Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft
File: XNhYOyEXQQSea7GalG2DGqvxGtM.mft (raw, json)
Hash identifier: 6HqQQW6DhBqEwCMCcwE7DHXlh6BW5HS2cwIIjuM1pa8=
Subject key identifier: 8E:25:C4:29:26:08:4B:AF:A1:72:03:68:BC:C6:5C:4B:66:15:AC:D6
Authority key identifier: 5C:D8:58:3B:21:17:41:04:9E:6B:B1:9A:94:6D:83:1A:AB:F1:1A:D3
Certificate issuer: /CN=5cd8583b211741049e6bb19a946d831aabf11ad3
Certificate serial: 019A047EB747A68B68CA86592C273ED25DAD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft
Manifest number: 1628
Signing time: Tue 21 Oct 2025 02:00:04 +0000
Manifest this update: Tue 21 Oct 2025 02:00:04 +0000
Manifest next update: Wed 22 Oct 2025 02:00:04 +0000
Files and hashes: 1: XNhYOyEXQQSea7GalG2DGqvxGtM.crl (hash: vw3gGhRfsLpPwEFbv50Bq9sW5isoqoAKXICifDjFhJU=)
2: ir_nzSQYAsgPoPu8kRGYQzALm7U.roa (hash: TCpfNyg//XzFyrfc8SAsUbs4iWswcCSro2mnromAmQo=)
3: m3SzGaHBe-liV9k_hjkTUrNHXMg.roa (hash: 1IYirY3YGGwbakrzW31PvEOIIPUhpCQb3MNxcEFgdzs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft
rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 22:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:04:7e:b7:47:a6:8b:68:ca:86:59:2c:27:3e:d2:5d:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cd8583b211741049e6bb19a946d831aabf11ad3
Validity
Not Before: Oct 21 02:00:04 2025 GMT
Not After : Oct 22 02:00:04 2025 GMT
Subject: CN=8e25c42926084bafa1720368bcc65c4b6615acd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:4b:3a:ae:7b:75:a5:df:0f:d7:9d:27:33:76:
1b:85:85:82:5b:75:63:cf:8b:20:c3:17:58:c9:d6:
09:cf:87:66:a3:f0:5f:d8:24:23:f4:4f:fe:d7:d6:
24:06:60:5c:73:68:ab:ec:2c:fd:30:61:da:99:78:
7f:c1:57:d9:66:8d:db:6a:df:88:be:7d:62:01:18:
bc:f4:9c:53:1d:cc:fb:26:10:01:bd:2b:23:47:7c:
88:95:65:f1:1b:5d:db:b3:36:0d:aa:a2:9a:f2:4a:
3c:d7:92:f6:ac:ac:6c:3c:a4:a2:77:f0:b3:77:bb:
bd:cc:da:94:16:15:9a:b3:fa:bc:de:b7:d3:2d:be:
1a:fb:f1:ea:cd:17:6b:41:90:88:65:db:f7:b6:89:
fd:af:bc:25:7f:e8:99:fc:fa:34:a5:cf:5e:53:fe:
1c:79:65:b5:77:db:fe:b3:23:d2:06:2f:4c:59:70:
d2:29:e1:c0:77:4a:91:7c:2e:eb:30:c9:50:c7:c6:
62:f5:bb:02:0b:30:c1:5b:c9:92:80:40:f5:c7:e9:
b8:45:5f:64:bd:b0:a1:2a:51:5e:a5:57:69:61:1f:
aa:74:26:20:8e:86:0d:65:95:22:84:68:18:94:2e:
88:bc:fd:1f:68:e2:13:71:f9:6d:e2:97:64:d9:28:
1d:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:25:C4:29:26:08:4B:AF:A1:72:03:68:BC:C6:5C:4B:66:15:AC:D6
X509v3 Authority Key Identifier:
keyid:5C:D8:58:3B:21:17:41:04:9E:6B:B1:9A:94:6D:83:1A:AB:F1:1A:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3b:b7:32:5f:3c:c0:e6:9e:33:ab:34:12:92:81:09:61:22:b2:
56:cf:25:97:69:f7:cd:0d:84:00:53:5e:4c:26:4d:aa:da:2e:
29:58:f0:27:0d:df:ab:4a:b1:a3:80:e3:bf:62:86:18:2c:d1:
29:41:89:e7:5a:37:38:c9:07:74:62:a2:fb:44:bb:5f:8a:74:
f6:4f:63:dc:53:5c:cd:cf:7f:bb:cf:d2:24:bb:42:c6:f1:88:
a7:8f:6a:dc:f8:7f:4e:08:02:8e:f8:8c:7f:1a:84:95:d1:b8:
e5:56:dd:03:66:14:8f:1e:11:02:0b:fb:40:f5:6b:40:66:10:
c1:05:47:1b:e9:c3:09:01:4c:d3:cb:5d:f0:be:5a:e9:38:f0:
cb:8d:d2:dd:61:04:ea:03:02:f8:b3:9b:10:16:12:16:68:7d:
bc:3d:db:56:49:11:07:65:e5:24:84:24:63:e6:6f:b7:26:d8:
07:a7:05:97:a0:91:18:9c:ef:7f:1b:d1:d2:1e:68:53:73:a2:
7f:92:55:43:af:8f:4a:73:53:ed:d4:68:08:af:09:39:56:18:
f3:e0:06:ed:a7:f9:59:6f:6e:3a:45:6c:b2:c5:46:b6:06:d7:
b6:61:07:a9:65:c2:c0:4c:e6:6b:df:12:5e:27:ed:7a:e9:0b:
94:1d:b9:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoEfrdHpotoyoZZLCc+0l2tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZDg1ODNiMjExNzQxMDQ5ZTZiYjE5YTk0NmQ4MzFhYWJm
MTFhZDMwHhcNMjUxMDIxMDIwMDA0WhcNMjUxMDIyMDIwMDA0WjAzMTEwLwYDVQQD
Eyg4ZTI1YzQyOTI2MDg0YmFmYTE3MjAzNjhiY2M2NWM0YjY2MTVhY2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Es6rnt1pd8P150nM3YbhYWCW3Vj
z4sgwxdYydYJz4dmo/Bf2CQj9E/+19YkBmBcc2ir7Cz9MGHamXh/wVfZZo3bat+I
vn1iARi89JxTHcz7JhABvSsjR3yIlWXxG13bszYNqqKa8ko815L2rKxsPKSid/Cz
d7u9zNqUFhWas/q83rfTLb4a+/HqzRdrQZCIZdv3ton9r7wlf+iZ/Po0pc9eU/4c
eWW1d9v+syPSBi9MWXDSKeHAd0qRfC7rMMlQx8Zi9bsCCzDBW8mSgED1x+m4RV9k
vbChKlFepVdpYR+qdCYgjoYNZZUihGgYlC6IvP0faOITcflt4pdk2SgdJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI4lxCkmCEuvoXIDaLzGXEtmFazWMB8GA1UdIwQY
MBaAFFzYWDshF0EEnmuxmpRtgxqr8RrTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC83Mjk4YWItN2I5Yy00N2FkLTkwODUt
NTA5NzRiY2RjMjQ4LzEvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC83Mjk4YWItN2I5Yy00N2FkLTkwODUtNTA5NzRiY2RjMjQ4
LzEvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO7cyXzzA
5p4zqzQSkoEJYSKyVs8ll2n3zQ2EAFNeTCZNqtouKVjwJw3fq0qxo4Djv2KGGCzR
KUGJ51o3OMkHdGKi+0S7X4p09k9j3FNczc9/u8/SJLtCxvGIp49q3Ph/TggCjviM
fxqEldG45VbdA2YUjx4RAgv7QPVrQGYQwQVHG+nDCQFM08td8L5a6Tjwy43S3WEE
6gMC+LObEBYSFmh9vD3bVkkRB2XlJIQkY+ZvtybYB6cFl6CRGJzvfxvR0h5oU3Oi
f5JVQ6+PSnNT7dRoCK8JOVYY8+AG7af5WW9uOkVsssVGtgbXtmEHqWXCwEzma98S
XifteukLlB25sg==
-----END CERTIFICATE-----
Generated at Tue Oct 21 05:38:11 2025 by rpki-client