Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/dafef8-e227-42d3-807f-be810a050944/1/XaWsO7omBTjDM-bIYPI2ASyYZ10.mft
File: XaWsO7omBTjDM-bIYPI2ASyYZ10.mft (raw, json)
Hash identifier: ytdcyFSlr5tHLijbw8vUbmY7UZyJJR4Opj4g1SZlpkQ=
Subject key identifier: FE:5F:25:66:F9:E6:6B:37:83:39:9A:DA:0C:20:A4:0A:B5:12:E6:A7
Authority key identifier: 5D:A5:AC:3B:BA:26:05:38:C3:33:E6:C8:60:F2:36:01:2C:98:67:5D
Certificate issuer: /CN=5da5ac3bba260538c333e6c860f236012c98675d
Certificate serial: 01992D7DB635AC23AEB542F411EEBCFE1AAF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaWsO7omBTjDM-bIYPI2ASyYZ10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/dafef8-e227-42d3-807f-be810a050944/1/XaWsO7omBTjDM-bIYPI2ASyYZ10.mft
Manifest number: 10D1
Signing time: Tue 09 Sep 2025 08:00:37 +0000
Manifest this update: Tue 09 Sep 2025 08:00:37 +0000
Manifest next update: Wed 10 Sep 2025 08:00:37 +0000
Files and hashes: 1: XaWsO7omBTjDM-bIYPI2ASyYZ10.crl (hash: S7QhvD+mAuTiDwuNDVIPKBlPBYZgBTP0RsHUEasBhbs=)
2: wqBO6BWlzfH_2H8niSBLpjOhxuU.roa (hash: 5SSaQkHwuEWAOjr3+WUmjpF1re5YywGBgiTcg/L5BcI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/dafef8-e227-42d3-807f-be810a050944/1/XaWsO7omBTjDM-bIYPI2ASyYZ10.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/dafef8-e227-42d3-807f-be810a050944/1/XaWsO7omBTjDM-bIYPI2ASyYZ10.mft
rsync://rpki.ripe.net/repository/DEFAULT/XaWsO7omBTjDM-bIYPI2ASyYZ10.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 08:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:2d:7d:b6:35:ac:23:ae:b5:42:f4:11:ee:bc:fe:1a:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da5ac3bba260538c333e6c860f236012c98675d
Validity
Not Before: Sep 9 08:00:37 2025 GMT
Not After : Sep 10 08:00:37 2025 GMT
Subject: CN=fe5f2566f9e66b3783399ada0c20a40ab512e6a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:c8:db:30:1d:22:ac:83:14:73:ea:79:da:f6:
5f:35:1e:5c:e1:6b:a4:0f:0f:7f:e1:f1:6f:7a:91:
24:ef:c8:d9:fc:7b:a6:c2:6d:10:c5:da:bb:21:a9:
d2:f9:af:15:75:aa:36:3b:b2:a3:af:b8:5e:45:c2:
ad:8d:b6:f7:44:a7:d5:eb:80:8e:7a:3c:64:62:75:
a5:f6:c2:a9:44:29:95:48:fe:49:e3:38:c7:e8:a0:
b4:cf:02:37:6e:02:f8:a4:f2:3e:54:98:c9:df:29:
42:1a:94:db:a6:12:d1:92:9a:37:6b:f2:b3:5c:4b:
7d:63:4a:7c:cf:f1:87:16:72:92:60:2f:6f:63:5f:
46:e5:4f:87:e3:96:d6:e7:32:22:5d:0f:04:42:c7:
ba:82:a5:bf:c9:81:c7:49:72:c7:b1:ea:b6:83:05:
2d:3f:71:b3:17:88:53:03:18:06:b0:67:9a:48:5d:
03:55:7d:cf:5f:e9:fe:b6:09:f6:4d:2c:c0:8c:7e:
74:cf:78:e6:bc:1c:bb:ae:11:fc:85:be:24:b1:f9:
86:8d:be:21:2c:db:78:40:bf:54:a6:63:4a:87:4e:
fd:85:f3:ac:67:e4:dd:37:f8:63:a5:c2:f2:23:ce:
74:86:5e:52:a6:01:8f:de:3d:9d:3c:07:3d:bb:e7:
6d:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:5F:25:66:F9:E6:6B:37:83:39:9A:DA:0C:20:A4:0A:B5:12:E6:A7
X509v3 Authority Key Identifier:
keyid:5D:A5:AC:3B:BA:26:05:38:C3:33:E6:C8:60:F2:36:01:2C:98:67:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaWsO7omBTjDM-bIYPI2ASyYZ10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/dafef8-e227-42d3-807f-be810a050944/1/XaWsO7omBTjDM-bIYPI2ASyYZ10.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/dafef8-e227-42d3-807f-be810a050944/1/XaWsO7omBTjDM-bIYPI2ASyYZ10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
98:d8:09:1a:27:32:47:ca:0b:0f:4e:b8:f9:fc:e6:12:f6:7d:
f6:e1:a4:e8:78:05:f2:ac:28:29:f2:32:32:42:06:4a:90:38:
a4:38:c1:02:c7:9f:a2:a2:32:07:09:ad:ad:38:aa:be:c6:cb:
a1:4f:43:e4:54:9c:bb:b6:28:94:00:0c:4b:90:b8:f2:3b:f5:
73:4d:4e:32:83:06:f9:c8:b1:25:97:3e:e8:38:f7:97:49:0c:
cb:b2:da:3e:44:fb:e2:b4:eb:2e:9b:90:68:35:3f:78:a2:15:
eb:92:fa:cb:da:c8:db:62:4d:d1:fd:0c:8b:e0:30:89:08:08:
fc:de:c6:9c:fb:48:61:99:ba:2b:8e:65:80:73:2c:73:ce:a4:
23:7a:06:1c:dd:0a:52:a5:b2:4a:44:0e:ea:4a:4a:d2:3d:0b:
dc:c6:2b:05:f4:58:a4:bc:55:86:37:ad:16:3d:d8:db:13:2b:
11:99:a4:44:5d:ae:ae:45:23:b9:3f:be:d1:78:20:be:af:63:
79:f4:c2:74:35:e3:69:53:8d:14:f3:9d:2f:4d:25:3f:67:e0:
ac:56:9f:b7:bc:c1:93:7c:cb:aa:c5:ee:4e:3d:f2:47:3f:f5:
b6:75:63:cd:48:e0:e9:7d:9b:80:90:d9:a0:9f:11:5d:d2:2b:
52:74:9a:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZktfbY1rCOutUL0Ee68/hqvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTVhYzNiYmEyNjA1MzhjMzMzZTZjODYwZjIzNjAxMmM5
ODY3NWQwHhcNMjUwOTA5MDgwMDM3WhcNMjUwOTEwMDgwMDM3WjAzMTEwLwYDVQQD
EyhmZTVmMjU2NmY5ZTY2YjM3ODMzOTlhZGEwYzIwYTQwYWI1MTJlNmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8jbMB0irIMUc+p52vZfNR5c4Wuk
Dw9/4fFvepEk78jZ/Humwm0Qxdq7IanS+a8Vdao2O7Kjr7heRcKtjbb3RKfV64CO
ejxkYnWl9sKpRCmVSP5J4zjH6KC0zwI3bgL4pPI+VJjJ3ylCGpTbphLRkpo3a/Kz
XEt9Y0p8z/GHFnKSYC9vY19G5U+H45bW5zIiXQ8EQse6gqW/yYHHSXLHseq2gwUt
P3GzF4hTAxgGsGeaSF0DVX3PX+n+tgn2TSzAjH50z3jmvBy7rhH8hb4ksfmGjb4h
LNt4QL9UpmNKh079hfOsZ+TdN/hjpcLyI850hl5SpgGP3j2dPAc9u+dtlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP5fJWb55ms3gzma2gwgpAq1EuanMB8GA1UdIwQY
MBaAFF2lrDu6JgU4wzPmyGDyNgEsmGddMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFXc083b21CVGpETS1iSVlQSTJBU3lZWjEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS9kYWZlZjgtZTIyNy00MmQzLTgwN2Yt
YmU4MTBhMDUwOTQ0LzEvWGFXc083b21CVGpETS1iSVlQSTJBU3lZWjEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS9kYWZlZjgtZTIyNy00MmQzLTgwN2YtYmU4MTBhMDUwOTQ0
LzEvWGFXc083b21CVGpETS1iSVlQSTJBU3lZWjEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmNgJGicy
R8oLD064+fzmEvZ99uGk6HgF8qwoKfIyMkIGSpA4pDjBAsefoqIyBwmtrTiqvsbL
oU9D5FScu7YolAAMS5C48jv1c01OMoMG+cixJZc+6Dj3l0kMy7LaPkT74rTrLpuQ
aDU/eKIV65L6y9rI22JN0f0Mi+AwiQgI/N7GnPtIYZm6K45lgHMsc86kI3oGHN0K
UqWySkQO6kpK0j0L3MYrBfRYpLxVhjetFj3Y2xMrEZmkRF2urkUjuT++0Xggvq9j
efTCdDXjaVONFPOdL00lP2fgrFaft7zBk3zLqsXuTj3yRz/1tnVjzUjg6X2bgJDZ
oJ8RXdIrUnSanQ==
-----END CERTIFICATE-----
Generated at Tue Sep 9 12:32:51 2025 by rpki-client