Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft
File: XasLCOUfgYIkYp-zohHYPVvjVEA.mft (raw, json)
Hash identifier: mXM3VmF6iWoZZXEDRwl93q5/T2PuGNmeV9zbFgkY4d8=
Subject key identifier: 65:1C:C3:9D:3C:7C:21:F8:9E:AF:73:7F:C9:88:0C:9A:93:2C:05:3E
Authority key identifier: 5D:AB:0B:08:E5:1F:81:82:24:62:9F:B3:A2:11:D8:3D:5B:E3:54:40
Certificate issuer: /CN=5dab0b08e51f818224629fb3a211d83d5be35440
Certificate serial: 01987B2E14FA7CA23C96A424CEF0B82F2779
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft
Manifest number: 1428
Signing time: Tue 05 Aug 2025 17:01:13 +0000
Manifest this update: Tue 05 Aug 2025 17:01:13 +0000
Manifest next update: Wed 06 Aug 2025 17:01:13 +0000
Files and hashes: 1: J3IfRy5hJG3sO5FFR3klCa0Rmag.roa (hash: y8cOLwfC28T1Q/CwomIs12ZpdB8agP1zP7ErrJL2HLM=)
2: XasLCOUfgYIkYp-zohHYPVvjVEA.crl (hash: pfA35h0XUabeAGlaJAyIgGwFUikHs5galC5fIEYgfKo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft
rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 17:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:7b:2e:14:fa:7c:a2:3c:96:a4:24:ce:f0:b8:2f:27:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dab0b08e51f818224629fb3a211d83d5be35440
Validity
Not Before: Aug 5 17:01:13 2025 GMT
Not After : Aug 6 17:01:13 2025 GMT
Subject: CN=651cc39d3c7c21f89eaf737fc9880c9a932c053e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:7a:20:51:35:da:88:94:16:e5:fa:3f:c7:e1:
ef:75:d3:08:5b:1b:5e:c1:df:05:36:bf:fd:d1:b8:
b4:f3:f6:74:f6:4d:89:2c:dd:68:01:51:ad:bb:dc:
53:9e:66:b8:17:12:c0:d0:b3:b2:85:c7:a3:fe:1b:
87:4f:ee:ae:6f:b6:1b:f6:d5:9b:55:84:e5:1e:2d:
72:a1:68:d5:e8:33:8e:c8:f4:0e:15:7b:bf:0e:35:
37:5a:c0:40:56:19:e3:3c:88:f0:70:da:b5:6c:60:
86:4e:62:cb:00:6d:b2:91:82:26:f1:dd:84:18:92:
1d:7a:7b:47:1b:d8:1e:1f:39:d1:4c:42:3e:cd:31:
99:21:89:76:f0:06:30:b8:f2:a6:3b:e2:65:b8:0c:
a7:d5:ae:1e:94:63:1d:85:59:ef:64:f1:fa:35:28:
7b:de:63:65:4a:81:06:2e:31:74:48:d1:95:39:50:
b1:88:66:73:3b:64:9f:3e:dd:a3:5d:5c:24:30:a2:
52:54:aa:22:80:a0:0c:0c:dd:a6:cd:7a:aa:c2:c6:
29:af:18:11:5d:5f:ad:06:8f:47:03:f0:34:f4:13:
ae:a8:7f:27:98:d2:60:dd:69:89:52:d6:7b:df:d8:
c5:3c:d4:6f:f9:98:97:54:f4:0e:80:86:5c:21:55:
84:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:1C:C3:9D:3C:7C:21:F8:9E:AF:73:7F:C9:88:0C:9A:93:2C:05:3E
X509v3 Authority Key Identifier:
keyid:5D:AB:0B:08:E5:1F:81:82:24:62:9F:B3:A2:11:D8:3D:5B:E3:54:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2d:dd:0f:11:00:a8:dc:de:43:ab:2c:ec:bb:e9:6d:33:cc:0d:
e2:eb:26:07:c0:69:9a:33:39:f7:b0:74:f7:2a:67:73:dc:7e:
e9:31:6d:ff:f0:22:9e:14:0b:8a:a5:e1:27:b5:06:96:5c:58:
f9:88:ff:b4:6d:81:53:d5:27:10:d7:30:6e:5a:55:03:fe:e0:
5f:e7:25:08:35:19:72:77:46:11:b6:e6:5b:9d:6e:88:47:1e:
49:ef:ca:e4:9b:43:59:5c:10:34:2b:bd:51:7e:90:24:2c:5c:
3a:8d:11:48:fd:d3:b1:b7:76:f8:09:91:0b:73:50:b8:cf:97:
68:58:96:a6:18:da:87:25:84:48:12:0d:a4:a2:a4:5a:58:1b:
0c:89:02:d9:20:75:ba:05:ef:80:46:59:77:21:72:4a:70:bd:
2b:17:69:5a:59:44:cd:ee:d8:c1:5f:10:aa:0e:a0:bd:18:8d:
53:6c:8b:a2:c0:66:96:9f:22:f2:1f:d9:a5:31:d2:6e:02:5c:
e4:34:d9:ea:6b:f5:ee:0f:e0:09:f7:d0:b2:fa:92:67:ca:9d:
99:ea:c7:36:dd:83:27:3f:b3:f8:12:99:f8:57:ff:80:bd:53:
01:cc:43:e9:1d:2e:04:97:fb:34:68:51:72:30:5a:76:55:37:
3f:3f:92:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh7LhT6fKI8lqQkzvC4Lyd5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYWIwYjA4ZTUxZjgxODIyNDYyOWZiM2EyMTFkODNkNWJl
MzU0NDAwHhcNMjUwODA1MTcwMTEzWhcNMjUwODA2MTcwMTEzWjAzMTEwLwYDVQQD
Eyg2NTFjYzM5ZDNjN2MyMWY4OWVhZjczN2ZjOTg4MGM5YTkzMmMwNTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHogUTXaiJQW5fo/x+HvddMIWxte
wd8FNr/90bi08/Z09k2JLN1oAVGtu9xTnma4FxLA0LOyhcej/huHT+6ub7Yb9tWb
VYTlHi1yoWjV6DOOyPQOFXu/DjU3WsBAVhnjPIjwcNq1bGCGTmLLAG2ykYIm8d2E
GJIdentHG9geHznRTEI+zTGZIYl28AYwuPKmO+JluAyn1a4elGMdhVnvZPH6NSh7
3mNlSoEGLjF0SNGVOVCxiGZzO2SfPt2jXVwkMKJSVKoigKAMDN2mzXqqwsYprxgR
XV+tBo9HA/A09BOuqH8nmNJg3WmJUtZ739jFPNRv+ZiXVPQOgIZcIVWE+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGUcw508fCH4nq9zf8mIDJqTLAU+MB8GA1UdIwQY
MBaAFF2rCwjlH4GCJGKfs6IR2D1b41RAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9lNjIwODktYjk4YS00ZmRkLTljNGUt
NjI3ODkxODJhMGYzLzEvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9lNjIwODktYjk4YS00ZmRkLTljNGUtNjI3ODkxODJhMGYz
LzEvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALd0PEQCo
3N5Dqyzsu+ltM8wN4usmB8BpmjM597B09ypnc9x+6TFt//AinhQLiqXhJ7UGllxY
+Yj/tG2BU9UnENcwblpVA/7gX+clCDUZcndGEbbmW51uiEceSe/K5JtDWVwQNCu9
UX6QJCxcOo0RSP3Tsbd2+AmRC3NQuM+XaFiWphjahyWESBINpKKkWlgbDIkC2SB1
ugXvgEZZdyFySnC9KxdpWllEze7YwV8Qqg6gvRiNU2yLosBmlp8i8h/ZpTHSbgJc
5DTZ6mv17g/gCffQsvqSZ8qdmerHNt2DJz+z+BKZ+Ff/gL1TAcxD6R0uBJf7NGhR
cjBadlU3Pz+Sdw==
-----END CERTIFICATE-----
Generated at Wed Aug 6 00:56:47 2025 by rpki-client