Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft
File: XPMa_DbLaVUAf-l-1KXjGF0icbo.mft (raw, json)
Hash identifier: YxK/rojHEBc2IroX3t63lSwRfGeisSjPU2BuCJLfRqE=
Subject key identifier: 6F:B6:E9:B3:6B:08:46:34:CC:B0:3A:7F:57:B2:31:FB:90:0F:B2:F6
Authority key identifier: 5C:F3:1A:FC:36:CB:69:55:00:7F:E9:7E:D4:A5:E3:18:5D:22:71:BA
Certificate issuer: /CN=5cf31afc36cb6955007fe97ed4a5e3185d2271ba
Certificate serial: 0199646C01C22971FF2CC62D57351C998F52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft
Manifest number: 16A3
Signing time: Sat 20 Sep 2025 00:00:23 +0000
Manifest this update: Sat 20 Sep 2025 00:00:23 +0000
Manifest next update: Sun 21 Sep 2025 00:00:23 +0000
Files and hashes: 1: 0LO0qT2-0L6mWDwJ3dVrGvaEEOA.roa (hash: m3gjbEV2ZPpf1SrIWWEpb/lM9m2SeM9EF+s0bK96n04=)
2: CXLJsfdv2mQYEw_nRCBRyHgGrls.roa (hash: gIlLTUkZL/5+bXwsRESHghLIgWvhwbD5U5vB0n4lI0k=)
3: GZyq4JhiMN6IbDxHDi387ilVO3Q.roa (hash: RAmDxoFTdOQGRBWibMySEyO1+N/egEhlrBt73Hj0G1U=)
4: XPMa_DbLaVUAf-l-1KXjGF0icbo.crl (hash: HSePXOmth5UPM93CDtC4etAvtbeCHhEZ2lsVS4PQaoo=)
5: XsnL58BowN54P94Hq8ZFELardLk.roa (hash: HNbFuOKPa1T82T8LpW7Qm3FZ0tR+dmMImgYgvtx3m4g=)
6: Zz42OKsTm8e7N4-UL7iAE7WQUo8.roa (hash: 5tp1DE1mgaUL43CN7zGdBuvgS2VFLrFuAK++O/dGYog=)
7: eGwOE8lbraIFP9l-UBBCUyjN8_w.roa (hash: E3bGB9caMn035nPuIHCWLooaKqDnHxrQ+ZG/yfDBfXc=)
8: obqfL4R2IKMApxxeeUPFE0sW9OQ.roa (hash: 7Ovq+/kB1PpmG+7SGcAWS7Jl70fuixev1vRb1jw0DXk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft
rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Sep 2025 00:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:64:6c:01:c2:29:71:ff:2c:c6:2d:57:35:1c:99:8f:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cf31afc36cb6955007fe97ed4a5e3185d2271ba
Validity
Not Before: Sep 20 00:00:23 2025 GMT
Not After : Sep 21 00:00:23 2025 GMT
Subject: CN=6fb6e9b36b084634ccb03a7f57b231fb900fb2f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:d7:10:9b:8a:3c:33:60:39:f3:06:0d:77:5b:
e7:7d:43:0c:f4:a6:f3:d7:62:a8:30:ad:23:7f:0c:
69:69:f9:46:da:87:b3:5e:01:24:8b:b2:cd:33:bb:
2b:0b:5b:88:63:da:dd:11:df:d0:d1:40:11:c9:1d:
73:88:51:19:b5:04:95:56:f9:4c:ca:db:b7:66:5e:
34:ec:8e:ea:e2:70:ab:b0:c9:20:09:2e:40:01:de:
3f:11:d6:6f:fe:ef:67:9b:36:99:34:6b:2b:f2:56:
fb:e3:f9:6b:17:56:05:e2:74:8f:24:9d:4c:1e:1b:
f8:87:14:57:85:55:b6:a9:c9:8c:0e:47:cd:4c:e9:
74:75:43:f9:0d:f0:7e:1f:66:7a:e6:6a:13:9a:a6:
d4:5a:4b:a9:b0:7a:b2:0e:dc:d0:2e:c0:7f:73:ad:
3b:dc:99:94:e4:68:86:53:8c:0e:c6:5a:e6:65:1b:
23:93:fd:03:74:b0:90:a4:38:3c:d6:e7:b9:de:c5:
7e:ff:5a:dc:05:03:11:30:13:e6:78:3c:cd:aa:99:
a4:1f:96:de:18:ef:88:47:ae:bb:e5:67:54:30:05:
88:29:57:20:04:df:9e:0c:82:f0:47:3e:88:ee:ca:
91:ea:d5:0c:c0:60:f1:e4:82:c4:70:e0:d4:28:0a:
f9:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:B6:E9:B3:6B:08:46:34:CC:B0:3A:7F:57:B2:31:FB:90:0F:B2:F6
X509v3 Authority Key Identifier:
keyid:5C:F3:1A:FC:36:CB:69:55:00:7F:E9:7E:D4:A5:E3:18:5D:22:71:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
32:aa:1a:a3:c8:ae:b9:02:b1:dd:3f:88:7a:00:e0:75:da:7c:
f8:f7:f6:39:c6:7f:74:da:2e:92:72:36:14:b7:d1:a8:70:c1:
8b:b1:0e:02:60:c8:bc:bc:56:5b:04:4e:5c:ed:10:87:28:d4:
98:eb:35:31:ee:76:fb:5b:81:24:79:00:bf:d6:f5:8a:d2:56:
e3:e7:33:46:dd:5c:55:ae:09:f2:36:6c:b3:a4:b1:19:12:92:
e7:ed:6b:41:6f:9b:9e:72:1e:63:25:af:dc:b6:3f:79:60:81:
87:9e:bd:10:ed:47:c5:db:74:39:33:ac:30:fd:85:2c:c1:28:
8d:5d:b3:90:60:59:ea:3c:33:6c:ef:87:26:d5:39:96:da:14:
5b:5f:38:ed:7f:fa:01:6f:44:30:d0:9a:1a:d9:0c:25:d1:5a:
a7:c0:68:ee:1d:13:9d:85:2b:2c:62:e1:45:68:5b:90:a8:41:
47:24:90:c2:d7:85:57:4c:32:6a:5f:47:51:cd:1c:25:c0:60:
0b:73:1f:5d:d4:de:49:9c:95:89:fa:a6:03:60:f4:87:53:f2:
f5:de:4b:0c:df:af:9a:e3:d5:85:d1:95:3d:6b:f2:89:91:d5:
c6:0d:0a:b3:6f:cb:d3:98:5a:b0:54:3a:a8:1f:c6:4b:0c:a7:
e3:62:3e:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZlkbAHCKXH/LMYtVzUcmY9SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZjMxYWZjMzZjYjY5NTUwMDdmZTk3ZWQ0YTVlMzE4NWQy
MjcxYmEwHhcNMjUwOTIwMDAwMDIzWhcNMjUwOTIxMDAwMDIzWjAzMTEwLwYDVQQD
Eyg2ZmI2ZTliMzZiMDg0NjM0Y2NiMDNhN2Y1N2IyMzFmYjkwMGZiMmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9cQm4o8M2A58wYNd1vnfUMM9Kbz
12KoMK0jfwxpaflG2oezXgEki7LNM7srC1uIY9rdEd/Q0UARyR1ziFEZtQSVVvlM
ytu3Zl407I7q4nCrsMkgCS5AAd4/EdZv/u9nmzaZNGsr8lb74/lrF1YF4nSPJJ1M
Hhv4hxRXhVW2qcmMDkfNTOl0dUP5DfB+H2Z65moTmqbUWkupsHqyDtzQLsB/c607
3JmU5GiGU4wOxlrmZRsjk/0DdLCQpDg81ue53sV+/1rcBQMRMBPmeDzNqpmkH5be
GO+IR6675WdUMAWIKVcgBN+eDILwRz6I7sqR6tUMwGDx5ILEcODUKAr5ywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG+26bNrCEY0zLA6f1eyMfuQD7L2MB8GA1UdIwQY
MBaAFFzzGvw2y2lVAH/pftSl4xhdInG6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFBNYV9EYkxhVlVBZi1sLTFLWGpHRjBpY2JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80NThlYzMtMDQ1MS00ZTQxLTlhMzQt
NzM2ZDEyODg4Y2E4LzEvWFBNYV9EYkxhVlVBZi1sLTFLWGpHRjBpY2JvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy80NThlYzMtMDQ1MS00ZTQxLTlhMzQtNzM2ZDEyODg4Y2E4
LzEvWFBNYV9EYkxhVlVBZi1sLTFLWGpHRjBpY2JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMqoao8iu
uQKx3T+IegDgddp8+Pf2OcZ/dNouknI2FLfRqHDBi7EOAmDIvLxWWwROXO0QhyjU
mOs1Me52+1uBJHkAv9b1itJW4+czRt1cVa4J8jZss6SxGRKS5+1rQW+bnnIeYyWv
3LY/eWCBh569EO1Hxdt0OTOsMP2FLMEojV2zkGBZ6jwzbO+HJtU5ltoUW1847X/6
AW9EMNCaGtkMJdFap8Bo7h0TnYUrLGLhRWhbkKhBRySQwteFV0wyal9HUc0cJcBg
C3MfXdTeSZyVifqmA2D0h1Py9d5LDN+vmuPVhdGVPWvyiZHVxg0Ks2/L05hasFQ6
qB/GSwyn42I+5w==
-----END CERTIFICATE-----
Generated at Sat Sep 20 02:18:24 2025 by rpki-client