Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.mft
File: DXtk3YGIxSbrXrReqB6mqK-cWek.mft (raw, json)
Hash identifier: YUj4EEwgQophe0kPhjKso4tc2WZ+56aMrQU6lvJ+MAY=
Subject key identifier: 71:20:4B:20:E1:E4:02:E5:45:E3:37:54:09:96:73:8D:57:67:2B:32
Authority key identifier: 0D:7B:64:DD:81:88:C5:26:EB:5E:B4:5E:A8:1E:A6:A8:AF:9C:59:E9
Certificate issuer: /CN=0d7b64dd8188c526eb5eb45ea81ea6a8af9c59e9
Certificate serial: 0199221F1D6E57F34BFBB75949B26226CF73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXtk3YGIxSbrXrReqB6mqK-cWek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.mft
Manifest number: 02F7
Signing time: Sun 07 Sep 2025 03:01:28 +0000
Manifest this update: Sun 07 Sep 2025 03:01:28 +0000
Manifest next update: Mon 08 Sep 2025 03:01:28 +0000
Files and hashes: 1: DXtk3YGIxSbrXrReqB6mqK-cWek.crl (hash: KjfQL1moGF74MfYdVtRayGMeMNgfbQsK+Jd70qpyALE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.mft
rsync://rpki.ripe.net/repository/DEFAULT/DXtk3YGIxSbrXrReqB6mqK-cWek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 03:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:1f:1d:6e:57:f3:4b:fb:b7:59:49:b2:62:26:cf:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7b64dd8188c526eb5eb45ea81ea6a8af9c59e9
Validity
Not Before: Sep 7 03:01:28 2025 GMT
Not After : Sep 8 03:01:28 2025 GMT
Subject: CN=71204b20e1e402e545e337540996738d57672b32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:80:b9:ff:e2:ac:d8:f2:77:a4:e0:d7:3a:40:
d1:e0:ee:04:51:a0:35:a4:e0:c7:f1:47:b3:85:fd:
38:dd:11:d7:dd:9e:3c:4c:44:4a:fc:31:b4:5d:94:
8b:7d:4a:a7:8a:7d:cb:71:1c:73:d5:a9:d5:9b:95:
e0:4b:0a:5f:3e:60:a6:1a:1c:15:86:a0:3e:9a:19:
9b:fa:c2:ba:d9:f5:dc:29:7d:24:7e:c4:49:7b:65:
af:c7:df:10:f9:43:9d:0c:f0:85:35:89:e6:e1:d3:
41:84:c3:ce:78:e4:f6:d7:a2:1a:35:a1:36:e6:a8:
da:f8:49:70:77:d9:6f:07:09:50:ad:bb:4e:68:5b:
3f:b3:fe:2d:d4:06:6c:2f:63:a9:85:df:8b:bc:da:
cb:98:81:3a:50:e6:33:27:3c:64:14:48:89:f4:4e:
73:0d:9a:7c:7a:17:6b:2b:ae:92:8f:89:6e:d3:7a:
f8:2c:b1:f1:a1:19:08:9f:bb:4e:8a:01:13:b5:96:
68:05:37:20:ba:a1:59:2c:90:74:67:1e:13:82:7f:
8f:de:7a:4e:07:c0:10:26:49:ad:c4:42:10:15:26:
f5:13:3a:69:f2:47:d9:d1:df:41:cc:5d:de:f2:49:
4e:f1:44:1d:cd:df:89:e5:82:b2:f1:1e:b5:e6:5f:
d4:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:20:4B:20:E1:E4:02:E5:45:E3:37:54:09:96:73:8D:57:67:2B:32
X509v3 Authority Key Identifier:
keyid:0D:7B:64:DD:81:88:C5:26:EB:5E:B4:5E:A8:1E:A6:A8:AF:9C:59:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXtk3YGIxSbrXrReqB6mqK-cWek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
47:16:fe:61:b5:db:db:d9:85:fd:cc:41:11:bd:14:b9:41:ae:
ec:74:89:1c:51:a3:7b:4c:3e:49:0d:7b:ae:7c:cc:c2:42:fc:
21:27:5f:1c:77:cf:75:2d:54:13:05:0a:ca:88:fe:cb:49:17:
cb:39:83:3b:01:24:88:70:3e:1c:22:44:16:06:d7:36:8e:f4:
76:73:95:a8:dd:00:4a:12:d6:3c:42:fd:fc:d2:b3:27:11:b0:
33:91:a2:31:1e:b6:4c:90:ed:89:48:16:de:88:f8:d5:21:7f:
bc:81:50:e3:6d:2b:67:e2:9e:79:59:8c:88:30:5a:36:b5:f3:
1c:41:53:fc:79:df:dd:35:09:bc:0b:42:b2:dc:b9:62:9f:6c:
03:de:85:29:86:f9:e7:54:5a:02:78:63:3b:e6:35:a0:ab:54:
29:04:d9:3d:d7:71:7c:95:e0:ec:85:fa:e2:d9:99:e8:be:50:
9e:76:31:1e:5e:db:c0:70:8e:24:73:9c:3e:4b:64:a8:6d:f1:
6a:7c:90:53:10:4e:ee:85:ed:a7:6f:e2:bb:ea:cd:cf:99:35:
7f:21:38:47:ea:31:c5:d7:09:bb:77:73:3c:0f:9c:b3:47:16:
2f:d3:c9:00:d4:0a:6f:4a:ed:f3:3d:b6:79:c2:75:1a:65:c7:
f5:77:f3:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHx1uV/NL+7dZSbJiJs9zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkN2I2NGRkODE4OGM1MjZlYjVlYjQ1ZWE4MWVhNmE4YWY5
YzU5ZTkwHhcNMjUwOTA3MDMwMTI4WhcNMjUwOTA4MDMwMTI4WjAzMTEwLwYDVQQD
Eyg3MTIwNGIyMGUxZTQwMmU1NDVlMzM3NTQwOTk2NzM4ZDU3NjcyYjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4C5/+Ks2PJ3pODXOkDR4O4EUaA1
pODH8Uezhf043RHX3Z48TERK/DG0XZSLfUqnin3LcRxz1anVm5XgSwpfPmCmGhwV
hqA+mhmb+sK62fXcKX0kfsRJe2Wvx98Q+UOdDPCFNYnm4dNBhMPOeOT216IaNaE2
5qja+Elwd9lvBwlQrbtOaFs/s/4t1AZsL2Ophd+LvNrLmIE6UOYzJzxkFEiJ9E5z
DZp8ehdrK66Sj4lu03r4LLHxoRkIn7tOigETtZZoBTcguqFZLJB0Zx4Tgn+P3npO
B8AQJkmtxEIQFSb1Ezpp8kfZ0d9BzF3e8klO8UQdzd+J5YKy8R615l/UxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHEgSyDh5ALlReM3VAmWc41XZysyMB8GA1UdIwQY
MBaAFA17ZN2BiMUm6160XqgepqivnFnpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFh0azNZR0l4U2JyWHJSZXFCNm1xSy1jV2VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9iYzkxZDItZTIwOS00YTFkLTlmNzgt
MzNkMzEyOTNmMGUxLzEvRFh0azNZR0l4U2JyWHJSZXFCNm1xSy1jV2VrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9iYzkxZDItZTIwOS00YTFkLTlmNzgtMzNkMzEyOTNmMGUx
LzEvRFh0azNZR0l4U2JyWHJSZXFCNm1xSy1jV2VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARxb+YbXb
29mF/cxBEb0UuUGu7HSJHFGje0w+SQ17rnzMwkL8ISdfHHfPdS1UEwUKyoj+y0kX
yzmDOwEkiHA+HCJEFgbXNo70dnOVqN0AShLWPEL9/NKzJxGwM5GiMR62TJDtiUgW
3oj41SF/vIFQ420rZ+KeeVmMiDBaNrXzHEFT/Hnf3TUJvAtCsty5Yp9sA96FKYb5
51RaAnhjO+Y1oKtUKQTZPddxfJXg7IX64tmZ6L5QnnYxHl7bwHCOJHOcPktkqG3x
anyQUxBO7oXtp2/iu+rNz5k1fyE4R+oxxdcJu3dzPA+cs0cWL9PJANQKb0rt8z22
ecJ1GmXH9Xfz9Q==
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:20:24 2025 by rpki-client