Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.mft
File: XL1s2RrWpyhrIfZQn92fUP7nXYc.mft (raw, json)
Hash identifier: lfl3Gyw8mjEtWmNJ91BwY4C230fppCyTUfEHbDnPZqo=
Subject key identifier: 65:52:9D:24:B3:70:0B:DA:A5:50:DC:7B:9F:D1:E0:5C:31:09:76:AC
Authority key identifier: 5C:BD:6C:D9:1A:D6:A7:28:6B:21:F6:50:9F:DD:9F:50:FE:E7:5D:87
Certificate issuer: /CN=5cbd6cd91ad6a7286b21f6509fdd9f50fee75d87
Certificate serial: 0199239ED42BE856D6546A565B8FDA448FF5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XL1s2RrWpyhrIfZQn92fUP7nXYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.mft
Manifest number: 159F
Signing time: Sun 07 Sep 2025 10:00:35 +0000
Manifest this update: Sun 07 Sep 2025 10:00:35 +0000
Manifest next update: Mon 08 Sep 2025 10:00:35 +0000
Files and hashes: 1: LfsV7f6LxRRDF8DgEB39eI0JGcY.roa (hash: 57HPzdZv/cmkcVMLJmynj7OnbXGj1b4sWVjtj2VnRws=)
2: XL1s2RrWpyhrIfZQn92fUP7nXYc.crl (hash: Rplr1tkmM7jHSHlZl14gNNVnJhHY9YguRRHSYbamk5Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.mft
rsync://rpki.ripe.net/repository/DEFAULT/XL1s2RrWpyhrIfZQn92fUP7nXYc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:23:9e:d4:2b:e8:56:d6:54:6a:56:5b:8f:da:44:8f:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cbd6cd91ad6a7286b21f6509fdd9f50fee75d87
Validity
Not Before: Sep 7 10:00:35 2025 GMT
Not After : Sep 8 10:00:35 2025 GMT
Subject: CN=65529d24b3700bdaa550dc7b9fd1e05c310976ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:88:07:f5:34:82:c4:37:25:c1:56:59:e2:70:
b8:88:f7:c0:c5:20:83:0c:0f:05:72:a3:67:6d:b8:
69:f1:a1:67:bb:30:40:f3:4e:13:f3:36:29:ec:d9:
e9:5f:ef:2a:f8:1b:99:41:a6:e2:3c:64:a1:ef:36:
6a:53:a4:92:1f:d4:66:b8:1e:ec:0f:20:77:60:ea:
e6:10:89:b3:00:71:c8:e1:82:3a:df:c2:bd:3c:5c:
e8:a5:39:fe:ce:95:6a:63:ff:fe:67:93:fc:ff:b3:
9e:98:33:3a:e4:19:2b:a1:02:77:ec:d0:12:d3:60:
9f:eb:6a:cd:66:c8:0c:54:8c:2e:32:f5:ce:80:1f:
29:ec:db:ab:07:0d:03:ff:a2:08:74:6b:92:a0:87:
76:8d:aa:cb:ef:b1:43:11:2f:16:b1:53:5b:02:82:
5f:2c:6d:84:8f:af:f2:69:25:32:20:90:bd:b8:ce:
0b:8c:82:65:f6:40:d3:59:d3:69:67:2c:36:1d:e0:
a8:99:3e:ba:ab:61:6d:5b:8b:e0:ab:87:ac:98:64:
60:f3:6b:50:58:f8:ca:ae:5e:5b:56:53:49:c7:c6:
06:e4:c8:77:05:ff:95:5a:e2:22:ce:0e:28:cc:38:
d6:63:33:10:0e:fb:b4:3a:33:df:c8:cb:8f:09:45:
b0:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:52:9D:24:B3:70:0B:DA:A5:50:DC:7B:9F:D1:E0:5C:31:09:76:AC
X509v3 Authority Key Identifier:
keyid:5C:BD:6C:D9:1A:D6:A7:28:6B:21:F6:50:9F:DD:9F:50:FE:E7:5D:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XL1s2RrWpyhrIfZQn92fUP7nXYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
59:2f:15:4f:7d:df:af:b5:62:74:57:64:aa:2f:3c:70:0e:df:
c1:8c:61:41:c6:32:fb:b9:bc:d3:21:b2:84:06:2d:fc:ab:60:
91:6e:73:ef:a5:9c:05:bc:72:e2:02:22:f3:47:a1:ef:a0:dd:
ee:9c:19:fb:92:78:76:79:82:37:0d:f4:60:71:46:f0:4c:60:
d9:87:ca:07:58:71:c5:0f:12:c4:e7:8d:5d:8e:d0:ac:d6:13:
ba:83:e3:29:10:4a:3a:9e:fb:06:d5:24:4d:cb:b3:ae:e4:c6:
80:4a:26:97:62:41:c3:63:a7:df:28:9f:2e:5e:67:39:68:1b:
c1:5f:f1:4d:2b:2e:27:b6:ce:9e:d4:cf:38:ad:64:aa:d1:9f:
48:69:90:03:73:93:67:8f:da:4d:87:99:44:91:2b:57:6b:9b:
8b:ba:69:50:1b:3a:04:54:43:38:36:5f:62:48:49:ec:59:45:
ce:84:9e:d9:56:c7:94:f9:3e:33:5f:0f:01:65:2d:84:1a:6b:
2b:f7:81:e5:65:b8:3b:e1:1f:d9:bc:ff:ee:c9:29:35:c5:90:
d3:34:ba:f5:d1:44:4f:c8:66:d2:aa:52:0b:9b:8f:05:56:17:
37:68:cd:37:cb:04:c6:ee:4c:ac:b5:4f:98:8e:f6:47:47:da:
81:2d:90:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjntQr6FbWVGpWW4/aRI/1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjYmQ2Y2Q5MWFkNmE3Mjg2YjIxZjY1MDlmZGQ5ZjUwZmVl
NzVkODcwHhcNMjUwOTA3MTAwMDM1WhcNMjUwOTA4MTAwMDM1WjAzMTEwLwYDVQQD
Eyg2NTUyOWQyNGIzNzAwYmRhYTU1MGRjN2I5ZmQxZTA1YzMxMDk3NmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIgH9TSCxDclwVZZ4nC4iPfAxSCD
DA8FcqNnbbhp8aFnuzBA804T8zYp7NnpX+8q+BuZQabiPGSh7zZqU6SSH9RmuB7s
DyB3YOrmEImzAHHI4YI638K9PFzopTn+zpVqY//+Z5P8/7OemDM65BkroQJ37NAS
02Cf62rNZsgMVIwuMvXOgB8p7NurBw0D/6IIdGuSoId2jarL77FDES8WsVNbAoJf
LG2Ej6/yaSUyIJC9uM4LjIJl9kDTWdNpZyw2HeComT66q2FtW4vgq4esmGRg82tQ
WPjKrl5bVlNJx8YG5Mh3Bf+VWuIizg4ozDjWYzMQDvu0OjPfyMuPCUWwyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGVSnSSzcAvapVDce5/R4FwxCXasMB8GA1UdIwQY
MBaAFFy9bNka1qcoayH2UJ/dn1D+512HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEwxczJScldweWhySWZaUW45MmZVUDduWFljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lMDIyM2EtMzFmZC00Y2FjLTgxNjQt
ZmJhMDc0YmExYjkwLzEvWEwxczJScldweWhySWZaUW45MmZVUDduWFljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9lMDIyM2EtMzFmZC00Y2FjLTgxNjQtZmJhMDc0YmExYjkw
LzEvWEwxczJScldweWhySWZaUW45MmZVUDduWFljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWS8VT33f
r7VidFdkqi88cA7fwYxhQcYy+7m80yGyhAYt/KtgkW5z76WcBbxy4gIi80eh76Dd
7pwZ+5J4dnmCNw30YHFG8Exg2YfKB1hxxQ8SxOeNXY7QrNYTuoPjKRBKOp77BtUk
TcuzruTGgEoml2JBw2On3yifLl5nOWgbwV/xTSsuJ7bOntTPOK1kqtGfSGmQA3OT
Z4/aTYeZRJErV2ubi7ppUBs6BFRDODZfYkhJ7FlFzoSe2VbHlPk+M18PAWUthBpr
K/eB5WW4O+Ef2bz/7skpNcWQ0zS69dFET8hm0qpSC5uPBVYXN2jNN8sExu5MrLVP
mI72R0fagS2QXQ==
-----END CERTIFICATE-----
Generated at Sun Sep 7 13:52:39 2025 by rpki-client