Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft
File: XasLCOUfgYIkYp-zohHYPVvjVEA.mft (raw, json)
Hash identifier: jdTwuGaSgyAArYh2IvJTIZGoTo82jgNSwppHtaLybBU=
Subject key identifier: E1:89:BA:DA:0A:45:A7:7D:EB:17:9E:ED:42:EC:7C:45:0A:FC:D3:B2
Authority key identifier: 5D:AB:0B:08:E5:1F:81:82:24:62:9F:B3:A2:11:D8:3D:5B:E3:54:40
Certificate issuer: /CN=5dab0b08e51f818224629fb3a211d83d5be35440
Certificate serial: 0198D5F17E404CA556431AECBD94906325B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft
Manifest number: 1457
Signing time: Sat 23 Aug 2025 08:00:29 +0000
Manifest this update: Sat 23 Aug 2025 08:00:29 +0000
Manifest next update: Sun 24 Aug 2025 08:00:29 +0000
Files and hashes: 1: J3IfRy5hJG3sO5FFR3klCa0Rmag.roa (hash: y8cOLwfC28T1Q/CwomIs12ZpdB8agP1zP7ErrJL2HLM=)
2: XasLCOUfgYIkYp-zohHYPVvjVEA.crl (hash: AogmZ1fYUi0ThL+BZBsG1HSWokoQPKgQGc/Kwb661HI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft
rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 08:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:f1:7e:40:4c:a5:56:43:1a:ec:bd:94:90:63:25:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dab0b08e51f818224629fb3a211d83d5be35440
Validity
Not Before: Aug 23 08:00:29 2025 GMT
Not After : Aug 24 08:00:29 2025 GMT
Subject: CN=e189bada0a45a77deb179eed42ec7c450afcd3b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:3b:35:c7:8f:07:3b:d8:e0:71:f3:a9:dc:07:
ba:5b:cf:05:72:b1:13:7b:6b:f3:85:77:0c:1c:d5:
24:ce:9e:34:a9:05:d4:e1:d5:ad:d5:f8:31:3a:c5:
14:c9:79:89:91:08:1e:fa:ba:ff:91:bd:c7:66:6b:
e8:8c:48:54:db:ea:a9:c4:8c:39:8d:22:0f:01:be:
ed:8a:03:43:4c:51:fd:df:88:3d:8c:87:e8:e0:c4:
2c:00:d3:31:c4:a6:ed:17:ce:70:a4:ea:d6:0d:1c:
65:c5:18:27:5a:c0:84:84:40:ea:f5:3f:e8:b4:f7:
44:7f:1b:e5:17:54:52:cf:b2:55:fd:32:28:9d:2f:
88:cd:cf:ae:e7:01:20:4c:e6:04:9a:c1:31:c9:27:
3f:ae:52:04:d5:18:01:18:3f:f4:4f:ad:57:8b:53:
4f:25:4f:62:1c:40:8d:aa:ec:21:f4:da:21:cd:df:
df:5a:5f:ff:a7:49:6b:dc:fb:26:72:35:56:5e:42:
90:67:42:c9:80:31:59:f0:8b:01:c8:44:9a:21:35:
9f:51:78:01:0f:1b:d0:a7:a9:73:e0:4f:33:18:2e:
64:8b:21:26:18:2b:eb:28:50:c7:32:b4:3f:19:b6:
54:51:b7:ac:ce:d7:1b:a8:14:ce:ca:8d:c2:f2:75:
a4:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:89:BA:DA:0A:45:A7:7D:EB:17:9E:ED:42:EC:7C:45:0A:FC:D3:B2
X509v3 Authority Key Identifier:
keyid:5D:AB:0B:08:E5:1F:81:82:24:62:9F:B3:A2:11:D8:3D:5B:E3:54:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
68:d9:7b:c2:3e:af:ec:ed:d4:06:e9:b9:1e:9f:ce:1b:46:21:
c7:e9:ad:cc:ae:cf:0f:ff:3d:d1:fc:93:2d:a4:ea:0d:5f:ff:
85:02:d2:52:f7:38:a8:23:61:12:bb:e7:9d:6f:00:54:dc:19:
f6:1d:5e:66:f3:68:c6:fe:74:1c:a9:bd:69:f0:cd:bd:e4:78:
39:49:45:6c:cd:52:15:82:e5:65:54:23:04:8b:aa:6c:09:1c:
2b:2e:f7:96:21:d3:ca:e3:fd:a0:49:0f:90:bf:09:7f:71:fc:
f4:67:6c:58:8c:0c:cd:f0:4a:7f:4c:f6:61:e8:b1:a4:b5:15:
a0:e3:3d:42:de:77:68:e3:7e:1d:1a:1f:fd:6f:08:b2:63:70:
8f:54:02:81:7a:c8:12:f5:f5:79:cf:e7:8d:1f:97:33:ad:26:
cf:d7:b7:78:69:8e:46:ef:7d:4f:1c:67:6c:9e:f6:6b:17:34:
72:22:c3:dd:0e:fa:ab:2f:1f:8a:a9:2d:c6:e5:83:e2:e3:01:
a2:7a:d3:62:16:a0:54:be:e4:4e:72:c4:d7:0c:ec:89:f3:08:
16:84:ec:98:66:8a:7c:fa:be:46:14:1d:85:35:18:c7:e8:c9:
1a:25:25:01:12:4d:6b:42:4a:9d:7c:8e:e6:b7:ce:98:59:9c:
11:6f:9e:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjV8X5ATKVWQxrsvZSQYyWzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYWIwYjA4ZTUxZjgxODIyNDYyOWZiM2EyMTFkODNkNWJl
MzU0NDAwHhcNMjUwODIzMDgwMDI5WhcNMjUwODI0MDgwMDI5WjAzMTEwLwYDVQQD
EyhlMTg5YmFkYTBhNDVhNzdkZWIxNzllZWQ0MmVjN2M0NTBhZmNkM2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwzs1x48HO9jgcfOp3Ae6W88FcrET
e2vzhXcMHNUkzp40qQXU4dWt1fgxOsUUyXmJkQge+rr/kb3HZmvojEhU2+qpxIw5
jSIPAb7tigNDTFH934g9jIfo4MQsANMxxKbtF85wpOrWDRxlxRgnWsCEhEDq9T/o
tPdEfxvlF1RSz7JV/TIonS+Izc+u5wEgTOYEmsExySc/rlIE1RgBGD/0T61Xi1NP
JU9iHECNquwh9Nohzd/fWl//p0lr3PsmcjVWXkKQZ0LJgDFZ8IsByESaITWfUXgB
DxvQp6lz4E8zGC5kiyEmGCvrKFDHMrQ/GbZUUbesztcbqBTOyo3C8nWkpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOGJutoKRad96xee7ULsfEUK/NOyMB8GA1UdIwQY
MBaAFF2rCwjlH4GCJGKfs6IR2D1b41RAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9lNjIwODktYjk4YS00ZmRkLTljNGUt
NjI3ODkxODJhMGYzLzEvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9lNjIwODktYjk4YS00ZmRkLTljNGUtNjI3ODkxODJhMGYz
LzEvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaNl7wj6v
7O3UBum5Hp/OG0Yhx+mtzK7PD/890fyTLaTqDV//hQLSUvc4qCNhErvnnW8AVNwZ
9h1eZvNoxv50HKm9afDNveR4OUlFbM1SFYLlZVQjBIuqbAkcKy73liHTyuP9oEkP
kL8Jf3H89GdsWIwMzfBKf0z2YeixpLUVoOM9Qt53aON+HRof/W8IsmNwj1QCgXrI
EvX1ec/njR+XM60mz9e3eGmORu99TxxnbJ72axc0ciLD3Q76qy8fiqktxuWD4uMB
onrTYhagVL7kTnLE1wzsifMIFoTsmGaKfPq+RhQdhTUYx+jJGiUlARJNa0JKnXyO
5rfOmFmcEW+e/g==
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:10:23 2025 by rpki-client