Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.mft
File: XL1s2RrWpyhrIfZQn92fUP7nXYc.mft (raw, json)
Hash identifier: UmoX6SdHBSvaTAXIK+QsrXoVwXRW+DRdL+xIoZz9zAU=
Subject key identifier: 4B:5E:06:B7:7A:0A:A0:14:5C:B1:AC:4E:F4:11:0B:2B:27:A1:64:04
Authority key identifier: 5C:BD:6C:D9:1A:D6:A7:28:6B:21:F6:50:9F:DD:9F:50:FE:E7:5D:87
Certificate issuer: /CN=5cbd6cd91ad6a7286b21f6509fdd9f50fee75d87
Certificate serial: 019A209B227E1EF03FE3B91FC98A12037A1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XL1s2RrWpyhrIfZQn92fUP7nXYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.mft
Manifest number: 1622
Signing time: Sun 26 Oct 2025 13:00:29 +0000
Manifest this update: Sun 26 Oct 2025 13:00:29 +0000
Manifest next update: Mon 27 Oct 2025 13:00:29 +0000
Files and hashes: 1: LfsV7f6LxRRDF8DgEB39eI0JGcY.roa (hash: 57HPzdZv/cmkcVMLJmynj7OnbXGj1b4sWVjtj2VnRws=)
2: XL1s2RrWpyhrIfZQn92fUP7nXYc.crl (hash: DSBnyKyoYQdlg4SA2LwZKEj4NEcPhqb8U0GnjF370m0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.mft
rsync://rpki.ripe.net/repository/DEFAULT/XL1s2RrWpyhrIfZQn92fUP7nXYc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Oct 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:20:9b:22:7e:1e:f0:3f:e3:b9:1f:c9:8a:12:03:7a:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cbd6cd91ad6a7286b21f6509fdd9f50fee75d87
Validity
Not Before: Oct 26 13:00:29 2025 GMT
Not After : Oct 27 13:00:29 2025 GMT
Subject: CN=4b5e06b77a0aa0145cb1ac4ef4110b2b27a16404
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:7d:92:e3:6b:6c:30:d0:38:e3:70:b1:c7:74:
d8:0a:1d:96:ef:d9:c2:fc:d8:a4:7c:44:77:9a:45:
e3:02:fb:6f:d9:ab:b3:17:b5:b7:19:84:df:3c:7f:
1f:f7:5f:b0:7a:2b:13:b6:c1:39:a8:34:4c:44:e1:
70:4f:75:3d:1e:c5:b9:99:d1:46:a0:6e:62:79:82:
2a:4d:72:df:e6:b1:d9:81:af:0c:4d:3a:62:6b:28:
ba:55:49:f2:f0:60:22:5d:7b:7a:c6:09:f0:d8:32:
eb:16:cb:8f:66:3f:7b:09:28:86:96:3b:20:7c:77:
ba:07:0a:32:62:ac:03:ac:31:0d:ce:d8:06:09:0f:
83:55:c4:b9:7c:9e:ba:d6:3c:f0:14:10:2b:da:fe:
5e:9f:c2:8e:34:2f:87:a3:67:f6:50:a4:1d:dc:d5:
49:56:b6:8a:4e:2a:3a:cd:63:bb:3e:d4:0d:e0:7b:
01:14:3a:20:68:51:3d:e1:2f:49:02:58:6a:f6:7c:
6d:c0:53:a2:a2:c4:86:1e:1f:c1:3f:09:f9:89:77:
26:d9:fa:1b:65:27:21:70:ed:c7:99:2f:7b:67:45:
93:44:37:42:ec:b9:c3:d6:82:47:12:8f:70:c9:ad:
49:d5:4b:0d:18:4a:e6:cf:af:ef:04:5f:9a:d9:a4:
6a:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:5E:06:B7:7A:0A:A0:14:5C:B1:AC:4E:F4:11:0B:2B:27:A1:64:04
X509v3 Authority Key Identifier:
keyid:5C:BD:6C:D9:1A:D6:A7:28:6B:21:F6:50:9F:DD:9F:50:FE:E7:5D:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XL1s2RrWpyhrIfZQn92fUP7nXYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6c:b7:27:12:77:cb:84:c3:e8:68:61:9b:ef:21:1e:ae:48:07:
ea:79:16:d7:0a:8b:95:a1:67:d3:97:2a:aa:9c:bb:44:f5:3f:
37:36:17:bb:f5:f5:a9:f4:86:f1:ec:85:10:a3:af:9f:20:31:
fb:0f:8c:03:e1:9a:a6:03:b7:bd:35:5b:f7:c9:a3:fb:ba:fb:
5e:e5:da:41:8c:4c:74:5d:73:b1:dd:6b:6b:ba:10:70:9b:58:
ce:37:07:70:fd:20:9f:bd:e2:9f:13:0b:25:13:23:8e:e7:04:
62:1e:4c:30:e7:6d:78:cf:64:ea:e5:fd:94:c3:97:fc:85:a4:
9f:75:62:43:b1:14:e8:29:f2:11:ae:54:ce:ea:68:f0:42:5a:
70:23:c6:3b:16:51:61:70:c6:01:8f:f7:30:37:be:3b:88:b4:
60:4f:05:e0:79:3b:50:ca:9d:1b:a0:d9:92:13:d9:77:f8:0d:
1e:71:f6:11:ed:03:bf:63:a1:1b:d2:cc:07:d4:3e:71:04:1e:
a8:85:35:96:0a:d9:42:b3:bf:0b:79:5e:24:6c:4e:29:e9:08:
81:ce:a4:e6:fc:76:ec:d0:9d:50:ac:7f:56:de:03:4a:36:a1:
f6:ed:b1:49:99:b1:65:d5:85:9f:17:a7:9d:44:4a:51:10:6d:
d6:62:1c:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZogmyJ+HvA/47kfyYoSA3ofMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjYmQ2Y2Q5MWFkNmE3Mjg2YjIxZjY1MDlmZGQ5ZjUwZmVl
NzVkODcwHhcNMjUxMDI2MTMwMDI5WhcNMjUxMDI3MTMwMDI5WjAzMTEwLwYDVQQD
Eyg0YjVlMDZiNzdhMGFhMDE0NWNiMWFjNGVmNDExMGIyYjI3YTE2NDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAon2S42tsMNA443Cxx3TYCh2W79nC
/NikfER3mkXjAvtv2auzF7W3GYTfPH8f91+weisTtsE5qDRMROFwT3U9HsW5mdFG
oG5ieYIqTXLf5rHZga8MTTpiayi6VUny8GAiXXt6xgnw2DLrFsuPZj97CSiGljsg
fHe6BwoyYqwDrDENztgGCQ+DVcS5fJ661jzwFBAr2v5en8KONC+Ho2f2UKQd3NVJ
VraKTio6zWO7PtQN4HsBFDogaFE94S9JAlhq9nxtwFOiosSGHh/BPwn5iXcm2fob
ZSchcO3HmS97Z0WTRDdC7LnD1oJHEo9wya1J1UsNGErmz6/vBF+a2aRqqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEteBrd6CqAUXLGsTvQRCysnoWQEMB8GA1UdIwQY
MBaAFFy9bNka1qcoayH2UJ/dn1D+512HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEwxczJScldweWhySWZaUW45MmZVUDduWFljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lMDIyM2EtMzFmZC00Y2FjLTgxNjQt
ZmJhMDc0YmExYjkwLzEvWEwxczJScldweWhySWZaUW45MmZVUDduWFljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9lMDIyM2EtMzFmZC00Y2FjLTgxNjQtZmJhMDc0YmExYjkw
LzEvWEwxczJScldweWhySWZaUW45MmZVUDduWFljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbLcnEnfL
hMPoaGGb7yEerkgH6nkW1wqLlaFn05cqqpy7RPU/NzYXu/X1qfSG8eyFEKOvnyAx
+w+MA+GapgO3vTVb98mj+7r7XuXaQYxMdF1zsd1ra7oQcJtYzjcHcP0gn73inxML
JRMjjucEYh5MMOdteM9k6uX9lMOX/IWkn3ViQ7EU6CnyEa5Uzupo8EJacCPGOxZR
YXDGAY/3MDe+O4i0YE8F4Hk7UMqdG6DZkhPZd/gNHnH2Ee0Dv2OhG9LMB9Q+cQQe
qIU1lgrZQrO/C3leJGxOKekIgc6k5vx27NCdUKx/Vt4DSjah9u2xSZmxZdWFnxen
nURKURBt1mIckg==
-----END CERTIFICATE-----
Generated at Sun Oct 26 17:46:35 2025 by rpki-client