Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/xP-TUFfDvbrb30nzQ1YsXjABYEQ.mft
File: xP-TUFfDvbrb30nzQ1YsXjABYEQ.mft (raw, json)
Hash identifier: rfugDo+8jYPZj9MGe37A/PtMVaGS+vRfdNVeSEebfvU=
Subject key identifier: 5B:3E:14:BC:9F:B5:C8:4C:9F:D4:BA:19:4C:08:04:D8:07:28:F2:61
Authority key identifier: C4:FF:93:50:57:C3:BD:BA:DB:DF:49:F3:43:56:2C:5E:30:01:60:44
Certificate issuer: /CN=c4ff935057c3bdbadbdf49f343562c5e30016044
Certificate serial: 01994F2DE859F753A923E8875905884138AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xP-TUFfDvbrb30nzQ1YsXjABYEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/xP-TUFfDvbrb30nzQ1YsXjABYEQ.mft
Manifest number: 168C
Signing time: Mon 15 Sep 2025 21:00:32 +0000
Manifest this update: Mon 15 Sep 2025 21:00:32 +0000
Manifest next update: Tue 16 Sep 2025 21:00:32 +0000
Files and hashes: 1: nEhO-4IOflDc16smasjo46yXDrU.roa (hash: TGudjeK9/qruL2a7Ja97DNoAnaGXmeBxOzedTAd1+AI=)
2: xP-TUFfDvbrb30nzQ1YsXjABYEQ.crl (hash: CRR+MJ1qfdWO2Le0KucoTOTWpFLj3PZXsyyVLCYpA8c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/xP-TUFfDvbrb30nzQ1YsXjABYEQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/xP-TUFfDvbrb30nzQ1YsXjABYEQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/xP-TUFfDvbrb30nzQ1YsXjABYEQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Sep 2025 17:04:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:4f:2d:e8:59:f7:53:a9:23:e8:87:59:05:88:41:38:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ff935057c3bdbadbdf49f343562c5e30016044
Validity
Not Before: Sep 15 21:00:32 2025 GMT
Not After : Sep 16 21:00:32 2025 GMT
Subject: CN=5b3e14bc9fb5c84c9fd4ba194c0804d80728f261
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:40:0b:a8:27:ca:f8:88:26:b5:6a:eb:35:50:
aa:5d:cf:4b:ce:59:1a:8c:89:24:da:5d:bc:be:00:
d3:dd:3e:da:e8:dd:de:c5:1a:5f:92:8e:f8:f8:bd:
2d:8a:ab:5e:fa:2e:b9:6b:d6:36:ed:a2:37:62:6e:
51:b9:eb:ab:ba:57:a7:17:9d:eb:93:7e:87:c8:b8:
15:cc:51:b6:ae:c0:1f:3b:94:d5:ab:99:e9:31:c2:
77:9b:53:a5:4e:04:7b:4d:ea:a1:e8:34:54:f0:33:
f6:37:cf:44:1d:a5:85:bd:ea:aa:ca:ae:29:88:af:
0c:e6:30:9d:6d:5a:f9:12:04:93:d1:01:2f:b4:a0:
df:cd:c0:9f:35:8e:40:c2:1a:be:24:16:94:53:c4:
0f:ac:c4:08:cb:d6:c0:53:b3:a7:3a:a8:e9:dd:03:
8a:78:7d:d6:08:b3:06:d5:32:81:3b:0c:80:c8:d3:
a8:da:57:f4:5c:61:33:29:73:7c:80:10:82:4e:5b:
f7:1a:77:e6:46:3d:30:a6:f2:80:b2:5e:b4:32:e0:
50:ea:50:3b:b9:8c:fd:bc:23:68:7b:bf:e1:3e:2a:
02:21:26:05:ce:74:13:eb:fd:e8:53:58:61:23:a6:
73:68:7c:77:8c:59:4e:7f:a9:bf:10:41:a7:69:5d:
7f:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:3E:14:BC:9F:B5:C8:4C:9F:D4:BA:19:4C:08:04:D8:07:28:F2:61
X509v3 Authority Key Identifier:
keyid:C4:FF:93:50:57:C3:BD:BA:DB:DF:49:F3:43:56:2C:5E:30:01:60:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xP-TUFfDvbrb30nzQ1YsXjABYEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/xP-TUFfDvbrb30nzQ1YsXjABYEQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/xP-TUFfDvbrb30nzQ1YsXjABYEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
23:bd:af:7b:c9:81:6a:4d:fa:ee:b5:88:24:3b:46:4c:d0:44:
f3:5e:af:49:bb:30:6a:de:dd:91:1f:8b:69:ad:8a:8a:6f:1f:
62:e9:7f:7d:3b:17:11:9f:6a:c1:d4:f7:5e:bc:b8:39:c6:72:
64:0c:35:fd:13:dd:2c:d8:ac:c6:a2:33:d1:dd:80:23:57:81:
21:bf:58:1b:49:8e:94:d3:41:cf:98:41:6f:83:87:3c:31:5e:
d4:dc:14:ba:e2:63:ac:03:66:83:f2:0e:34:3f:a4:ba:40:26:
70:64:1b:1b:26:09:26:52:af:4a:2f:b0:d7:32:46:2c:b9:bd:
d4:a4:4d:08:6c:5e:35:79:a1:f1:ad:e2:65:51:ef:b2:c1:27:
2d:1a:ba:18:f8:8e:0a:95:c7:80:fa:26:d6:1f:c6:13:4d:ba:
1e:81:6f:84:2f:3f:ea:32:33:f5:02:fe:c1:ee:25:3d:20:34:
25:54:26:fe:2f:23:6f:4b:e4:92:a5:d8:66:2f:0f:bc:69:11:
3b:61:e7:a0:58:c7:8e:6d:26:43:db:fe:8a:87:62:9f:3a:12:
31:be:0e:be:b2:40:38:77:a9:fa:7b:bd:a1:25:60:bc:39:bb:
44:58:04:35:c3:fc:02:57:17:fb:90:3f:d4:ce:ae:1a:41:2d:
eb:08:a0:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZlPLehZ91OpI+iHWQWIQTiuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0ZmY5MzUwNTdjM2JkYmFkYmRmNDlmMzQzNTYyYzVlMzAw
MTYwNDQwHhcNMjUwOTE1MjEwMDMyWhcNMjUwOTE2MjEwMDMyWjAzMTEwLwYDVQQD
Eyg1YjNlMTRiYzlmYjVjODRjOWZkNGJhMTk0YzA4MDRkODA3MjhmMjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkkALqCfK+IgmtWrrNVCqXc9Lzlka
jIkk2l28vgDT3T7a6N3exRpfko74+L0tiqte+i65a9Y27aI3Ym5RueurulenF53r
k36HyLgVzFG2rsAfO5TVq5npMcJ3m1OlTgR7Teqh6DRU8DP2N89EHaWFveqqyq4p
iK8M5jCdbVr5EgST0QEvtKDfzcCfNY5Awhq+JBaUU8QPrMQIy9bAU7OnOqjp3QOK
eH3WCLMG1TKBOwyAyNOo2lf0XGEzKXN8gBCCTlv3GnfmRj0wpvKAsl60MuBQ6lA7
uYz9vCNoe7/hPioCISYFznQT6/3oU1hhI6ZzaHx3jFlOf6m/EEGnaV1/EQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFs+FLyftchMn9S6GUwIBNgHKPJhMB8GA1UdIwQY
MBaAFMT/k1BXw726299J80NWLF4wAWBEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFAtVFVGZkR2YnJiMzBuelExWXNYakFCWUVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8yYjA1OWEtMzI1ZC00Mzg1LTgxMWYt
MTdlMWEyNTY5NTY4LzEveFAtVFVGZkR2YnJiMzBuelExWXNYakFCWUVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8yYjA1OWEtMzI1ZC00Mzg1LTgxMWYtMTdlMWEyNTY5NTY4
LzEveFAtVFVGZkR2YnJiMzBuelExWXNYakFCWUVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI72ve8mB
ak367rWIJDtGTNBE816vSbswat7dkR+Laa2Kim8fYul/fTsXEZ9qwdT3Xry4OcZy
ZAw1/RPdLNisxqIz0d2AI1eBIb9YG0mOlNNBz5hBb4OHPDFe1NwUuuJjrANmg/IO
ND+kukAmcGQbGyYJJlKvSi+w1zJGLLm91KRNCGxeNXmh8a3iZVHvssEnLRq6GPiO
CpXHgPom1h/GE026HoFvhC8/6jIz9QL+we4lPSA0JVQm/i8jb0vkkqXYZi8PvGkR
O2HnoFjHjm0mQ9v+iodinzoSMb4OvrJAOHep+nu9oSVgvDm7RFgENcP8AlcX+5A/
1M6uGkEt6wigag==
-----END CERTIFICATE-----
Generated at Mon Sep 15 23:16:35 2025 by rpki-client