Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.mft
File: XGGrSm35u5XP3orwdmaKWVs0HeE.mft (raw, json)
Hash identifier: +RrzhqBqCZU/vLFcxpcM0Y8t84XM2bT68twUNOhXKw4=
Subject key identifier: D7:8F:4B:60:C1:08:14:80:4E:8E:85:42:07:FA:CC:B2:9F:38:39:CC
Authority key identifier: 5C:61:AB:4A:6D:F9:BB:95:CF:DE:8A:F0:76:66:8A:59:5B:34:1D:E1
Certificate issuer: /CN=5c61ab4a6df9bb95cfde8af076668a595b341de1
Certificate serial: 01974FA118EEBF2694BC8BE9C35ADE927B87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGGrSm35u5XP3orwdmaKWVs0HeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.mft
Manifest number: 0267
Signing time: Sun 08 Jun 2025 13:00:47 +0000
Manifest this update: Sun 08 Jun 2025 13:00:47 +0000
Manifest next update: Mon 09 Jun 2025 13:00:47 +0000
Files and hashes: 1: P7g82oQa9maLUZf-zyJXFEwQ_Tk.roa (hash: R1Jxxc/Qby3IEt4xnho0adyCsC1rCUaoaz24WlyrPXE=)
2: XGGrSm35u5XP3orwdmaKWVs0HeE.crl (hash: n/uST1qbIAkeiZdwWA/fo2ps7fY8NoQ91cjbuwts3PM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.mft
rsync://rpki.ripe.net/repository/DEFAULT/XGGrSm35u5XP3orwdmaKWVs0HeE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 11:44:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4f:a1:18:ee:bf:26:94:bc:8b:e9:c3:5a:de:92:7b:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c61ab4a6df9bb95cfde8af076668a595b341de1
Validity
Not Before: Jun 8 13:00:47 2025 GMT
Not After : Jun 9 13:00:47 2025 GMT
Subject: CN=d78f4b60c10814804e8e854207faccb29f3839cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e8:35:9d:29:35:e5:57:de:62:1e:a0:f7:52:
30:dd:a6:52:a3:b8:24:14:c7:dd:30:f0:34:5c:e0:
c0:dc:b1:7a:86:6c:a7:d5:80:68:49:2a:0c:76:99:
8a:a3:e3:65:63:b0:b1:fa:e6:ae:f7:0f:61:b3:00:
23:72:4b:fe:40:57:fe:35:8a:44:41:0e:f0:d4:cd:
30:63:27:9b:9d:14:e7:05:79:48:1c:cf:41:fa:7d:
b0:55:d2:8c:21:74:d6:68:77:49:1d:44:15:4c:d3:
de:5e:a3:07:d4:e1:2d:2d:c2:18:44:c0:92:bd:b2:
d4:20:5c:78:b9:27:d8:aa:3a:e6:58:27:8f:6d:cc:
73:84:b7:db:a2:8c:00:b4:f2:7d:e3:43:71:cd:42:
cf:eb:2b:b6:14:f9:16:1c:1e:5a:51:79:d5:12:4c:
bc:9d:f9:c2:fa:9f:1c:c2:90:a1:57:e6:9f:dd:d4:
a9:68:fe:7d:c8:0f:27:8b:99:4c:c2:fe:c6:4e:d6:
48:a2:28:b2:16:47:47:a6:b2:5c:6b:3d:a5:45:6f:
d9:c7:f4:cc:34:e7:7c:df:ef:48:3c:56:90:c9:e2:
54:cd:b6:b7:cf:88:c0:f8:f3:7e:b0:17:0c:c4:a2:
1a:83:9f:cd:76:83:f1:7e:c0:a5:59:98:d5:35:cf:
d8:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:8F:4B:60:C1:08:14:80:4E:8E:85:42:07:FA:CC:B2:9F:38:39:CC
X509v3 Authority Key Identifier:
keyid:5C:61:AB:4A:6D:F9:BB:95:CF:DE:8A:F0:76:66:8A:59:5B:34:1D:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGGrSm35u5XP3orwdmaKWVs0HeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8f:43:f1:d6:ea:0d:2a:64:29:10:1f:54:c8:72:d1:71:ed:16:
f6:38:6f:a3:fd:9e:c9:d4:1b:e8:40:6d:ce:9a:6a:f1:77:3e:
75:1f:85:8a:58:06:96:0d:5f:7f:dd:11:bd:2c:b2:31:ea:1b:
e0:04:b8:b2:74:00:94:a1:ef:2c:2d:e3:93:dd:15:e9:8c:8d:
8f:64:77:e2:a2:eb:cc:d1:7e:0f:0f:11:43:5d:1c:f6:27:db:
1b:be:af:0a:c7:9f:09:c2:29:12:5d:6f:b0:42:e4:c1:41:af:
90:c7:d4:19:ef:e4:7d:91:00:83:48:6b:e2:f8:91:e8:b0:70:
d2:8a:af:e5:a8:b4:c0:9a:f1:a8:7e:99:a3:bb:df:40:94:05:
35:16:3e:28:a8:a8:c0:fa:86:24:c7:bd:5e:09:4f:ad:f8:8a:
da:ac:93:c1:27:12:a9:e1:f3:4d:62:6c:08:c1:57:5c:49:d0:
cc:06:4b:1f:d8:c7:d7:57:86:8a:05:e3:e5:38:61:c1:19:88:
14:31:9e:b9:eb:32:01:52:50:c0:63:d9:5d:e0:dd:69:14:8e:
e2:c4:63:3f:a6:42:77:d6:a6:d3:50:2c:dc:bc:9c:6a:58:70:
ef:59:22:97:37:8c:d2:7b:a4:b5:df:07:34:7b:00:eb:4d:0d:
2a:b1:50:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdPoRjuvyaUvIvpw1reknuHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNjFhYjRhNmRmOWJiOTVjZmRlOGFmMDc2NjY4YTU5NWIz
NDFkZTEwHhcNMjUwNjA4MTMwMDQ3WhcNMjUwNjA5MTMwMDQ3WjAzMTEwLwYDVQQD
EyhkNzhmNGI2MGMxMDgxNDgwNGU4ZTg1NDIwN2ZhY2NiMjlmMzgzOWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnug1nSk15VfeYh6g91Iw3aZSo7gk
FMfdMPA0XODA3LF6hmyn1YBoSSoMdpmKo+NlY7Cx+uau9w9hswAjckv+QFf+NYpE
QQ7w1M0wYyebnRTnBXlIHM9B+n2wVdKMIXTWaHdJHUQVTNPeXqMH1OEtLcIYRMCS
vbLUIFx4uSfYqjrmWCePbcxzhLfboowAtPJ940NxzULP6yu2FPkWHB5aUXnVEky8
nfnC+p8cwpChV+af3dSpaP59yA8ni5lMwv7GTtZIoiiyFkdHprJcaz2lRW/Zx/TM
NOd83+9IPFaQyeJUzba3z4jA+PN+sBcMxKIag5/NdoPxfsClWZjVNc/YWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNePS2DBCBSATo6FQgf6zLKfODnMMB8GA1UdIwQY
MBaAFFxhq0pt+buVz96K8HZmillbNB3hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEdHclNtMzV1NVhQM29yd2RtYUtXVnMwSGVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9mZDVhOTgtMjcyZi00MDc4LTk0OGQt
NmZhODY4OTIxZGZiLzEvWEdHclNtMzV1NVhQM29yd2RtYUtXVnMwSGVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9mZDVhOTgtMjcyZi00MDc4LTk0OGQtNmZhODY4OTIxZGZi
LzEvWEdHclNtMzV1NVhQM29yd2RtYUtXVnMwSGVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj0Px1uoN
KmQpEB9UyHLRce0W9jhvo/2eydQb6EBtzppq8Xc+dR+FilgGlg1ff90RvSyyMeob
4AS4snQAlKHvLC3jk90V6YyNj2R34qLrzNF+Dw8RQ10c9ifbG76vCsefCcIpEl1v
sELkwUGvkMfUGe/kfZEAg0hr4viR6LBw0oqv5ai0wJrxqH6Zo7vfQJQFNRY+KKio
wPqGJMe9XglPrfiK2qyTwScSqeHzTWJsCMFXXEnQzAZLH9jH11eGigXj5ThhwRmI
FDGeuesyAVJQwGPZXeDdaRSO4sRjP6ZCd9am01As3Lycalhw71kilzeM0nuktd8H
NHsA600NKrFQ7Q==
-----END CERTIFICATE-----
Generated at Sun Jun 8 15:34:17 2025 by rpki-client