Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/XTgiOCiaiALPUrZ9m_Suh6UJM8M.mft
File: XTgiOCiaiALPUrZ9m_Suh6UJM8M.mft (raw, json)
Hash identifier: tVa75qSfgPFCmqcVfmrdo1z1s0z9vo+u0g6wOPz17q0=
Subject key identifier: 3D:DE:BF:8A:35:A2:2E:4B:58:54:4E:5F:FE:B0:57:8B:FB:49:FE:18
Authority key identifier: 5D:38:22:38:28:9A:88:02:CF:52:B6:7D:9B:F4:AE:87:A5:09:33:C3
Certificate issuer: /CN=5d382238289a8802cf52b67d9bf4ae87a50933c3
Certificate serial: 019A4C9856851F57D3A313B3C0745DEDA206
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTgiOCiaiALPUrZ9m_Suh6UJM8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/XTgiOCiaiALPUrZ9m_Suh6UJM8M.mft
Manifest number: 1678
Signing time: Tue 04 Nov 2025 02:00:43 +0000
Manifest this update: Tue 04 Nov 2025 02:00:43 +0000
Manifest next update: Wed 05 Nov 2025 02:00:43 +0000
Files and hashes: 1: 2ywpCRCtpz6hrb_B5Z2UyYL2m-g.roa (hash: Z+2VK2G2lzN86LoPcE9VgbDrrppkQUiQOHGoi5RCAY8=)
2: XTgiOCiaiALPUrZ9m_Suh6UJM8M.crl (hash: ufoa+srhxo/ZeYelF1jUnid41amzPruwfpgW9BuMA90=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/XTgiOCiaiALPUrZ9m_Suh6UJM8M.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/XTgiOCiaiALPUrZ9m_Suh6UJM8M.mft
rsync://rpki.ripe.net/repository/DEFAULT/XTgiOCiaiALPUrZ9m_Suh6UJM8M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 02:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4c:98:56:85:1f:57:d3:a3:13:b3:c0:74:5d:ed:a2:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d382238289a8802cf52b67d9bf4ae87a50933c3
Validity
Not Before: Nov 4 02:00:43 2025 GMT
Not After : Nov 5 02:00:43 2025 GMT
Subject: CN=3ddebf8a35a22e4b58544e5ffeb0578bfb49fe18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:73:b8:4c:c4:3f:bc:13:3c:a6:d5:cf:a6:d2:
bd:7a:5e:aa:92:1d:ac:04:99:cc:0f:a3:ee:3a:5b:
41:8a:89:e1:3d:75:84:a3:09:64:10:32:7e:33:10:
c4:37:2f:a2:2d:76:a3:24:1c:f0:07:bd:88:0f:36:
5f:a9:f8:d8:2b:b3:dd:61:d3:9a:cb:95:91:41:18:
ab:ec:61:68:5e:51:72:8e:4a:26:af:38:d1:86:a9:
1c:58:96:b4:2c:41:10:82:60:a0:e1:0a:5d:51:d4:
72:73:fa:7e:a6:05:35:24:aa:e5:0d:9f:e0:75:03:
9a:8d:b2:b4:aa:e9:ef:a4:e6:89:f9:46:af:5b:a1:
23:b0:64:fd:75:8c:b3:1a:c7:f9:47:71:95:53:71:
f1:83:95:0f:c3:8b:16:6d:e3:02:81:c3:36:4c:b0:
da:ec:e3:37:63:e8:4b:2d:31:be:63:c7:bc:d0:36:
06:bc:e0:d6:f9:f2:08:65:86:77:06:35:07:4d:74:
a0:b8:04:31:53:07:15:61:a0:78:4c:b4:40:04:56:
94:13:53:5c:56:0f:09:e4:f2:bc:92:a6:13:3d:14:
7e:d1:f5:ba:df:99:22:7a:21:4c:af:a2:ef:36:59:
d5:4c:5e:48:e5:fc:73:94:8b:c7:c6:0e:2e:f6:ae:
67:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:DE:BF:8A:35:A2:2E:4B:58:54:4E:5F:FE:B0:57:8B:FB:49:FE:18
X509v3 Authority Key Identifier:
keyid:5D:38:22:38:28:9A:88:02:CF:52:B6:7D:9B:F4:AE:87:A5:09:33:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTgiOCiaiALPUrZ9m_Suh6UJM8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/XTgiOCiaiALPUrZ9m_Suh6UJM8M.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/XTgiOCiaiALPUrZ9m_Suh6UJM8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7e:31:99:d9:b6:46:b8:ff:c4:b7:78:b5:4a:29:f5:f8:f3:66:
5e:ab:9c:51:e1:c7:99:3b:90:f5:4c:11:32:aa:a1:42:6a:bf:
b1:9b:14:80:7f:8e:d6:db:7f:cd:7b:0c:be:86:23:e2:d8:e7:
ee:a8:34:22:75:da:0d:92:44:6a:db:d3:67:db:6c:bb:1d:bf:
28:5f:3e:46:a3:ef:38:fc:66:3b:d1:36:1d:29:d6:74:1b:84:
95:19:14:65:cb:fd:c9:3a:e7:47:c6:f6:ed:25:8b:11:ec:cc:
d9:15:94:88:63:87:c0:cc:f2:1e:a5:f4:de:0c:53:60:ff:73:
6c:2c:ad:07:91:e8:e2:7d:e4:dd:cc:7e:4c:8c:26:ed:eb:5d:
3e:fd:c8:a0:0b:14:ba:bc:10:a4:71:48:85:04:0b:1e:87:b6:
80:36:cb:8c:1c:02:2f:d2:4e:54:27:15:3f:2d:d8:d4:33:33:
cf:62:d9:7d:aa:8e:36:e1:38:69:4c:b2:80:0e:b0:f1:c5:91:
0c:c2:61:79:d7:ee:47:09:19:1b:71:c6:60:98:19:07:b0:18:
05:ad:9a:f8:ee:c8:7a:80:ab:b0:9b:34:91:a8:10:23:e8:4b:
2c:fe:d1:24:4b:de:b8:f4:7e:43:52:4a:3e:30:a3:7f:9a:a1:
ae:f9:69:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpMmFaFH1fToxOzwHRd7aIGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMzgyMjM4Mjg5YTg4MDJjZjUyYjY3ZDliZjRhZTg3YTUw
OTMzYzMwHhcNMjUxMTA0MDIwMDQzWhcNMjUxMTA1MDIwMDQzWjAzMTEwLwYDVQQD
EygzZGRlYmY4YTM1YTIyZTRiNTg1NDRlNWZmZWIwNTc4YmZiNDlmZTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3O4TMQ/vBM8ptXPptK9el6qkh2s
BJnMD6PuOltBionhPXWEowlkEDJ+MxDENy+iLXajJBzwB72IDzZfqfjYK7PdYdOa
y5WRQRir7GFoXlFyjkomrzjRhqkcWJa0LEEQgmCg4QpdUdRyc/p+pgU1JKrlDZ/g
dQOajbK0qunvpOaJ+UavW6EjsGT9dYyzGsf5R3GVU3Hxg5UPw4sWbeMCgcM2TLDa
7OM3Y+hLLTG+Y8e80DYGvODW+fIIZYZ3BjUHTXSguAQxUwcVYaB4TLRABFaUE1Nc
Vg8J5PK8kqYTPRR+0fW635kieiFMr6LvNlnVTF5I5fxzlIvHxg4u9q5nbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD3ev4o1oi5LWFROX/6wV4v7Sf4YMB8GA1UdIwQY
MBaAFF04IjgomogCz1K2fZv0roelCTPDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRnaU9DaWFpQUxQVXJaOW1fU3VoNlVKTThNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi84NTAxOGEtYzIzOC00MzE5LWFkNDIt
ODg1NzU3YzEyNDhmLzEvWFRnaU9DaWFpQUxQVXJaOW1fU3VoNlVKTThNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi84NTAxOGEtYzIzOC00MzE5LWFkNDItODg1NzU3YzEyNDhm
LzEvWFRnaU9DaWFpQUxQVXJaOW1fU3VoNlVKTThNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfjGZ2bZG
uP/Et3i1Sin1+PNmXqucUeHHmTuQ9UwRMqqhQmq/sZsUgH+O1tt/zXsMvoYj4tjn
7qg0InXaDZJEatvTZ9tsux2/KF8+RqPvOPxmO9E2HSnWdBuElRkUZcv9yTrnR8b2
7SWLEezM2RWUiGOHwMzyHqX03gxTYP9zbCytB5Ho4n3k3cx+TIwm7etdPv3IoAsU
urwQpHFIhQQLHoe2gDbLjBwCL9JOVCcVPy3Y1DMzz2LZfaqONuE4aUyygA6w8cWR
DMJhedfuRwkZG3HGYJgZB7AYBa2a+O7IeoCrsJs0kagQI+hLLP7RJEveuPR+Q1JK
PjCjf5qhrvlpgQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 10:52:25 2025 by rpki-client