Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/X32laK0Ce54knBPiI9MidpiBop8.mft
File: X32laK0Ce54knBPiI9MidpiBop8.mft (raw, json)
Hash identifier: 11tVHicwtmss671fUyODJI64Hghne9wXkrt9C+EoEIA=
Subject key identifier: D8:6F:C8:22:73:27:1E:36:6F:1D:20:BA:24:CC:57:1D:BA:A7:3D:CB
Authority key identifier: 5F:7D:A5:68:AD:02:7B:9E:24:9C:13:E2:23:D3:22:76:98:81:A2:9F
Certificate issuer: /CN=5f7da568ad027b9e249c13e223d322769881a29f
Certificate serial: 019A13BAFD6021B21A3FDD3FF0A99E00600E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X32laK0Ce54knBPiI9MidpiBop8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/X32laK0Ce54knBPiI9MidpiBop8.mft
Manifest number: 0C70
Signing time: Fri 24 Oct 2025 01:00:12 +0000
Manifest this update: Fri 24 Oct 2025 01:00:12 +0000
Manifest next update: Sat 25 Oct 2025 01:00:12 +0000
Files and hashes: 1: CiSXDCdW3LMwjv8iJ3B2mY7zojU.roa (hash: xoZ4D0sXI5qWTDuig3N1rhh1l7zRYo3/rWNsiYjXVLw=)
2: Dhg938LLNxihNYriqStR3oqs6Jg.roa (hash: Aj+6lvIDsodEZ6I55Us8ZFj5GtVjSmfFFjL8I/MfYqo=)
3: Ip8huaIK21qXcV1uFM12bMRhsAc.roa (hash: +deXUeKbtAB4FcOD/Fpx9fIrQPH8oKg+/d89Ce9TGGY=)
4: SVIT-fWz2Ki9EHDQlfqzIxpfVLE.roa (hash: RseVjDJ2Eg3rRrpcGWYYLelpMZ3JUHmet98PxhD+iYY=)
5: X32laK0Ce54knBPiI9MidpiBop8.crl (hash: JcDFCgxgPI18KgCwMzk+bTnAoOjLCm7unuo7D+3Wvro=)
6: XjVu2IyXljFzhSvYma_h3-clfVU.roa (hash: nT21YokFB5zQvbm3JPkkRJDjEHGU38C24xQDpQHQGAI=)
7: oSGRjgd5g7uxmIyMg55GeDp1lcQ.roa (hash: yVVI9w+n8DQ5LZ0pU0EZPfP/S8D3Imwu6pg6ds8XII0=)
8: pbCRn5qHfv9kAFmGRVO_GwJ-FGU.roa (hash: DuA/Ogfo71srzFpKEqoNkfpCys4Br/KSRmwQFn52q84=)
9: s84uwW_-i_SHLp2X5wNbbXCbos0.roa (hash: XmZwP1Dphpy/OpROhUP0RXS2PeMw5xbgxdsjXIheFhc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/X32laK0Ce54knBPiI9MidpiBop8.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/X32laK0Ce54knBPiI9MidpiBop8.mft
rsync://rpki.ripe.net/repository/DEFAULT/X32laK0Ce54knBPiI9MidpiBop8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 24 Oct 2025 23:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:13:ba:fd:60:21:b2:1a:3f:dd:3f:f0:a9:9e:00:60:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f7da568ad027b9e249c13e223d322769881a29f
Validity
Not Before: Oct 24 01:00:12 2025 GMT
Not After : Oct 25 01:00:12 2025 GMT
Subject: CN=d86fc82273271e366f1d20ba24cc571dbaa73dcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:0c:79:42:fe:d4:7f:8f:4a:67:34:50:4a:4f:
8f:7e:81:65:37:e3:29:78:fa:70:2a:2a:20:76:06:
2b:7d:b3:0f:9c:35:a9:f8:5e:3f:63:f8:3f:cd:5e:
7f:b5:ce:ff:6e:70:5d:05:88:f8:10:16:27:6e:20:
b3:73:03:f4:e2:ab:49:2a:8a:17:7b:e4:49:a7:23:
07:86:a0:2a:75:24:a8:37:95:f3:04:24:4c:69:9b:
b7:3f:38:cd:18:ce:a4:3f:08:a1:65:fb:20:20:4a:
7a:0d:ac:97:4b:26:14:fb:ec:7c:1a:2e:8f:e9:be:
c4:53:d2:df:fe:a6:27:25:7d:88:9f:cb:27:12:e2:
06:a1:ef:27:e5:7d:88:d5:3d:ed:51:ce:1b:4f:7f:
38:bf:8b:d8:7b:5a:6c:4f:be:fc:9a:9d:eb:58:68:
9e:6d:bc:1f:a7:7f:51:d3:d3:1a:e5:be:06:aa:f4:
1f:d7:ec:e8:92:ad:ae:83:c7:fa:d1:a3:0b:97:ad:
86:06:ef:a2:9b:17:b8:04:ce:c4:5e:a3:c4:3d:55:
25:e9:d3:55:f3:6a:97:96:87:ee:bf:0c:01:6f:ef:
38:9c:ba:62:03:77:41:33:2a:5d:bb:21:66:9d:21:
28:2a:39:e4:f2:d9:43:25:cc:9d:df:ce:fa:c9:2a:
93:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:6F:C8:22:73:27:1E:36:6F:1D:20:BA:24:CC:57:1D:BA:A7:3D:CB
X509v3 Authority Key Identifier:
keyid:5F:7D:A5:68:AD:02:7B:9E:24:9C:13:E2:23:D3:22:76:98:81:A2:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X32laK0Ce54knBPiI9MidpiBop8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/X32laK0Ce54knBPiI9MidpiBop8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/X32laK0Ce54knBPiI9MidpiBop8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9e:03:f3:0b:3a:d0:a8:12:9b:99:95:cf:a3:a6:12:d2:bb:df:
3b:74:25:79:ff:67:ed:73:48:5b:55:99:f9:37:5e:9e:58:20:
ee:89:ff:04:5f:2f:0a:e1:e8:4d:ff:b4:46:55:60:2f:17:d9:
b9:46:d8:09:d1:de:8b:7e:fa:37:70:64:23:32:b3:b8:38:76:
eb:1f:15:80:25:1d:05:7c:7f:55:85:5f:0e:d9:63:6d:b5:a2:
ab:ff:46:c0:02:82:a3:b7:77:6b:7b:19:9f:55:ce:9e:60:aa:
69:9a:18:aa:1a:ff:a9:cb:48:ef:2d:c9:4d:41:a8:3a:ee:1c:
be:5d:6c:bb:cc:de:cb:f8:fb:5a:f7:b3:b4:f2:9e:a1:97:75:
f9:c4:10:0a:3c:63:d8:f3:42:86:80:b9:7a:d6:2b:03:eb:28:
3f:cf:44:d1:e2:71:3b:b5:17:ad:34:74:db:b2:21:97:c5:29:
bb:77:c0:d1:83:1f:ea:03:13:ea:bd:c2:33:26:3c:3f:a5:f8:
51:79:bb:41:cb:52:32:08:54:ad:41:37:98:b6:17:0d:cf:ce:
2d:fa:0a:42:73:b6:9e:94:4d:56:04:3a:d5:14:59:46:43:7f:
22:82:a6:34:cf:a7:f7:96:80:2d:67:cb:d9:b1:f5:28:36:39:
60:05:35:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoTuv1gIbIaP90/8KmeAGAOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmN2RhNTY4YWQwMjdiOWUyNDljMTNlMjIzZDMyMjc2OTg4
MWEyOWYwHhcNMjUxMDI0MDEwMDEyWhcNMjUxMDI1MDEwMDEyWjAzMTEwLwYDVQQD
EyhkODZmYzgyMjczMjcxZTM2NmYxZDIwYmEyNGNjNTcxZGJhYTczZGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+gx5Qv7Uf49KZzRQSk+PfoFlN+Mp
ePpwKiogdgYrfbMPnDWp+F4/Y/g/zV5/tc7/bnBdBYj4EBYnbiCzcwP04qtJKooX
e+RJpyMHhqAqdSSoN5XzBCRMaZu3PzjNGM6kPwihZfsgIEp6DayXSyYU++x8Gi6P
6b7EU9Lf/qYnJX2In8snEuIGoe8n5X2I1T3tUc4bT384v4vYe1psT778mp3rWGie
bbwfp39R09Ma5b4GqvQf1+zokq2ug8f60aMLl62GBu+imxe4BM7EXqPEPVUl6dNV
82qXlofuvwwBb+84nLpiA3dBMypduyFmnSEoKjnk8tlDJcyd3876ySqT6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNhvyCJzJx42bx0guiTMVx26pz3LMB8GA1UdIwQY
MBaAFF99pWitAnueJJwT4iPTInaYgaKfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDMybGFLMENlNTRrbkJQaUk5TWlkcGlCb3A4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8wNTQ4OGYtZjRlMC00ZTZjLTk0ZjUt
Mzc1NzUzOWMyYWM5LzEvWDMybGFLMENlNTRrbkJQaUk5TWlkcGlCb3A4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8wNTQ4OGYtZjRlMC00ZTZjLTk0ZjUtMzc1NzUzOWMyYWM5
LzEvWDMybGFLMENlNTRrbkJQaUk5TWlkcGlCb3A4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAngPzCzrQ
qBKbmZXPo6YS0rvfO3Qlef9n7XNIW1WZ+Tdenlgg7on/BF8vCuHoTf+0RlVgLxfZ
uUbYCdHei376N3BkIzKzuDh26x8VgCUdBXx/VYVfDtljbbWiq/9GwAKCo7d3a3sZ
n1XOnmCqaZoYqhr/qctI7y3JTUGoOu4cvl1su8zey/j7WveztPKeoZd1+cQQCjxj
2PNChoC5etYrA+soP89E0eJxO7UXrTR027Ihl8Upu3fA0YMf6gMT6r3CMyY8P6X4
UXm7QctSMghUrUE3mLYXDc/OLfoKQnO2npRNVgQ61RRZRkN/IoKmNM+n95aALWfL
2bH1KDY5YAU10g==
-----END CERTIFICATE-----
Generated at Fri Oct 24 09:04:31 2025 by rpki-client