Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.mft
File: XGGrSm35u5XP3orwdmaKWVs0HeE.mft (raw, json)
Hash identifier: 3EmJsXaVZtCTPf17YZEnR92v1e4nQ52/qg211+y+pwA=
Subject key identifier: D8:A4:E1:F7:80:06:13:5F:30:B5:A5:1B:D5:E5:07:22:D3:25:16:9D
Authority key identifier: 5C:61:AB:4A:6D:F9:BB:95:CF:DE:8A:F0:76:66:8A:59:5B:34:1D:E1
Certificate issuer: /CN=5c61ab4a6df9bb95cfde8af076668a595b341de1
Certificate serial: 0199FD33EB691077E13716299197C3CE23F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGGrSm35u5XP3orwdmaKWVs0HeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.mft
Manifest number: 03CA
Signing time: Sun 19 Oct 2025 16:01:02 +0000
Manifest this update: Sun 19 Oct 2025 16:01:02 +0000
Manifest next update: Mon 20 Oct 2025 16:01:02 +0000
Files and hashes: 1: P7g82oQa9maLUZf-zyJXFEwQ_Tk.roa (hash: R1Jxxc/Qby3IEt4xnho0adyCsC1rCUaoaz24WlyrPXE=)
2: XGGrSm35u5XP3orwdmaKWVs0HeE.crl (hash: dJBP43DuYmfc/IWEINX5epAkO0WiIXvlC9UwEUhE11M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.mft
rsync://rpki.ripe.net/repository/DEFAULT/XGGrSm35u5XP3orwdmaKWVs0HeE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fd:33:eb:69:10:77:e1:37:16:29:91:97:c3:ce:23:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c61ab4a6df9bb95cfde8af076668a595b341de1
Validity
Not Before: Oct 19 16:01:02 2025 GMT
Not After : Oct 20 16:01:02 2025 GMT
Subject: CN=d8a4e1f78006135f30b5a51bd5e50722d325169d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:53:ce:00:30:2c:c7:31:61:c8:f0:cf:71:e9:
b9:38:ab:37:d8:21:21:24:ad:56:36:c6:b2:73:b0:
56:46:17:aa:13:aa:37:af:ad:09:b2:12:8a:11:fa:
e4:c1:86:17:49:4d:dc:7f:c5:f6:4b:79:9a:59:ad:
fc:a9:c6:39:7c:28:ba:7d:3b:fd:84:c8:c6:d8:90:
64:0d:3a:1e:3c:3c:52:c7:21:e4:cd:3f:05:cb:0a:
a4:76:7b:e3:31:71:4b:b9:97:eb:8e:af:00:65:e3:
fc:c1:d1:75:67:30:5f:db:27:7e:dc:97:42:1a:90:
06:07:6e:e1:7c:7a:d9:46:90:85:cb:c4:4d:a6:9c:
64:6f:3e:d9:79:50:68:98:be:19:43:03:84:7d:43:
88:d3:28:03:80:75:9d:1d:42:14:ea:3f:be:e3:f6:
31:d2:a9:01:45:5a:67:14:f1:33:21:8e:53:55:06:
17:41:5f:48:e7:43:41:f7:e7:4d:3e:96:c9:56:47:
2c:2d:e2:fc:75:49:62:3a:bd:87:d2:41:13:d4:94:
4b:5d:38:76:cf:cb:0a:3b:00:8e:ef:84:33:73:d4:
82:a4:98:dd:90:a6:ac:be:61:b3:69:44:67:1e:13:
3e:96:77:8a:10:c7:c3:86:07:82:e8:fb:b2:8b:d0:
04:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:A4:E1:F7:80:06:13:5F:30:B5:A5:1B:D5:E5:07:22:D3:25:16:9D
X509v3 Authority Key Identifier:
keyid:5C:61:AB:4A:6D:F9:BB:95:CF:DE:8A:F0:76:66:8A:59:5B:34:1D:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGGrSm35u5XP3orwdmaKWVs0HeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
19:5f:96:a1:6f:7b:6c:1a:37:95:74:01:bb:e7:5b:1c:6c:cc:
63:3f:26:9c:07:9d:c5:95:57:76:35:77:85:7d:86:3d:29:5c:
6e:d3:49:66:73:5d:af:38:28:83:87:71:d2:ab:0c:be:5f:d2:
78:ea:cc:f4:a0:6f:32:be:f0:be:62:c7:ef:d9:21:8c:f8:58:
4d:07:2a:6f:03:74:89:61:5e:b9:bc:96:94:2b:71:8a:81:b1:
7f:f2:8a:69:45:fe:75:39:6b:d7:7e:ce:9d:d4:fb:e9:32:3f:
43:ee:37:73:b7:b3:9d:21:23:eb:6f:c3:25:5d:69:dc:87:e9:
c1:f5:10:71:8d:b2:69:6b:b0:24:67:aa:39:9f:4f:18:9c:6e:
e6:0c:bc:81:4f:f6:14:cd:85:75:39:56:c6:00:6d:90:8a:0f:
c3:7a:dc:8d:2d:31:75:28:10:a6:38:d4:a5:1d:8a:1b:38:96:
bd:8a:95:bd:d5:8c:08:06:cc:cf:db:ca:3e:84:5d:0b:10:ab:
a6:63:9b:92:fd:76:f5:e0:70:82:8e:48:a1:6c:65:7f:24:10:
29:ad:a3:c3:ed:40:48:49:b6:09:4a:fe:25:4e:81:b4:c3:8f:
99:e8:87:f2:06:30:cf:98:28:c8:2b:20:df:e3:00:8a:be:58:
c9:f3:7f:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9M+tpEHfhNxYpkZfDziPwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNjFhYjRhNmRmOWJiOTVjZmRlOGFmMDc2NjY4YTU5NWIz
NDFkZTEwHhcNMjUxMDE5MTYwMTAyWhcNMjUxMDIwMTYwMTAyWjAzMTEwLwYDVQQD
EyhkOGE0ZTFmNzgwMDYxMzVmMzBiNWE1MWJkNWU1MDcyMmQzMjUxNjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFPOADAsxzFhyPDPcem5OKs32CEh
JK1WNsayc7BWRheqE6o3r60JshKKEfrkwYYXSU3cf8X2S3maWa38qcY5fCi6fTv9
hMjG2JBkDToePDxSxyHkzT8FywqkdnvjMXFLuZfrjq8AZeP8wdF1ZzBf2yd+3JdC
GpAGB27hfHrZRpCFy8RNppxkbz7ZeVBomL4ZQwOEfUOI0ygDgHWdHUIU6j++4/Yx
0qkBRVpnFPEzIY5TVQYXQV9I50NB9+dNPpbJVkcsLeL8dUliOr2H0kET1JRLXTh2
z8sKOwCO74Qzc9SCpJjdkKasvmGzaURnHhM+lneKEMfDhgeC6Puyi9AEWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNik4feABhNfMLWlG9XlByLTJRadMB8GA1UdIwQY
MBaAFFxhq0pt+buVz96K8HZmillbNB3hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEdHclNtMzV1NVhQM29yd2RtYUtXVnMwSGVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9mZDVhOTgtMjcyZi00MDc4LTk0OGQt
NmZhODY4OTIxZGZiLzEvWEdHclNtMzV1NVhQM29yd2RtYUtXVnMwSGVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9mZDVhOTgtMjcyZi00MDc4LTk0OGQtNmZhODY4OTIxZGZi
LzEvWEdHclNtMzV1NVhQM29yd2RtYUtXVnMwSGVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGV+WoW97
bBo3lXQBu+dbHGzMYz8mnAedxZVXdjV3hX2GPSlcbtNJZnNdrzgog4dx0qsMvl/S
eOrM9KBvMr7wvmLH79khjPhYTQcqbwN0iWFeubyWlCtxioGxf/KKaUX+dTlr137O
ndT76TI/Q+43c7eznSEj62/DJV1p3IfpwfUQcY2yaWuwJGeqOZ9PGJxu5gy8gU/2
FM2FdTlWxgBtkIoPw3rcjS0xdSgQpjjUpR2KGziWvYqVvdWMCAbMz9vKPoRdCxCr
pmObkv129eBwgo5IoWxlfyQQKa2jw+1ASEm2CUr+JU6BtMOPmeiH8gYwz5goyCsg
3+MAir5YyfN/+A==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:41:09 2025 by rpki-client