
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/xP-TUFfDvbrb30nzQ1YsXjABYEQ.mft
File: xP-TUFfDvbrb30nzQ1YsXjABYEQ.mft (raw, json)
Hash identifier: L/vwnf8y6dhilBVzZ0srUxA7xBp4czPZf1xq2Ozx8xQ=
Subject key identifier: A8:94:03:19:59:7A:7D:A5:CB:7A:5C:2A:2F:DF:13:63:B0:2B:00:51
Authority key identifier: C4:FF:93:50:57:C3:BD:BA:DB:DF:49:F3:43:56:2C:5E:30:01:60:44
Certificate issuer: /CN=c4ff935057c3bdbadbdf49f343562c5e30016044
Certificate serial: 01975911E836DAE5941896BEAC7AFD40E395
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xP-TUFfDvbrb30nzQ1YsXjABYEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/xP-TUFfDvbrb30nzQ1YsXjABYEQ.mft
Manifest number: 1588
Signing time: Tue 10 Jun 2025 09:00:35 +0000
Manifest this update: Tue 10 Jun 2025 09:00:35 +0000
Manifest next update: Wed 11 Jun 2025 09:00:35 +0000
Files and hashes: 1: nEhO-4IOflDc16smasjo46yXDrU.roa (hash: TGudjeK9/qruL2a7Ja97DNoAnaGXmeBxOzedTAd1+AI=)
2: xP-TUFfDvbrb30nzQ1YsXjABYEQ.crl (hash: cB2sMlUGp723Kmz4I6dxJP/BHQ0aH2Dq1/ZwHbRLYck=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/xP-TUFfDvbrb30nzQ1YsXjABYEQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/xP-TUFfDvbrb30nzQ1YsXjABYEQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/xP-TUFfDvbrb30nzQ1YsXjABYEQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Jun 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:59:11:e8:36:da:e5:94:18:96:be:ac:7a:fd:40:e3:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ff935057c3bdbadbdf49f343562c5e30016044
Validity
Not Before: Jun 10 09:00:35 2025 GMT
Not After : Jun 11 09:00:35 2025 GMT
Subject: CN=a8940319597a7da5cb7a5c2a2fdf1363b02b0051
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:41:6a:81:a8:cb:b4:13:41:54:6a:af:98:c3:
13:24:57:de:15:ef:52:4d:e5:a8:b8:65:dd:ca:c8:
69:90:6a:90:5d:83:bb:45:57:44:25:94:dc:54:ac:
a6:4e:b2:e5:d7:3d:b8:f4:28:0e:12:33:48:53:00:
7f:35:32:ad:84:da:7c:ab:12:44:b0:68:25:23:57:
32:fa:b6:82:60:78:87:f0:55:c3:9b:34:28:e1:90:
95:a0:34:dd:0e:33:fa:f0:7f:f0:2b:8d:a1:c2:4a:
36:04:f1:bc:eb:77:a6:ec:bc:34:44:28:1f:4f:91:
4d:54:44:0f:98:ba:6b:84:a5:0e:90:d9:34:1c:d5:
00:91:7c:7f:af:c9:f8:6c:8c:12:5e:95:09:e9:05:
3f:37:24:83:bc:5a:85:04:cc:7a:20:9f:a4:9d:e5:
dc:cc:9d:b5:aa:c6:e9:9e:05:c1:75:42:a8:aa:4f:
d9:2a:b9:7f:94:37:3f:85:07:e2:90:41:99:84:c0:
43:5e:21:17:b7:3f:1b:a6:a9:ec:06:f7:c7:e6:b8:
bc:4a:b0:6f:88:fd:a2:cf:5a:5f:7c:8c:d5:00:40:
31:67:44:02:e1:a2:e4:29:92:f1:7c:84:01:73:b6:
04:06:c8:af:0c:47:f2:e3:9b:57:3b:ac:51:ce:d5:
b1:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:94:03:19:59:7A:7D:A5:CB:7A:5C:2A:2F:DF:13:63:B0:2B:00:51
X509v3 Authority Key Identifier:
keyid:C4:FF:93:50:57:C3:BD:BA:DB:DF:49:F3:43:56:2C:5E:30:01:60:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xP-TUFfDvbrb30nzQ1YsXjABYEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/xP-TUFfDvbrb30nzQ1YsXjABYEQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/xP-TUFfDvbrb30nzQ1YsXjABYEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7e:46:41:87:a7:ff:26:0d:36:ae:c8:b3:1b:e6:08:08:18:e3:
c4:44:05:f7:71:d8:12:24:49:e2:27:67:8f:4e:9f:04:d4:0e:
a1:5e:28:63:fe:a4:9f:0e:70:b1:c9:7e:0b:1e:4f:d4:fc:0d:
3f:a2:2f:9d:15:e9:9f:9f:ea:ad:00:8f:4e:83:74:42:23:66:
bc:0a:e6:6c:3a:ae:5e:5c:32:2c:9c:79:0f:06:d3:cb:28:80:
f9:dc:a3:6f:b3:73:b4:fa:ee:a7:0d:fa:1e:e6:76:57:4a:9d:
59:ce:54:39:84:03:a3:f6:f9:c1:10:43:fe:e7:78:b2:3a:71:
c7:d3:fe:f1:fe:88:af:9a:c6:2d:fc:f5:c1:00:3f:c5:35:fd:
61:34:b7:e5:7e:f6:08:0a:53:99:e9:09:27:6a:dd:1b:53:07:
3d:41:d6:b2:18:e0:15:30:61:10:4e:16:89:60:5f:82:31:e1:
50:8e:d5:ab:36:f5:85:69:90:10:ab:cf:33:6e:72:e2:6c:8e:
ea:4a:f6:d6:c6:6c:4a:26:e2:ea:07:0f:46:c1:ce:d9:e5:b6:
8e:b9:d4:7f:98:6e:40:66:d3:8d:5a:9f:62:68:91:38:2c:db:
38:31:34:06:57:9d:61:34:c7:d1:b6:f5:8f:f7:4f:e7:64:35:
52:b5:7b:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdZEeg22uWUGJa+rHr9QOOVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0ZmY5MzUwNTdjM2JkYmFkYmRmNDlmMzQzNTYyYzVlMzAw
MTYwNDQwHhcNMjUwNjEwMDkwMDM1WhcNMjUwNjExMDkwMDM1WjAzMTEwLwYDVQQD
EyhhODk0MDMxOTU5N2E3ZGE1Y2I3YTVjMmEyZmRmMTM2M2IwMmIwMDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0FqgajLtBNBVGqvmMMTJFfeFe9S
TeWouGXdyshpkGqQXYO7RVdEJZTcVKymTrLl1z249CgOEjNIUwB/NTKthNp8qxJE
sGglI1cy+raCYHiH8FXDmzQo4ZCVoDTdDjP68H/wK42hwko2BPG863em7Lw0RCgf
T5FNVEQPmLprhKUOkNk0HNUAkXx/r8n4bIwSXpUJ6QU/NySDvFqFBMx6IJ+kneXc
zJ21qsbpngXBdUKoqk/ZKrl/lDc/hQfikEGZhMBDXiEXtz8bpqnsBvfH5ri8SrBv
iP2iz1pffIzVAEAxZ0QC4aLkKZLxfIQBc7YEBsivDEfy45tXO6xRztWxkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKiUAxlZen2ly3pcKi/fE2OwKwBRMB8GA1UdIwQY
MBaAFMT/k1BXw726299J80NWLF4wAWBEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFAtVFVGZkR2YnJiMzBuelExWXNYakFCWUVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8yYjA1OWEtMzI1ZC00Mzg1LTgxMWYt
MTdlMWEyNTY5NTY4LzEveFAtVFVGZkR2YnJiMzBuelExWXNYakFCWUVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8yYjA1OWEtMzI1ZC00Mzg1LTgxMWYtMTdlMWEyNTY5NTY4
LzEveFAtVFVGZkR2YnJiMzBuelExWXNYakFCWUVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfkZBh6f/
Jg02rsizG+YICBjjxEQF93HYEiRJ4idnj06fBNQOoV4oY/6knw5wscl+Cx5P1PwN
P6IvnRXpn5/qrQCPToN0QiNmvArmbDquXlwyLJx5DwbTyyiA+dyjb7NztPrupw36
HuZ2V0qdWc5UOYQDo/b5wRBD/ud4sjpxx9P+8f6Ir5rGLfz1wQA/xTX9YTS35X72
CApTmekJJ2rdG1MHPUHWshjgFTBhEE4WiWBfgjHhUI7Vqzb1hWmQEKvPM25y4myO
6kr21sZsSibi6gcPRsHO2eW2jrnUf5huQGbTjVqfYmiROCzbODE0BledYTTH0bb1
j/dP52Q1UrV7nw==
-----END CERTIFICATE-----
Generated at Tue Jun 10 13:07:08 2025 by rpki-client