:41:f5:a2:87:4c:8a:
e6:53:cc:9a:aa:ce:61:db:a1:5b:3c:55:a0:80:73:
f4:ee:cc:67:d5:6c:90:70:7d:f5:cd:db:8b:5d:a1:
37:9f:97:e5:14:da:0b:c2:6f:24:ea:c0:0b:94:d7:
34:ee:96:b8:68:d5:4d:3a:fa:5a:26:e5:f5:39:31:
35:10:32:6b:b1:89:39:bf:11:84:29:a8:ae:c0:b0:
76:70:68:85:92:f4:84:3c:c6:8c:ef:bb:6b:d7:a1:
3e:79:34:7a:f2:42:95:5b:87:38:e4:7a:43:55:31:
c3:28:d7:d6:dc:b8:c7:41:01:dd:57:12:a7:13:e3:
59:b5:e3:97:9e:ab:27:da:b5:63:00:f2:df:74:ff:
59:fc:1a:b2:77:56:fa:3b:d0:9c:dc:c2:59:6a:ce:
f8:5a:8c:ac:f2:e6:d4:d4:21:35:2b:03:c4:08:7f:
2b:10:48:2a:9c:c1:7e:df:b9:c0:55:29:5b:ce:bf:
93:09:7b:dd:02:83:b2:79:6d:45:72:1d:80:59:96:
1d:4f:11:f4:70:fc:45:d3:9c:11:ce:d2:66:0f:a1:
5d:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:38:15:F9:49:BD:B0:02:8D:11:85:C2:86:8C:A8:8D:DF:21:9A:D6
X509v3 Authority Key Identifier:
keyid:5E:D6:77:2B:90:21:2E:57:72:49:F7:35:6C:21:8E:D1:06:8B:67:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
43:4c:e0:c8:8b:0a:ac:a5:24:40:47:22:17:bf:04:69:78:ce:
5c:17:ae:9a:87:47:7a:33:4e:4e:aa:3d:ed:1f:7c:45:fc:24:
6f:fd:6f:e8:93:8d:77:e1:d3:96:e0:5b:e4:65:48:f3:86:71:
96:91:fc:1a:96:fd:27:de:28:10:85:98:b4:3c:b5:f9:43:90:
82:81:72:47:4a:62:db:06:c1:15:07:7d:5d:2c:f6:3e:dc:23:
34:68:0e:05:84:d7:a3:7c:ce:dd:d5:52:bc:4e:56:bb:3a:3e:
8b:19:e4:a9:c5:e5:ad:79:15:27:c0:84:c1:4e:a7:cf:25:ed:
78:67:7e:39:46:80:6d:bd:00:cc:b1:33:24:b9:ca:01:c3:70:
ac:e7:0d:38:e2:8f:19:46:e0:cf:0b:aa:41:0c:ba:57:b1:d3:
8e:aa:60:85:cf:52:33:b4:7e:bd:2f:4b:a3:a7:93:41:d3:f6:
fb:19:31:5a:4c:ff:3c:e6:4a:e1:2f:f1:11:f2:d4:3e:1d:4b:
a2:2d:26:6c:15:e3:93:82:79:e5:f9:a4:70:bf:78:7f:94:3e:
22:cd:be:fb:28:78:8d:de:dc:a0:4b:69:0d:22:85:a4:6f:69:
83:95:20:df:67:43:d7:db:61:b5:10:dc:c9:7e:4f:9c:a1:96:
0f:55:31:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuTUcp9SCjS4J7it/dO42MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZDY3NzJiOTAyMTJlNTc3MjQ5ZjczNTZjMjE4ZWQxMDY4
YjY3NzYwHhcNMjUxMTExMDcwMjM0WhcNMjUxMTEyMDcwMjM0WjAzMTEwLwYDVQQD
EyhhMTM4MTVmOTQ5YmRiMDAyOGQxMTg1YzI4NjhjYTg4ZGRmMjE5YWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5HKvwWn3jZe5E87nETWoKBeN2qz9
zymE8/F7R4cbt04Sh4wxBupB9aKHTIrmU8yaqs5h26FbPFWggHP07sxn1WyQcH31
zduLXaE3n5flFNoLwm8k6sALlNc07pa4aNVNOvpaJuX1OTE1EDJrsYk5vxGEKaiu
wLB2cGiFkvSEPMaM77tr16E+eTR68kKVW4c45HpDVTHDKNfW3LjHQQHdVxKnE+NZ
teOXnqsn2rVjAPLfdP9Z/Bqyd1b6O9Cc3MJZas74Woys8ubU1CE1KwPECH8rEEgq
nMF+37nAVSlbzr+TCXvdAoOyeW1Fch2AWZYdTxH0cPxF05wRztJmD6FdmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKE4FflJvbACjRGFwoaMqI3fIZrWMB8GA1UdIwQY
MBaAFF7WdyuQIS5Xckn3NWwhjtEGi2d2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHRaM0s1QWhMbGR5U2ZjMWJDR08wUWFMWjNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mNWVlNzYtZWVhZS00MzZjLTg4NDMt
ODYyMTA2ODUzODYwLzEvWHRaM0s1QWhMbGR5U2ZjMWJDR08wUWFMWjNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mNWVlNzYtZWVhZS00MzZjLTg4NDMtODYyMTA2ODUzODYw
LzEvWHRaM0s1QWhMbGR5U2ZjMWJDR08wUWFMWjNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ0zgyIsK
rKUkQEciF78EaXjOXBeumodHejNOTqo97R98Rfwkb/1v6JONd+HTluBb5GVI84Zx
lpH8Gpb9J94oEIWYtDy1+UOQgoFyR0pi2wbBFQd9XSz2PtwjNGgOBYTXo3zO3dVS
vE5Wuzo+ixnkqcXlrXkVJ8CEwU6nzyXteGd+OUaAbb0AzLEzJLnKAcNwrOcNOOKP
GUbgzwuqQQy6V7HTjqpghc9SM7R+vS9Lo6eTQdP2+xkxWkz/POZK4S/xEfLUPh1L
oi0mbBXjk4J55fmkcL94f5Q+Is2++yh4jd7coEtpDSKFpG9pg5Ug32dD19thtRDc
yX5PnKGWD1UxgQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:48:51 2025 by rpki-client