Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.mft
File: XL1s2RrWpyhrIfZQn92fUP7nXYc.mft (raw, json)
Hash identifier: nnk0SueVEiRY4moNpFxUK2o3JzRPdAQsKGEL/Vvpp+U=
Subject key identifier: DA:EF:72:2F:AD:0B:69:B5:11:C4:1A:AF:C6:DC:4D:EA:C6:58:54:2C
Authority key identifier: 5C:BD:6C:D9:1A:D6:A7:28:6B:21:F6:50:9F:DD:9F:50:FE:E7:5D:87
Certificate issuer: /CN=5cbd6cd91ad6a7286b21f6509fdd9f50fee75d87
Certificate serial: 0197B6A0855376899E3EE2236DDBC9145057
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XL1s2RrWpyhrIfZQn92fUP7nXYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.mft
Manifest number: 14E2
Signing time: Sat 28 Jun 2025 13:01:02 +0000
Manifest this update: Sat 28 Jun 2025 13:01:02 +0000
Manifest next update: Sun 29 Jun 2025 13:01:02 +0000
Files and hashes: 1: LfsV7f6LxRRDF8DgEB39eI0JGcY.roa (hash: 57HPzdZv/cmkcVMLJmynj7OnbXGj1b4sWVjtj2VnRws=)
2: XL1s2RrWpyhrIfZQn92fUP7nXYc.crl (hash: foDYYcLmWaLic4YDCNfGlCn0cVfyOKaIs0hOPo62qdc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.mft
rsync://rpki.ripe.net/repository/DEFAULT/XL1s2RrWpyhrIfZQn92fUP7nXYc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 13:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b6:a0:85:53:76:89:9e:3e:e2:23:6d:db:c9:14:50:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cbd6cd91ad6a7286b21f6509fdd9f50fee75d87
Validity
Not Before: Jun 28 13:01:02 2025 GMT
Not After : Jun 29 13:01:02 2025 GMT
Subject: CN=daef722fad0b69b511c41aafc6dc4deac658542c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b2:c6:5c:37:1f:5c:fb:12:9b:c4:2d:93:1f:
b0:e0:a4:2c:5a:ca:b8:84:f3:91:0e:ff:f8:86:b8:
d6:24:50:cc:37:b9:e4:6c:3d:b0:6b:a0:61:09:34:
d9:ff:17:4b:a3:79:05:2b:6a:81:fa:8e:9e:a3:bd:
db:53:3c:d6:41:ec:5d:52:47:1d:fc:9f:f0:ed:4d:
cf:1e:44:b5:6d:2c:84:68:c8:62:0d:2a:75:1b:02:
8f:15:af:1c:26:c6:c9:79:5f:98:4f:8a:7f:d6:80:
54:b8:94:bd:c1:0c:6b:ad:2d:dc:3e:40:b6:67:d3:
a6:8f:f4:07:54:9f:3f:90:5a:f4:9c:0d:6c:c0:45:
f8:be:9b:e2:3f:82:71:8c:c7:72:4c:b6:0b:27:1a:
c6:2a:21:b2:76:71:34:74:b4:65:17:52:c8:6f:51:
58:91:71:e3:f5:8b:76:fa:4b:07:20:d4:c2:b7:09:
0b:68:75:7c:4c:ec:3d:da:c9:f9:ed:57:72:c2:c8:
18:27:7b:be:54:35:18:de:ed:f3:6c:78:44:e2:33:
91:46:16:75:70:32:cf:6b:3b:e9:57:43:2e:46:13:
32:e3:df:78:d0:6d:a8:ee:36:02:df:7f:1c:1a:48:
12:97:a0:49:f3:f3:ab:1d:a5:a1:41:a6:87:16:6d:
92:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:EF:72:2F:AD:0B:69:B5:11:C4:1A:AF:C6:DC:4D:EA:C6:58:54:2C
X509v3 Authority Key Identifier:
keyid:5C:BD:6C:D9:1A:D6:A7:28:6B:21:F6:50:9F:DD:9F:50:FE:E7:5D:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XL1s2RrWpyhrIfZQn92fUP7nXYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8c:fa:0a:9b:3a:ee:66:c3:b5:c5:a3:74:c3:1f:db:a5:b1:b2:
18:84:c6:c2:84:c2:76:10:a3:1e:fa:b6:6c:8a:16:cc:c4:44:
15:b6:ec:c9:b8:8b:a2:64:7b:98:22:6a:37:a8:25:00:91:fc:
24:0c:ef:04:ed:2c:f0:ae:87:2f:ba:ae:3a:99:a9:b6:74:a3:
1a:ac:af:62:db:31:fd:5e:f8:08:fa:12:59:ee:2d:18:61:75:
01:6c:99:42:97:25:3a:9e:59:92:bd:93:7e:d7:b3:50:f4:1c:
47:7b:e2:ca:dd:24:e2:05:95:ef:20:5b:48:a2:36:60:97:e9:
e2:67:ad:f8:21:05:9e:7d:7b:e6:e5:40:5a:d2:a2:e9:07:dc:
df:4b:0d:0f:79:6d:2a:8b:aa:39:28:22:8b:79:52:16:4c:86:
e7:36:a0:b1:02:47:f8:90:6c:9d:4d:66:53:2d:89:e2:1e:c3:
fc:fb:01:91:d0:f2:48:39:7c:69:38:34:19:84:8e:fd:35:91:
5a:0b:e9:62:ec:77:e3:be:36:2a:29:76:73:3b:12:03:37:ab:
c6:c2:69:f2:c5:1a:cc:e0:14:72:33:29:1a:86:c1:11:96:5b:
bb:02:09:d1:70:b4:9c:38:69:3a:60:b0:19:35:7b:72:3a:24:
d3:6b:d3:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oIVTdomePuIjbdvJFFBXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjYmQ2Y2Q5MWFkNmE3Mjg2YjIxZjY1MDlmZGQ5ZjUwZmVl
NzVkODcwHhcNMjUwNjI4MTMwMTAyWhcNMjUwNjI5MTMwMTAyWjAzMTEwLwYDVQQD
EyhkYWVmNzIyZmFkMGI2OWI1MTFjNDFhYWZjNmRjNGRlYWM2NTg1NDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7LGXDcfXPsSm8Qtkx+w4KQsWsq4
hPORDv/4hrjWJFDMN7nkbD2wa6BhCTTZ/xdLo3kFK2qB+o6eo73bUzzWQexdUkcd
/J/w7U3PHkS1bSyEaMhiDSp1GwKPFa8cJsbJeV+YT4p/1oBUuJS9wQxrrS3cPkC2
Z9Omj/QHVJ8/kFr0nA1swEX4vpviP4JxjMdyTLYLJxrGKiGydnE0dLRlF1LIb1FY
kXHj9Yt2+ksHINTCtwkLaHV8TOw92sn57VdywsgYJ3u+VDUY3u3zbHhE4jORRhZ1
cDLPazvpV0MuRhMy49940G2o7jYC338cGkgSl6BJ8/OrHaWhQaaHFm2S4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNrvci+tC2m1EcQar8bcTerGWFQsMB8GA1UdIwQY
MBaAFFy9bNka1qcoayH2UJ/dn1D+512HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEwxczJScldweWhySWZaUW45MmZVUDduWFljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lMDIyM2EtMzFmZC00Y2FjLTgxNjQt
ZmJhMDc0YmExYjkwLzEvWEwxczJScldweWhySWZaUW45MmZVUDduWFljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9lMDIyM2EtMzFmZC00Y2FjLTgxNjQtZmJhMDc0YmExYjkw
LzEvWEwxczJScldweWhySWZaUW45MmZVUDduWFljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjPoKmzru
ZsO1xaN0wx/bpbGyGITGwoTCdhCjHvq2bIoWzMREFbbsybiLomR7mCJqN6glAJH8
JAzvBO0s8K6HL7quOpmptnSjGqyvYtsx/V74CPoSWe4tGGF1AWyZQpclOp5Zkr2T
ftezUPQcR3viyt0k4gWV7yBbSKI2YJfp4met+CEFnn175uVAWtKi6Qfc30sND3lt
KouqOSgii3lSFkyG5zagsQJH+JBsnU1mUy2J4h7D/PsBkdDySDl8aTg0GYSO/TWR
WgvpYux34742Kil2czsSAzerxsJp8sUazOAUcjMpGobBEZZbuwIJ0XC0nDhpOmCw
GTV7cjok02vToQ==
-----END CERTIFICATE-----
Generated at Sat Jun 28 20:38:54 2025 by rpki-client