Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.mft
File: _XjxP_qS8HTr5VfSotKa0Noz5dg.mft (raw, json)
Hash identifier: TBCYgHomXzx2Gh1zdcEd3OLOwkJwTz1rI9D5gC1GUKE=
Subject key identifier: 4C:89:D4:7C:33:7A:DD:14:1C:99:68:B4:AD:7F:96:7E:0D:C1:9B:C5
Authority key identifier: FD:78:F1:3F:FA:92:F0:74:EB:E5:57:D2:A2:D2:9A:D0:DA:33:E5:D8
Certificate issuer: /CN=fd78f13ffa92f074ebe557d2a2d29ad0da33e5d8
Certificate serial: 0199FFC855E453465009CD3D2B837C021BA6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_XjxP_qS8HTr5VfSotKa0Noz5dg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.mft
Manifest number: 0C3C
Signing time: Mon 20 Oct 2025 04:02:23 +0000
Manifest this update: Mon 20 Oct 2025 04:02:23 +0000
Manifest next update: Tue 21 Oct 2025 04:02:23 +0000
Files and hashes: 1: IPVqTow4BPog0VgWrmL6j3UlRyc.roa (hash: yHocQSt6Dh1L30jflXp+Oc+mQ08tmbAfLa5FFYWt/64=)
2: _XjxP_qS8HTr5VfSotKa0Noz5dg.crl (hash: hzxDE12ZOdKD9a93VN8riXwpSVh0YRolxREhZReN5eQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.mft
rsync://rpki.ripe.net/repository/DEFAULT/_XjxP_qS8HTr5VfSotKa0Noz5dg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ff:c8:55:e4:53:46:50:09:cd:3d:2b:83:7c:02:1b:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd78f13ffa92f074ebe557d2a2d29ad0da33e5d8
Validity
Not Before: Oct 20 04:02:23 2025 GMT
Not After : Oct 21 04:02:23 2025 GMT
Subject: CN=4c89d47c337add141c9968b4ad7f967e0dc19bc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:1a:dc:b4:31:f7:87:6f:aa:52:76:b1:fe:96:
08:fe:5a:51:e0:f0:30:23:b8:4f:fd:73:d5:b3:83:
00:15:ee:df:3b:0c:eb:db:40:a3:39:63:3b:9d:19:
9b:bc:2b:a4:01:ef:6c:47:94:12:f2:29:1a:09:36:
16:03:f8:29:9b:f4:45:24:a1:5b:30:d7:cf:e4:a6:
65:3b:d7:75:7a:32:ed:7e:38:6c:90:0c:71:75:3d:
5e:ec:fc:f8:d4:50:a5:1e:6a:ec:83:5f:83:66:27:
b6:b8:10:93:69:b4:36:a5:f1:d3:7f:0f:92:4a:2d:
37:9b:e6:10:63:89:ec:47:e0:58:8d:0d:7c:9c:de:
c9:c1:c4:53:1d:a8:df:82:bc:e3:b4:5e:11:ce:16:
d1:5b:3d:76:4d:72:38:48:05:9d:77:f6:23:c5:c8:
31:4c:dc:ff:6b:46:29:9c:29:6d:a8:be:e7:05:96:
eb:a5:69:e4:85:68:28:27:10:cc:c6:9a:cf:dd:e2:
e7:e8:5c:22:15:df:0c:f8:c6:5d:18:1a:ff:99:4b:
ca:e6:f2:64:2d:a4:25:1a:a5:62:43:26:0b:19:b8:
2d:29:95:12:92:bb:5e:db:4d:89:43:5a:02:63:c0:
7b:92:ee:a1:dd:e0:2d:b9:c4:79:5b:74:bc:b4:a4:
03:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:89:D4:7C:33:7A:DD:14:1C:99:68:B4:AD:7F:96:7E:0D:C1:9B:C5
X509v3 Authority Key Identifier:
keyid:FD:78:F1:3F:FA:92:F0:74:EB:E5:57:D2:A2:D2:9A:D0:DA:33:E5:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_XjxP_qS8HTr5VfSotKa0Noz5dg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
11:2c:c1:39:e1:5b:1c:de:2e:7c:44:e9:3e:b8:8d:d0:20:eb:
89:1d:09:9c:26:af:94:21:96:0a:f7:7f:88:40:e4:15:35:35:
ca:ce:9d:7f:81:3c:14:50:dd:d0:f9:aa:0a:8e:80:4a:13:3b:
39:e6:10:53:a5:21:23:c2:e8:8a:a9:18:b5:a9:f5:e3:88:6b:
ad:4d:0d:48:94:bb:a5:96:a3:3f:39:74:e5:b9:89:a2:cc:c2:
c9:db:a5:f1:ea:3a:96:b9:3a:c3:50:b5:1f:04:46:f3:9d:ce:
16:4f:af:a7:04:cd:b7:14:43:88:e6:4f:d3:5e:e0:30:49:af:
23:2d:83:54:9c:d7:dd:62:57:a4:2e:c1:39:64:32:c8:f4:01:
16:97:11:21:92:8c:d3:8f:09:de:65:29:10:c7:6d:b8:38:8f:
a1:82:eb:f0:4c:e7:c4:e8:de:b2:e2:1d:63:4f:08:87:a8:c3:
5d:70:16:38:4e:06:16:cc:47:b0:01:d8:c7:a2:06:e9:00:5c:
a5:f0:8d:22:01:4e:2a:87:d4:14:42:09:98:7c:50:af:64:7a:
5e:2a:51:0e:e5:6c:e0:1e:21:03:c7:ec:ff:1a:61:83:eb:da:
14:50:1a:e8:9b:00:09:19:df:a3:e5:d8:91:91:8f:b4:ca:94:
9c:91:d3:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/yFXkU0ZQCc09K4N8AhumMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkNzhmMTNmZmE5MmYwNzRlYmU1NTdkMmEyZDI5YWQwZGEz
M2U1ZDgwHhcNMjUxMDIwMDQwMjIzWhcNMjUxMDIxMDQwMjIzWjAzMTEwLwYDVQQD
Eyg0Yzg5ZDQ3YzMzN2FkZDE0MWM5OTY4YjRhZDdmOTY3ZTBkYzE5YmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2xrctDH3h2+qUnax/pYI/lpR4PAw
I7hP/XPVs4MAFe7fOwzr20CjOWM7nRmbvCukAe9sR5QS8ikaCTYWA/gpm/RFJKFb
MNfP5KZlO9d1ejLtfjhskAxxdT1e7Pz41FClHmrsg1+DZie2uBCTabQ2pfHTfw+S
Si03m+YQY4nsR+BYjQ18nN7JwcRTHajfgrzjtF4RzhbRWz12TXI4SAWdd/Yjxcgx
TNz/a0YpnCltqL7nBZbrpWnkhWgoJxDMxprP3eLn6FwiFd8M+MZdGBr/mUvK5vJk
LaQlGqViQyYLGbgtKZUSkrte202JQ1oCY8B7ku6h3eAtucR5W3S8tKQD6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEyJ1Hwzet0UHJlotK1/ln4NwZvFMB8GA1UdIwQY
MBaAFP148T/6kvB06+VX0qLSmtDaM+XYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1hqeFBfcVM4SFRyNVZmU290S2EwTm96NWRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9lNDFjMzQtMDI1Mi00NzE4LTlmM2Qt
ZmRmMDExOGNjMDE2LzEvX1hqeFBfcVM4SFRyNVZmU290S2EwTm96NWRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi9lNDFjMzQtMDI1Mi00NzE4LTlmM2QtZmRmMDExOGNjMDE2
LzEvX1hqeFBfcVM4SFRyNVZmU290S2EwTm96NWRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAESzBOeFb
HN4ufETpPriN0CDriR0JnCavlCGWCvd/iEDkFTU1ys6df4E8FFDd0PmqCo6AShM7
OeYQU6UhI8LoiqkYtan144hrrU0NSJS7pZajPzl05bmJoszCydul8eo6lrk6w1C1
HwRG853OFk+vpwTNtxRDiOZP017gMEmvIy2DVJzX3WJXpC7BOWQyyPQBFpcRIZKM
048J3mUpEMdtuDiPoYLr8EznxOjesuIdY08Ih6jDXXAWOE4GFsxHsAHYx6IG6QBc
pfCNIgFOKofUFEIJmHxQr2R6XipRDuVs4B4hA8fs/xphg+vaFFAa6JsACRnfo+XY
kZGPtMqUnJHTFA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:56:55 2025 by rpki-client