Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/aa7bf6-6525-4394-80ba-bd40dfae7886/1/xLejOGcjuooupILHtoAxpUEirE8.mft
File: xLejOGcjuooupILHtoAxpUEirE8.mft (raw, json)
Hash identifier: 2Nt+qjixoAD27qUpMTWk6w3Y8zC1i5UpPT5YkLIjFJU=
Subject key identifier: E1:E1:81:F2:F4:4A:9C:AE:32:51:F0:0B:1F:E8:51:32:9F:31:22:28
Authority key identifier: C4:B7:A3:38:67:23:BA:8A:2E:A4:82:C7:B6:80:31:A5:41:22:AC:4F
Certificate issuer: /CN=c4b7a3386723ba8a2ea482c7b68031a54122ac4f
Certificate serial: 0199239F0A0A66A8A5B33F9E3A195F85A8C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xLejOGcjuooupILHtoAxpUEirE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/aa7bf6-6525-4394-80ba-bd40dfae7886/1/xLejOGcjuooupILHtoAxpUEirE8.mft
Manifest number: 04D8
Signing time: Sun 07 Sep 2025 10:00:49 +0000
Manifest this update: Sun 07 Sep 2025 10:00:49 +0000
Manifest next update: Mon 08 Sep 2025 10:00:49 +0000
Files and hashes: 1: 0_rsDpozI4g5wPFKDmzbwq9bb1k.roa (hash: 7DcbeCiF69zZXzwKjiTUr+RmXx7bcAENnZcFTHZwzHM=)
2: xLejOGcjuooupILHtoAxpUEirE8.crl (hash: 424YCLEf+y/zlvNIyLUTjWl8tK/lbPZljXm9lJs0X60=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/aa7bf6-6525-4394-80ba-bd40dfae7886/1/xLejOGcjuooupILHtoAxpUEirE8.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/aa7bf6-6525-4394-80ba-bd40dfae7886/1/xLejOGcjuooupILHtoAxpUEirE8.mft
rsync://rpki.ripe.net/repository/DEFAULT/xLejOGcjuooupILHtoAxpUEirE8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:23:9f:0a:0a:66:a8:a5:b3:3f:9e:3a:19:5f:85:a8:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4b7a3386723ba8a2ea482c7b68031a54122ac4f
Validity
Not Before: Sep 7 10:00:49 2025 GMT
Not After : Sep 8 10:00:49 2025 GMT
Subject: CN=e1e181f2f44a9cae3251f00b1fe851329f312228
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c6:84:de:b9:d8:de:a3:44:9d:34:b7:90:b6:
16:bc:b4:75:cc:e1:c6:1f:75:30:57:71:51:50:48:
52:6f:f3:79:38:4c:a4:98:f2:78:6b:76:f9:a8:fe:
53:3c:2a:a2:23:1f:2c:f4:a4:9f:fa:0d:53:81:66:
7b:81:e3:a9:61:fc:97:80:de:66:b8:31:6d:cd:6b:
46:13:2d:74:0e:9d:f6:cd:21:8a:6a:ce:6a:2c:25:
49:95:ea:06:b2:a6:3b:3a:a3:6f:7c:a8:6d:68:b3:
89:f1:dc:f0:f2:1f:5b:28:e5:6d:12:f2:a8:7e:0c:
2b:09:c8:b4:c4:c9:b3:08:3c:39:44:b5:e1:fc:f1:
6d:1a:23:d6:59:4d:58:8f:fb:e8:dd:25:2a:d3:fe:
0b:f7:5a:7a:6d:fd:dd:34:39:31:2d:43:f0:f5:97:
31:d6:ab:74:f1:7e:71:12:9c:7e:7c:ec:11:4c:b6:
54:94:36:d3:4e:1c:f0:23:8c:c0:7b:28:e9:0d:51:
6a:cf:ad:83:49:05:f9:9e:62:14:30:ba:1e:5f:60:
7e:15:df:c1:fe:77:79:8f:77:a5:63:b2:ef:3e:b3:
96:69:60:21:8c:0f:52:23:5f:ec:00:cb:ce:31:9f:
88:4e:80:96:c7:b1:57:d0:1a:8f:5d:3c:f8:df:3f:
99:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:E1:81:F2:F4:4A:9C:AE:32:51:F0:0B:1F:E8:51:32:9F:31:22:28
X509v3 Authority Key Identifier:
keyid:C4:B7:A3:38:67:23:BA:8A:2E:A4:82:C7:B6:80:31:A5:41:22:AC:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xLejOGcjuooupILHtoAxpUEirE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/aa7bf6-6525-4394-80ba-bd40dfae7886/1/xLejOGcjuooupILHtoAxpUEirE8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/aa7bf6-6525-4394-80ba-bd40dfae7886/1/xLejOGcjuooupILHtoAxpUEirE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
04:5b:d4:2a:d8:3d:67:82:d0:31:de:13:60:6b:f0:a6:74:48:
5b:59:ed:a4:64:bc:7c:f0:15:bf:a5:5a:69:38:79:e3:ef:ef:
ca:b9:7a:94:0f:6c:50:b3:e9:b5:b0:6a:24:d3:7d:bd:b1:96:
e5:1f:27:bc:2e:31:7e:5e:93:9a:c7:d2:a1:55:08:9c:17:1e:
09:b4:01:a1:4d:db:49:2e:b6:a4:90:5d:23:30:ab:9f:fd:9f:
2d:35:40:73:97:a3:68:6b:d8:00:d3:94:c1:09:3a:32:b0:cb:
63:d7:6e:22:7d:c6:90:e8:b6:94:8e:8b:f2:74:3d:49:26:53:
0b:dc:bc:25:3a:4c:46:06:28:10:f9:26:6b:a1:39:93:c6:30:
b4:61:dd:02:76:77:15:c8:a1:a3:5d:94:cd:93:7b:d8:80:b1:
c8:b1:a8:12:7e:c8:59:c5:f2:99:bd:64:e4:c6:39:d3:17:8b:
54:74:37:1f:fa:13:ff:5a:fc:5c:19:92:ac:0f:ac:d7:0b:cc:
00:45:3a:04:e1:d7:bc:02:42:00:6e:79:62:46:31:26:e1:e3:
bc:a5:57:81:e1:00:0a:bd:c7:dd:bc:9c:04:98:06:35:32:80:
f8:0d:5a:25:87:48:78:e6:48:8f:93:3b:40:c9:2b:de:f6:0a:
eb:ed:1c:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjnwoKZqilsz+eOhlfhajFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0YjdhMzM4NjcyM2JhOGEyZWE0ODJjN2I2ODAzMWE1NDEy
MmFjNGYwHhcNMjUwOTA3MTAwMDQ5WhcNMjUwOTA4MTAwMDQ5WjAzMTEwLwYDVQQD
EyhlMWUxODFmMmY0NGE5Y2FlMzI1MWYwMGIxZmU4NTEzMjlmMzEyMjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosaE3rnY3qNEnTS3kLYWvLR1zOHG
H3UwV3FRUEhSb/N5OEykmPJ4a3b5qP5TPCqiIx8s9KSf+g1TgWZ7geOpYfyXgN5m
uDFtzWtGEy10Dp32zSGKas5qLCVJleoGsqY7OqNvfKhtaLOJ8dzw8h9bKOVtEvKo
fgwrCci0xMmzCDw5RLXh/PFtGiPWWU1Yj/vo3SUq0/4L91p6bf3dNDkxLUPw9Zcx
1qt08X5xEpx+fOwRTLZUlDbTThzwI4zAeyjpDVFqz62DSQX5nmIUMLoeX2B+Fd/B
/nd5j3elY7LvPrOWaWAhjA9SI1/sAMvOMZ+IToCWx7FX0BqPXTz43z+ZlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOHhgfL0SpyuMlHwCx/oUTKfMSIoMB8GA1UdIwQY
MBaAFMS3ozhnI7qKLqSCx7aAMaVBIqxPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveExlak9HY2p1b291cElMSHRvQXhwVUVpckU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9hYTdiZjYtNjUyNS00Mzk0LTgwYmEt
YmQ0MGRmYWU3ODg2LzEveExlak9HY2p1b291cElMSHRvQXhwVUVpckU4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9hYTdiZjYtNjUyNS00Mzk0LTgwYmEtYmQ0MGRmYWU3ODg2
LzEveExlak9HY2p1b291cElMSHRvQXhwVUVpckU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABFvUKtg9
Z4LQMd4TYGvwpnRIW1ntpGS8fPAVv6VaaTh54+/vyrl6lA9sULPptbBqJNN9vbGW
5R8nvC4xfl6TmsfSoVUInBceCbQBoU3bSS62pJBdIzCrn/2fLTVAc5ejaGvYANOU
wQk6MrDLY9duIn3GkOi2lI6L8nQ9SSZTC9y8JTpMRgYoEPkma6E5k8YwtGHdAnZ3
Fciho12UzZN72ICxyLGoEn7IWcXymb1k5MY50xeLVHQ3H/oT/1r8XBmSrA+s1wvM
AEU6BOHXvAJCAG55YkYxJuHjvKVXgeEACr3H3bycBJgGNTKA+A1aJYdIeOZIj5M7
QMkr3vYK6+0cpQ==
-----END CERTIFICATE-----
Generated at Sun Sep 7 11:42:43 2025 by rpki-client