Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.mft
File: xafD9LFGk1EiAllaik-VsNa3oQE.mft (raw, json)
Hash identifier: wHekkdYkuAmxo3+ua2hs44t1iVzIdbpMSV+tBQy7clk=
Subject key identifier: A1:A3:D9:6B:E8:8D:7A:2F:0D:98:AE:79:40:C8:91:FD:3C:1D:72:29
Authority key identifier: C5:A7:C3:F4:B1:46:93:51:22:02:59:5A:8A:4F:95:B0:D6:B7:A1:01
Certificate issuer: /CN=c5a7c3f4b14693512202595a8a4f95b0d6b7a101
Certificate serial: 019A375A087EC12637CEF428F227D097FE74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xafD9LFGk1EiAllaik-VsNa3oQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.mft
Manifest number: 1694
Signing time: Thu 30 Oct 2025 23:00:38 +0000
Manifest this update: Thu 30 Oct 2025 23:00:38 +0000
Manifest next update: Fri 31 Oct 2025 23:00:38 +0000
Files and hashes: 1: Bbxo5GOkMtBPV4eyDiJBtgGCAvs.roa (hash: gPTOZ/QwaGNzYqcGskaYm0Q9CUgsB/kmTCxE6lNVoV8=)
2: GkWtiMh4Kekgq83feCXLfv_pub8.roa (hash: UboiG7GPy5Vm4OyfuuuEVh7hhcZoHsmQQgbXPLJ/4ug=)
3: ScP8kW7fVZKKIlJqtoPhrGG1uQo.roa (hash: kBK8cN2i6ByxK8RJnTQxES9FzgvOd8FoOcnJVY/e4Bc=)
4: xafD9LFGk1EiAllaik-VsNa3oQE.crl (hash: zXmeWoMmsGjFxsMvTnWLjNUB7ezcRg01N4pdCgBR2Gs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.mft
rsync://rpki.ripe.net/repository/DEFAULT/xafD9LFGk1EiAllaik-VsNa3oQE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 31 Oct 2025 23:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:37:5a:08:7e:c1:26:37:ce:f4:28:f2:27:d0:97:fe:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5a7c3f4b14693512202595a8a4f95b0d6b7a101
Validity
Not Before: Oct 30 23:00:38 2025 GMT
Not After : Oct 31 23:00:38 2025 GMT
Subject: CN=a1a3d96be88d7a2f0d98ae7940c891fd3c1d7229
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:41:b5:a0:d5:0d:d9:3c:76:9d:09:2f:e7:6d:
0f:0e:20:10:a3:6b:19:2c:1b:fa:d2:27:55:40:de:
6c:43:c1:c3:02:01:cc:b1:fb:aa:34:a6:9e:de:c0:
7e:98:3e:51:a6:5b:25:aa:f6:79:3b:bf:03:c4:dd:
41:63:57:cb:29:94:d9:57:93:24:e3:f6:61:02:9a:
12:11:80:d8:3e:f0:5e:b1:eb:c9:c6:b8:f8:f4:03:
e2:a3:51:95:c5:73:8f:d0:56:ae:42:a7:df:c3:9a:
a6:10:f4:27:05:0b:78:d4:9d:ec:f6:aa:34:0d:1d:
95:5b:dc:46:6e:ca:18:3f:53:63:ab:d1:6f:36:9b:
4f:69:27:c6:3b:9c:6c:86:0e:51:15:6d:9c:af:6d:
d5:7c:7d:1e:3e:5a:d4:68:db:9c:70:1f:ab:ae:73:
3d:d1:cf:2a:bf:58:f2:3d:1c:e5:b9:27:79:0f:b2:
4e:30:a8:29:1a:88:1e:47:a9:a8:79:fd:68:18:f3:
83:bd:c9:96:c1:0b:b7:d7:ea:f6:4f:17:77:10:0b:
e7:a8:da:4c:56:3e:43:13:be:0b:4e:4f:11:66:40:
14:e5:52:07:50:dc:fc:70:c7:cd:51:e5:64:bc:ae:
1f:e6:a1:73:58:1b:25:f9:ab:18:be:ee:97:b2:5d:
6f:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:A3:D9:6B:E8:8D:7A:2F:0D:98:AE:79:40:C8:91:FD:3C:1D:72:29
X509v3 Authority Key Identifier:
keyid:C5:A7:C3:F4:B1:46:93:51:22:02:59:5A:8A:4F:95:B0:D6:B7:A1:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xafD9LFGk1EiAllaik-VsNa3oQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
37:0f:9c:38:11:bc:98:bf:b3:9e:a8:5c:ce:5a:d9:1e:d7:00:
18:fe:6f:f2:d8:c1:ed:ab:c5:82:db:8f:86:23:94:e0:78:3e:
4f:d5:70:2f:2f:d0:90:3d:2e:2b:55:ad:a8:2c:4d:1e:cd:71:
a0:4c:31:ac:3b:f3:ad:66:2f:09:78:37:40:4d:92:a0:1d:59:
f9:a5:45:74:f5:21:8e:d7:31:c9:ed:f9:5f:53:ed:ab:32:5a:
bc:b6:a3:27:7c:f4:50:29:9c:14:69:66:8b:18:d9:be:64:e8:
48:a2:bb:a6:03:8e:1d:02:09:ae:ec:cb:9e:82:4e:04:6d:18:
c1:0d:c2:1b:3c:4a:f4:91:1f:13:ed:15:91:1c:40:c8:a6:f0:
5b:16:e4:ab:2f:57:5e:9b:55:ee:b0:21:d1:89:fb:01:dd:f0:
5b:23:47:3c:0c:c8:07:82:c7:ec:ca:1f:28:f5:d9:d5:8d:4f:
cd:49:23:0e:47:00:35:a9:da:ac:c0:ff:db:dc:fe:26:3a:85:
ee:79:ed:67:f9:f6:e6:59:53:e6:72:57:16:5b:6d:e6:3d:64:
76:f7:4d:51:ff:16:33:46:b7:4b:e8:8d:94:63:72:73:12:73:
7e:1e:ac:cf:40:42:84:de:5f:bd:99:f8:e6:3d:2d:79:c5:7c:
5a:91:85:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZo3Wgh+wSY3zvQo8ifQl/50MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YTdjM2Y0YjE0NjkzNTEyMjAyNTk1YThhNGY5NWIwZDZi
N2ExMDEwHhcNMjUxMDMwMjMwMDM4WhcNMjUxMDMxMjMwMDM4WjAzMTEwLwYDVQQD
EyhhMWEzZDk2YmU4OGQ3YTJmMGQ5OGFlNzk0MGM4OTFmZDNjMWQ3MjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUG1oNUN2Tx2nQkv520PDiAQo2sZ
LBv60idVQN5sQ8HDAgHMsfuqNKae3sB+mD5RplslqvZ5O78DxN1BY1fLKZTZV5Mk
4/ZhApoSEYDYPvBesevJxrj49APio1GVxXOP0FauQqffw5qmEPQnBQt41J3s9qo0
DR2VW9xGbsoYP1Njq9FvNptPaSfGO5xshg5RFW2cr23VfH0ePlrUaNuccB+rrnM9
0c8qv1jyPRzluSd5D7JOMKgpGogeR6moef1oGPODvcmWwQu31+r2Txd3EAvnqNpM
Vj5DE74LTk8RZkAU5VIHUNz8cMfNUeVkvK4f5qFzWBsl+asYvu6Xsl1vlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKGj2WvojXovDZiueUDIkf08HXIpMB8GA1UdIwQY
MBaAFMWnw/SxRpNRIgJZWopPlbDWt6EBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGFmRDlMRkdrMUVpQWxsYWlrLVZzTmEzb1FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8zYTNiMmMtNzZiOS00OWI0LTgyMTgt
ZDEyZjFlMjQ1NmJhLzEveGFmRDlMRkdrMUVpQWxsYWlrLVZzTmEzb1FFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8zYTNiMmMtNzZiOS00OWI0LTgyMTgtZDEyZjFlMjQ1NmJh
LzEveGFmRDlMRkdrMUVpQWxsYWlrLVZzTmEzb1FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANw+cOBG8
mL+znqhczlrZHtcAGP5v8tjB7avFgtuPhiOU4Hg+T9VwLy/QkD0uK1WtqCxNHs1x
oEwxrDvzrWYvCXg3QE2SoB1Z+aVFdPUhjtcxye35X1PtqzJavLajJ3z0UCmcFGlm
ixjZvmToSKK7pgOOHQIJruzLnoJOBG0YwQ3CGzxK9JEfE+0VkRxAyKbwWxbkqy9X
XptV7rAh0Yn7Ad3wWyNHPAzIB4LH7MofKPXZ1Y1PzUkjDkcANanarMD/29z+JjqF
7nntZ/n25llT5nJXFltt5j1kdvdNUf8WM0a3S+iNlGNycxJzfh6sz0BChN5fvZn4
5j0tecV8WpGFhQ==
-----END CERTIFICATE-----
Generated at Fri Oct 31 08:08:09 2025 by rpki-client