Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/dafef8-e227-42d3-807f-be810a050944/1/XaWsO7omBTjDM-bIYPI2ASyYZ10.mft
File: XaWsO7omBTjDM-bIYPI2ASyYZ10.mft (raw, json)
Hash identifier: C5LqTbZMZ0XiJLbAHVMZspvvnSspn/hvSEOp61Zu6FA=
Subject key identifier: 46:43:F1:26:05:73:91:72:34:99:99:B9:00:10:98:4A:0C:01:CC:B3
Authority key identifier: 5D:A5:AC:3B:BA:26:05:38:C3:33:E6:C8:60:F2:36:01:2C:98:67:5D
Certificate issuer: /CN=5da5ac3bba260538c333e6c860f236012c98675d
Certificate serial: 0198729885EB882CCC6DA26107E1BBBFA481
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaWsO7omBTjDM-bIYPI2ASyYZ10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/dafef8-e227-42d3-807f-be810a050944/1/XaWsO7omBTjDM-bIYPI2ASyYZ10.mft
Manifest number: 1070
Signing time: Mon 04 Aug 2025 01:00:55 +0000
Manifest this update: Mon 04 Aug 2025 01:00:55 +0000
Manifest next update: Tue 05 Aug 2025 01:00:55 +0000
Files and hashes: 1: Lirq-zsF2DJ9HSd8FBwZm-dq_PM.roa (hash: DEsCxQ0UWNIneJAQeHuxPuouMfS+o3gP/21W0HHwfiM=)
2: XaWsO7omBTjDM-bIYPI2ASyYZ10.crl (hash: RUA+1pgaiiplVV2CN8MVkUzU7LPxVnFRZJuuashkY4A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/dafef8-e227-42d3-807f-be810a050944/1/XaWsO7omBTjDM-bIYPI2ASyYZ10.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/dafef8-e227-42d3-807f-be810a050944/1/XaWsO7omBTjDM-bIYPI2ASyYZ10.mft
rsync://rpki.ripe.net/repository/DEFAULT/XaWsO7omBTjDM-bIYPI2ASyYZ10.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 01:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:72:98:85:eb:88:2c:cc:6d:a2:61:07:e1:bb:bf:a4:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da5ac3bba260538c333e6c860f236012c98675d
Validity
Not Before: Aug 4 01:00:55 2025 GMT
Not After : Aug 5 01:00:55 2025 GMT
Subject: CN=4643f12605739172349999b90010984a0c01ccb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:3c:27:4f:1e:54:e7:05:ee:f3:19:81:e3:ff:
43:8e:2c:ad:1b:c0:82:90:50:57:7b:a1:3d:fd:bb:
66:bb:f3:17:1b:06:ef:ec:87:aa:19:76:81:13:d2:
b9:01:d1:ff:d0:09:3f:43:cb:cb:35:58:d9:cb:0a:
ee:39:59:2f:97:d4:a0:b0:79:05:c3:6e:95:53:54:
bf:b9:5e:d1:a4:b9:a1:04:88:ce:7e:b3:8e:02:44:
d4:b3:47:67:4f:44:af:ff:de:64:a5:f6:b5:c2:5b:
b4:9f:1b:ca:eb:a8:e7:34:d0:82:d7:5c:10:52:ff:
24:8a:6d:b0:81:ef:7c:d0:24:32:75:9b:2d:ec:c3:
0e:06:bd:ea:7d:46:49:a2:b1:e2:b3:86:bd:ae:22:
d5:c7:aa:3d:f5:c4:44:03:f9:b9:b7:ff:15:e9:2a:
26:79:1b:88:22:e7:35:49:16:66:4d:bc:e2:c6:fc:
ce:52:98:36:d8:12:b6:76:72:72:e5:14:87:45:be:
a1:2a:d4:13:08:d0:63:21:56:52:9a:6d:f4:84:29:
96:c4:c2:30:74:e5:21:db:75:29:37:58:36:91:88:
f6:b7:9d:e2:22:2d:10:95:74:c4:9b:b9:bd:12:63:
28:ff:94:fa:75:cc:4e:d9:03:57:70:1c:9b:f4:11:
ff:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:43:F1:26:05:73:91:72:34:99:99:B9:00:10:98:4A:0C:01:CC:B3
X509v3 Authority Key Identifier:
keyid:5D:A5:AC:3B:BA:26:05:38:C3:33:E6:C8:60:F2:36:01:2C:98:67:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaWsO7omBTjDM-bIYPI2ASyYZ10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/dafef8-e227-42d3-807f-be810a050944/1/XaWsO7omBTjDM-bIYPI2ASyYZ10.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/dafef8-e227-42d3-807f-be810a050944/1/XaWsO7omBTjDM-bIYPI2ASyYZ10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3e:a2:f0:eb:39:b4:de:27:4c:ea:ef:55:f6:bd:ad:65:7d:36:
a1:32:c4:0c:57:8f:f2:42:88:8e:30:69:a9:0d:6a:43:f4:79:
4e:52:83:3e:9c:8c:52:53:ee:d8:ce:26:e2:0f:aa:e7:76:a1:
26:bc:0f:9b:3b:e6:9e:7a:74:24:cf:f0:2b:e7:ae:e0:cb:f3:
c9:ba:d7:e2:52:11:34:b3:1c:50:87:a6:c1:c3:5f:d2:df:60:
09:77:9b:6e:8e:a6:48:cf:fc:25:d3:8f:a5:95:c2:f4:b5:39:
20:32:ba:2a:38:1b:90:66:77:6b:7b:1a:b1:3f:14:f6:57:72:
21:89:a9:a2:f9:c4:6a:fd:c3:94:8e:70:fa:01:4e:5a:5c:46:
ab:cb:fa:2e:d3:7a:d4:ac:94:2f:00:64:92:25:46:6a:79:a6:
4c:b9:65:0c:b7:89:8f:5b:8c:f3:ea:53:0b:25:3f:64:2b:34:
d6:02:f1:31:46:ec:89:c3:0d:28:a4:dc:88:19:2d:9b:8b:b9:
94:02:04:d0:1f:18:fb:6d:ce:f8:b5:47:8a:1a:09:8f:71:39:
ac:66:6c:b3:a0:66:c5:35:fd:6f:aa:4b:d8:3f:09:2b:09:3a:
e8:75:78:32:b3:0e:da:8d:ba:14:2a:8b:d0:de:f3:4f:41:95:
db:2a:b9:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhymIXriCzMbaJhB+G7v6SBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTVhYzNiYmEyNjA1MzhjMzMzZTZjODYwZjIzNjAxMmM5
ODY3NWQwHhcNMjUwODA0MDEwMDU1WhcNMjUwODA1MDEwMDU1WjAzMTEwLwYDVQQD
Eyg0NjQzZjEyNjA1NzM5MTcyMzQ5OTk5YjkwMDEwOTg0YTBjMDFjY2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6DwnTx5U5wXu8xmB4/9DjiytG8CC
kFBXe6E9/btmu/MXGwbv7IeqGXaBE9K5AdH/0Ak/Q8vLNVjZywruOVkvl9SgsHkF
w26VU1S/uV7RpLmhBIjOfrOOAkTUs0dnT0Sv/95kpfa1wlu0nxvK66jnNNCC11wQ
Uv8kim2wge980CQydZst7MMOBr3qfUZJorHis4a9riLVx6o99cREA/m5t/8V6Som
eRuIIuc1SRZmTbzixvzOUpg22BK2dnJy5RSHRb6hKtQTCNBjIVZSmm30hCmWxMIw
dOUh23UpN1g2kYj2t53iIi0QlXTEm7m9EmMo/5T6dcxO2QNXcByb9BH/BQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEZD8SYFc5FyNJmZuQAQmEoMAcyzMB8GA1UdIwQY
MBaAFF2lrDu6JgU4wzPmyGDyNgEsmGddMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFXc083b21CVGpETS1iSVlQSTJBU3lZWjEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS9kYWZlZjgtZTIyNy00MmQzLTgwN2Yt
YmU4MTBhMDUwOTQ0LzEvWGFXc083b21CVGpETS1iSVlQSTJBU3lZWjEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS9kYWZlZjgtZTIyNy00MmQzLTgwN2YtYmU4MTBhMDUwOTQ0
LzEvWGFXc083b21CVGpETS1iSVlQSTJBU3lZWjEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPqLw6zm0
3idM6u9V9r2tZX02oTLEDFeP8kKIjjBpqQ1qQ/R5TlKDPpyMUlPu2M4m4g+q53ah
JrwPmzvmnnp0JM/wK+eu4MvzybrX4lIRNLMcUIemwcNf0t9gCXebbo6mSM/8JdOP
pZXC9LU5IDK6KjgbkGZ3a3sasT8U9ldyIYmpovnEav3DlI5w+gFOWlxGq8v6LtN6
1KyULwBkkiVGanmmTLllDLeJj1uM8+pTCyU/ZCs01gLxMUbsicMNKKTciBktm4u5
lAIE0B8Y+23O+LVHihoJj3E5rGZss6BmxTX9b6pL2D8JKwk66HV4MrMO2o26FCqL
0N7zT0GV2yq5ew==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:14:07 2025 by rpki-client