
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft
File: XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft (raw, json)
Hash identifier: OVe6pDfEhVOxEkjlXTMg4VPg3P/bQSLXxkwkDbGvRDc=
Subject key identifier: 42:F4:99:40:C2:C7:C2:45:A1:BA:49:CC:2D:2A:52:4B:45:E2:20:40
Authority key identifier: 5D:A3:8F:7C:3E:CA:D2:9E:C5:06:44:B7:00:68:B9:2A:1B:E4:70:74
Certificate issuer: /CN=5da38f7c3ecad29ec50644b70068b92a1be47074
Certificate serial: 0198898E123D43EC0ECF12E7E3BAD57B761C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft
Manifest number: 0557
Signing time: Fri 08 Aug 2025 12:00:45 +0000
Manifest this update: Fri 08 Aug 2025 12:00:45 +0000
Manifest next update: Sat 09 Aug 2025 12:00:45 +0000
Files and hashes: 1: SzmhUfWJuFhyT5TGLouRAgBLoIM.roa (hash: Qov0MeRXvHn6kZBTJQaoc48+Yw0xT2B5xVOV+b6Nifs=)
2: XaOPfD7K0p7FBkS3AGi5KhvkcHQ.crl (hash: 8yNiihjQ5R1J6APIeW3XbBsWbvlXn6FLJQhBPuwEKLo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 11:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:89:8e:12:3d:43:ec:0e:cf:12:e7:e3:ba:d5:7b:76:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da38f7c3ecad29ec50644b70068b92a1be47074
Validity
Not Before: Aug 8 12:00:45 2025 GMT
Not After : Aug 9 12:00:45 2025 GMT
Subject: CN=42f49940c2c7c245a1ba49cc2d2a524b45e22040
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:4b:77:d2:f7:cd:10:40:b4:b3:89:9e:4d:4f:
46:c5:f7:14:0b:13:f0:e9:6c:1f:2d:de:0c:e0:7e:
3d:d8:26:2f:fa:bd:f9:18:fd:a4:b4:fa:1c:9d:19:
42:dd:c6:eb:72:73:06:50:6f:ec:c6:73:eb:f7:fc:
39:60:53:12:55:6e:76:93:b3:b2:81:62:1f:0a:78:
89:79:54:81:e4:2e:20:93:72:58:f1:80:b7:d3:a7:
09:36:ac:1b:08:f8:f9:e4:78:a2:b7:5d:b9:69:bf:
98:fa:9f:ea:fb:b2:e9:68:e5:80:50:5a:6a:8c:e7:
db:bd:1d:0c:34:5e:5d:67:60:79:de:b7:30:71:c1:
08:27:fe:fb:18:e3:30:a2:ba:03:e1:00:bc:93:d4:
00:3f:35:9c:88:7a:c5:5b:0e:dd:d9:aa:aa:d1:27:
55:ae:68:3b:a3:1a:6c:f9:00:c0:71:ff:ff:fe:55:
49:a7:52:a5:c3:41:c2:36:fd:67:67:1b:48:4e:fa:
26:d4:36:be:21:f1:6d:f7:d4:a6:f2:df:38:95:29:
65:1a:24:01:e9:e4:34:b1:57:db:9b:56:d2:27:0d:
51:62:7e:fb:87:48:a6:00:ef:87:14:cf:cc:ab:9a:
70:cf:b7:67:03:ad:40:6b:71:3c:c3:0b:b9:0b:f7:
07:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:F4:99:40:C2:C7:C2:45:A1:BA:49:CC:2D:2A:52:4B:45:E2:20:40
X509v3 Authority Key Identifier:
keyid:5D:A3:8F:7C:3E:CA:D2:9E:C5:06:44:B7:00:68:B9:2A:1B:E4:70:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
13:87:51:dc:cc:be:64:d1:c3:87:82:e5:60:49:e5:3f:ff:4a:
72:e6:2f:aa:a7:84:09:33:2b:91:fb:b2:38:b6:b0:ee:0d:51:
de:71:e0:fd:0c:53:90:af:30:55:d6:e3:e0:6b:9e:ff:ac:95:
d1:c4:b2:6c:3e:99:11:9f:37:2e:7e:21:4d:f8:ac:15:46:44:
01:e8:8d:77:0e:63:e3:0f:bd:3f:92:9b:6f:0c:f0:87:3c:95:
59:1f:68:96:e8:b3:98:ec:51:d2:e2:35:d8:07:70:ab:15:99:
c4:21:e3:00:92:14:04:57:ff:ee:05:fe:d4:c0:ab:ca:b4:5d:
d5:b7:1b:ea:c0:c3:d5:ba:f5:72:3b:c5:14:b9:5d:21:c1:10:
d1:23:1c:11:0f:27:8f:b4:6d:38:ad:d8:f2:56:ff:c9:0a:c3:
00:48:c3:a5:92:6a:b9:69:3a:d0:a5:44:39:df:05:ce:ac:c5:
fb:f9:4b:60:ff:f3:92:04:88:a2:a3:5f:0e:3e:94:34:b4:43:
36:7b:fe:f0:05:ff:af:cc:46:93:4a:41:cf:68:d9:04:0c:69:
9a:cd:c7:09:60:48:d8:0b:df:f1:a5:73:96:e1:69:66:97:b0:
89:92:f8:cd:71:f5:e2:ae:23:97:33:75:53:a0:1b:80:71:b4:
dd:c7:9a:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiJjhI9Q+wOzxLn47rVe3YcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM4ZjdjM2VjYWQyOWVjNTA2NDRiNzAwNjhiOTJhMWJl
NDcwNzQwHhcNMjUwODA4MTIwMDQ1WhcNMjUwODA5MTIwMDQ1WjAzMTEwLwYDVQQD
Eyg0MmY0OTk0MGMyYzdjMjQ1YTFiYTQ5Y2MyZDJhNTI0YjQ1ZTIyMDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkt30vfNEEC0s4meTU9GxfcUCxPw
6WwfLd4M4H492CYv+r35GP2ktPocnRlC3cbrcnMGUG/sxnPr9/w5YFMSVW52k7Oy
gWIfCniJeVSB5C4gk3JY8YC306cJNqwbCPj55Hiit125ab+Y+p/q+7LpaOWAUFpq
jOfbvR0MNF5dZ2B53rcwccEIJ/77GOMworoD4QC8k9QAPzWciHrFWw7d2aqq0SdV
rmg7oxps+QDAcf///lVJp1Klw0HCNv1nZxtITvom1Da+IfFt99Sm8t84lSllGiQB
6eQ0sVfbm1bSJw1RYn77h0imAO+HFM/Mq5pwz7dnA61Aa3E8wwu5C/cHjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEL0mUDCx8JFobpJzC0qUktF4iBAMB8GA1UdIwQY
MBaAFF2jj3w+ytKexQZEtwBouSob5HB0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPUGZEN0swcDdGQmtTM0FHaTVLaHZrY0hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9iYmE4ZTctYjlkMi00ZDliLTg4Yjkt
OTQwOGYxYmMwZDEyLzEvWGFPUGZEN0swcDdGQmtTM0FHaTVLaHZrY0hRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9iYmE4ZTctYjlkMi00ZDliLTg4YjktOTQwOGYxYmMwZDEy
LzEvWGFPUGZEN0swcDdGQmtTM0FHaTVLaHZrY0hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE4dR3My+
ZNHDh4LlYEnlP/9KcuYvqqeECTMrkfuyOLaw7g1R3nHg/QxTkK8wVdbj4Gue/6yV
0cSybD6ZEZ83Ln4hTfisFUZEAeiNdw5j4w+9P5KbbwzwhzyVWR9oluizmOxR0uI1
2AdwqxWZxCHjAJIUBFf/7gX+1MCryrRd1bcb6sDD1br1cjvFFLldIcEQ0SMcEQ8n
j7RtOK3Y8lb/yQrDAEjDpZJquWk60KVEOd8FzqzF+/lLYP/zkgSIoqNfDj6UNLRD
Nnv+8AX/r8xGk0pBz2jZBAxpms3HCWBI2Avf8aVzluFpZpewiZL4zXH14q4jlzN1
U6AbgHG03cea9Q==
-----END CERTIFICATE-----
Generated at Fri Aug 8 20:58:55 2025 by rpki-client