Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/a282cd-ee30-49c3-9c9e-471db7eb719e/1/xdXOafzPDGu44rJmfh44-5QPPSY.mft
File: xdXOafzPDGu44rJmfh44-5QPPSY.mft (raw, json)
Hash identifier: VwMdWjlMsANos6jsj8xISFURY80OJctccCsyQssgp80=
Subject key identifier: 12:FB:35:1F:0D:38:1F:7A:62:ED:18:55:7B:36:0F:0C:36:36:D8:6D
Authority key identifier: C5:D5:CE:69:FC:CF:0C:6B:B8:E2:B2:66:7E:1E:38:FB:94:0F:3D:26
Certificate issuer: /CN=c5d5ce69fccf0c6bb8e2b2667e1e38fb940f3d26
Certificate serial: 0199233167F0C15BA0347261E4DE8DCDE154
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xdXOafzPDGu44rJmfh44-5QPPSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/a282cd-ee30-49c3-9c9e-471db7eb719e/1/xdXOafzPDGu44rJmfh44-5QPPSY.mft
Manifest number: 0ADD
Signing time: Sun 07 Sep 2025 08:01:04 +0000
Manifest this update: Sun 07 Sep 2025 08:01:04 +0000
Manifest next update: Mon 08 Sep 2025 08:01:04 +0000
Files and hashes: 1: 6dkBUwL-mhaODMyRqo4g1V5Aqm0.roa (hash: Qmi5vwRBC8G/em6HsgOnkDIH/4egeMg5iAbwYtXG1+s=)
2: xdXOafzPDGu44rJmfh44-5QPPSY.crl (hash: NPbz8qCDr6U2H/R5MErQIPk7WDnBpi044Mvm2lbAtI0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/a282cd-ee30-49c3-9c9e-471db7eb719e/1/xdXOafzPDGu44rJmfh44-5QPPSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/a282cd-ee30-49c3-9c9e-471db7eb719e/1/xdXOafzPDGu44rJmfh44-5QPPSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/xdXOafzPDGu44rJmfh44-5QPPSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:23:31:67:f0:c1:5b:a0:34:72:61:e4:de:8d:cd:e1:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5d5ce69fccf0c6bb8e2b2667e1e38fb940f3d26
Validity
Not Before: Sep 7 08:01:04 2025 GMT
Not After : Sep 8 08:01:04 2025 GMT
Subject: CN=12fb351f0d381f7a62ed18557b360f0c3636d86d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:76:5e:2a:a1:c3:b9:b0:32:81:aa:3a:1b:3b:
29:57:de:69:40:95:98:54:bf:b8:ca:36:cf:fa:0e:
47:dd:e3:71:f1:89:1c:bb:26:2d:21:07:53:af:3e:
47:c7:a8:a8:61:fd:1b:d1:82:fe:93:ec:d0:01:93:
3b:c1:c5:51:96:0f:1d:b4:d9:c6:86:f2:54:2a:4d:
79:ee:c1:31:8b:a2:de:e6:6c:e6:10:7b:be:be:5e:
78:fc:5a:75:e8:c7:2b:08:cd:d7:42:0b:9a:3c:4c:
ae:76:43:63:b4:43:b6:de:1c:71:ba:4c:cb:ae:42:
ca:5f:96:e0:18:9e:7c:c5:98:75:7f:27:c4:c0:f8:
b8:76:7f:18:e2:5a:60:bb:6d:0b:8f:fb:3d:42:53:
65:cd:45:02:83:a9:d7:7b:ef:33:bb:27:12:27:3a:
32:55:e0:29:c5:86:15:81:14:51:e7:db:71:5d:5a:
a2:4c:8a:8b:6c:a1:f7:6a:54:9d:57:89:c7:2b:24:
ab:33:bc:17:09:48:ec:34:fe:12:8f:10:5d:9f:3d:
b7:3c:4f:09:ee:dc:14:e5:2f:85:eb:30:41:59:e9:
72:1b:ea:b4:12:f2:0b:91:c2:db:a8:c6:01:78:ae:
50:3b:88:bb:a6:52:16:1a:d6:be:e7:37:f9:1d:a4:
99:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:FB:35:1F:0D:38:1F:7A:62:ED:18:55:7B:36:0F:0C:36:36:D8:6D
X509v3 Authority Key Identifier:
keyid:C5:D5:CE:69:FC:CF:0C:6B:B8:E2:B2:66:7E:1E:38:FB:94:0F:3D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xdXOafzPDGu44rJmfh44-5QPPSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a282cd-ee30-49c3-9c9e-471db7eb719e/1/xdXOafzPDGu44rJmfh44-5QPPSY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a282cd-ee30-49c3-9c9e-471db7eb719e/1/xdXOafzPDGu44rJmfh44-5QPPSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1b:89:06:8e:bd:88:ce:80:c3:53:74:b2:24:8a:8e:ad:f8:80:
25:a8:b0:e4:a4:4e:4b:82:5d:0a:53:80:48:3e:e6:57:4d:22:
3f:01:fa:89:d0:ff:b8:27:f6:bd:36:9a:95:be:85:36:2e:4a:
b4:8b:24:ac:f9:b5:12:1b:65:7d:32:9a:df:e0:87:7a:7f:bc:
94:ad:fa:ff:b7:95:dd:6c:ac:87:81:a5:44:cd:d3:b6:d0:0c:
39:5d:d0:46:8c:f3:69:96:23:10:73:72:04:2c:b2:1f:e4:c8:
5a:de:97:e1:4e:37:d7:4a:9d:21:2c:82:e8:ad:b1:d9:ce:89:
87:53:5a:09:4c:75:96:bf:7e:de:38:9f:3f:8f:df:91:7a:c6:
a7:86:62:16:84:39:b5:83:2f:87:e7:95:4a:4a:bf:79:d1:4d:
80:d3:13:31:ce:e2:a3:bb:ad:25:eb:1f:1c:3d:8d:cb:9b:41:
fd:85:a2:1b:d2:41:47:cd:35:2d:a5:93:6d:1a:1f:ad:f0:73:
1b:d7:7a:ac:fb:d2:ef:9f:03:4c:75:71:29:7f:f4:7b:cc:18:
97:f1:16:86:e9:df:89:6d:fc:e2:b7:80:b1:83:e2:fa:64:59:
4a:db:28:9f:8f:18:48:04:d7:e0:42:90:62:1f:64:28:44:18:
46:d8:79:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjMWfwwVugNHJh5N6NzeFUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1ZDVjZTY5ZmNjZjBjNmJiOGUyYjI2NjdlMWUzOGZiOTQw
ZjNkMjYwHhcNMjUwOTA3MDgwMTA0WhcNMjUwOTA4MDgwMTA0WjAzMTEwLwYDVQQD
EygxMmZiMzUxZjBkMzgxZjdhNjJlZDE4NTU3YjM2MGYwYzM2MzZkODZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3ZeKqHDubAygao6GzspV95pQJWY
VL+4yjbP+g5H3eNx8YkcuyYtIQdTrz5Hx6ioYf0b0YL+k+zQAZM7wcVRlg8dtNnG
hvJUKk157sExi6Le5mzmEHu+vl54/Fp16McrCM3XQguaPEyudkNjtEO23hxxukzL
rkLKX5bgGJ58xZh1fyfEwPi4dn8Y4lpgu20Lj/s9QlNlzUUCg6nXe+8zuycSJzoy
VeApxYYVgRRR59txXVqiTIqLbKH3alSdV4nHKySrM7wXCUjsNP4SjxBdnz23PE8J
7twU5S+F6zBBWelyG+q0EvILkcLbqMYBeK5QO4i7plIWGta+5zf5HaSZ8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBL7NR8NOB96Yu0YVXs2Dww2NthtMB8GA1UdIwQY
MBaAFMXVzmn8zwxruOKyZn4eOPuUDz0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGRYT2FmelBER3U0NHJKbWZoNDQtNVFQUFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9hMjgyY2QtZWUzMC00OWMzLTljOWUt
NDcxZGI3ZWI3MTllLzEveGRYT2FmelBER3U0NHJKbWZoNDQtNVFQUFNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9hMjgyY2QtZWUzMC00OWMzLTljOWUtNDcxZGI3ZWI3MTll
LzEveGRYT2FmelBER3U0NHJKbWZoNDQtNVFQUFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG4kGjr2I
zoDDU3SyJIqOrfiAJaiw5KROS4JdClOASD7mV00iPwH6idD/uCf2vTaalb6FNi5K
tIskrPm1EhtlfTKa3+CHen+8lK36/7eV3Wysh4GlRM3TttAMOV3QRozzaZYjEHNy
BCyyH+TIWt6X4U4310qdISyC6K2x2c6Jh1NaCUx1lr9+3jifP4/fkXrGp4ZiFoQ5
tYMvh+eVSkq/edFNgNMTMc7io7utJesfHD2Ny5tB/YWiG9JBR801LaWTbRofrfBz
G9d6rPvS758DTHVxKX/0e8wYl/EWhunfiW384reAsYPi+mRZStson48YSATX4EKQ
Yh9kKEQYRth50w==
-----END CERTIFICATE-----
Generated at Sun Sep 7 11:25:06 2025 by rpki-client