
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft
File: XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft (raw, json)
Hash identifier: fqZEEXBGi2Kd80WptfMBpYekokcxeO0xuKJXDT3PcQM=
Subject key identifier: 52:7A:15:94:6F:F9:C8:15:68:3A:22:DF:E6:71:6B:E8:D8:D2:A2:64
Authority key identifier: 5D:A3:8F:7C:3E:CA:D2:9E:C5:06:44:B7:00:68:B9:2A:1B:E4:70:74
Certificate issuer: /CN=5da38f7c3ecad29ec50644b70068b92a1be47074
Certificate serial: 01983E3D448647D5424C2C9F7EA70662E5D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft
Manifest number: 0530
Signing time: Thu 24 Jul 2025 21:00:59 +0000
Manifest this update: Thu 24 Jul 2025 21:00:59 +0000
Manifest next update: Fri 25 Jul 2025 21:00:59 +0000
Files and hashes: 1: SzmhUfWJuFhyT5TGLouRAgBLoIM.roa (hash: Qov0MeRXvHn6kZBTJQaoc48+Yw0xT2B5xVOV+b6Nifs=)
2: XaOPfD7K0p7FBkS3AGi5KhvkcHQ.crl (hash: HwFPFZIC8Hr0pu9k8037l3xWwkFOSZ1k7MjVpGyna4Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 21:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:3e:3d:44:86:47:d5:42:4c:2c:9f:7e:a7:06:62:e5:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da38f7c3ecad29ec50644b70068b92a1be47074
Validity
Not Before: Jul 24 21:00:59 2025 GMT
Not After : Jul 25 21:00:59 2025 GMT
Subject: CN=527a15946ff9c815683a22dfe6716be8d8d2a264
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:a8:b9:b9:0c:56:3d:a8:02:3c:86:be:f4:9b:
b1:7c:18:7f:f3:90:ae:43:37:b8:0e:c2:35:2b:af:
e2:51:a7:b9:e0:be:39:6c:e3:c8:09:64:6d:a0:3b:
9a:a2:45:79:28:86:41:89:e2:e9:dd:92:0b:4f:d6:
c1:63:94:49:03:08:fd:29:ea:fe:36:a7:a2:19:ff:
25:bc:4d:82:12:f2:8f:ea:28:9d:84:1c:7b:45:09:
49:48:a1:c0:5c:5d:03:74:c6:00:cc:6e:37:8c:fd:
e8:ff:ec:e4:32:21:e7:9a:5d:57:54:96:1e:bc:f0:
ec:07:d5:86:da:0a:17:64:c4:ef:8d:ec:72:01:48:
e5:05:28:66:9e:47:59:78:be:19:2d:89:ef:4b:2f:
d0:d4:b3:77:20:f8:b3:07:d9:13:42:4c:0f:a1:70:
17:60:ce:f0:5b:3a:e9:64:0c:4d:d6:3a:3e:d3:b5:
ba:39:8a:38:bd:f7:a0:97:9a:46:0b:48:03:75:d1:
ce:d2:77:e4:06:68:d7:e9:c2:c3:ca:d4:22:2f:b9:
77:49:ac:78:20:26:15:37:14:65:dd:f8:8e:df:ac:
5e:85:ce:ec:d3:f3:b3:13:83:97:55:7c:3b:b3:4a:
9e:f4:13:ff:51:65:22:15:62:65:54:2d:4d:40:4e:
33:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:7A:15:94:6F:F9:C8:15:68:3A:22:DF:E6:71:6B:E8:D8:D2:A2:64
X509v3 Authority Key Identifier:
keyid:5D:A3:8F:7C:3E:CA:D2:9E:C5:06:44:B7:00:68:B9:2A:1B:E4:70:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2c:fa:7a:fd:f8:80:22:f0:96:76:91:63:93:c4:b6:1d:0d:4e:
4e:54:e7:2a:56:02:91:6f:63:50:2c:82:69:3c:3c:0e:ee:72:
31:ad:05:b2:22:b0:94:7f:ca:fb:cd:1a:37:f0:ee:e0:90:1f:
a4:99:5f:13:79:cb:f7:7f:11:de:f9:6a:cd:12:42:1c:b1:7f:
3c:1c:c5:2d:3d:5d:ab:2a:20:15:ac:0a:8b:b4:6e:95:56:2f:
3e:88:f2:e7:d5:00:8f:23:24:d7:e7:82:72:cd:dd:44:4e:7f:
6a:48:c0:7a:e5:4b:3a:b6:5d:32:79:62:1f:64:ae:9c:27:6a:
3f:be:fd:d1:76:ba:48:a5:c3:4b:16:21:2f:26:d8:a7:f1:3b:
7d:e2:17:74:6e:9d:d0:5a:13:48:92:4a:88:a0:83:06:02:98:
1c:10:71:e3:c0:93:0a:57:7b:2e:02:3b:3c:b3:57:5a:8a:01:
4e:b1:0d:49:16:b8:1e:93:d2:43:43:f4:2b:7a:fd:01:9d:cb:
e2:9b:e7:c1:ae:00:db:eb:75:40:98:63:9a:a1:52:a2:b3:44:
0e:e5:74:6d:09:eb:dd:0a:dd:14:ca:b4:d4:d6:7a:f4:92:92:
34:78:5a:0e:55:67:5d:c2:42:ef:93:d5:bb:ea:90:1a:18:97:
16:14:21:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZg+PUSGR9VCTCyffqcGYuXTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM4ZjdjM2VjYWQyOWVjNTA2NDRiNzAwNjhiOTJhMWJl
NDcwNzQwHhcNMjUwNzI0MjEwMDU5WhcNMjUwNzI1MjEwMDU5WjAzMTEwLwYDVQQD
Eyg1MjdhMTU5NDZmZjljODE1NjgzYTIyZGZlNjcxNmJlOGQ4ZDJhMjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqi5uQxWPagCPIa+9JuxfBh/85Cu
Qze4DsI1K6/iUae54L45bOPICWRtoDuaokV5KIZBieLp3ZILT9bBY5RJAwj9Ker+
NqeiGf8lvE2CEvKP6iidhBx7RQlJSKHAXF0DdMYAzG43jP3o/+zkMiHnml1XVJYe
vPDsB9WG2goXZMTvjexyAUjlBShmnkdZeL4ZLYnvSy/Q1LN3IPizB9kTQkwPoXAX
YM7wWzrpZAxN1jo+07W6OYo4vfegl5pGC0gDddHO0nfkBmjX6cLDytQiL7l3Sax4
ICYVNxRl3fiO36xehc7s0/OzE4OXVXw7s0qe9BP/UWUiFWJlVC1NQE4zewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFJ6FZRv+cgVaDoi3+Zxa+jY0qJkMB8GA1UdIwQY
MBaAFF2jj3w+ytKexQZEtwBouSob5HB0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPUGZEN0swcDdGQmtTM0FHaTVLaHZrY0hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9iYmE4ZTctYjlkMi00ZDliLTg4Yjkt
OTQwOGYxYmMwZDEyLzEvWGFPUGZEN0swcDdGQmtTM0FHaTVLaHZrY0hRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9iYmE4ZTctYjlkMi00ZDliLTg4YjktOTQwOGYxYmMwZDEy
LzEvWGFPUGZEN0swcDdGQmtTM0FHaTVLaHZrY0hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALPp6/fiA
IvCWdpFjk8S2HQ1OTlTnKlYCkW9jUCyCaTw8Du5yMa0FsiKwlH/K+80aN/Du4JAf
pJlfE3nL938R3vlqzRJCHLF/PBzFLT1dqyogFawKi7RulVYvPojy59UAjyMk1+eC
cs3dRE5/akjAeuVLOrZdMnliH2SunCdqP7790Xa6SKXDSxYhLybYp/E7feIXdG6d
0FoTSJJKiKCDBgKYHBBx48CTCld7LgI7PLNXWooBTrENSRa4HpPSQ0P0K3r9AZ3L
4pvnwa4A2+t1QJhjmqFSorNEDuV0bQnr3QrdFMq01NZ69JKSNHhaDlVnXcJC75PV
u+qQGhiXFhQhNw==
-----END CERTIFICATE-----
Generated at Fri Jul 25 01:05:15 2025 by rpki-client