Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.mft
File: xTG2PRGmzC0c5p4TEch6waanBzM.mft (raw, json)
Hash identifier: Sp2910a5mvYGNYCmUxPG0rXhIRQwbZh5TkEIkYj0kWI=
Subject key identifier: 8E:C2:BD:77:26:96:62:FD:19:CB:0D:84:25:0F:E1:E1:7A:D9:F3:1F
Authority key identifier: C5:31:B6:3D:11:A6:CC:2D:1C:E6:9E:13:11:C8:7A:C1:A6:A7:07:33
Certificate issuer: /CN=c531b63d11a6cc2d1ce69e1311c87ac1a6a70733
Certificate serial: 019874507E0832E95955C01EA439C27F9202
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xTG2PRGmzC0c5p4TEch6waanBzM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.mft
Manifest number: 0E9B
Signing time: Mon 04 Aug 2025 09:01:28 +0000
Manifest this update: Mon 04 Aug 2025 09:01:28 +0000
Manifest next update: Tue 05 Aug 2025 09:01:28 +0000
Files and hashes: 1: 3cKiOm3cqL9AuF9PS6f53tN4Gdg.roa (hash: HiF4cbbVkgMNvvCZGg36cGuMWinu6Z8X1/cmYfYlH0w=)
2: 7dlaDlkKgi4dAirWDUWBZGBGqcU.roa (hash: p1fbv33BP/4U3m5pS2Ws4rI2vfUa3r6QuSWQWQR+Iw4=)
3: xTG2PRGmzC0c5p4TEch6waanBzM.crl (hash: f1hRjl3xViyARNCgxbrJxLKb1XJM/8CASE6UuiCF+EE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.mft
rsync://rpki.ripe.net/repository/DEFAULT/xTG2PRGmzC0c5p4TEch6waanBzM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:74:50:7e:08:32:e9:59:55:c0:1e:a4:39:c2:7f:92:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c531b63d11a6cc2d1ce69e1311c87ac1a6a70733
Validity
Not Before: Aug 4 09:01:28 2025 GMT
Not After : Aug 5 09:01:28 2025 GMT
Subject: CN=8ec2bd77269662fd19cb0d84250fe1e17ad9f31f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:e1:e3:bd:05:6d:d3:92:cc:92:61:ab:53:d0:
4d:8d:69:09:4d:56:28:05:f5:d9:c8:35:f8:8c:b7:
7a:82:7e:87:1e:f9:1e:55:b9:52:2f:7a:76:77:6f:
cd:bd:6b:1c:54:66:91:ee:c9:a5:ce:ab:3a:ef:8d:
9f:c1:e1:1c:72:4c:28:a6:a3:b4:27:59:e5:7b:24:
a8:14:50:da:f8:61:92:81:19:8f:40:3c:48:fa:7a:
a7:d4:a5:17:d8:78:64:ed:74:13:b8:42:cf:fa:a7:
22:39:47:4f:e4:bd:9d:62:28:3b:14:64:e9:0b:f4:
a8:71:4c:c0:50:aa:3c:17:66:aa:3a:41:44:5e:30:
20:aa:6c:a5:57:94:c5:b9:f6:6e:be:d3:39:f5:15:
cc:d0:ff:8b:ba:25:0e:3b:f7:e7:b5:86:6b:24:f3:
b7:29:fb:a8:af:62:0e:af:9e:b6:28:a5:7c:e4:61:
dd:c8:a8:1d:93:c8:0d:f9:25:ce:b7:a7:a6:2d:ee:
54:32:cf:30:0a:60:43:a6:c0:f3:70:e6:5f:e5:8c:
1d:e8:9a:3d:77:e5:0a:1c:87:ba:3a:ce:4e:39:64:
89:7f:90:95:00:78:63:9f:5e:b1:0a:be:0f:3c:ee:
12:9e:41:3f:67:07:b8:34:24:95:5a:bf:e9:35:73:
6a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:C2:BD:77:26:96:62:FD:19:CB:0D:84:25:0F:E1:E1:7A:D9:F3:1F
X509v3 Authority Key Identifier:
keyid:C5:31:B6:3D:11:A6:CC:2D:1C:E6:9E:13:11:C8:7A:C1:A6:A7:07:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xTG2PRGmzC0c5p4TEch6waanBzM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8b:f9:f8:1c:46:8b:c7:13:cd:07:3d:06:d1:30:36:40:a3:90:
63:5a:96:99:a6:d7:ae:0e:e9:06:d1:94:82:bf:30:b7:e4:cb:
78:08:eb:a7:bb:74:46:6a:07:21:41:e4:60:d8:f3:40:1f:f1:
a5:4e:8e:8c:a5:13:c6:ed:4f:03:e9:83:6b:62:9f:a7:8e:ee:
b8:96:c9:77:a1:00:e9:ca:44:3a:09:13:9d:13:de:3b:98:8c:
91:22:c7:85:39:16:79:a0:85:a0:2c:2a:7c:1d:e2:e5:57:88:
04:de:1a:83:8e:e0:98:a3:d4:cc:06:b6:df:39:fe:8c:a9:70:
46:f3:d7:16:1e:34:c4:9e:2c:45:3a:52:df:c3:49:5d:cb:62:
c0:ae:e3:2b:00:43:3c:d5:bc:1c:f6:48:e8:0c:bb:ba:71:a2:
51:92:43:29:37:31:16:14:f1:49:f2:43:a7:48:50:f3:89:9f:
2e:05:68:57:19:34:2e:3d:c3:20:15:b4:e5:45:4f:35:c1:0c:
12:90:16:7c:6f:21:fc:62:f6:87:6e:85:84:7e:18:13:e7:ab:
76:33:44:2f:71:b9:55:ad:62:10:ad:ce:27:73:a6:31:8a:f9:
7f:ec:e8:9b:b8:bb:d9:51:44:12:4f:37:07:2a:0c:19:05:cd:
49:f6:f6:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0UH4IMulZVcAepDnCf5ICMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1MzFiNjNkMTFhNmNjMmQxY2U2OWUxMzExYzg3YWMxYTZh
NzA3MzMwHhcNMjUwODA0MDkwMTI4WhcNMjUwODA1MDkwMTI4WjAzMTEwLwYDVQQD
Eyg4ZWMyYmQ3NzI2OTY2MmZkMTljYjBkODQyNTBmZTFlMTdhZDlmMzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyOHjvQVt05LMkmGrU9BNjWkJTVYo
BfXZyDX4jLd6gn6HHvkeVblSL3p2d2/NvWscVGaR7smlzqs6742fweEcckwopqO0
J1nleySoFFDa+GGSgRmPQDxI+nqn1KUX2Hhk7XQTuELP+qciOUdP5L2dYig7FGTp
C/SocUzAUKo8F2aqOkFEXjAgqmylV5TFufZuvtM59RXM0P+LuiUOO/fntYZrJPO3
Kfuor2IOr562KKV85GHdyKgdk8gN+SXOt6emLe5UMs8wCmBDpsDzcOZf5Ywd6Jo9
d+UKHIe6Os5OOWSJf5CVAHhjn16xCr4PPO4SnkE/Zwe4NCSVWr/pNXNqxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI7CvXcmlmL9GcsNhCUP4eF62fMfMB8GA1UdIwQY
MBaAFMUxtj0RpswtHOaeExHIesGmpwczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFRHMlBSR216QzBjNXA0VEVjaDZ3YWFuQnpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC84Njg5OGUtZTZlNi00Yjg4LTg4MTEt
ZGI4Y2FiY2VlMjFlLzEveFRHMlBSR216QzBjNXA0VEVjaDZ3YWFuQnpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC84Njg5OGUtZTZlNi00Yjg4LTg4MTEtZGI4Y2FiY2VlMjFl
LzEveFRHMlBSR216QzBjNXA0VEVjaDZ3YWFuQnpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi/n4HEaL
xxPNBz0G0TA2QKOQY1qWmabXrg7pBtGUgr8wt+TLeAjrp7t0RmoHIUHkYNjzQB/x
pU6OjKUTxu1PA+mDa2Kfp47uuJbJd6EA6cpEOgkTnRPeO5iMkSLHhTkWeaCFoCwq
fB3i5VeIBN4ag47gmKPUzAa23zn+jKlwRvPXFh40xJ4sRTpS38NJXctiwK7jKwBD
PNW8HPZI6Ay7unGiUZJDKTcxFhTxSfJDp0hQ84mfLgVoVxk0Lj3DIBW05UVPNcEM
EpAWfG8h/GL2h26FhH4YE+erdjNEL3G5Va1iEK3OJ3OmMYr5f+zom7i72VFEEk83
ByoMGQXNSfb2Iw==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:27:41 2025 by rpki-client