Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/f3cca4-f6bf-4734-abbd-0964464c1751/1/XNN5ztzcIPCHXEsIuUtBFhs-jAM.mft
File: XNN5ztzcIPCHXEsIuUtBFhs-jAM.mft (raw, json)
Hash identifier: 88O+BebJHCd3cGl+P77sOLvkMY+MG0vgf+5hOd0hR5s=
Subject key identifier: 24:13:44:CD:6F:B8:69:B3:C3:2B:32:A7:6A:73:E4:3F:DD:40:E5:2A
Authority key identifier: 5C:D3:79:CE:DC:DC:20:F0:87:5C:4B:08:B9:4B:41:16:1B:3E:8C:03
Certificate issuer: /CN=5cd379cedcdc20f0875c4b08b94b41161b3e8c03
Certificate serial: 0199228CA7F71EF343C09AE2D8C18E48C089
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XNN5ztzcIPCHXEsIuUtBFhs-jAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/f3cca4-f6bf-4734-abbd-0964464c1751/1/XNN5ztzcIPCHXEsIuUtBFhs-jAM.mft
Manifest number: 0DEE
Signing time: Sun 07 Sep 2025 05:01:07 +0000
Manifest this update: Sun 07 Sep 2025 05:01:07 +0000
Manifest next update: Mon 08 Sep 2025 05:01:07 +0000
Files and hashes: 1: 1-EeSCCOFCUoz0VplGP1Lo0h-9As.roa (hash: ZLnUsrTQcRzljBuufN+eacOU/oxAjJXf2wRzESRepgg=)
2: XNN5ztzcIPCHXEsIuUtBFhs-jAM.crl (hash: CFcaTLH/PATzcnb6oeNjDkc/rradh4p7CjGBbcXnNF0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/f3cca4-f6bf-4734-abbd-0964464c1751/1/XNN5ztzcIPCHXEsIuUtBFhs-jAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/f3cca4-f6bf-4734-abbd-0964464c1751/1/XNN5ztzcIPCHXEsIuUtBFhs-jAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/XNN5ztzcIPCHXEsIuUtBFhs-jAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:8c:a7:f7:1e:f3:43:c0:9a:e2:d8:c1:8e:48:c0:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cd379cedcdc20f0875c4b08b94b41161b3e8c03
Validity
Not Before: Sep 7 05:01:07 2025 GMT
Not After : Sep 8 05:01:07 2025 GMT
Subject: CN=241344cd6fb869b3c32b32a76a73e43fdd40e52a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:5b:1e:75:ae:06:76:d3:0b:e1:d0:71:1e:88:
71:70:ba:92:2d:36:6b:9c:bb:e7:ed:31:21:ba:b3:
b3:83:d4:49:f2:c6:f5:46:a3:c1:74:0f:42:70:49:
ba:d0:b9:0f:d3:0d:71:94:dc:e6:83:27:cf:45:cb:
e0:cd:03:dc:b1:7a:5b:c1:3d:f2:99:3f:ce:8d:52:
d1:3c:a7:0b:5c:3c:1f:8a:e4:3c:fd:a3:e2:c4:bb:
40:77:c4:3b:ed:ae:46:62:0a:1f:86:62:b9:33:d7:
db:3b:fd:9d:5a:cf:42:da:b4:bc:81:06:ba:00:21:
41:bc:a1:dc:e3:06:06:b0:38:54:18:b0:db:ba:ee:
57:b2:0f:c4:72:1e:07:7c:f1:ba:d5:c9:35:f0:a5:
c4:1a:2a:32:99:9f:22:0e:57:a1:8a:a1:d0:7b:31:
89:da:15:7c:00:2c:41:74:28:ef:ad:1e:09:e8:3b:
df:5d:4c:fd:cd:19:b2:ff:0f:6c:57:fc:f9:67:8a:
72:68:3c:76:4e:28:8c:7b:06:43:2d:f2:11:ab:4c:
6f:2e:18:90:fd:bb:f8:46:38:08:6f:86:85:99:f2:
e2:ea:c3:62:5c:6e:14:65:9c:8e:86:99:9b:f3:31:
f1:3e:90:5a:d6:5c:19:88:21:cf:bd:20:19:01:9a:
6e:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:13:44:CD:6F:B8:69:B3:C3:2B:32:A7:6A:73:E4:3F:DD:40:E5:2A
X509v3 Authority Key Identifier:
keyid:5C:D3:79:CE:DC:DC:20:F0:87:5C:4B:08:B9:4B:41:16:1B:3E:8C:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XNN5ztzcIPCHXEsIuUtBFhs-jAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/f3cca4-f6bf-4734-abbd-0964464c1751/1/XNN5ztzcIPCHXEsIuUtBFhs-jAM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/f3cca4-f6bf-4734-abbd-0964464c1751/1/XNN5ztzcIPCHXEsIuUtBFhs-jAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b5:80:49:92:32:d1:db:d6:75:f8:f4:3f:21:ec:a4:bf:8c:b9:
ad:be:f0:17:86:76:16:7a:8d:de:af:60:33:20:24:c2:e8:30:
6a:27:e0:2a:04:35:7d:2d:66:81:e0:41:06:39:09:1d:38:ca:
44:9c:b4:53:14:2e:a4:b4:42:4b:31:25:e1:2f:76:d6:9c:86:
33:c0:06:fa:39:26:a1:99:0a:c6:b9:45:ab:24:1b:92:fb:8a:
76:7d:db:77:6e:37:21:dd:1a:12:60:70:40:62:6b:6f:26:75:
1c:ab:dd:10:22:9e:27:59:e9:4e:d4:f6:82:2e:85:1f:ce:18:
75:62:a3:60:56:68:6c:47:9f:5d:79:84:a3:ca:04:ce:df:75:
1f:c5:fd:aa:39:dd:f1:56:51:f2:76:5e:78:c0:f6:b2:8b:1b:
47:15:6b:68:97:25:9b:33:ac:de:46:95:6a:a3:b7:41:d6:2a:
79:d6:58:6e:5e:d2:e2:61:3e:ef:53:24:63:47:d3:39:d1:fd:
60:2f:99:64:5b:3e:85:82:45:1a:d1:e2:67:65:2d:84:4d:0e:
35:7d:55:eb:98:b6:9c:65:e2:34:36:24:25:17:92:af:1e:4b:
52:be:56:a3:02:3f:f3:d6:66:08:6c:ac:6b:4d:77:cf:cd:a1:
e4:f4:75:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijKf3HvNDwJri2MGOSMCJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZDM3OWNlZGNkYzIwZjA4NzVjNGIwOGI5NGI0MTE2MWIz
ZThjMDMwHhcNMjUwOTA3MDUwMTA3WhcNMjUwOTA4MDUwMTA3WjAzMTEwLwYDVQQD
EygyNDEzNDRjZDZmYjg2OWIzYzMyYjMyYTc2YTczZTQzZmRkNDBlNTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1seda4GdtML4dBxHohxcLqSLTZr
nLvn7TEhurOzg9RJ8sb1RqPBdA9CcEm60LkP0w1xlNzmgyfPRcvgzQPcsXpbwT3y
mT/OjVLRPKcLXDwfiuQ8/aPixLtAd8Q77a5GYgofhmK5M9fbO/2dWs9C2rS8gQa6
ACFBvKHc4wYGsDhUGLDbuu5Xsg/Ech4HfPG61ck18KXEGioymZ8iDlehiqHQezGJ
2hV8ACxBdCjvrR4J6DvfXUz9zRmy/w9sV/z5Z4pyaDx2TiiMewZDLfIRq0xvLhiQ
/bv4RjgIb4aFmfLi6sNiXG4UZZyOhpmb8zHxPpBa1lwZiCHPvSAZAZpuhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCQTRM1vuGmzwysyp2pz5D/dQOUqMB8GA1UdIwQY
MBaAFFzTec7c3CDwh1xLCLlLQRYbPowDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE5ONXp0emNJUENIWEVzSXVVdEJGaHMtakFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9mM2NjYTQtZjZiZi00NzM0LWFiYmQt
MDk2NDQ2NGMxNzUxLzEvWE5ONXp0emNJUENIWEVzSXVVdEJGaHMtakFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9mM2NjYTQtZjZiZi00NzM0LWFiYmQtMDk2NDQ2NGMxNzUx
LzEvWE5ONXp0emNJUENIWEVzSXVVdEJGaHMtakFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtYBJkjLR
29Z1+PQ/Ieykv4y5rb7wF4Z2FnqN3q9gMyAkwugwaifgKgQ1fS1mgeBBBjkJHTjK
RJy0UxQupLRCSzEl4S921pyGM8AG+jkmoZkKxrlFqyQbkvuKdn3bd243Id0aEmBw
QGJrbyZ1HKvdECKeJ1npTtT2gi6FH84YdWKjYFZobEefXXmEo8oEzt91H8X9qjnd
8VZR8nZeeMD2sosbRxVraJclmzOs3kaVaqO3QdYqedZYbl7S4mE+71MkY0fTOdH9
YC+ZZFs+hYJFGtHiZ2UthE0ONX1V65i2nGXiNDYkJReSrx5LUr5WowI/89ZmCGys
a013z82h5PR1Bw==
-----END CERTIFICATE-----
Generated at Sun Sep 7 13:50:20 2025 by rpki-client