Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.mft
File: XiZI8SkNRHG821C4K-TtkyADCU0.mft (raw, json)
Hash identifier: 2CvTzLHTiOT7u/vQOX/0PNP/vUcR6QsBtOHKuNtreqw=
Subject key identifier: 5E:2C:FE:85:25:A8:50:B6:EF:4F:F4:80:29:1C:44:FE:94:E6:59:52
Authority key identifier: 5E:26:48:F1:29:0D:44:71:BC:DB:50:B8:2B:E4:ED:93:20:03:09:4D
Certificate issuer: /CN=5e2648f1290d4471bcdb50b82be4ed932003094d
Certificate serial: 019775D31D650A728DE1848E5E2FED001E08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XiZI8SkNRHG821C4K-TtkyADCU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.mft
Manifest number: 1525
Signing time: Sun 15 Jun 2025 23:00:59 +0000
Manifest this update: Sun 15 Jun 2025 23:00:59 +0000
Manifest next update: Mon 16 Jun 2025 23:00:59 +0000
Files and hashes: 1: BECHjRO1sNTrECspSOXRaHeMWRM.roa (hash: CUP2bSCGR2R7pQJIeBFSspVhJwtI4r06AoqaZ9LnrhQ=)
2: XiZI8SkNRHG821C4K-TtkyADCU0.crl (hash: +tgQvEWSaXDAR58lSxMuDU08uiV/eBhB2VD8vWfskcU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.mft
rsync://rpki.ripe.net/repository/DEFAULT/XiZI8SkNRHG821C4K-TtkyADCU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 20:59:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:75:d3:1d:65:0a:72:8d:e1:84:8e:5e:2f:ed:00:1e:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e2648f1290d4471bcdb50b82be4ed932003094d
Validity
Not Before: Jun 15 23:00:59 2025 GMT
Not After : Jun 16 23:00:59 2025 GMT
Subject: CN=5e2cfe8525a850b6ef4ff480291c44fe94e65952
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d0:1b:b5:33:5c:cf:56:63:20:9b:95:41:56:
25:d7:69:d9:c3:8c:38:a9:86:1e:12:3a:7b:b4:68:
a5:02:6d:15:d6:5f:3b:f3:f8:6f:18:14:6b:e4:34:
4f:82:2a:fc:34:b1:90:76:be:d5:9e:68:d2:b9:15:
0e:13:5b:5f:f7:5a:34:c6:f5:a9:0b:82:6f:93:44:
00:d0:88:d7:ab:20:ad:55:2f:36:c7:21:fe:e2:20:
c2:d6:d5:f3:d0:f1:51:5e:d1:f9:61:54:81:cf:34:
28:4c:97:ac:6b:ab:8a:5f:7c:d2:9b:4a:b1:0c:41:
e8:19:03:fc:4a:58:1d:d7:9a:4c:ed:43:3d:b5:7f:
b3:c2:3f:fb:e0:0e:2b:6d:c1:fb:0d:3c:56:4a:12:
f8:a7:2f:70:9c:4f:c6:d5:f5:aa:5d:21:8a:0e:95:
86:fc:e2:94:23:17:12:7d:7b:1d:6b:4d:de:90:ed:
56:5c:f5:47:5d:ca:dd:23:30:d0:d6:4c:9e:c7:26:
58:57:f9:b4:8f:ac:f2:93:f8:f0:c6:16:38:4f:88:
b5:7a:89:a2:33:51:da:78:3c:48:65:2c:5d:32:7d:
fd:b1:cc:32:ad:62:28:a2:19:59:59:30:57:d0:33:
74:a5:38:fd:a6:f8:23:bf:24:4b:f7:aa:dd:d2:20:
63:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:2C:FE:85:25:A8:50:B6:EF:4F:F4:80:29:1C:44:FE:94:E6:59:52
X509v3 Authority Key Identifier:
keyid:5E:26:48:F1:29:0D:44:71:BC:DB:50:B8:2B:E4:ED:93:20:03:09:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XiZI8SkNRHG821C4K-TtkyADCU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ae:7a:95:e1:a0:44:1d:9d:f7:39:42:91:8f:b7:38:7c:aa:2f:
18:4c:4d:8b:16:b5:16:ab:9f:24:2a:b8:ab:91:d0:9e:3d:98:
3b:2d:b1:64:a5:88:15:e9:9c:da:f7:0c:d2:ac:57:0a:47:f5:
fc:78:5f:d9:f7:9c:85:e9:80:55:e5:ca:28:b8:05:2a:94:e8:
da:69:5e:b5:56:c3:6b:bc:1c:15:50:f9:d8:f8:82:12:69:20:
3c:5e:d1:5a:5f:f3:c8:6b:3b:47:09:e7:19:55:b7:be:6f:e0:
73:cd:02:af:75:3d:15:b0:cd:a6:9f:d7:68:a9:40:e7:dd:53:
69:6e:50:c3:76:81:69:73:73:4c:60:1f:19:10:0c:fc:73:e1:
03:a2:03:67:71:87:5d:82:58:b6:50:70:4b:96:08:46:e0:32:
18:97:a1:b6:0f:7a:0a:67:95:1f:5f:31:7f:f4:06:64:61:58:
91:96:91:d2:f2:90:4b:d2:a9:13:00:a5:6a:3a:75:3e:1c:4f:
a6:5d:95:21:7f:46:ff:8e:0e:ec:1f:4f:70:8a:3c:ac:11:56:
a9:ad:cb:79:af:08:fa:42:c0:e8:5e:ca:ed:af:f0:12:bf:50:
37:95:ca:e2:da:c3:7c:22:50:31:c1:38:4e:80:88:71:0e:5e:
78:1e:8a:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd10x1lCnKN4YSOXi/tAB4IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMjY0OGYxMjkwZDQ0NzFiY2RiNTBiODJiZTRlZDkzMjAw
MzA5NGQwHhcNMjUwNjE1MjMwMDU5WhcNMjUwNjE2MjMwMDU5WjAzMTEwLwYDVQQD
Eyg1ZTJjZmU4NTI1YTg1MGI2ZWY0ZmY0ODAyOTFjNDRmZTk0ZTY1OTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutAbtTNcz1ZjIJuVQVYl12nZw4w4
qYYeEjp7tGilAm0V1l878/hvGBRr5DRPgir8NLGQdr7VnmjSuRUOE1tf91o0xvWp
C4Jvk0QA0IjXqyCtVS82xyH+4iDC1tXz0PFRXtH5YVSBzzQoTJesa6uKX3zSm0qx
DEHoGQP8Slgd15pM7UM9tX+zwj/74A4rbcH7DTxWShL4py9wnE/G1fWqXSGKDpWG
/OKUIxcSfXsda03ekO1WXPVHXcrdIzDQ1kyexyZYV/m0j6zyk/jwxhY4T4i1eomi
M1HaeDxIZSxdMn39scwyrWIoohlZWTBX0DN0pTj9pvgjvyRL96rd0iBjmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF4s/oUlqFC270/0gCkcRP6U5llSMB8GA1UdIwQY
MBaAFF4mSPEpDURxvNtQuCvk7ZMgAwlNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGlaSThTa05SSEc4MjFDNEstVHRreUFEQ1UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iYzRjNTMtMGRiNS00ZjExLTg0ZjYt
ZjU1ZmNkZjk3ODQ2LzEvWGlaSThTa05SSEc4MjFDNEstVHRreUFEQ1UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iYzRjNTMtMGRiNS00ZjExLTg0ZjYtZjU1ZmNkZjk3ODQ2
LzEvWGlaSThTa05SSEc4MjFDNEstVHRreUFEQ1UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArnqV4aBE
HZ33OUKRj7c4fKovGExNixa1FqufJCq4q5HQnj2YOy2xZKWIFemc2vcM0qxXCkf1
/Hhf2fechemAVeXKKLgFKpTo2mletVbDa7wcFVD52PiCEmkgPF7RWl/zyGs7Rwnn
GVW3vm/gc80Cr3U9FbDNpp/XaKlA591TaW5Qw3aBaXNzTGAfGRAM/HPhA6IDZ3GH
XYJYtlBwS5YIRuAyGJehtg96CmeVH18xf/QGZGFYkZaR0vKQS9KpEwClajp1PhxP
pl2VIX9G/44O7B9PcIo8rBFWqa3Lea8I+kLA6F7K7a/wEr9QN5XK4trDfCJQMcE4
ToCIcQ5eeB6KZg==
-----END CERTIFICATE-----
Generated at Mon Jun 16 04:00:28 2025 by rpki-client