Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/48c7ec-0c75-41c4-85aa-438820fba254/1/xcgmUInL3eamxXnNd2tfgMD4rdQ.mft
File: xcgmUInL3eamxXnNd2tfgMD4rdQ.mft (raw, json)
Hash identifier: 3qazaROIwwrZeyTHaxems7EzRKYsbZJHvL5Whnk80Nk=
Subject key identifier: 60:FA:A6:F2:40:D2:FC:D1:E8:E7:8A:97:81:F9:1E:A7:B0:FD:4E:CF
Authority key identifier: C5:C8:26:50:89:CB:DD:E6:A6:C5:79:CD:77:6B:5F:80:C0:F8:AD:D4
Certificate issuer: /CN=c5c8265089cbdde6a6c579cd776b5f80c0f8add4
Certificate serial: 0199FC8FBD4B2B7963723AAE8CC8AA4242D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xcgmUInL3eamxXnNd2tfgMD4rdQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/48c7ec-0c75-41c4-85aa-438820fba254/1/xcgmUInL3eamxXnNd2tfgMD4rdQ.mft
Manifest number: 01FA
Signing time: Sun 19 Oct 2025 13:01:42 +0000
Manifest this update: Sun 19 Oct 2025 13:01:42 +0000
Manifest next update: Mon 20 Oct 2025 13:01:42 +0000
Files and hashes: 1: HnXYP_nGkSYGI2gsUnR5joaBv0k.roa (hash: QHASI9erDv03GyXaVaSPKxwrTHTkAuv0FPn5tlS8GC8=)
2: xcgmUInL3eamxXnNd2tfgMD4rdQ.crl (hash: XyStofAfRzwWWJnDNo7v7Dr4h5ZhuITp+pXIeoYQgP4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/48c7ec-0c75-41c4-85aa-438820fba254/1/xcgmUInL3eamxXnNd2tfgMD4rdQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/48c7ec-0c75-41c4-85aa-438820fba254/1/xcgmUInL3eamxXnNd2tfgMD4rdQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/xcgmUInL3eamxXnNd2tfgMD4rdQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:8f:bd:4b:2b:79:63:72:3a:ae:8c:c8:aa:42:42:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5c8265089cbdde6a6c579cd776b5f80c0f8add4
Validity
Not Before: Oct 19 13:01:42 2025 GMT
Not After : Oct 20 13:01:42 2025 GMT
Subject: CN=60faa6f240d2fcd1e8e78a9781f91ea7b0fd4ecf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:22:6f:20:bb:06:f3:23:00:77:db:64:5b:b0:
71:46:e4:bc:f1:65:8a:d5:6b:73:66:74:58:14:64:
41:70:84:67:a3:78:c8:b2:ce:cd:5b:6f:3a:95:f8:
ac:b3:bb:64:79:8d:b9:cb:61:c6:c3:5b:bb:c3:a3:
7a:95:55:21:29:ba:a7:2d:7d:bf:66:95:50:5b:55:
aa:85:b5:56:8f:61:fa:5b:dc:fd:dd:8f:1e:73:de:
4b:8c:80:e1:1a:b5:bf:ef:47:c1:cb:b3:db:c5:0c:
d6:41:27:33:3e:0f:00:f3:3b:20:49:6e:5e:d1:8a:
56:fb:b6:07:18:56:61:96:d7:17:c4:91:67:d6:bd:
68:08:72:1c:d0:4c:0a:85:01:07:12:0e:93:78:db:
55:f0:b4:20:87:3f:29:cb:c6:7e:ee:f2:60:fe:df:
45:5e:0e:60:e4:cf:11:c2:e1:46:21:70:a6:04:97:
d2:39:90:8d:de:0d:84:d2:24:6c:a2:25:3a:ab:b8:
ce:2f:e5:3d:61:35:bd:f8:5f:88:2b:6a:7c:73:16:
f8:18:13:cf:45:a7:0a:26:ac:f2:0e:a2:69:3f:1c:
91:ec:92:04:44:b8:53:15:cf:75:8c:8e:d6:c1:15:
1f:aa:1c:d3:0b:de:44:94:a9:cf:30:f0:85:c3:ad:
70:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:FA:A6:F2:40:D2:FC:D1:E8:E7:8A:97:81:F9:1E:A7:B0:FD:4E:CF
X509v3 Authority Key Identifier:
keyid:C5:C8:26:50:89:CB:DD:E6:A6:C5:79:CD:77:6B:5F:80:C0:F8:AD:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xcgmUInL3eamxXnNd2tfgMD4rdQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/48c7ec-0c75-41c4-85aa-438820fba254/1/xcgmUInL3eamxXnNd2tfgMD4rdQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/48c7ec-0c75-41c4-85aa-438820fba254/1/xcgmUInL3eamxXnNd2tfgMD4rdQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
50:ca:de:f0:2b:95:23:85:38:ae:04:8d:50:e1:74:b6:30:2a:
b0:24:80:bf:40:ca:79:4c:cb:f4:0f:97:e4:07:e7:f5:48:88:
82:a7:7d:5c:6c:54:27:da:e3:3e:02:b7:f1:93:41:09:3d:8a:
d6:41:01:4d:6c:89:c3:3c:07:62:83:de:3f:50:54:83:07:99:
16:38:35:0d:cb:7c:55:68:61:d4:08:f9:56:e9:83:31:83:33:
c4:d8:70:83:cf:91:8e:30:bc:e5:40:2e:2d:9c:55:91:42:46:
6c:44:eb:67:09:fd:22:3c:46:cf:37:e7:69:0a:67:76:5c:ba:
d9:cc:de:01:5c:fa:45:7b:69:22:01:da:6e:e6:b2:bb:fd:76:
35:e8:1b:e3:c8:67:25:b3:c3:52:d1:30:a6:3d:e4:c2:60:04:
38:69:da:fd:80:a0:2e:71:7f:7f:f1:a7:69:19:6c:e4:35:d1:
63:d5:29:8e:a8:66:db:18:94:a2:29:60:85:d9:20:24:c4:12:
ca:c0:cd:f5:43:5e:5a:7b:82:9f:0b:07:b2:72:06:43:64:f8:
7f:bf:e0:bb:e4:dd:c3:58:6b:9a:03:c5:42:ca:c4:ef:5a:12:
63:a4:7c:d5:bf:2c:35:50:85:55:63:7f:1f:65:8b:dd:f9:b6:
63:4a:ae:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j71LK3ljcjqujMiqQkLTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YzgyNjUwODljYmRkZTZhNmM1NzljZDc3NmI1ZjgwYzBm
OGFkZDQwHhcNMjUxMDE5MTMwMTQyWhcNMjUxMDIwMTMwMTQyWjAzMTEwLwYDVQQD
Eyg2MGZhYTZmMjQwZDJmY2QxZThlNzhhOTc4MWY5MWVhN2IwZmQ0ZWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSJvILsG8yMAd9tkW7BxRuS88WWK
1WtzZnRYFGRBcIRno3jIss7NW286lfiss7tkeY25y2HGw1u7w6N6lVUhKbqnLX2/
ZpVQW1WqhbVWj2H6W9z93Y8ec95LjIDhGrW/70fBy7PbxQzWQSczPg8A8zsgSW5e
0YpW+7YHGFZhltcXxJFn1r1oCHIc0EwKhQEHEg6TeNtV8LQghz8py8Z+7vJg/t9F
Xg5g5M8RwuFGIXCmBJfSOZCN3g2E0iRsoiU6q7jOL+U9YTW9+F+IK2p8cxb4GBPP
RacKJqzyDqJpPxyR7JIERLhTFc91jI7WwRUfqhzTC95ElKnPMPCFw61wbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGD6pvJA0vzR6OeKl4H5Hqew/U7PMB8GA1UdIwQY
MBaAFMXIJlCJy93mpsV5zXdrX4DA+K3UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGNnbVVJbkwzZWFteFhuTmQydGZnTUQ0cmRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi80OGM3ZWMtMGM3NS00MWM0LTg1YWEt
NDM4ODIwZmJhMjU0LzEveGNnbVVJbkwzZWFteFhuTmQydGZnTUQ0cmRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi80OGM3ZWMtMGM3NS00MWM0LTg1YWEtNDM4ODIwZmJhMjU0
LzEveGNnbVVJbkwzZWFteFhuTmQydGZnTUQ0cmRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUMre8CuV
I4U4rgSNUOF0tjAqsCSAv0DKeUzL9A+X5Afn9UiIgqd9XGxUJ9rjPgK38ZNBCT2K
1kEBTWyJwzwHYoPeP1BUgweZFjg1Dct8VWhh1Aj5VumDMYMzxNhwg8+RjjC85UAu
LZxVkUJGbETrZwn9IjxGzzfnaQpndly62czeAVz6RXtpIgHabuayu/12Negb48hn
JbPDUtEwpj3kwmAEOGna/YCgLnF/f/GnaRls5DXRY9Upjqhm2xiUoilghdkgJMQS
ysDN9UNeWnuCnwsHsnIGQ2T4f7/gu+Tdw1hrmgPFQsrE71oSY6R81b8sNVCFVWN/
H2WL3fm2Y0qu9w==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:37:35 2025 by rpki-client