Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft
File: XasLCOUfgYIkYp-zohHYPVvjVEA.mft (raw, json)
Hash identifier: AVNJGtbOu+hu4MfVvXPwjZLEDPhlIURSjzpu36s2x3k=
Subject key identifier: 24:5F:E3:79:0E:60:AD:BE:9F:23:34:48:E1:1A:56:54:75:C3:F0:FF
Authority key identifier: 5D:AB:0B:08:E5:1F:81:82:24:62:9F:B3:A2:11:D8:3D:5B:E3:54:40
Certificate issuer: /CN=5dab0b08e51f818224629fb3a211d83d5be35440
Certificate serial: 019A4E86626392A6C8F6EE74A4C7FAA6A5D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft
Manifest number: 151A
Signing time: Tue 04 Nov 2025 11:00:20 +0000
Manifest this update: Tue 04 Nov 2025 11:00:20 +0000
Manifest next update: Wed 05 Nov 2025 11:00:20 +0000
Files and hashes: 1: J3IfRy5hJG3sO5FFR3klCa0Rmag.roa (hash: y8cOLwfC28T1Q/CwomIs12ZpdB8agP1zP7ErrJL2HLM=)
2: XasLCOUfgYIkYp-zohHYPVvjVEA.crl (hash: Vzk7amP5Ma+Nu6GeFf17XU4fWTHXLZDF3vbIfZV0nhI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft
rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:86:62:63:92:a6:c8:f6:ee:74:a4:c7:fa:a6:a5:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dab0b08e51f818224629fb3a211d83d5be35440
Validity
Not Before: Nov 4 11:00:20 2025 GMT
Not After : Nov 5 11:00:20 2025 GMT
Subject: CN=245fe3790e60adbe9f233448e11a565475c3f0ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:ad:47:1b:d2:2a:41:6e:41:87:96:00:b0:8d:
a9:e6:56:64:c4:d2:b9:ea:d4:62:e5:84:c0:67:41:
01:90:05:d2:c0:c1:b4:5f:b7:86:bf:6d:57:24:94:
b4:ae:f8:e2:75:60:bf:f4:7e:8e:c0:4d:cb:49:51:
f5:77:28:44:e4:2a:5e:d7:9c:50:10:38:0c:40:31:
bf:a4:d2:29:be:4d:e2:3d:8b:88:eb:6d:31:80:10:
b5:f6:c1:ca:5b:05:b9:fa:e6:53:61:09:52:60:24:
12:2f:52:3e:c8:01:96:2c:b6:75:f0:7f:70:7f:a5:
06:d0:cc:60:9f:1f:df:e8:95:bb:b6:c8:2a:59:0e:
f9:af:29:be:0a:fd:71:eb:3e:71:b8:22:1a:75:10:
d7:ec:95:05:49:8b:98:e2:96:17:bc:12:c6:50:7a:
7d:83:8c:6d:a4:2a:8e:be:75:55:0c:81:14:23:75:
35:c7:25:12:24:d1:c5:d0:9b:6b:de:a3:08:bc:61:
40:c6:2f:40:a1:6c:d0:10:3c:36:59:49:4c:3e:8c:
fd:a3:a0:ba:33:9a:14:3e:77:4e:30:54:60:2d:a3:
78:80:92:49:35:c3:36:76:00:74:8f:c8:c0:e0:2c:
e1:8b:96:79:5f:c0:b1:64:3b:91:47:7d:27:3b:3f:
66:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:5F:E3:79:0E:60:AD:BE:9F:23:34:48:E1:1A:56:54:75:C3:F0:FF
X509v3 Authority Key Identifier:
keyid:5D:AB:0B:08:E5:1F:81:82:24:62:9F:B3:A2:11:D8:3D:5B:E3:54:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
59:5c:fe:58:a6:25:08:8a:11:b8:dd:41:33:f3:4b:8a:2e:55:
6b:19:7c:17:e5:a0:a5:b8:c8:a4:fa:c1:ae:69:0d:55:5b:f0:
c2:5d:3c:2c:85:d4:46:8e:73:89:a1:22:5f:8f:b0:8e:51:4d:
d2:f6:05:fb:eb:aa:df:cf:97:5a:cc:28:45:b1:65:c7:5b:67:
46:d6:15:7d:de:03:72:79:9f:82:f9:67:f1:bb:7f:0c:d8:79:
02:f9:cc:04:4e:84:1d:c4:b0:d6:ac:85:fd:df:61:c3:fc:b9:
58:dc:42:a0:a5:f5:b2:08:56:48:ca:a4:89:f2:67:25:13:a4:
45:44:a9:0a:04:e4:ad:3d:67:fa:b7:ba:e0:5d:75:12:e6:1d:
65:89:46:d1:a7:3b:83:26:1d:e3:f1:81:0c:66:5d:96:69:9c:
94:07:18:11:b1:54:d9:10:ec:7a:a0:c9:96:69:5e:91:1b:cb:
4f:dc:ae:d4:33:6e:d7:2c:7a:24:65:7b:be:18:ef:bf:f3:7d:
67:e2:e7:e9:bd:75:f5:47:2a:8d:c6:19:e4:dd:e3:6e:c6:22:
3f:cd:99:59:9e:b8:82:ed:2c:b9:67:9a:2b:80:b5:f0:f5:c6:
42:77:59:11:56:83:bc:e7:3b:8c:18:71:1f:cd:7f:a7:ba:54:
dc:ae:89:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOhmJjkqbI9u50pMf6pqXUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYWIwYjA4ZTUxZjgxODIyNDYyOWZiM2EyMTFkODNkNWJl
MzU0NDAwHhcNMjUxMTA0MTEwMDIwWhcNMjUxMTA1MTEwMDIwWjAzMTEwLwYDVQQD
EygyNDVmZTM3OTBlNjBhZGJlOWYyMzM0NDhlMTFhNTY1NDc1YzNmMGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0q1HG9IqQW5Bh5YAsI2p5lZkxNK5
6tRi5YTAZ0EBkAXSwMG0X7eGv21XJJS0rvjidWC/9H6OwE3LSVH1dyhE5Cpe15xQ
EDgMQDG/pNIpvk3iPYuI620xgBC19sHKWwW5+uZTYQlSYCQSL1I+yAGWLLZ18H9w
f6UG0Mxgnx/f6JW7tsgqWQ75rym+Cv1x6z5xuCIadRDX7JUFSYuY4pYXvBLGUHp9
g4xtpCqOvnVVDIEUI3U1xyUSJNHF0Jtr3qMIvGFAxi9AoWzQEDw2WUlMPoz9o6C6
M5oUPndOMFRgLaN4gJJJNcM2dgB0j8jA4Czhi5Z5X8CxZDuRR30nOz9mnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCRf43kOYK2+nyM0SOEaVlR1w/D/MB8GA1UdIwQY
MBaAFF2rCwjlH4GCJGKfs6IR2D1b41RAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9lNjIwODktYjk4YS00ZmRkLTljNGUt
NjI3ODkxODJhMGYzLzEvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9lNjIwODktYjk4YS00ZmRkLTljNGUtNjI3ODkxODJhMGYz
LzEvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWVz+WKYl
CIoRuN1BM/NLii5Vaxl8F+WgpbjIpPrBrmkNVVvwwl08LIXURo5ziaEiX4+wjlFN
0vYF++uq38+XWswoRbFlx1tnRtYVfd4Dcnmfgvln8bt/DNh5AvnMBE6EHcSw1qyF
/d9hw/y5WNxCoKX1sghWSMqkifJnJROkRUSpCgTkrT1n+re64F11EuYdZYlG0ac7
gyYd4/GBDGZdlmmclAcYEbFU2RDseqDJlmlekRvLT9yu1DNu1yx6JGV7vhjvv/N9
Z+Ln6b119UcqjcYZ5N3jbsYiP82ZWZ64gu0suWeaK4C18PXGQndZEVaDvOc7jBhx
H81/p7pU3K6JHg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:17:15 2025 by rpki-client