Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/32f8d3-7328-45f0-a007-402238638ea3/1/Xx8hO4x5K34BP6UEH1uJlx5vYtY.mft
File: Xx8hO4x5K34BP6UEH1uJlx5vYtY.mft (raw, json)
Hash identifier: ocPtPDAC9c2hIHxZJo3aJ5Bcu0c78xbJ4fF2BRppl4A=
Subject key identifier: 37:6F:28:F4:C5:6C:02:96:F1:28:30:D8:DD:2D:4A:9A:37:E5:3E:95
Authority key identifier: 5F:1F:21:3B:8C:79:2B:7E:01:3F:A5:04:1F:5B:89:97:1E:6F:62:D6
Certificate issuer: /CN=5f1f213b8c792b7e013fa5041f5b89971e6f62d6
Certificate serial: 0198D705F30B0358D5CF506946A6624C60EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xx8hO4x5K34BP6UEH1uJlx5vYtY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/32f8d3-7328-45f0-a007-402238638ea3/1/Xx8hO4x5K34BP6UEH1uJlx5vYtY.mft
Manifest number: 0B3B
Signing time: Sat 23 Aug 2025 13:02:28 +0000
Manifest this update: Sat 23 Aug 2025 13:02:28 +0000
Manifest next update: Sun 24 Aug 2025 13:02:28 +0000
Files and hashes: 1: Xx8hO4x5K34BP6UEH1uJlx5vYtY.crl (hash: rEKlwDDwwI/+gXB/HHgQIC1rDALANw4H6vELpL55cZE=)
2: fcJb-6V4S8Ggt4XkeQ4z4NeOvBg.roa (hash: Ok0E8qecmwKHIVZlR2uj+ZosbjuqbuM99KMf84z3ECc=)
3: qBN5XbPh8yl_8VyYB3Apy2Ljt1U.roa (hash: oI3mLf6Q+lElKzzbck7YB+dApjShyguGp+jMz5gs1SQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/32f8d3-7328-45f0-a007-402238638ea3/1/Xx8hO4x5K34BP6UEH1uJlx5vYtY.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/32f8d3-7328-45f0-a007-402238638ea3/1/Xx8hO4x5K34BP6UEH1uJlx5vYtY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xx8hO4x5K34BP6UEH1uJlx5vYtY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 13:02:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d7:05:f3:0b:03:58:d5:cf:50:69:46:a6:62:4c:60:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f1f213b8c792b7e013fa5041f5b89971e6f62d6
Validity
Not Before: Aug 23 13:02:28 2025 GMT
Not After : Aug 24 13:02:28 2025 GMT
Subject: CN=376f28f4c56c0296f12830d8dd2d4a9a37e53e95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:00:9a:b0:eb:53:3a:e4:42:94:63:9b:d2:b0:
7c:a9:1b:0c:f4:02:d5:fa:be:ee:05:de:fb:5f:df:
db:68:44:1c:c8:d0:86:f2:1e:fb:8b:29:43:ab:ad:
fb:c4:39:ce:41:f7:2b:0c:ad:ac:f3:fb:76:95:40:
20:02:50:5e:7a:28:44:1a:f2:65:1a:9c:65:e8:58:
17:0b:e2:a4:53:92:c4:d5:58:83:39:e9:c2:bd:bf:
1b:65:38:e5:59:d8:24:7b:dd:27:05:b1:0a:e6:88:
68:75:2e:65:c9:17:54:c0:05:9b:72:94:5d:a9:47:
0b:bd:9e:72:12:bf:e6:69:f3:1a:a0:b3:d1:0d:43:
86:c6:57:72:6d:74:df:d5:36:c0:ef:22:a3:ac:9a:
f0:94:74:de:bd:83:95:90:c9:de:ce:ec:9e:4e:f9:
ed:05:4a:56:4b:8e:0b:4e:3d:b9:27:dd:76:a6:70:
12:21:1a:19:87:d4:df:7f:3f:07:45:76:bb:ad:09:
3c:e1:58:02:7b:d1:b1:9a:c8:13:37:aa:e1:db:13:
8e:28:f1:27:d9:b6:b7:76:6c:7f:dd:f6:9a:e4:2e:
45:77:f4:71:bb:a5:61:8f:75:42:7d:0b:9c:fe:32:
50:9b:12:e0:08:82:41:19:56:a2:2e:bc:cf:46:f5:
61:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:6F:28:F4:C5:6C:02:96:F1:28:30:D8:DD:2D:4A:9A:37:E5:3E:95
X509v3 Authority Key Identifier:
keyid:5F:1F:21:3B:8C:79:2B:7E:01:3F:A5:04:1F:5B:89:97:1E:6F:62:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xx8hO4x5K34BP6UEH1uJlx5vYtY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/32f8d3-7328-45f0-a007-402238638ea3/1/Xx8hO4x5K34BP6UEH1uJlx5vYtY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/32f8d3-7328-45f0-a007-402238638ea3/1/Xx8hO4x5K34BP6UEH1uJlx5vYtY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
36:ab:d8:de:29:1a:da:43:53:2c:00:37:31:ce:93:cb:b9:3c:
6d:12:20:2d:11:d3:1d:0a:8b:00:d4:3c:07:d0:88:0f:00:67:
e9:2e:29:83:0b:61:9b:45:f8:04:06:1f:99:96:69:4a:38:99:
6b:98:f6:61:3b:60:d1:7a:d3:84:d8:8d:c1:95:9c:15:3a:fc:
89:33:a7:e0:a8:d3:39:23:59:59:b2:fe:d9:53:20:4a:c2:ca:
46:a4:3a:e6:c6:65:c4:89:03:a9:fe:11:8a:ac:e4:12:4a:3a:
6d:ff:59:70:04:33:20:ca:4c:90:12:ea:61:18:89:ae:91:3a:
dd:ec:4a:ef:aa:de:d9:e2:e0:84:6d:d9:51:c0:24:cd:53:e4:
30:65:5a:ef:27:66:34:a0:05:34:6b:a2:84:39:67:8c:fe:0e:
34:44:aa:9a:0b:05:06:fb:f9:9f:46:2e:03:28:87:2b:da:13:
42:e1:7a:93:d9:58:81:f3:ab:89:5a:24:a8:4f:55:ae:be:51:
a9:93:12:9e:d9:3f:a2:85:45:fb:3d:11:2c:32:7f:16:b4:e9:
24:65:f9:35:c3:72:5d:33:44:4f:96:0e:53:e2:3e:26:c5:0c:
cf:5a:cb:d6:fc:b9:3d:cc:c8:26:df:b4:38:82:e4:31:f7:8f:
11:11:60:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXBfMLA1jVz1BpRqZiTGDqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMWYyMTNiOGM3OTJiN2UwMTNmYTUwNDFmNWI4OTk3MWU2
ZjYyZDYwHhcNMjUwODIzMTMwMjI4WhcNMjUwODI0MTMwMjI4WjAzMTEwLwYDVQQD
EygzNzZmMjhmNGM1NmMwMjk2ZjEyODMwZDhkZDJkNGE5YTM3ZTUzZTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwCasOtTOuRClGOb0rB8qRsM9ALV
+r7uBd77X9/baEQcyNCG8h77iylDq637xDnOQfcrDK2s8/t2lUAgAlBeeihEGvJl
Gpxl6FgXC+KkU5LE1ViDOenCvb8bZTjlWdgke90nBbEK5ohodS5lyRdUwAWbcpRd
qUcLvZ5yEr/mafMaoLPRDUOGxldybXTf1TbA7yKjrJrwlHTevYOVkMnezuyeTvnt
BUpWS44LTj25J912pnASIRoZh9Tffz8HRXa7rQk84VgCe9GxmsgTN6rh2xOOKPEn
2ba3dmx/3faa5C5Fd/Rxu6Vhj3VCfQuc/jJQmxLgCIJBGVaiLrzPRvVh6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDdvKPTFbAKW8Sgw2N0tSpo35T6VMB8GA1UdIwQY
MBaAFF8fITuMeSt+AT+lBB9biZceb2LWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHg4aE80eDVLMzRCUDZVRUgxdUpseDV2WXRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zMmY4ZDMtNzMyOC00NWYwLWEwMDct
NDAyMjM4NjM4ZWEzLzEvWHg4aE80eDVLMzRCUDZVRUgxdUpseDV2WXRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zMmY4ZDMtNzMyOC00NWYwLWEwMDctNDAyMjM4NjM4ZWEz
LzEvWHg4aE80eDVLMzRCUDZVRUgxdUpseDV2WXRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANqvY3ika
2kNTLAA3Mc6Ty7k8bRIgLRHTHQqLANQ8B9CIDwBn6S4pgwthm0X4BAYfmZZpSjiZ
a5j2YTtg0XrThNiNwZWcFTr8iTOn4KjTOSNZWbL+2VMgSsLKRqQ65sZlxIkDqf4R
iqzkEko6bf9ZcAQzIMpMkBLqYRiJrpE63exK76re2eLghG3ZUcAkzVPkMGVa7ydm
NKAFNGuihDlnjP4ONESqmgsFBvv5n0YuAyiHK9oTQuF6k9lYgfOriVokqE9Vrr5R
qZMSntk/ooVF+z0RLDJ/FrTpJGX5NcNyXTNET5YOU+I+JsUMz1rL1vy5PczIJt+0
OILkMfePERFguw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:50:47 2025 by rpki-client