Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/9f54a6-933f-47de-8726-eddf527e8f2d/1/xcSzrlnZgfJQzIfatZeFSr7XowA.mft
File: xcSzrlnZgfJQzIfatZeFSr7XowA.mft (raw, json)
Hash identifier: L8zgINOgzV0EN4JAKeEH+JPyZZt4MyOIcRcMKLUToIE=
Subject key identifier: D8:ED:B5:B8:A0:61:08:6B:0A:A9:8D:C4:1D:B1:86:1E:AA:69:29:77
Authority key identifier: C5:C4:B3:AE:59:D9:81:F2:50:CC:87:DA:B5:97:85:4A:BE:D7:A3:00
Certificate issuer: /CN=c5c4b3ae59d981f250cc87dab597854abed7a300
Certificate serial: 01992DB59D72CD6B350FDC1ADE8BBECE1CDD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xcSzrlnZgfJQzIfatZeFSr7XowA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/9f54a6-933f-47de-8726-eddf527e8f2d/1/xcSzrlnZgfJQzIfatZeFSr7XowA.mft
Manifest number: 0590
Signing time: Tue 09 Sep 2025 09:01:40 +0000
Manifest this update: Tue 09 Sep 2025 09:01:40 +0000
Manifest next update: Wed 10 Sep 2025 09:01:40 +0000
Files and hashes: 1: tSYSYm63yj3qobuZYMSr1LAsH4E.roa (hash: e9vbUkUz5x9f5ya8J4QgHE0l9ibgPIgGHQ86whMQdU8=)
2: xcSzrlnZgfJQzIfatZeFSr7XowA.crl (hash: 4L2rjystMctNRvlfA+vZcpearmuigd7my+sEbr2NR3g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/9f54a6-933f-47de-8726-eddf527e8f2d/1/xcSzrlnZgfJQzIfatZeFSr7XowA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/9f54a6-933f-47de-8726-eddf527e8f2d/1/xcSzrlnZgfJQzIfatZeFSr7XowA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xcSzrlnZgfJQzIfatZeFSr7XowA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 08:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:2d:b5:9d:72:cd:6b:35:0f:dc:1a:de:8b:be:ce:1c:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5c4b3ae59d981f250cc87dab597854abed7a300
Validity
Not Before: Sep 9 09:01:40 2025 GMT
Not After : Sep 10 09:01:40 2025 GMT
Subject: CN=d8edb5b8a061086b0aa98dc41db1861eaa692977
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a1:c4:60:62:16:a0:d1:70:d1:09:b9:1e:5e:
5a:39:ee:20:5f:11:14:38:20:ac:23:03:fe:9f:b2:
6f:54:99:60:dd:04:15:43:a7:ed:31:e2:7b:fc:6e:
7d:0c:f0:a7:48:a9:f8:f5:52:01:98:70:0b:ce:c3:
cd:02:1b:e9:2b:a1:57:6f:47:6b:80:90:62:6a:aa:
2e:ab:d8:a8:31:22:bb:d3:d5:64:83:f6:05:17:56:
82:e3:43:18:ea:98:9a:dd:b9:bb:fe:32:1b:12:66:
1f:5c:ba:11:90:55:40:5f:55:d2:9b:51:8f:28:6c:
fa:d2:3f:cb:7f:73:be:93:1d:fd:61:28:25:bb:d6:
f9:a7:ef:ed:cd:4c:42:2f:4e:e8:36:e3:8b:07:fa:
09:e8:d0:51:0d:55:43:1c:d1:72:38:b9:0d:d7:02:
28:4e:1e:c0:33:ac:e8:c2:e9:0e:7d:f9:ea:42:39:
d0:84:29:5c:51:76:12:5c:32:c3:06:eb:d5:62:07:
ae:4e:f7:c3:dc:da:b8:aa:33:1d:3d:b0:c5:46:26:
4f:21:10:57:75:b2:ac:14:35:50:f0:d8:57:4a:40:
ac:03:fd:ff:62:4a:c2:10:c4:1e:7a:31:9a:36:68:
50:52:d4:19:2c:dd:51:60:e4:a2:7b:10:f8:4c:30:
01:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:ED:B5:B8:A0:61:08:6B:0A:A9:8D:C4:1D:B1:86:1E:AA:69:29:77
X509v3 Authority Key Identifier:
keyid:C5:C4:B3:AE:59:D9:81:F2:50:CC:87:DA:B5:97:85:4A:BE:D7:A3:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xcSzrlnZgfJQzIfatZeFSr7XowA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/9f54a6-933f-47de-8726-eddf527e8f2d/1/xcSzrlnZgfJQzIfatZeFSr7XowA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/9f54a6-933f-47de-8726-eddf527e8f2d/1/xcSzrlnZgfJQzIfatZeFSr7XowA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
86:8f:31:2d:09:b0:8e:08:5d:7d:d4:3d:bf:1f:8e:13:2b:47:
98:d6:18:73:64:37:1c:57:7f:89:25:67:d0:f2:31:fc:e6:e4:
55:a9:e6:73:c4:78:c3:9c:a2:f7:81:5a:d6:95:cc:4a:8c:cb:
ee:8f:59:b5:f1:c3:0a:28:f9:0e:60:4c:14:fa:98:f7:ed:63:
2f:48:c9:bc:f1:85:60:cf:35:ce:4b:ff:0d:6c:ce:2a:ae:82:
d4:bd:1e:4b:98:bb:89:b2:5f:a0:fb:20:b5:d4:ef:ed:af:30:
58:27:59:6d:46:77:dd:fd:7b:c1:e2:08:b9:60:0e:d4:41:24:
6d:69:f4:de:c3:22:c7:a8:20:ab:c6:b0:ed:25:1a:0d:4d:32:
40:2f:58:e8:a0:20:14:90:66:fc:84:26:47:c4:ac:89:44:a1:
33:a2:f2:7f:5c:8a:d9:69:76:a2:9b:c2:e8:3a:20:81:bc:f4:
58:09:0e:b8:78:86:03:cf:47:6e:5c:23:c8:4e:c8:ce:7a:69:
6e:35:da:61:24:bd:ef:7a:17:bc:a2:45:ab:5e:08:45:d0:48:
9f:02:17:68:c9:5b:43:d4:55:ee:da:99:cd:d5:28:06:b1:54:
91:66:bc:ba:bc:54:b9:82:8a:8f:02:d3:0d:14:14:9e:de:cb:
c9:fd:f2:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkttZ1yzWs1D9wa3ou+zhzdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YzRiM2FlNTlkOTgxZjI1MGNjODdkYWI1OTc4NTRhYmVk
N2EzMDAwHhcNMjUwOTA5MDkwMTQwWhcNMjUwOTEwMDkwMTQwWjAzMTEwLwYDVQQD
EyhkOGVkYjViOGEwNjEwODZiMGFhOThkYzQxZGIxODYxZWFhNjkyOTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6HEYGIWoNFw0Qm5Hl5aOe4gXxEU
OCCsIwP+n7JvVJlg3QQVQ6ftMeJ7/G59DPCnSKn49VIBmHALzsPNAhvpK6FXb0dr
gJBiaqouq9ioMSK709Vkg/YFF1aC40MY6pia3bm7/jIbEmYfXLoRkFVAX1XSm1GP
KGz60j/Lf3O+kx39YSglu9b5p+/tzUxCL07oNuOLB/oJ6NBRDVVDHNFyOLkN1wIo
Th7AM6zowukOffnqQjnQhClcUXYSXDLDBuvVYgeuTvfD3Nq4qjMdPbDFRiZPIRBX
dbKsFDVQ8NhXSkCsA/3/YkrCEMQeejGaNmhQUtQZLN1RYOSiexD4TDABTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNjttbigYQhrCqmNxB2xhh6qaSl3MB8GA1UdIwQY
MBaAFMXEs65Z2YHyUMyH2rWXhUq+16MAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGNTenJsblpnZkpReklmYXRaZUZTcjdYb3dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS85ZjU0YTYtOTMzZi00N2RlLTg3MjYt
ZWRkZjUyN2U4ZjJkLzEveGNTenJsblpnZkpReklmYXRaZUZTcjdYb3dBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS85ZjU0YTYtOTMzZi00N2RlLTg3MjYtZWRkZjUyN2U4ZjJk
LzEveGNTenJsblpnZkpReklmYXRaZUZTcjdYb3dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAho8xLQmw
jghdfdQ9vx+OEytHmNYYc2Q3HFd/iSVn0PIx/ObkVanmc8R4w5yi94Fa1pXMSozL
7o9ZtfHDCij5DmBMFPqY9+1jL0jJvPGFYM81zkv/DWzOKq6C1L0eS5i7ibJfoPsg
tdTv7a8wWCdZbUZ33f17weIIuWAO1EEkbWn03sMix6ggq8aw7SUaDU0yQC9Y6KAg
FJBm/IQmR8SsiUShM6Lyf1yK2Wl2opvC6Doggbz0WAkOuHiGA89HblwjyE7Iznpp
bjXaYSS973oXvKJFq14IRdBInwIXaMlbQ9RV7tqZzdUoBrFUkWa8urxUuYKKjwLT
DRQUnt7Lyf3ydw==
-----END CERTIFICATE-----
Generated at Tue Sep 9 09:57:58 2025 by rpki-client