Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.mft
File: XL1s2RrWpyhrIfZQn92fUP7nXYc.mft (raw, json)
Hash identifier: GKGPORXY+pTUkwBpFYAIxdvEIxkeCtu7tCK2lX1GKC8=
Subject key identifier: 03:06:CA:BA:42:9E:4A:39:0F:FE:3F:5A:BA:20:E1:8D:B1:82:A4:15
Authority key identifier: 5C:BD:6C:D9:1A:D6:A7:28:6B:21:F6:50:9F:DD:9F:50:FE:E7:5D:87
Certificate issuer: /CN=5cbd6cd91ad6a7286b21f6509fdd9f50fee75d87
Certificate serial: 019A01B4D2A3374D8B25729DD80916628DF1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XL1s2RrWpyhrIfZQn92fUP7nXYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.mft
Manifest number: 1612
Signing time: Mon 20 Oct 2025 13:00:18 +0000
Manifest this update: Mon 20 Oct 2025 13:00:18 +0000
Manifest next update: Tue 21 Oct 2025 13:00:18 +0000
Files and hashes: 1: LfsV7f6LxRRDF8DgEB39eI0JGcY.roa (hash: 57HPzdZv/cmkcVMLJmynj7OnbXGj1b4sWVjtj2VnRws=)
2: XL1s2RrWpyhrIfZQn92fUP7nXYc.crl (hash: 3wqoXfjXz0KBSQmVXQgrdP83m9DzD80l1Bn0P6RjdU4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.mft
rsync://rpki.ripe.net/repository/DEFAULT/XL1s2RrWpyhrIfZQn92fUP7nXYc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:01:b4:d2:a3:37:4d:8b:25:72:9d:d8:09:16:62:8d:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cbd6cd91ad6a7286b21f6509fdd9f50fee75d87
Validity
Not Before: Oct 20 13:00:18 2025 GMT
Not After : Oct 21 13:00:18 2025 GMT
Subject: CN=0306caba429e4a390ffe3f5aba20e18db182a415
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:b7:f2:de:19:a2:1f:93:36:5d:b4:38:4c:9a:
e2:96:e8:21:84:c0:b1:d5:7b:b3:3c:ae:81:66:47:
6f:f8:b9:af:d7:9d:ca:0b:07:e1:59:d4:b1:7e:b3:
30:12:d9:94:5e:93:46:43:62:36:98:42:6a:be:d7:
67:a5:14:89:51:ad:75:9c:0c:1b:14:4b:62:57:86:
00:da:48:ce:cb:47:5a:25:3e:23:66:2b:58:a2:b6:
80:67:92:d9:14:30:5f:5e:ef:19:8b:a6:2b:b1:8e:
28:bc:16:ee:da:ca:41:8d:3a:a4:46:f7:78:5b:fe:
40:9a:25:6a:45:c5:1f:e9:5d:5b:9e:af:2b:6e:ce:
78:1e:29:87:0b:38:6e:f8:d9:13:97:d5:26:f5:91:
dd:d2:7a:7a:90:cb:aa:0c:d3:ea:f8:10:20:e6:c9:
60:9a:c2:77:3d:67:64:a1:ef:0e:ab:48:1d:ab:24:
5f:94:1d:3f:9e:a9:2d:77:6b:8f:f8:79:b7:80:93:
16:30:9e:cc:e5:39:a5:4d:9b:a2:40:73:63:b5:a9:
92:c2:0f:86:e2:cf:fe:c9:9b:ca:e7:1d:6b:c7:91:
79:74:3a:a8:9f:97:a5:b3:ed:5a:37:a0:3b:18:5b:
6c:12:4e:6f:03:21:99:1c:28:11:e5:e6:23:8a:ae:
83:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:06:CA:BA:42:9E:4A:39:0F:FE:3F:5A:BA:20:E1:8D:B1:82:A4:15
X509v3 Authority Key Identifier:
keyid:5C:BD:6C:D9:1A:D6:A7:28:6B:21:F6:50:9F:DD:9F:50:FE:E7:5D:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XL1s2RrWpyhrIfZQn92fUP7nXYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
86:24:59:a2:28:75:17:80:a6:f2:12:c9:ee:c4:c6:ac:d8:b7:
ed:be:53:00:e9:ef:f9:38:28:45:c1:0f:39:23:3f:81:79:36:
ac:24:d3:3a:e8:83:78:c6:ff:ab:5f:05:85:f4:da:d7:27:9f:
04:02:f9:90:72:86:4b:50:07:bb:ac:10:71:68:10:e7:03:34:
bb:f3:cc:f3:a5:65:26:f1:91:13:7e:ec:fc:e2:51:c2:e9:e8:
c1:d9:f5:13:5d:0b:6d:3f:69:ff:b5:1f:05:58:8e:14:df:ed:
8a:74:ec:5f:4b:13:31:96:46:25:0d:16:a0:41:5b:b4:c5:8f:
f2:f8:31:de:44:48:c6:b7:95:33:4b:9b:99:bf:81:1b:d0:c6:
7f:f2:cf:e1:a5:3a:2b:2f:e4:28:89:cd:d4:f6:22:55:61:db:
d7:44:fb:f5:40:0c:75:d5:aa:5e:a2:56:b9:3c:43:e7:db:25:
e6:91:30:a2:13:8f:27:a6:eb:14:d3:f6:4d:b6:fc:e3:1a:f1:
63:7e:8e:9f:b8:55:ff:9a:a2:3f:1a:32:08:36:ac:db:4a:ea:
85:6e:ad:b9:a0:a1:07:16:e7:4f:42:d5:42:c4:70:31:03:b3:
e9:c6:bc:f7:f7:40:c8:0e:5d:8a:1e:6a:12:be:31:19:e1:b0:
76:7c:12:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoBtNKjN02LJXKd2AkWYo3xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjYmQ2Y2Q5MWFkNmE3Mjg2YjIxZjY1MDlmZGQ5ZjUwZmVl
NzVkODcwHhcNMjUxMDIwMTMwMDE4WhcNMjUxMDIxMTMwMDE4WjAzMTEwLwYDVQQD
EygwMzA2Y2FiYTQyOWU0YTM5MGZmZTNmNWFiYTIwZTE4ZGIxODJhNDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzbfy3hmiH5M2XbQ4TJrilughhMCx
1XuzPK6BZkdv+Lmv153KCwfhWdSxfrMwEtmUXpNGQ2I2mEJqvtdnpRSJUa11nAwb
FEtiV4YA2kjOy0daJT4jZitYoraAZ5LZFDBfXu8Zi6YrsY4ovBbu2spBjTqkRvd4
W/5AmiVqRcUf6V1bnq8rbs54HimHCzhu+NkTl9Um9ZHd0np6kMuqDNPq+BAg5slg
msJ3PWdkoe8Oq0gdqyRflB0/nqktd2uP+Hm3gJMWMJ7M5TmlTZuiQHNjtamSwg+G
4s/+yZvK5x1rx5F5dDqon5els+1aN6A7GFtsEk5vAyGZHCgR5eYjiq6DJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAMGyrpCnko5D/4/Wrog4Y2xgqQVMB8GA1UdIwQY
MBaAFFy9bNka1qcoayH2UJ/dn1D+512HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEwxczJScldweWhySWZaUW45MmZVUDduWFljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lMDIyM2EtMzFmZC00Y2FjLTgxNjQt
ZmJhMDc0YmExYjkwLzEvWEwxczJScldweWhySWZaUW45MmZVUDduWFljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9lMDIyM2EtMzFmZC00Y2FjLTgxNjQtZmJhMDc0YmExYjkw
LzEvWEwxczJScldweWhySWZaUW45MmZVUDduWFljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhiRZoih1
F4Cm8hLJ7sTGrNi37b5TAOnv+TgoRcEPOSM/gXk2rCTTOuiDeMb/q18FhfTa1yef
BAL5kHKGS1AHu6wQcWgQ5wM0u/PM86VlJvGRE37s/OJRwunowdn1E10LbT9p/7Uf
BViOFN/tinTsX0sTMZZGJQ0WoEFbtMWP8vgx3kRIxreVM0ubmb+BG9DGf/LP4aU6
Ky/kKInN1PYiVWHb10T79UAMddWqXqJWuTxD59sl5pEwohOPJ6brFNP2Tbb84xrx
Y36On7hV/5qiPxoyCDas20rqhW6tuaChBxbnT0LVQsRwMQOz6ca89/dAyA5dih5q
Er4xGeGwdnwS/A==
-----END CERTIFICATE-----
Generated at Mon Oct 20 15:07:09 2025 by rpki-client