Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/5f8cea-54ba-4965-a454-07a449a50f08/1/xagvOTbyRO3LYBPhIdUadpDRNZk.mft
File: xagvOTbyRO3LYBPhIdUadpDRNZk.mft (raw, json)
Hash identifier: onE7atl95DJt/64z1bzzv213Iongy47PFFFx/Y6bYaQ=
Subject key identifier: 5D:29:14:07:DD:33:BC:5E:E8:4B:AB:38:BF:9D:C3:76:78:45:0B:79
Authority key identifier: C5:A8:2F:39:36:F2:44:ED:CB:60:13:E1:21:D5:1A:76:90:D1:35:99
Certificate issuer: /CN=c5a82f3936f244edcb6013e121d51a7690d13599
Certificate serial: 01974C3236464BF8D30EC8E995150A683510
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xagvOTbyRO3LYBPhIdUadpDRNZk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/5f8cea-54ba-4965-a454-07a449a50f08/1/xagvOTbyRO3LYBPhIdUadpDRNZk.mft
Manifest number: 12CE
Signing time: Sat 07 Jun 2025 21:00:48 +0000
Manifest this update: Sat 07 Jun 2025 21:00:48 +0000
Manifest next update: Sun 08 Jun 2025 21:00:48 +0000
Files and hashes: 1: XSbdHCVCRCiTj8mv8uqC5jKu2Wc.roa (hash: 5E+fKGQdMloCaM1N6c8AjIuVH6v9QdhsvGHXvp3zGN0=)
2: xagvOTbyRO3LYBPhIdUadpDRNZk.crl (hash: 4c6H3KEf4yHbrtokWhrioUvzcgi8dkTLFgvQ1PuoDsY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/5f8cea-54ba-4965-a454-07a449a50f08/1/xagvOTbyRO3LYBPhIdUadpDRNZk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/5f8cea-54ba-4965-a454-07a449a50f08/1/xagvOTbyRO3LYBPhIdUadpDRNZk.mft
rsync://rpki.ripe.net/repository/DEFAULT/xagvOTbyRO3LYBPhIdUadpDRNZk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 20:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4c:32:36:46:4b:f8:d3:0e:c8:e9:95:15:0a:68:35:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5a82f3936f244edcb6013e121d51a7690d13599
Validity
Not Before: Jun 7 21:00:48 2025 GMT
Not After : Jun 8 21:00:48 2025 GMT
Subject: CN=5d291407dd33bc5ee84bab38bf9dc37678450b79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:97:96:fa:5a:2b:ef:88:6b:10:69:4c:72:f2:
87:aa:85:23:ef:36:1a:7e:26:fd:81:7e:66:ec:63:
48:7b:b7:43:7c:81:95:86:0f:51:aa:97:f3:ce:21:
89:9e:74:92:ae:44:3f:9a:7e:46:b3:f0:f8:ea:87:
d6:b4:0e:53:5f:42:ca:a6:39:8d:26:e8:8c:7b:62:
e4:26:8f:7f:63:51:39:ae:75:d5:7d:96:9f:06:cc:
b3:91:ac:75:28:25:bd:f4:80:0d:33:de:6b:7a:2b:
60:cc:f6:a4:f0:45:1f:1d:a4:0b:87:84:28:c0:93:
db:71:a8:b7:23:11:8e:4e:80:96:b5:e1:02:71:8b:
a8:6d:71:c4:5e:78:fd:e4:ad:88:67:1e:ca:32:0c:
e4:71:e9:bb:3a:0e:0d:9f:e6:61:0f:b5:00:ee:33:
b8:7e:19:71:99:c2:64:c4:10:69:9a:dc:65:58:84:
c6:e9:70:17:24:78:68:a6:29:31:de:95:b6:ff:ce:
14:80:28:4f:96:17:6d:9d:80:16:be:01:36:53:23:
97:20:57:ea:ae:e2:cd:f1:ee:3d:85:34:d5:aa:9b:
1a:3d:1f:9e:a8:7a:0a:a8:40:61:bb:8b:de:b9:cd:
c6:12:0c:61:a4:97:dc:d2:27:38:87:e6:3f:07:b3:
a5:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:29:14:07:DD:33:BC:5E:E8:4B:AB:38:BF:9D:C3:76:78:45:0B:79
X509v3 Authority Key Identifier:
keyid:C5:A8:2F:39:36:F2:44:ED:CB:60:13:E1:21:D5:1A:76:90:D1:35:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xagvOTbyRO3LYBPhIdUadpDRNZk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/5f8cea-54ba-4965-a454-07a449a50f08/1/xagvOTbyRO3LYBPhIdUadpDRNZk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/5f8cea-54ba-4965-a454-07a449a50f08/1/xagvOTbyRO3LYBPhIdUadpDRNZk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
19:0c:d2:46:13:30:b3:a2:24:dd:0a:a5:f8:1a:b3:d0:cd:a0:
4b:49:c0:b8:a8:2f:a3:99:76:95:9a:85:f0:17:c9:fd:41:5a:
f1:9b:8f:7a:e5:68:d2:cf:f7:f7:2f:94:c8:87:9b:82:21:97:
cc:7b:90:c9:4b:c6:8c:94:b8:2a:c3:0b:d8:e1:95:05:99:80:
15:37:ec:f0:b1:7d:e5:04:5f:6a:50:43:51:5d:e3:33:12:9e:
3b:d2:a0:b6:a6:da:b6:17:36:f3:fe:b4:46:d4:f6:05:48:86:
77:f6:85:05:3e:ce:13:7e:e7:9d:1d:ce:50:5f:b8:9c:a5:9e:
ee:be:44:e8:a1:28:67:2d:d6:41:6c:55:dd:99:85:6f:1e:48:
dd:a8:b5:b0:39:05:51:09:19:c3:0b:9a:f6:f3:23:c9:1b:a4:
bf:c4:4c:ea:d6:93:d1:5a:eb:78:a0:31:fd:3f:ea:eb:01:e8:
23:01:6a:e5:a9:a1:e6:57:12:5a:2a:d2:ff:b6:e2:aa:88:67:
82:a0:f8:ed:c8:70:93:bd:58:a0:74:0d:c2:97:b0:92:b1:63:
a1:e2:d9:fa:0a:16:b6:0b:ab:6a:a7:d5:fa:fd:64:ac:1b:12:
30:3a:5f:2b:47:8b:fe:43:a6:2b:65:16:b8:5f:a1:e9:eb:5a:
fe:8e:33:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdMMjZGS/jTDsjplRUKaDUQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YTgyZjM5MzZmMjQ0ZWRjYjYwMTNlMTIxZDUxYTc2OTBk
MTM1OTkwHhcNMjUwNjA3MjEwMDQ4WhcNMjUwNjA4MjEwMDQ4WjAzMTEwLwYDVQQD
Eyg1ZDI5MTQwN2RkMzNiYzVlZTg0YmFiMzhiZjlkYzM3Njc4NDUwYjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJeW+lor74hrEGlMcvKHqoUj7zYa
fib9gX5m7GNIe7dDfIGVhg9RqpfzziGJnnSSrkQ/mn5Gs/D46ofWtA5TX0LKpjmN
JuiMe2LkJo9/Y1E5rnXVfZafBsyzkax1KCW99IANM95reitgzPak8EUfHaQLh4Qo
wJPbcai3IxGOToCWteECcYuobXHEXnj95K2IZx7KMgzkcem7Og4Nn+ZhD7UA7jO4
fhlxmcJkxBBpmtxlWITG6XAXJHhopikx3pW2/84UgChPlhdtnYAWvgE2UyOXIFfq
ruLN8e49hTTVqpsaPR+eqHoKqEBhu4veuc3GEgxhpJfc0ic4h+Y/B7OlSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF0pFAfdM7xe6EurOL+dw3Z4RQt5MB8GA1UdIwQY
MBaAFMWoLzk28kTty2AT4SHVGnaQ0TWZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGFndk9UYnlSTzNMWUJQaElkVWFkcERSTlprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS81ZjhjZWEtNTRiYS00OTY1LWE0NTQt
MDdhNDQ5YTUwZjA4LzEveGFndk9UYnlSTzNMWUJQaElkVWFkcERSTlprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS81ZjhjZWEtNTRiYS00OTY1LWE0NTQtMDdhNDQ5YTUwZjA4
LzEveGFndk9UYnlSTzNMWUJQaElkVWFkcERSTlprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGQzSRhMw
s6Ik3Qql+Bqz0M2gS0nAuKgvo5l2lZqF8BfJ/UFa8ZuPeuVo0s/39y+UyIebgiGX
zHuQyUvGjJS4KsML2OGVBZmAFTfs8LF95QRfalBDUV3jMxKeO9Kgtqbathc28/60
RtT2BUiGd/aFBT7OE37nnR3OUF+4nKWe7r5E6KEoZy3WQWxV3ZmFbx5I3ai1sDkF
UQkZwwua9vMjyRukv8RM6taT0VrreKAx/T/q6wHoIwFq5amh5lcSWirS/7biqohn
gqD47chwk71YoHQNwpewkrFjoeLZ+goWtguraqfV+v1krBsSMDpfK0eL/kOmK2UW
uF+h6eta/o4zJw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:35:58 2025 by rpki-client