Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/3e72ed-1d65-4982-ad9a-9c37478a593f/1/XOsOvYeLd9QvLKndCPcMMjxdA9s.mft
File: XOsOvYeLd9QvLKndCPcMMjxdA9s.mft (raw, json)
Hash identifier: PPlzMIhS/bXto8LyiwfkOAaiwqY2kGOUdeVob0oSBt8=
Subject key identifier: CF:3F:4B:8D:DF:D9:1C:20:71:27:EB:D4:DE:68:31:7E:51:A5:D9:56
Authority key identifier: 5C:EB:0E:BD:87:8B:77:D4:2F:2C:A9:DD:08:F7:0C:32:3C:5D:03:DB
Certificate issuer: /CN=5ceb0ebd878b77d42f2ca9dd08f70c323c5d03db
Certificate serial: 01984B553B0D7FD481DBC7C2146DEFE8BEA9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XOsOvYeLd9QvLKndCPcMMjxdA9s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/3e72ed-1d65-4982-ad9a-9c37478a593f/1/XOsOvYeLd9QvLKndCPcMMjxdA9s.mft
Manifest number: 0F20
Signing time: Sun 27 Jul 2025 10:02:13 +0000
Manifest this update: Sun 27 Jul 2025 10:02:13 +0000
Manifest next update: Mon 28 Jul 2025 10:02:13 +0000
Files and hashes: 1: RACkLgbLLbmOoJBt91BZdfyl6A0.roa (hash: MZ4vzxaGNc7jn7F682fp+i7yjq4zVlNk1kc4N8fk1T0=)
2: XOsOvYeLd9QvLKndCPcMMjxdA9s.crl (hash: abJOjtFRHO4Ah9VTqqrhEw0RVSnlkQKnLhgI1MFDVok=)
3: atQq239lyy1_USnx5HxIvR_xCQ0.roa (hash: 2VBlcsxe+dkdGVdmp9n4L26XGB1hz2kRzV8Tog1oGdY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/3e72ed-1d65-4982-ad9a-9c37478a593f/1/XOsOvYeLd9QvLKndCPcMMjxdA9s.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/3e72ed-1d65-4982-ad9a-9c37478a593f/1/XOsOvYeLd9QvLKndCPcMMjxdA9s.mft
rsync://rpki.ripe.net/repository/DEFAULT/XOsOvYeLd9QvLKndCPcMMjxdA9s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 05:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:4b:55:3b:0d:7f:d4:81:db:c7:c2:14:6d:ef:e8:be:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ceb0ebd878b77d42f2ca9dd08f70c323c5d03db
Validity
Not Before: Jul 27 10:02:13 2025 GMT
Not After : Jul 28 10:02:13 2025 GMT
Subject: CN=cf3f4b8ddfd91c207127ebd4de68317e51a5d956
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:7a:f4:91:89:d2:4f:72:44:e9:89:56:16:3f:
9b:f6:e0:78:0d:1a:b6:9a:d1:c6:a2:ab:0e:57:b8:
a7:63:94:74:41:72:59:21:cd:2c:83:02:ad:38:4d:
bc:b2:73:ff:32:32:0c:d1:51:55:34:27:84:92:a5:
2d:cd:ac:fe:0c:cf:a5:db:d5:c1:70:5e:a5:1f:dc:
82:45:e3:e5:ab:ff:d7:46:fd:10:1a:5d:92:e8:c0:
cf:c5:10:c8:d9:8b:e3:21:ea:fc:8f:ef:99:43:62:
42:e7:ab:04:37:f9:02:94:7b:05:c1:fe:db:b6:19:
4c:34:18:5c:56:c0:60:e0:b4:1c:17:0a:0b:d1:1b:
51:d1:54:bf:ec:27:e2:07:0a:86:7a:b3:01:d6:09:
63:3f:db:cd:64:a0:ec:e4:6b:58:62:ce:94:64:49:
8e:92:30:c7:9d:02:fb:15:4b:a8:0c:21:7e:89:14:
a3:29:c8:1b:98:df:9c:a4:24:fe:f5:00:67:44:36:
b7:0b:d2:da:75:51:49:11:6f:a2:2e:5f:54:b6:a7:
e7:17:68:f7:12:97:03:c5:04:69:b9:24:c6:83:1c:
09:a2:b9:38:86:5d:a8:ba:95:32:3d:49:04:0e:26:
d4:9f:cb:b4:fd:7c:d5:f4:11:12:38:91:0d:64:52:
20:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:3F:4B:8D:DF:D9:1C:20:71:27:EB:D4:DE:68:31:7E:51:A5:D9:56
X509v3 Authority Key Identifier:
keyid:5C:EB:0E:BD:87:8B:77:D4:2F:2C:A9:DD:08:F7:0C:32:3C:5D:03:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XOsOvYeLd9QvLKndCPcMMjxdA9s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3e72ed-1d65-4982-ad9a-9c37478a593f/1/XOsOvYeLd9QvLKndCPcMMjxdA9s.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3e72ed-1d65-4982-ad9a-9c37478a593f/1/XOsOvYeLd9QvLKndCPcMMjxdA9s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
03:1c:9e:d5:e2:68:a6:7f:d9:54:db:93:69:ab:15:99:b8:43:
bf:b0:f1:32:4a:1a:d3:81:1c:96:1b:3f:65:2e:ba:b0:96:ac:
1a:c3:c3:64:60:c9:eb:42:e2:12:b7:36:d7:29:aa:3e:b9:cf:
1b:18:fe:d8:18:b8:0e:5e:0a:c7:99:c8:f2:50:da:4d:5c:a9:
33:dd:8c:bc:1e:f7:ad:2a:03:6b:11:71:c9:cf:97:0a:34:fa:
18:6b:74:8a:36:1a:e6:60:8f:15:fb:2a:bc:23:1c:07:07:63:
bb:f2:27:99:06:94:ad:3f:41:05:5e:09:29:1b:ed:95:db:21:
fa:75:ab:af:49:1c:26:38:7d:3b:c5:41:d4:e2:1e:4d:5e:a4:
00:56:7b:59:16:ba:f9:3d:cf:46:29:74:cb:2d:73:e7:b1:34:
1e:93:68:26:25:b8:b3:e1:aa:fa:9d:fc:8f:f0:50:87:0f:16:
63:41:50:1d:9d:e2:51:bd:e2:3b:2d:7d:c9:97:e6:93:38:49:
88:71:46:a7:49:0f:7a:7a:cb:18:f5:42:f7:4c:8e:ca:aa:cd:
8e:14:e4:b7:62:14:5c:22:0b:3e:3d:5b:88:b2:61:24:e7:c4:
8c:53:98:90:e5:86:58:3b:fa:cb:b6:62:19:ec:95:48:21:34:
34:80:c7:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhLVTsNf9SB28fCFG3v6L6pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZWIwZWJkODc4Yjc3ZDQyZjJjYTlkZDA4ZjcwYzMyM2M1
ZDAzZGIwHhcNMjUwNzI3MTAwMjEzWhcNMjUwNzI4MTAwMjEzWjAzMTEwLwYDVQQD
EyhjZjNmNGI4ZGRmZDkxYzIwNzEyN2ViZDRkZTY4MzE3ZTUxYTVkOTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwnr0kYnST3JE6YlWFj+b9uB4DRq2
mtHGoqsOV7inY5R0QXJZIc0sgwKtOE28snP/MjIM0VFVNCeEkqUtzaz+DM+l29XB
cF6lH9yCRePlq//XRv0QGl2S6MDPxRDI2YvjIer8j++ZQ2JC56sEN/kClHsFwf7b
thlMNBhcVsBg4LQcFwoL0RtR0VS/7CfiBwqGerMB1gljP9vNZKDs5GtYYs6UZEmO
kjDHnQL7FUuoDCF+iRSjKcgbmN+cpCT+9QBnRDa3C9LadVFJEW+iLl9UtqfnF2j3
EpcDxQRpuSTGgxwJork4hl2oupUyPUkEDibUn8u0/XzV9BESOJENZFIg+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM8/S43f2RwgcSfr1N5oMX5RpdlWMB8GA1UdIwQY
MBaAFFzrDr2Hi3fULyyp3Qj3DDI8XQPbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE9zT3ZZZUxkOVF2TEtuZENQY01NanhkQTlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8zZTcyZWQtMWQ2NS00OTgyLWFkOWEt
OWMzNzQ3OGE1OTNmLzEvWE9zT3ZZZUxkOVF2TEtuZENQY01NanhkQTlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8zZTcyZWQtMWQ2NS00OTgyLWFkOWEtOWMzNzQ3OGE1OTNm
LzEvWE9zT3ZZZUxkOVF2TEtuZENQY01NanhkQTlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAxye1eJo
pn/ZVNuTaasVmbhDv7DxMkoa04Eclhs/ZS66sJasGsPDZGDJ60LiErc21ymqPrnP
Gxj+2Bi4Dl4Kx5nI8lDaTVypM92MvB73rSoDaxFxyc+XCjT6GGt0ijYa5mCPFfsq
vCMcBwdju/InmQaUrT9BBV4JKRvtldsh+nWrr0kcJjh9O8VB1OIeTV6kAFZ7WRa6
+T3PRil0yy1z57E0HpNoJiW4s+Gq+p38j/BQhw8WY0FQHZ3iUb3iOy19yZfmkzhJ
iHFGp0kPenrLGPVC90yOyqrNjhTkt2IUXCILPj1biLJhJOfEjFOYkOWGWDv6y7Zi
GeyVSCE0NIDHAA==
-----END CERTIFICATE-----
Generated at Sun Jul 27 15:36:53 2025 by rpki-client