Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft
File: XPMa_DbLaVUAf-l-1KXjGF0icbo.mft (raw, json)
Hash identifier: iDkwXrq+RUwA7Jh/TvYWs9kHjUyEIU9CWqzDaHoyMag=
Subject key identifier: AE:62:F1:F7:49:71:F8:FD:CF:3C:ED:4C:AC:A6:5F:E8:5E:A1:8F:5B
Authority key identifier: 5C:F3:1A:FC:36:CB:69:55:00:7F:E9:7E:D4:A5:E3:18:5D:22:71:BA
Certificate issuer: /CN=5cf31afc36cb6955007fe97ed4a5e3185d2271ba
Certificate serial: 01984889AD2F184BE1FFF3956B55C74EE786
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft
Manifest number: 1610
Signing time: Sat 26 Jul 2025 21:00:38 +0000
Manifest this update: Sat 26 Jul 2025 21:00:38 +0000
Manifest next update: Sun 27 Jul 2025 21:00:38 +0000
Files and hashes: 1: 0LO0qT2-0L6mWDwJ3dVrGvaEEOA.roa (hash: m3gjbEV2ZPpf1SrIWWEpb/lM9m2SeM9EF+s0bK96n04=)
2: CXLJsfdv2mQYEw_nRCBRyHgGrls.roa (hash: gIlLTUkZL/5+bXwsRESHghLIgWvhwbD5U5vB0n4lI0k=)
3: GZyq4JhiMN6IbDxHDi387ilVO3Q.roa (hash: RAmDxoFTdOQGRBWibMySEyO1+N/egEhlrBt73Hj0G1U=)
4: XPMa_DbLaVUAf-l-1KXjGF0icbo.crl (hash: Ri+Xco9caLfblPqscP7j9P59Bxsx5rN82nZeNfdIKpw=)
5: XsnL58BowN54P94Hq8ZFELardLk.roa (hash: HNbFuOKPa1T82T8LpW7Qm3FZ0tR+dmMImgYgvtx3m4g=)
6: Zz42OKsTm8e7N4-UL7iAE7WQUo8.roa (hash: 5tp1DE1mgaUL43CN7zGdBuvgS2VFLrFuAK++O/dGYog=)
7: eGwOE8lbraIFP9l-UBBCUyjN8_w.roa (hash: E3bGB9caMn035nPuIHCWLooaKqDnHxrQ+ZG/yfDBfXc=)
8: obqfL4R2IKMApxxeeUPFE0sW9OQ.roa (hash: 7Ovq+/kB1PpmG+7SGcAWS7Jl70fuixev1vRb1jw0DXk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft
rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 20:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:48:89:ad:2f:18:4b:e1:ff:f3:95:6b:55:c7:4e:e7:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cf31afc36cb6955007fe97ed4a5e3185d2271ba
Validity
Not Before: Jul 26 21:00:38 2025 GMT
Not After : Jul 27 21:00:38 2025 GMT
Subject: CN=ae62f1f74971f8fdcf3ced4caca65fe85ea18f5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:98:37:bd:12:b1:dd:f0:62:31:60:5c:1a:2d:
ff:ee:27:ca:2b:8e:84:67:5f:c7:7f:7d:73:f5:17:
61:2d:26:b2:2a:1b:33:95:51:e5:93:e8:e9:d4:19:
d6:ba:14:d5:48:72:3a:12:03:c6:a4:2f:58:66:f4:
a9:6c:13:80:e5:9e:20:5d:44:7a:7a:87:82:c9:97:
91:bd:0d:e1:d7:b7:00:25:86:db:00:f2:62:5a:75:
f4:94:71:30:74:5a:15:aa:2d:33:75:00:e2:cf:c9:
e0:04:ee:53:d6:06:d7:91:a6:e7:b4:99:40:68:a8:
85:78:85:04:1d:84:c9:39:9a:60:55:6a:6b:08:03:
c1:61:57:d7:4e:36:dc:3e:bb:c5:27:a3:f1:33:d5:
dc:ec:43:e3:84:9c:4f:dd:82:19:d3:e6:a1:47:f5:
cf:77:ed:8a:55:dd:ef:73:1e:48:76:4d:6e:f6:2a:
22:6f:df:30:ac:67:df:80:04:78:9b:39:92:36:c5:
33:7e:1f:a7:1b:74:b1:51:d7:2e:d4:a3:ff:e3:3f:
bd:5c:15:42:8b:96:dc:d6:3d:53:8f:8d:1d:28:a3:
9e:38:9c:3e:76:d8:51:5e:1d:d3:3c:f3:ae:51:4d:
6f:b5:5e:33:68:06:e9:e2:4a:ea:6b:71:a9:43:2e:
80:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:62:F1:F7:49:71:F8:FD:CF:3C:ED:4C:AC:A6:5F:E8:5E:A1:8F:5B
X509v3 Authority Key Identifier:
keyid:5C:F3:1A:FC:36:CB:69:55:00:7F:E9:7E:D4:A5:E3:18:5D:22:71:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0b:05:4c:cf:97:d4:b1:83:1e:72:93:79:af:37:c2:ae:ef:46:
dc:b3:1a:a0:e7:7b:48:9a:e9:1d:90:f0:2c:6d:cb:43:80:75:
64:70:ad:1a:7b:ba:45:16:ce:78:26:6c:c5:4a:ed:24:99:bc:
45:dc:3e:19:e8:fe:6b:84:6c:d0:7b:b7:60:8c:68:2c:c3:98:
16:09:82:a8:15:32:70:40:49:54:b0:e8:30:f9:83:6b:39:77:
ea:76:c5:8a:b2:7e:a7:b9:1d:d0:b0:52:d8:96:e9:81:02:2f:
00:79:02:51:cc:37:6f:69:7b:4d:2c:9e:96:c8:c8:a6:03:ab:
31:ab:19:94:ed:e8:e7:5d:8f:b5:31:08:a0:4f:ed:61:09:95:
ce:d1:7e:0c:86:49:c5:c2:34:2e:3f:03:27:96:df:35:7a:ee:
89:42:27:a4:24:f4:4e:e1:d2:8b:ec:5f:3e:2a:17:97:77:cf:
cb:ca:65:cf:68:ce:1e:f2:0c:49:af:8e:47:30:a6:62:56:fd:
aa:22:d5:d6:d0:70:58:55:de:c4:3f:fe:09:35:c8:4d:d3:65:
d2:c1:c9:66:64:79:8a:d1:22:9d:b7:99:97:be:48:19:ec:1f:
ff:85:d4:77:1b:08:2e:3f:27:57:08:69:ad:f8:70:22:d2:4b:
1e:1f:2c:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhIia0vGEvh//OVa1XHTueGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZjMxYWZjMzZjYjY5NTUwMDdmZTk3ZWQ0YTVlMzE4NWQy
MjcxYmEwHhcNMjUwNzI2MjEwMDM4WhcNMjUwNzI3MjEwMDM4WjAzMTEwLwYDVQQD
EyhhZTYyZjFmNzQ5NzFmOGZkY2YzY2VkNGNhY2E2NWZlODVlYTE4ZjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpg3vRKx3fBiMWBcGi3/7ifKK46E
Z1/Hf31z9RdhLSayKhszlVHlk+jp1BnWuhTVSHI6EgPGpC9YZvSpbBOA5Z4gXUR6
eoeCyZeRvQ3h17cAJYbbAPJiWnX0lHEwdFoVqi0zdQDiz8ngBO5T1gbXkabntJlA
aKiFeIUEHYTJOZpgVWprCAPBYVfXTjbcPrvFJ6PxM9Xc7EPjhJxP3YIZ0+ahR/XP
d+2KVd3vcx5Idk1u9ioib98wrGffgAR4mzmSNsUzfh+nG3SxUdcu1KP/4z+9XBVC
i5bc1j1Tj40dKKOeOJw+dthRXh3TPPOuUU1vtV4zaAbp4krqa3GpQy6AxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK5i8fdJcfj9zzztTKymX+heoY9bMB8GA1UdIwQY
MBaAFFzzGvw2y2lVAH/pftSl4xhdInG6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFBNYV9EYkxhVlVBZi1sLTFLWGpHRjBpY2JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80NThlYzMtMDQ1MS00ZTQxLTlhMzQt
NzM2ZDEyODg4Y2E4LzEvWFBNYV9EYkxhVlVBZi1sLTFLWGpHRjBpY2JvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy80NThlYzMtMDQ1MS00ZTQxLTlhMzQtNzM2ZDEyODg4Y2E4
LzEvWFBNYV9EYkxhVlVBZi1sLTFLWGpHRjBpY2JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACwVMz5fU
sYMecpN5rzfCru9G3LMaoOd7SJrpHZDwLG3LQ4B1ZHCtGnu6RRbOeCZsxUrtJJm8
Rdw+Gej+a4Rs0Hu3YIxoLMOYFgmCqBUycEBJVLDoMPmDazl36nbFirJ+p7kd0LBS
2JbpgQIvAHkCUcw3b2l7TSyelsjIpgOrMasZlO3o512PtTEIoE/tYQmVztF+DIZJ
xcI0Lj8DJ5bfNXruiUInpCT0TuHSi+xfPioXl3fPy8plz2jOHvIMSa+ORzCmYlb9
qiLV1tBwWFXexD/+CTXITdNl0sHJZmR5itEinbeZl75IGewf/4XUdxsILj8nVwhp
rfhwItJLHh8szw==
-----END CERTIFICATE-----
Generated at Sun Jul 27 05:28:19 2025 by rpki-client