Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.mft
File: XGGrSm35u5XP3orwdmaKWVs0HeE.mft (raw, json)
Hash identifier: H4OEsPG4BYPpE0SgPh/jrgvTwUFe2aEUqn6l0+RRQbM=
Subject key identifier: 2A:A9:E4:66:6D:FC:7D:E9:65:5A:E3:7C:CB:04:79:61:E5:08:2D:45
Authority key identifier: 5C:61:AB:4A:6D:F9:BB:95:CF:DE:8A:F0:76:66:8A:59:5B:34:1D:E1
Certificate issuer: /CN=5c61ab4a6df9bb95cfde8af076668a595b341de1
Certificate serial: 0197B7EA2FD09D783FC450396A56AE125116
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGGrSm35u5XP3orwdmaKWVs0HeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.mft
Manifest number: 029D
Signing time: Sat 28 Jun 2025 19:01:07 +0000
Manifest this update: Sat 28 Jun 2025 19:01:07 +0000
Manifest next update: Sun 29 Jun 2025 19:01:07 +0000
Files and hashes: 1: P7g82oQa9maLUZf-zyJXFEwQ_Tk.roa (hash: R1Jxxc/Qby3IEt4xnho0adyCsC1rCUaoaz24WlyrPXE=)
2: XGGrSm35u5XP3orwdmaKWVs0HeE.crl (hash: gtXklsGC1PSYlmsFnKb5U1VugWX7sgwGrMCBzxq34mQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.mft
rsync://rpki.ripe.net/repository/DEFAULT/XGGrSm35u5XP3orwdmaKWVs0HeE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:ea:2f:d0:9d:78:3f:c4:50:39:6a:56:ae:12:51:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c61ab4a6df9bb95cfde8af076668a595b341de1
Validity
Not Before: Jun 28 19:01:07 2025 GMT
Not After : Jun 29 19:01:07 2025 GMT
Subject: CN=2aa9e4666dfc7de9655ae37ccb047961e5082d45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:2f:96:71:d5:26:7e:83:f2:14:93:66:d7:aa:
ef:21:7b:64:00:43:19:7c:32:24:76:8f:bf:ce:07:
72:e6:19:03:c4:d3:82:45:63:50:3a:e9:ba:55:d3:
d9:fe:fa:d3:92:ce:ca:60:96:8c:74:61:fd:a0:5e:
4a:bc:4d:dd:c7:2d:49:65:ff:2e:ad:3a:1e:72:d1:
33:b0:8e:37:05:f5:bb:c3:43:ee:cb:13:00:5a:73:
2b:39:aa:f7:98:9e:35:da:e2:14:6c:ba:85:e8:db:
d8:22:dc:52:9e:c0:b6:92:dd:27:42:f2:db:3f:71:
c8:82:a4:c4:f3:1f:ea:f2:67:c4:e2:1e:3f:fa:48:
b2:9d:97:43:60:6a:f8:b2:a1:19:19:a4:0b:61:c3:
6e:68:6e:b8:4f:ac:46:0a:76:28:26:d0:85:b1:59:
31:a9:60:06:ee:1f:27:5a:56:23:87:d1:90:72:08:
97:64:65:3b:ab:62:21:7b:d4:95:f1:e7:f1:7a:62:
8e:b2:b7:8a:72:ce:89:99:b4:2a:1e:2c:49:ae:81:
8a:3e:17:81:cf:64:c2:93:e7:4c:03:e9:97:ec:32:
92:c6:17:1a:1d:07:8b:00:c4:64:df:37:16:1e:7e:
af:45:07:60:b8:22:d5:15:ef:7e:b0:95:92:4f:88:
46:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:A9:E4:66:6D:FC:7D:E9:65:5A:E3:7C:CB:04:79:61:E5:08:2D:45
X509v3 Authority Key Identifier:
keyid:5C:61:AB:4A:6D:F9:BB:95:CF:DE:8A:F0:76:66:8A:59:5B:34:1D:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGGrSm35u5XP3orwdmaKWVs0HeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a8:40:ce:ce:17:e7:e4:20:6a:51:a8:4a:57:8c:62:14:48:b5:
54:d2:4c:34:af:17:89:c7:dd:c6:1d:eb:c6:a8:be:10:1b:da:
f0:df:5f:ae:76:80:ce:85:a1:57:cb:d2:f1:a4:9c:12:d8:2a:
6a:77:08:63:e0:48:73:4c:19:fe:76:4c:5c:f9:f6:69:9b:39:
b7:22:1c:34:f8:bd:17:fc:54:19:b3:04:b2:21:74:2e:3e:f8:
81:4c:26:ef:8b:48:1d:dd:fd:44:d7:cc:1c:4a:85:bd:15:cc:
9c:ba:cb:89:8b:ce:f4:64:14:a1:63:e6:0e:92:e3:00:75:dd:
7a:c6:b8:61:d7:6b:dd:15:73:46:29:90:af:77:6c:b8:b3:3b:
df:2c:07:27:dc:c2:bd:34:0c:4d:73:88:f3:cd:01:66:28:d3:
0b:3f:c7:db:21:3d:24:94:63:f8:f5:c0:d3:bb:ef:f5:b7:9d:
49:ed:62:b4:90:f1:4d:b4:cd:0f:d4:b3:31:e2:50:31:c6:7e:
93:a2:db:50:d3:33:68:79:4d:97:8a:52:9d:6d:7f:c8:94:23:
1d:0a:d1:b6:8c:f8:da:19:c3:9b:24:36:18:1c:ed:64:da:04:
15:14:d1:1b:c5:10:ab:72:b2:b1:9e:fe:e8:ab:e7:7a:bc:9a:
ab:25:2c:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36i/QnXg/xFA5alauElEWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNjFhYjRhNmRmOWJiOTVjZmRlOGFmMDc2NjY4YTU5NWIz
NDFkZTEwHhcNMjUwNjI4MTkwMTA3WhcNMjUwNjI5MTkwMTA3WjAzMTEwLwYDVQQD
EygyYWE5ZTQ2NjZkZmM3ZGU5NjU1YWUzN2NjYjA0Nzk2MWU1MDgyZDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjy+WcdUmfoPyFJNm16rvIXtkAEMZ
fDIkdo+/zgdy5hkDxNOCRWNQOum6VdPZ/vrTks7KYJaMdGH9oF5KvE3dxy1JZf8u
rToectEzsI43BfW7w0PuyxMAWnMrOar3mJ412uIUbLqF6NvYItxSnsC2kt0nQvLb
P3HIgqTE8x/q8mfE4h4/+kiynZdDYGr4sqEZGaQLYcNuaG64T6xGCnYoJtCFsVkx
qWAG7h8nWlYjh9GQcgiXZGU7q2Ihe9SV8efxemKOsreKcs6JmbQqHixJroGKPheB
z2TCk+dMA+mX7DKSxhcaHQeLAMRk3zcWHn6vRQdguCLVFe9+sJWST4hGOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCqp5GZt/H3pZVrjfMsEeWHlCC1FMB8GA1UdIwQY
MBaAFFxhq0pt+buVz96K8HZmillbNB3hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEdHclNtMzV1NVhQM29yd2RtYUtXVnMwSGVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9mZDVhOTgtMjcyZi00MDc4LTk0OGQt
NmZhODY4OTIxZGZiLzEvWEdHclNtMzV1NVhQM29yd2RtYUtXVnMwSGVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9mZDVhOTgtMjcyZi00MDc4LTk0OGQtNmZhODY4OTIxZGZi
LzEvWEdHclNtMzV1NVhQM29yd2RtYUtXVnMwSGVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqEDOzhfn
5CBqUahKV4xiFEi1VNJMNK8Xicfdxh3rxqi+EBva8N9frnaAzoWhV8vS8aScEtgq
ancIY+BIc0wZ/nZMXPn2aZs5tyIcNPi9F/xUGbMEsiF0Lj74gUwm74tIHd39RNfM
HEqFvRXMnLrLiYvO9GQUoWPmDpLjAHXdesa4Yddr3RVzRimQr3dsuLM73ywHJ9zC
vTQMTXOI880BZijTCz/H2yE9JJRj+PXA07vv9bedSe1itJDxTbTND9SzMeJQMcZ+
k6LbUNMzaHlNl4pSnW1/yJQjHQrRtoz42hnDmyQ2GBztZNoEFRTRG8UQq3KysZ7+
6KvneryaqyUsmQ==
-----END CERTIFICATE-----
Generated at Sat Jun 28 20:54:15 2025 by rpki-client