Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft
File: XasLCOUfgYIkYp-zohHYPVvjVEA.mft (raw, json)
Hash identifier: 6gxlHr22Xh09FG/pt6cUyoZSEiCmti8I8R0Gek1scFQ=
Subject key identifier: 78:1E:1E:08:3D:2E:AF:C7:DB:8C:FC:43:2C:57:FE:1D:7C:BE:06:5E
Authority key identifier: 5D:AB:0B:08:E5:1F:81:82:24:62:9F:B3:A2:11:D8:3D:5B:E3:54:40
Certificate issuer: /CN=5dab0b08e51f818224629fb3a211d83d5be35440
Certificate serial: 0199FF59431AFB24494ABA2067912667F879
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft
Manifest number: 14F1
Signing time: Mon 20 Oct 2025 02:01:03 +0000
Manifest this update: Mon 20 Oct 2025 02:01:03 +0000
Manifest next update: Tue 21 Oct 2025 02:01:03 +0000
Files and hashes: 1: J3IfRy5hJG3sO5FFR3klCa0Rmag.roa (hash: y8cOLwfC28T1Q/CwomIs12ZpdB8agP1zP7ErrJL2HLM=)
2: XasLCOUfgYIkYp-zohHYPVvjVEA.crl (hash: ESnTba/WzSov5p2+IT4IINL1JiLcnUTq2hjSmKSKnS0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft
rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 02:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ff:59:43:1a:fb:24:49:4a:ba:20:67:91:26:67:f8:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dab0b08e51f818224629fb3a211d83d5be35440
Validity
Not Before: Oct 20 02:01:03 2025 GMT
Not After : Oct 21 02:01:03 2025 GMT
Subject: CN=781e1e083d2eafc7db8cfc432c57fe1d7cbe065e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:f6:b9:d8:86:60:b7:02:53:65:2d:30:f5:1b:
fc:86:74:6e:28:dd:e1:b2:80:db:c7:3d:f1:82:02:
89:03:fd:71:ac:64:e3:83:bc:bf:b7:eb:bc:5e:f2:
60:ff:bf:8f:d9:22:57:6b:ba:c0:00:d1:5e:02:85:
57:64:12:12:57:a6:25:90:7f:28:dc:d2:4d:34:a3:
df:f0:e0:14:cd:db:51:3e:8f:d2:c2:34:93:27:47:
bb:43:bd:c9:66:f5:f2:71:a0:7f:e7:96:31:8b:f7:
dc:09:2d:27:80:78:7f:c8:c7:2a:99:4f:dd:f1:83:
00:8a:06:76:fe:5e:de:0c:df:18:aa:a6:3a:3c:3b:
f5:f2:3c:9c:a0:0d:24:96:95:e9:fa:cb:15:fc:dc:
f5:3e:b3:9f:fa:14:fd:87:11:79:e9:95:4d:98:b5:
a6:5f:e4:b9:09:9d:4a:b1:38:db:e8:6e:7b:46:40:
27:a7:cf:ec:74:e2:10:78:69:d6:8c:5c:d9:ae:50:
77:ee:48:89:4d:05:89:08:0b:4a:96:54:6f:4e:f7:
ed:44:fd:5a:4a:61:8a:3b:52:07:44:b9:af:1e:07:
17:29:6c:24:42:69:aa:63:c8:98:1d:a5:a3:47:ab:
51:fa:87:81:32:35:5d:18:e9:04:f4:27:2b:33:69:
23:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:1E:1E:08:3D:2E:AF:C7:DB:8C:FC:43:2C:57:FE:1D:7C:BE:06:5E
X509v3 Authority Key Identifier:
keyid:5D:AB:0B:08:E5:1F:81:82:24:62:9F:B3:A2:11:D8:3D:5B:E3:54:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
28:ab:c0:e2:21:fb:dc:d1:a4:9f:4b:96:b9:ec:61:62:77:13:
5c:f1:12:c8:db:4e:6c:f4:01:c2:c6:b9:fc:d2:19:28:14:9a:
74:7e:87:15:f1:82:f1:ca:79:48:27:29:7e:0e:e4:c9:a5:0f:
83:0f:0e:cc:d0:54:db:fa:b5:80:ac:b9:7f:a5:f2:74:81:b2:
b7:c8:22:c5:e6:03:8d:42:3a:ed:8f:e6:65:1b:a0:08:9b:a3:
2f:48:5b:7d:d0:f2:16:ff:2f:a1:ac:89:fd:42:c3:40:23:8a:
34:87:00:63:ee:cf:e8:e8:78:ef:9d:ff:90:ce:5f:07:c2:78:
b3:5e:fa:69:46:f1:bd:b9:4e:40:0f:0a:0f:47:4d:9f:04:a2:
5e:c3:df:ad:f2:16:01:e9:3c:d2:12:77:c9:4f:99:ec:39:fe:
3e:92:e0:3f:0f:9b:ec:50:40:7d:8d:9e:00:32:2d:5e:05:4f:
da:00:1f:a2:b3:27:bb:4f:5f:ae:95:05:1f:ba:64:49:f8:d5:
de:3e:fb:33:3f:e4:2c:62:f2:0f:2d:94:32:d6:e3:84:cf:09:
bb:a3:eb:a4:32:a3:7d:82:8f:dc:c6:b5:ac:5c:0e:0e:d8:27:
61:cf:d7:64:51:a7:1c:00:14:0a:67:79:7a:c6:27:78:63:52:
88:e4:e9:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/WUMa+yRJSrogZ5EmZ/h5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYWIwYjA4ZTUxZjgxODIyNDYyOWZiM2EyMTFkODNkNWJl
MzU0NDAwHhcNMjUxMDIwMDIwMTAzWhcNMjUxMDIxMDIwMTAzWjAzMTEwLwYDVQQD
Eyg3ODFlMWUwODNkMmVhZmM3ZGI4Y2ZjNDMyYzU3ZmUxZDdjYmUwNjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Pa52IZgtwJTZS0w9Rv8hnRuKN3h
soDbxz3xggKJA/1xrGTjg7y/t+u8XvJg/7+P2SJXa7rAANFeAoVXZBISV6YlkH8o
3NJNNKPf8OAUzdtRPo/SwjSTJ0e7Q73JZvXycaB/55Yxi/fcCS0ngHh/yMcqmU/d
8YMAigZ2/l7eDN8YqqY6PDv18jycoA0klpXp+ssV/Nz1PrOf+hT9hxF56ZVNmLWm
X+S5CZ1KsTjb6G57RkAnp8/sdOIQeGnWjFzZrlB37kiJTQWJCAtKllRvTvftRP1a
SmGKO1IHRLmvHgcXKWwkQmmqY8iYHaWjR6tR+oeBMjVdGOkE9CcrM2kj0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHgeHgg9Lq/H24z8QyxX/h18vgZeMB8GA1UdIwQY
MBaAFF2rCwjlH4GCJGKfs6IR2D1b41RAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9lNjIwODktYjk4YS00ZmRkLTljNGUt
NjI3ODkxODJhMGYzLzEvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9lNjIwODktYjk4YS00ZmRkLTljNGUtNjI3ODkxODJhMGYz
LzEvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKKvA4iH7
3NGkn0uWuexhYncTXPESyNtObPQBwsa5/NIZKBSadH6HFfGC8cp5SCcpfg7kyaUP
gw8OzNBU2/q1gKy5f6XydIGyt8gixeYDjUI67Y/mZRugCJujL0hbfdDyFv8voayJ
/ULDQCOKNIcAY+7P6Oh4753/kM5fB8J4s176aUbxvblOQA8KD0dNnwSiXsPfrfIW
Aek80hJ3yU+Z7Dn+PpLgPw+b7FBAfY2eADItXgVP2gAforMnu09frpUFH7pkSfjV
3j77Mz/kLGLyDy2UMtbjhM8Ju6PrpDKjfYKP3Ma1rFwODtgnYc/XZFGnHAAUCmd5
esYneGNSiOTp+A==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:05:28 2025 by rpki-client