Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft
File: XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft (raw, json)
Hash identifier: AkFdrdwC04ePwEYP6qmsBH+wDs92MIAHKnR/Cij41jI=
Subject key identifier: 22:89:F0:B6:56:89:56:9A:58:41:32:5F:23:8D:83:95:C3:72:5E:76
Authority key identifier: 5D:A3:8F:7C:3E:CA:D2:9E:C5:06:44:B7:00:68:B9:2A:1B:E4:70:74
Certificate issuer: /CN=5da38f7c3ecad29ec50644b70068b92a1be47074
Certificate serial: 0198402B66EB5FB5151399380419082A1F5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft
Manifest number: 0531
Signing time: Fri 25 Jul 2025 06:00:42 +0000
Manifest this update: Fri 25 Jul 2025 06:00:42 +0000
Manifest next update: Sat 26 Jul 2025 06:00:42 +0000
Files and hashes: 1: SzmhUfWJuFhyT5TGLouRAgBLoIM.roa (hash: Qov0MeRXvHn6kZBTJQaoc48+Yw0xT2B5xVOV+b6Nifs=)
2: XaOPfD7K0p7FBkS3AGi5KhvkcHQ.crl (hash: Iz2+6K0aua4nW6VgBSn/kdeICKFZqSu/99KyiVaT+jg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 06:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:40:2b:66:eb:5f:b5:15:13:99:38:04:19:08:2a:1f:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da38f7c3ecad29ec50644b70068b92a1be47074
Validity
Not Before: Jul 25 06:00:42 2025 GMT
Not After : Jul 26 06:00:42 2025 GMT
Subject: CN=2289f0b65689569a5841325f238d8395c3725e76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:ae:be:2c:30:71:4c:e1:a2:d3:a4:f7:83:66:
85:96:34:5d:26:1b:79:0b:ce:9c:db:94:fa:19:0f:
1f:a8:45:af:61:49:40:3f:5c:6f:63:b9:aa:9e:79:
b7:25:d4:b6:65:05:31:14:43:e4:67:f5:35:ca:f3:
55:43:8e:c9:6a:fd:6f:1a:b7:8e:9e:85:31:f7:3d:
5b:40:5f:a0:19:bc:b1:37:3e:67:d3:98:63:1a:66:
42:c0:95:93:f1:37:69:1e:02:4a:82:95:12:d8:8f:
a4:91:a4:9c:f7:5e:a8:9f:b2:46:35:4b:f8:b5:76:
22:9f:a6:c0:db:cb:56:b4:fe:2a:83:bb:0b:6d:36:
5b:cb:35:6c:b2:43:b1:ce:8f:4c:37:b7:28:0b:69:
87:9c:01:9f:85:30:e5:12:01:9e:72:3f:52:25:60:
2d:93:20:07:2d:13:b9:d7:6d:f5:e8:3b:d2:52:bd:
55:a9:c8:bb:4d:d3:29:22:b4:86:55:be:4a:fe:83:
90:f2:59:81:c2:b0:eb:a3:65:3f:19:64:bc:9e:85:
49:da:c1:b8:dd:e7:78:a9:ca:05:19:20:32:bb:b8:
69:1c:0d:1b:9c:ff:37:e9:55:33:da:fb:12:7d:fc:
72:12:ce:32:53:d7:85:1f:e7:20:74:e9:1a:af:75:
6a:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:89:F0:B6:56:89:56:9A:58:41:32:5F:23:8D:83:95:C3:72:5E:76
X509v3 Authority Key Identifier:
keyid:5D:A3:8F:7C:3E:CA:D2:9E:C5:06:44:B7:00:68:B9:2A:1B:E4:70:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7f:f6:82:7b:54:99:e8:07:c4:77:fa:b2:42:7e:3b:6a:87:a3:
50:25:2b:5c:c5:a0:6c:82:12:87:bf:93:8f:dd:31:c6:18:17:
96:78:a9:d4:2e:3d:4d:c3:f0:4b:e7:26:84:a3:14:3e:26:f6:
9f:3e:b6:72:6d:6a:c9:f3:72:8f:ae:dd:b1:80:28:9c:30:4d:
47:a0:d2:31:0b:c9:f3:a4:2f:7e:f2:cf:7d:6e:56:27:c1:d7:
46:76:34:e5:74:8e:7b:64:9b:47:98:73:2e:77:da:d6:e7:e2:
57:3d:d4:8c:14:e7:de:4e:fb:78:19:01:03:d3:55:28:83:33:
a8:01:d3:bc:99:cb:26:3f:8c:17:75:31:37:db:f2:3a:e7:24:
1f:84:2d:38:32:63:f6:12:45:82:b4:97:21:8c:9e:a8:65:c1:
58:0e:df:9f:af:22:e9:e5:7b:dc:26:a2:fb:7e:07:34:7b:1e:
c9:41:85:00:b4:17:c9:94:0a:11:70:fc:73:f2:56:9a:dc:10:
ff:21:53:b5:71:e0:c9:b5:ee:4f:b4:c1:15:79:0f:84:f5:cd:
f9:3e:81:81:b4:60:2c:07:4b:47:be:94:14:d4:38:0c:29:4e:
0b:9e:5e:d7:ec:a6:76:76:3f:36:af:31:50:75:0d:b3:32:cd:
e3:6d:ba:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhAK2brX7UVE5k4BBkIKh9fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM4ZjdjM2VjYWQyOWVjNTA2NDRiNzAwNjhiOTJhMWJl
NDcwNzQwHhcNMjUwNzI1MDYwMDQyWhcNMjUwNzI2MDYwMDQyWjAzMTEwLwYDVQQD
EygyMjg5ZjBiNjU2ODk1NjlhNTg0MTMyNWYyMzhkODM5NWMzNzI1ZTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5K6+LDBxTOGi06T3g2aFljRdJht5
C86c25T6GQ8fqEWvYUlAP1xvY7mqnnm3JdS2ZQUxFEPkZ/U1yvNVQ47Jav1vGreO
noUx9z1bQF+gGbyxNz5n05hjGmZCwJWT8TdpHgJKgpUS2I+kkaSc916on7JGNUv4
tXYin6bA28tWtP4qg7sLbTZbyzVsskOxzo9MN7coC2mHnAGfhTDlEgGecj9SJWAt
kyAHLRO512316DvSUr1Vqci7TdMpIrSGVb5K/oOQ8lmBwrDro2U/GWS8noVJ2sG4
3ed4qcoFGSAyu7hpHA0bnP836VUz2vsSffxyEs4yU9eFH+cgdOkar3VqYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCKJ8LZWiVaaWEEyXyONg5XDcl52MB8GA1UdIwQY
MBaAFF2jj3w+ytKexQZEtwBouSob5HB0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPUGZEN0swcDdGQmtTM0FHaTVLaHZrY0hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9iYmE4ZTctYjlkMi00ZDliLTg4Yjkt
OTQwOGYxYmMwZDEyLzEvWGFPUGZEN0swcDdGQmtTM0FHaTVLaHZrY0hRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9iYmE4ZTctYjlkMi00ZDliLTg4YjktOTQwOGYxYmMwZDEy
LzEvWGFPUGZEN0swcDdGQmtTM0FHaTVLaHZrY0hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf/aCe1SZ
6AfEd/qyQn47aoejUCUrXMWgbIISh7+Tj90xxhgXlnip1C49TcPwS+cmhKMUPib2
nz62cm1qyfNyj67dsYAonDBNR6DSMQvJ86QvfvLPfW5WJ8HXRnY05XSOe2SbR5hz
Lnfa1ufiVz3UjBTn3k77eBkBA9NVKIMzqAHTvJnLJj+MF3UxN9vyOuckH4QtODJj
9hJFgrSXIYyeqGXBWA7fn68i6eV73Cai+34HNHseyUGFALQXyZQKEXD8c/JWmtwQ
/yFTtXHgybXuT7TBFXkPhPXN+T6BgbRgLAdLR76UFNQ4DClOC55e1+ymdnY/Nq8x
UHUNszLN4226og==
-----END CERTIFICATE-----
Generated at Fri Jul 25 11:09:16 2025 by rpki-client