Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/aa7bf6-6525-4394-80ba-bd40dfae7886/1/xLejOGcjuooupILHtoAxpUEirE8.mft
File: xLejOGcjuooupILHtoAxpUEirE8.mft (raw, json)
Hash identifier: CvOK5P/RwiulDKKMhSFbBoXozRwEDRTw0H39+s1tca4=
Subject key identifier: 69:FC:47:F5:D2:E9:36:91:03:8C:78:83:68:55:C8:82:25:64:C0:22
Authority key identifier: C4:B7:A3:38:67:23:BA:8A:2E:A4:82:C7:B6:80:31:A5:41:22:AC:4F
Certificate issuer: /CN=c4b7a3386723ba8a2ea482c7b68031a54122ac4f
Certificate serial: 019A71B7809A8AEFD0214C11E9A137E582C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xLejOGcjuooupILHtoAxpUEirE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/aa7bf6-6525-4394-80ba-bd40dfae7886/1/xLejOGcjuooupILHtoAxpUEirE8.mft
Manifest number: 0585
Signing time: Tue 11 Nov 2025 07:00:42 +0000
Manifest this update: Tue 11 Nov 2025 07:00:42 +0000
Manifest next update: Wed 12 Nov 2025 07:00:42 +0000
Files and hashes: 1: 0_rsDpozI4g5wPFKDmzbwq9bb1k.roa (hash: 7DcbeCiF69zZXzwKjiTUr+RmXx7bcAENnZcFTHZwzHM=)
2: xLejOGcjuooupILHtoAxpUEirE8.crl (hash: hG2ppGbAu4Zk12EvSbmb7r+DY2QFaxq3cEWtRK7evK4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/aa7bf6-6525-4394-80ba-bd40dfae7886/1/xLejOGcjuooupILHtoAxpUEirE8.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/aa7bf6-6525-4394-80ba-bd40dfae7886/1/xLejOGcjuooupILHtoAxpUEirE8.mft
rsync://rpki.ripe.net/repository/DEFAULT/xLejOGcjuooupILHtoAxpUEirE8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:80:9a:8a:ef:d0:21:4c:11:e9:a1:37:e5:82:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4b7a3386723ba8a2ea482c7b68031a54122ac4f
Validity
Not Before: Nov 11 07:00:42 2025 GMT
Not After : Nov 12 07:00:42 2025 GMT
Subject: CN=69fc47f5d2e93691038c78836855c8822564c022
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:2b:1c:8f:a3:07:f8:5a:85:f1:ce:5b:71:6a:
b2:96:ed:3f:27:28:80:2b:8f:cc:22:68:25:66:ec:
c1:0b:99:f9:8d:31:6c:70:45:6f:8a:ae:c4:5c:8c:
77:ae:8e:9a:af:45:e0:f4:a1:99:67:b3:1c:12:55:
8f:88:68:3e:3d:f7:bf:b5:ee:c0:b3:04:73:fa:c8:
45:cf:4c:57:36:40:f2:7b:6a:26:f9:3e:51:e7:e7:
15:fc:76:c9:49:92:78:2c:59:82:57:b1:5a:51:08:
1f:dc:96:a3:b6:23:5b:a9:e6:a3:c4:6d:76:8e:e4:
cf:f3:d0:de:82:72:8d:9f:90:ee:04:1d:b0:f3:5c:
43:44:7e:ac:bd:c4:a4:2d:9c:91:8f:79:05:51:4a:
34:44:1d:5a:24:d4:8e:1c:29:db:aa:e6:7f:8a:61:
5b:a1:fd:71:c5:22:e2:da:e8:6d:7d:8f:79:78:84:
b0:8f:8e:e4:fe:aa:f0:bc:32:ea:6c:4f:38:6e:c1:
bc:d4:70:67:e3:f1:9d:bb:a7:ae:0e:fa:b5:ac:37:
20:e9:26:69:90:8c:28:39:13:bd:70:3d:bb:85:c9:
9f:c7:5f:30:eb:7b:c9:0e:0e:3f:db:5a:21:62:ab:
bf:64:5e:c3:60:5b:dd:66:4b:9c:c6:8b:7d:b3:dc:
4d:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:FC:47:F5:D2:E9:36:91:03:8C:78:83:68:55:C8:82:25:64:C0:22
X509v3 Authority Key Identifier:
keyid:C4:B7:A3:38:67:23:BA:8A:2E:A4:82:C7:B6:80:31:A5:41:22:AC:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xLejOGcjuooupILHtoAxpUEirE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/aa7bf6-6525-4394-80ba-bd40dfae7886/1/xLejOGcjuooupILHtoAxpUEirE8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/aa7bf6-6525-4394-80ba-bd40dfae7886/1/xLejOGcjuooupILHtoAxpUEirE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
77:59:3a:18:27:3f:86:29:be:05:02:eb:e4:53:f7:3b:62:eb:
41:81:8e:ba:5e:49:43:17:36:cc:38:85:7e:a5:b5:18:1c:7b:
d4:54:fc:fa:dc:56:ed:77:b8:bd:a5:54:c2:ff:7c:5a:dc:c1:
84:f2:c7:be:df:8d:5c:36:6d:1c:51:58:3b:7c:22:22:90:e1:
03:8c:7c:60:b7:5f:11:2f:83:d6:ec:1a:4e:1e:cc:8c:29:0c:
c7:73:57:b0:2a:e8:32:fc:e4:8d:dd:5f:33:d1:9c:f5:db:9b:
e9:d8:ee:a4:48:95:04:3d:2e:9a:e8:b2:62:aa:08:ad:ba:06:
0a:c2:2c:9c:aa:82:78:5e:a2:a7:1d:95:26:08:ab:78:cb:0b:
ce:ff:e5:53:92:d5:5d:9d:f8:bb:a0:81:1d:95:af:71:45:8b:
be:a3:90:47:5e:40:77:f2:03:4f:78:56:c1:20:ab:0f:51:20:
d5:27:ea:b2:84:6f:0a:5b:81:71:63:26:3e:a4:10:4b:a7:f4:
dc:4a:bf:bd:7b:0a:0a:84:03:63:b0:39:23:6a:08:98:1b:c9:
bb:51:c8:8d:f0:1c:0e:08:91:3d:fd:22:77:59:78:52:fa:80:
8d:2f:0c:84:f6:46:ed:83:d9:2c:24:a7:80:29:0e:f2:50:79:
4e:fb:15:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt4Caiu/QIUwR6aE35YLBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0YjdhMzM4NjcyM2JhOGEyZWE0ODJjN2I2ODAzMWE1NDEy
MmFjNGYwHhcNMjUxMTExMDcwMDQyWhcNMjUxMTEyMDcwMDQyWjAzMTEwLwYDVQQD
Eyg2OWZjNDdmNWQyZTkzNjkxMDM4Yzc4ODM2ODU1Yzg4MjI1NjRjMDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6yscj6MH+FqF8c5bcWqylu0/JyiA
K4/MImglZuzBC5n5jTFscEVviq7EXIx3ro6ar0Xg9KGZZ7McElWPiGg+Pfe/te7A
swRz+shFz0xXNkDye2om+T5R5+cV/HbJSZJ4LFmCV7FaUQgf3JajtiNbqeajxG12
juTP89DegnKNn5DuBB2w81xDRH6svcSkLZyRj3kFUUo0RB1aJNSOHCnbquZ/imFb
of1xxSLi2uhtfY95eISwj47k/qrwvDLqbE84bsG81HBn4/Gdu6euDvq1rDcg6SZp
kIwoORO9cD27hcmfx18w63vJDg4/21ohYqu/ZF7DYFvdZkucxot9s9xNOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGn8R/XS6TaRA4x4g2hVyIIlZMAiMB8GA1UdIwQY
MBaAFMS3ozhnI7qKLqSCx7aAMaVBIqxPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveExlak9HY2p1b291cElMSHRvQXhwVUVpckU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9hYTdiZjYtNjUyNS00Mzk0LTgwYmEt
YmQ0MGRmYWU3ODg2LzEveExlak9HY2p1b291cElMSHRvQXhwVUVpckU4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9hYTdiZjYtNjUyNS00Mzk0LTgwYmEtYmQ0MGRmYWU3ODg2
LzEveExlak9HY2p1b291cElMSHRvQXhwVUVpckU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd1k6GCc/
him+BQLr5FP3O2LrQYGOul5JQxc2zDiFfqW1GBx71FT8+txW7Xe4vaVUwv98WtzB
hPLHvt+NXDZtHFFYO3wiIpDhA4x8YLdfES+D1uwaTh7MjCkMx3NXsCroMvzkjd1f
M9Gc9dub6djupEiVBD0umuiyYqoIrboGCsIsnKqCeF6ipx2VJgireMsLzv/lU5LV
XZ34u6CBHZWvcUWLvqOQR15Ad/IDT3hWwSCrD1Eg1SfqsoRvCluBcWMmPqQQS6f0
3Eq/vXsKCoQDY7A5I2oImBvJu1HIjfAcDgiRPf0id1l4UvqAjS8MhPZG7YPZLCSn
gCkO8lB5TvsVoQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:45:11 2025 by rpki-client