Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/7a80aa-000a-4714-a2fa-fb307badec4d/1/xKMWKFZYILOlo-HPyHdz4oP7lcE.mft
File: xKMWKFZYILOlo-HPyHdz4oP7lcE.mft (raw, json)
Hash identifier: oTX74+cpUYLXn3lEx/kwSIIXLiO77NV2HEGjTRqGYK4=
Subject key identifier: 48:79:07:4A:57:CB:33:FF:33:94:2E:C2:03:D3:54:28:C3:4F:CC:17
Authority key identifier: C4:A3:16:28:56:58:20:B3:A5:A3:E1:CF:C8:77:73:E2:83:FB:95:C1
Certificate issuer: /CN=c4a31628565820b3a5a3e1cfc87773e283fb95c1
Certificate serial: 0199FD346AC17FAA24956EBFD29113090A4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xKMWKFZYILOlo-HPyHdz4oP7lcE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/7a80aa-000a-4714-a2fa-fb307badec4d/1/xKMWKFZYILOlo-HPyHdz4oP7lcE.mft
Manifest number: 0C28
Signing time: Sun 19 Oct 2025 16:01:34 +0000
Manifest this update: Sun 19 Oct 2025 16:01:34 +0000
Manifest next update: Mon 20 Oct 2025 16:01:34 +0000
Files and hashes: 1: O7JK_R6ip6iR244uyf3DBgROHco.roa (hash: GKH7o0xxF7nZfmB+4s7mUapBQQrsXrRHoDwbM7Hh8hA=)
2: xKMWKFZYILOlo-HPyHdz4oP7lcE.crl (hash: 76rG4nTpaaKxgy3Zyr5KxCl0DAPgCAV3DAP9R97AZ9A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/7a80aa-000a-4714-a2fa-fb307badec4d/1/xKMWKFZYILOlo-HPyHdz4oP7lcE.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/7a80aa-000a-4714-a2fa-fb307badec4d/1/xKMWKFZYILOlo-HPyHdz4oP7lcE.mft
rsync://rpki.ripe.net/repository/DEFAULT/xKMWKFZYILOlo-HPyHdz4oP7lcE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fd:34:6a:c1:7f:aa:24:95:6e:bf:d2:91:13:09:0a:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4a31628565820b3a5a3e1cfc87773e283fb95c1
Validity
Not Before: Oct 19 16:01:34 2025 GMT
Not After : Oct 20 16:01:34 2025 GMT
Subject: CN=4879074a57cb33ff33942ec203d35428c34fcc17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:2e:a2:0f:c7:f3:7e:d3:f0:f4:5c:fb:b8:e5:
72:29:94:d9:a9:38:db:53:86:d1:15:59:5c:74:80:
fb:5a:92:c8:98:a6:64:ca:4a:e1:7d:a3:49:0b:9e:
5a:a4:fa:0d:88:7d:79:aa:4a:7b:92:3f:3a:e4:b0:
68:5f:a6:c4:2e:01:98:51:4d:57:31:ed:13:52:2d:
62:0b:3f:72:b2:08:3c:93:08:94:fb:44:d8:cc:fb:
2f:e3:2b:51:be:61:a1:d8:1f:ae:4d:c8:07:7c:40:
b2:8a:1c:79:9c:00:e9:b9:3b:20:85:18:83:41:a8:
b0:e3:6b:43:ed:53:d7:70:fd:bd:7f:67:98:39:ae:
a6:0f:7c:ef:b4:75:9e:da:f9:e8:50:88:30:c5:5f:
2b:85:ab:41:47:d6:fc:b2:8a:a3:66:b3:9b:09:b8:
85:05:25:17:62:bc:c5:36:84:2b:b6:26:71:1a:a3:
90:d0:51:2f:ca:75:b1:cb:26:98:40:80:55:14:39:
a1:cc:15:95:56:00:b1:9f:2e:a0:0f:a6:63:a8:e8:
e0:00:40:ae:33:05:05:32:81:33:6e:ee:b9:0b:df:
0d:63:bb:87:4b:96:dd:01:5f:f3:5a:57:ed:f7:1c:
8d:53:ba:98:bd:bd:bf:85:74:70:f0:fc:a4:d8:65:
ca:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:79:07:4A:57:CB:33:FF:33:94:2E:C2:03:D3:54:28:C3:4F:CC:17
X509v3 Authority Key Identifier:
keyid:C4:A3:16:28:56:58:20:B3:A5:A3:E1:CF:C8:77:73:E2:83:FB:95:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xKMWKFZYILOlo-HPyHdz4oP7lcE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/7a80aa-000a-4714-a2fa-fb307badec4d/1/xKMWKFZYILOlo-HPyHdz4oP7lcE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/7a80aa-000a-4714-a2fa-fb307badec4d/1/xKMWKFZYILOlo-HPyHdz4oP7lcE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2e:f0:42:cf:d9:9f:7e:c1:29:55:6a:cb:d7:1c:e8:a5:d8:e6:
e8:79:b3:a4:1f:db:c4:05:3c:fe:a1:11:5e:06:f9:4d:27:0e:
84:49:83:2f:fd:bc:bd:7a:7b:09:5c:45:67:b2:d0:79:99:97:
a9:a5:40:63:87:8b:ec:a2:71:3a:07:40:20:84:4c:66:0c:64:
f5:09:29:e6:1a:22:79:1e:e7:12:3d:de:7b:a0:11:7c:ee:fa:
cf:3e:b9:9e:f6:5f:e0:ef:08:fe:20:e8:bf:f1:51:d6:62:ae:
cc:d4:c3:07:36:c8:fe:6a:e2:f1:4d:b9:c2:9e:f5:2b:74:8a:
7e:a6:b9:33:c6:29:e3:68:18:39:b4:2e:37:2d:2e:bd:e4:94:
64:59:67:bc:38:ae:cb:bd:72:80:d0:30:9c:6a:05:b3:b0:cf:
0a:1c:aa:7f:1f:ec:32:2d:e6:3d:a3:11:6c:83:dc:67:a3:98:
f9:18:33:a0:a2:cd:db:d8:42:c4:a7:56:90:da:e3:db:74:f7:
7b:89:58:c2:69:e1:fa:a5:f8:bd:c0:39:56:c9:e2:e8:a5:bb:
b1:8e:f3:d8:fd:f4:22:13:58:1b:64:1a:3a:be:54:8e:93:13:
21:7d:86:bd:2f:cd:50:48:39:7b:70:66:f4:5e:dc:52:64:bc:
67:72:d3:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9NGrBf6oklW6/0pETCQpKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0YTMxNjI4NTY1ODIwYjNhNWEzZTFjZmM4Nzc3M2UyODNm
Yjk1YzEwHhcNMjUxMDE5MTYwMTM0WhcNMjUxMDIwMTYwMTM0WjAzMTEwLwYDVQQD
Eyg0ODc5MDc0YTU3Y2IzM2ZmMzM5NDJlYzIwM2QzNTQyOGMzNGZjYzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmy6iD8fzftPw9Fz7uOVyKZTZqTjb
U4bRFVlcdID7WpLImKZkykrhfaNJC55apPoNiH15qkp7kj865LBoX6bELgGYUU1X
Me0TUi1iCz9ysgg8kwiU+0TYzPsv4ytRvmGh2B+uTcgHfECyihx5nADpuTsghRiD
Qaiw42tD7VPXcP29f2eYOa6mD3zvtHWe2vnoUIgwxV8rhatBR9b8soqjZrObCbiF
BSUXYrzFNoQrtiZxGqOQ0FEvynWxyyaYQIBVFDmhzBWVVgCxny6gD6ZjqOjgAECu
MwUFMoEzbu65C98NY7uHS5bdAV/zWlft9xyNU7qYvb2/hXRw8Pyk2GXKmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEh5B0pXyzP/M5QuwgPTVCjDT8wXMB8GA1UdIwQY
MBaAFMSjFihWWCCzpaPhz8h3c+KD+5XBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEtNV0tGWllJTE9sby1IUHlIZHo0b1A3bGNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi83YTgwYWEtMDAwYS00NzE0LWEyZmEt
ZmIzMDdiYWRlYzRkLzEveEtNV0tGWllJTE9sby1IUHlIZHo0b1A3bGNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi83YTgwYWEtMDAwYS00NzE0LWEyZmEtZmIzMDdiYWRlYzRk
LzEveEtNV0tGWllJTE9sby1IUHlIZHo0b1A3bGNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALvBCz9mf
fsEpVWrL1xzopdjm6HmzpB/bxAU8/qERXgb5TScOhEmDL/28vXp7CVxFZ7LQeZmX
qaVAY4eL7KJxOgdAIIRMZgxk9Qkp5hoieR7nEj3ee6ARfO76zz65nvZf4O8I/iDo
v/FR1mKuzNTDBzbI/mri8U25wp71K3SKfqa5M8Yp42gYObQuNy0uveSUZFlnvDiu
y71ygNAwnGoFs7DPChyqfx/sMi3mPaMRbIPcZ6OY+RgzoKLN29hCxKdWkNrj23T3
e4lYwmnh+qX4vcA5Vsni6KW7sY7z2P30IhNYG2QaOr5UjpMTIX2GvS/NUEg5e3Bm
9F7cUmS8Z3LTeA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 00:02:41 2025 by rpki-client