Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.mft
File: XGGrSm35u5XP3orwdmaKWVs0HeE.mft (raw, json)
Hash identifier: LBSSCtahkcy2GkeeOHmKvEAvKlnmvqXBg5wzBHqJnY4=
Subject key identifier: 34:A7:A9:F2:E8:19:72:35:8C:78:27:F8:49:8A:10:33:8D:CA:FE:33
Authority key identifier: 5C:61:AB:4A:6D:F9:BB:95:CF:DE:8A:F0:76:66:8A:59:5B:34:1D:E1
Certificate issuer: /CN=5c61ab4a6df9bb95cfde8af076668a595b341de1
Certificate serial: 0198D5BBE07CCB6C2CC49DE979F8D4EE65D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGGrSm35u5XP3orwdmaKWVs0HeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.mft
Manifest number: 0331
Signing time: Sat 23 Aug 2025 07:01:56 +0000
Manifest this update: Sat 23 Aug 2025 07:01:56 +0000
Manifest next update: Sun 24 Aug 2025 07:01:56 +0000
Files and hashes: 1: P7g82oQa9maLUZf-zyJXFEwQ_Tk.roa (hash: R1Jxxc/Qby3IEt4xnho0adyCsC1rCUaoaz24WlyrPXE=)
2: XGGrSm35u5XP3orwdmaKWVs0HeE.crl (hash: q3G07+JfPD9aZSDOY/HiUEzTjiXDXTDz4OO7LOY+uRY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.mft
rsync://rpki.ripe.net/repository/DEFAULT/XGGrSm35u5XP3orwdmaKWVs0HeE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:bb:e0:7c:cb:6c:2c:c4:9d:e9:79:f8:d4:ee:65:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c61ab4a6df9bb95cfde8af076668a595b341de1
Validity
Not Before: Aug 23 07:01:56 2025 GMT
Not After : Aug 24 07:01:56 2025 GMT
Subject: CN=34a7a9f2e81972358c7827f8498a10338dcafe33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:62:49:df:84:26:2a:54:cb:64:65:ec:01:85:
2a:3e:be:e4:c3:f4:59:7c:3e:e6:48:cc:83:eb:34:
e7:bb:2a:53:14:24:b3:e1:32:0d:b0:60:30:00:92:
ab:7f:75:77:ab:03:26:2a:d6:c2:50:39:9b:b3:07:
b1:85:0b:bc:7e:0a:99:07:91:ab:6a:2e:d1:f7:ae:
c5:28:e0:fb:ea:ca:4e:fc:cd:ba:01:66:34:a9:71:
37:51:b4:b4:10:7c:70:f4:36:9e:0b:ea:2c:a5:73:
0a:30:aa:f1:6f:f6:ab:8e:b6:27:f1:e0:2a:fd:3c:
c5:f3:71:ed:fa:5f:12:d5:dc:9e:07:2a:74:4c:a4:
36:91:14:d3:1e:ba:22:65:19:cd:aa:ae:14:e2:49:
e3:64:46:4c:c6:2f:60:66:ee:e4:f3:1e:f5:c7:4d:
2f:04:c8:79:98:fd:59:cc:11:5b:58:9e:53:4d:01:
95:6f:d9:7c:27:66:b8:e8:be:cc:ab:6d:ad:27:1e:
e9:4d:58:e6:41:c0:29:9f:ce:21:50:d6:73:58:f1:
92:1f:6e:3f:07:c2:74:43:0a:47:39:62:44:36:c2:
6c:93:73:2a:92:bd:de:57:df:7f:65:cf:06:8f:de:
0a:54:b6:e9:bc:3c:fb:2d:b2:74:03:77:b0:ec:b3:
5e:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:A7:A9:F2:E8:19:72:35:8C:78:27:F8:49:8A:10:33:8D:CA:FE:33
X509v3 Authority Key Identifier:
keyid:5C:61:AB:4A:6D:F9:BB:95:CF:DE:8A:F0:76:66:8A:59:5B:34:1D:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGGrSm35u5XP3orwdmaKWVs0HeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a3:8c:98:28:90:81:33:e8:74:a5:e0:4c:71:52:fb:b5:24:59:
66:3d:1f:c2:38:83:eb:09:93:ad:9a:d1:bb:19:73:e2:82:5d:
83:cd:bd:c8:07:1f:b1:0e:67:8b:b8:b2:8d:64:51:3f:a6:16:
5f:9d:fa:e9:10:15:6f:82:19:1c:10:af:b0:c3:7f:5f:52:e7:
b8:71:4a:07:81:29:49:da:c7:82:ce:43:67:b7:ed:03:d4:2c:
35:1d:88:ef:b9:b2:f7:27:05:f3:8d:48:04:48:4f:4c:3c:92:
20:ad:49:ed:61:f5:24:05:48:1c:e6:ce:6b:52:cc:a1:fc:7f:
38:c3:cf:ba:38:0a:ad:4f:a5:18:d9:1d:c7:fd:1b:a6:91:fd:
bd:96:a6:d5:da:05:22:7a:4e:60:8b:1a:54:ac:73:71:34:3d:
c4:a6:0b:21:35:23:9e:a3:79:d1:50:3f:6e:d5:52:70:43:fd:
16:4f:e9:ee:27:d8:ac:81:43:a9:f6:eb:cc:ba:cd:ef:87:dc:
8b:a7:d7:c7:76:e7:8d:a2:58:97:c2:d7:8d:6f:0b:83:21:46:
92:60:56:af:34:5f:ad:d3:d8:47:9c:6f:e4:36:97:1b:fd:4f:
ba:9f:6f:36:bb:43:c2:39:45:15:27:e7:d6:af:70:c9:01:f7:
cd:90:b3:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVu+B8y2wsxJ3pefjU7mXSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNjFhYjRhNmRmOWJiOTVjZmRlOGFmMDc2NjY4YTU5NWIz
NDFkZTEwHhcNMjUwODIzMDcwMTU2WhcNMjUwODI0MDcwMTU2WjAzMTEwLwYDVQQD
EygzNGE3YTlmMmU4MTk3MjM1OGM3ODI3Zjg0OThhMTAzMzhkY2FmZTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWJJ34QmKlTLZGXsAYUqPr7kw/RZ
fD7mSMyD6zTnuypTFCSz4TINsGAwAJKrf3V3qwMmKtbCUDmbswexhQu8fgqZB5Gr
ai7R967FKOD76spO/M26AWY0qXE3UbS0EHxw9DaeC+ospXMKMKrxb/arjrYn8eAq
/TzF83Ht+l8S1dyeByp0TKQ2kRTTHroiZRnNqq4U4knjZEZMxi9gZu7k8x71x00v
BMh5mP1ZzBFbWJ5TTQGVb9l8J2a46L7Mq22tJx7pTVjmQcApn84hUNZzWPGSH24/
B8J0QwpHOWJENsJsk3Mqkr3eV99/Zc8Gj94KVLbpvDz7LbJ0A3ew7LNe3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDSnqfLoGXI1jHgn+EmKEDONyv4zMB8GA1UdIwQY
MBaAFFxhq0pt+buVz96K8HZmillbNB3hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEdHclNtMzV1NVhQM29yd2RtYUtXVnMwSGVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9mZDVhOTgtMjcyZi00MDc4LTk0OGQt
NmZhODY4OTIxZGZiLzEvWEdHclNtMzV1NVhQM29yd2RtYUtXVnMwSGVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9mZDVhOTgtMjcyZi00MDc4LTk0OGQtNmZhODY4OTIxZGZi
LzEvWEdHclNtMzV1NVhQM29yd2RtYUtXVnMwSGVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo4yYKJCB
M+h0peBMcVL7tSRZZj0fwjiD6wmTrZrRuxlz4oJdg829yAcfsQ5ni7iyjWRRP6YW
X5366RAVb4IZHBCvsMN/X1LnuHFKB4EpSdrHgs5DZ7ftA9QsNR2I77my9ycF841I
BEhPTDySIK1J7WH1JAVIHObOa1LMofx/OMPPujgKrU+lGNkdx/0bppH9vZam1doF
InpOYIsaVKxzcTQ9xKYLITUjnqN50VA/btVScEP9Fk/p7ifYrIFDqfbrzLrN74fc
i6fXx3bnjaJYl8LXjW8LgyFGkmBWrzRfrdPYR5xv5DaXG/1Pup9vNrtDwjlFFSfn
1q9wyQH3zZCz8w==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:39:21 2025 by rpki-client