Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
File: XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft (raw, json)
Hash identifier: jswRY4u0tqd0G+2Zxz7+XUCS4wkoi8EP72wptSOLKjo=
Subject key identifier: 22:E9:EA:7B:BF:60:C0:69:4A:9E:DF:12:9F:FA:CE:CD:F8:AF:0B:F5
Authority key identifier: 5E:BB:65:36:7D:82:42:B0:15:9A:25:39:CB:5A:02:33:54:2E:F9:63
Certificate issuer: /CN=5ebb65367d8242b0159a2539cb5a0233542ef963
Certificate serial: 019A725C8B79B9A1E02F140718BB26E3F47A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
Manifest number: 07F4
Signing time: Tue 11 Nov 2025 10:00:58 +0000
Manifest this update: Tue 11 Nov 2025 10:00:58 +0000
Manifest next update: Wed 12 Nov 2025 10:00:58 +0000
Files and hashes: 1: XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl (hash: C9ATQVugzco4J+lSPJb8Htls55l6bbvr32DIV0HqXSo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:8b:79:b9:a1:e0:2f:14:07:18:bb:26:e3:f4:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ebb65367d8242b0159a2539cb5a0233542ef963
Validity
Not Before: Nov 11 10:00:58 2025 GMT
Not After : Nov 12 10:00:58 2025 GMT
Subject: CN=22e9ea7bbf60c0694a9edf129ffacecdf8af0bf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:74:d0:cb:c0:d7:7a:92:3f:03:48:45:72:c5:
73:f6:4a:89:fd:8f:cf:da:59:8d:85:ee:20:7c:0d:
bc:ec:06:18:35:5b:ff:19:27:40:58:6d:0f:c8:ac:
b2:99:6a:3b:48:f8:2b:f4:a1:a2:d2:a5:a5:5b:6a:
bc:71:de:e9:4b:58:00:96:45:79:ab:e8:e3:94:d4:
66:38:cb:5e:7c:0e:4b:7b:9c:0d:c4:a3:bf:08:2e:
ea:0e:a8:9a:37:88:ac:93:32:b1:5f:f9:e6:27:35:
49:6f:fb:5e:6d:b1:b6:96:8e:52:cc:73:dd:4d:88:
29:d5:b0:b9:ab:aa:10:3c:85:cf:b7:f5:8e:09:a4:
ac:83:4a:09:c6:e2:32:57:ba:e6:33:fb:29:38:6b:
e2:ee:20:59:3c:0c:6e:3c:6d:dd:f6:0b:c7:ab:99:
ff:d6:52:9a:b3:5b:6e:9e:bc:f7:c6:16:c2:32:48:
0c:4f:fa:af:eb:7a:44:91:c2:0b:bf:ee:e8:c6:dc:
8b:6c:25:06:a9:fb:2d:d3:ef:6e:2e:7d:94:ce:5d:
e0:07:9d:a9:84:25:1e:e8:ff:38:b2:85:e2:10:fb:
16:fc:97:3f:fb:3d:b9:78:4e:2c:1a:88:89:47:84:
82:01:d7:4b:03:71:70:50:59:4b:48:eb:46:ad:19:
65:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:E9:EA:7B:BF:60:C0:69:4A:9E:DF:12:9F:FA:CE:CD:F8:AF:0B:F5
X509v3 Authority Key Identifier:
keyid:5E:BB:65:36:7D:82:42:B0:15:9A:25:39:CB:5A:02:33:54:2E:F9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9c:d6:5c:c9:73:04:2b:3c:13:a4:56:ff:3c:28:3c:b1:79:bf:
8e:2b:00:4c:e3:71:9d:40:d6:ff:51:91:a3:5f:c8:60:8c:85:
95:b9:87:ef:41:75:78:6e:03:8d:ec:41:bf:94:32:43:6b:bf:
54:2a:37:4b:96:27:b8:e9:19:60:98:7a:8f:56:59:37:2d:2d:
7a:39:c5:5d:c2:dc:9c:af:4e:66:b5:d4:b9:21:9e:a4:07:bc:
e2:55:7d:d7:c9:1c:6d:3e:1e:6c:16:15:aa:6b:be:9f:72:90:
06:87:ab:7b:de:90:c4:08:86:a4:fe:fb:fe:07:28:75:e4:40:
fa:e0:fd:40:0c:4b:a4:51:7d:52:36:45:db:6f:2f:af:9f:4b:
1c:51:c0:fb:04:f7:47:80:16:8b:ca:28:9f:c0:09:fe:62:1f:
ce:7c:8a:48:e6:ae:08:a4:98:aa:91:ae:6f:e0:2d:d1:9b:20:
40:a0:3e:ff:45:c2:7d:0c:91:1a:9e:7c:13:d6:e7:e5:03:85:
64:34:53:42:2e:d5:e6:d6:1c:fc:df:e4:0c:05:2b:dc:e3:36:
69:71:e6:e2:1e:6a:17:18:c1:6a:d8:a3:8f:d0:1e:04:a9:af:
89:2f:67:70:ac:5b:31:85:2c:0b:8f:35:dc:30:d4:c8:92:90:
38:fc:6e:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXIt5uaHgLxQHGLsm4/R6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYmI2NTM2N2Q4MjQyYjAxNTlhMjUzOWNiNWEwMjMzNTQy
ZWY5NjMwHhcNMjUxMTExMTAwMDU4WhcNMjUxMTEyMTAwMDU4WjAzMTEwLwYDVQQD
EygyMmU5ZWE3YmJmNjBjMDY5NGE5ZWRmMTI5ZmZhY2VjZGY4YWYwYmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXTQy8DXepI/A0hFcsVz9kqJ/Y/P
2lmNhe4gfA287AYYNVv/GSdAWG0PyKyymWo7SPgr9KGi0qWlW2q8cd7pS1gAlkV5
q+jjlNRmOMtefA5Le5wNxKO/CC7qDqiaN4iskzKxX/nmJzVJb/tebbG2lo5SzHPd
TYgp1bC5q6oQPIXPt/WOCaSsg0oJxuIyV7rmM/spOGvi7iBZPAxuPG3d9gvHq5n/
1lKas1tunrz3xhbCMkgMT/qv63pEkcILv+7oxtyLbCUGqfst0+9uLn2Uzl3gB52p
hCUe6P84soXiEPsW/Jc/+z25eE4sGoiJR4SCAddLA3FwUFlLSOtGrRllyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCLp6nu/YMBpSp7fEp/6zs34rwv1MB8GA1UdIwQY
MBaAFF67ZTZ9gkKwFZolOctaAjNULvljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy81NDMwZDYtZWRjMC00NDI4LWIyNGEt
MzAwZjVjYWJlZTExLzEvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy81NDMwZDYtZWRjMC00NDI4LWIyNGEtMzAwZjVjYWJlZTEx
LzEvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnNZcyXME
KzwTpFb/PCg8sXm/jisATONxnUDW/1GRo1/IYIyFlbmH70F1eG4DjexBv5QyQ2u/
VCo3S5YnuOkZYJh6j1ZZNy0tejnFXcLcnK9OZrXUuSGepAe84lV918kcbT4ebBYV
qmu+n3KQBoere96QxAiGpP77/gcodeRA+uD9QAxLpFF9UjZF228vr59LHFHA+wT3
R4AWi8oon8AJ/mIfznyKSOauCKSYqpGub+At0ZsgQKA+/0XCfQyRGp58E9bn5QOF
ZDRTQi7V5tYc/N/kDAUr3OM2aXHm4h5qFxjBatijj9AeBKmviS9ncKxbMYUsC481
3DDUyJKQOPxumA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:59:55 2025 by rpki-client