Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/dbe773-befc-4a77-b513-5e23672673d2/1/XUcovR9dE212i_F1NGHFPaRXRss.mft
File: XUcovR9dE212i_F1NGHFPaRXRss.mft (raw, json)
Hash identifier: 4XPgvj2cHPN6VQZNG+Vu2hjCsfVulcidTCPSuuZwbIg=
Subject key identifier: CE:45:29:C8:24:AE:09:82:E7:CA:D5:1B:C0:63:F1:23:D7:86:5D:F6
Authority key identifier: 5D:47:28:BD:1F:5D:13:6D:76:8B:F1:75:34:61:C5:3D:A4:57:46:CB
Certificate issuer: /CN=5d4728bd1f5d136d768bf1753461c53da45746cb
Certificate serial: 0197B7EA4E91F25A06DA77EC99BAFC2A512D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XUcovR9dE212i_F1NGHFPaRXRss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/dbe773-befc-4a77-b513-5e23672673d2/1/XUcovR9dE212i_F1NGHFPaRXRss.mft
Manifest number: 15B7
Signing time: Sat 28 Jun 2025 19:01:15 +0000
Manifest this update: Sat 28 Jun 2025 19:01:15 +0000
Manifest next update: Sun 29 Jun 2025 19:01:15 +0000
Files and hashes: 1: HBQ9odudt8FtC2hg2PdPFEmL6sY.roa (hash: qLOlhGmFNavd+EfWsRToyvlmrGX+k5BkUmneKAiMnB0=)
2: XUcovR9dE212i_F1NGHFPaRXRss.crl (hash: 0gGkiXXsgstKZI1B64T9q2wv70ThUoHYxyrVgozjm8U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/dbe773-befc-4a77-b513-5e23672673d2/1/XUcovR9dE212i_F1NGHFPaRXRss.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/dbe773-befc-4a77-b513-5e23672673d2/1/XUcovR9dE212i_F1NGHFPaRXRss.mft
rsync://rpki.ripe.net/repository/DEFAULT/XUcovR9dE212i_F1NGHFPaRXRss.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:ea:4e:91:f2:5a:06:da:77:ec:99:ba:fc:2a:51:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d4728bd1f5d136d768bf1753461c53da45746cb
Validity
Not Before: Jun 28 19:01:15 2025 GMT
Not After : Jun 29 19:01:15 2025 GMT
Subject: CN=ce4529c824ae0982e7cad51bc063f123d7865df6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:c3:32:1f:a6:a0:0f:bc:35:de:6c:a3:0e:80:
ca:dd:fe:38:fb:0c:41:6b:db:6e:70:39:cf:17:ed:
7d:b2:1c:94:7e:21:f5:d3:3b:aa:9c:a2:29:12:de:
9f:c4:26:8c:d8:95:c2:9b:e2:da:71:67:56:dd:64:
19:5b:58:fb:51:53:a8:e1:f2:ac:a6:0c:7b:3f:a8:
a4:2f:b5:a9:23:54:03:03:72:c2:b1:ce:0f:9b:16:
b9:b5:72:f1:69:80:0b:0f:3d:76:aa:a2:44:52:47:
df:8d:04:5d:70:cc:f7:00:6f:bf:f5:5d:9f:39:32:
dd:cb:cf:09:53:f6:86:db:64:c1:af:89:9f:89:1d:
c1:ff:31:4d:63:fd:b7:68:9f:93:00:1f:33:eb:28:
bc:97:fa:ac:e4:3b:79:4c:1b:16:37:4e:b0:38:98:
63:26:ae:bc:70:8e:f1:cf:1c:13:92:f6:35:50:25:
51:03:7e:27:ed:82:17:60:03:52:41:68:de:fb:2e:
94:68:0b:78:92:8e:8a:ed:7e:34:a7:0e:dc:2c:98:
a2:24:68:f4:d8:15:df:06:3c:5f:87:03:2b:2d:b4:
43:e7:ff:83:09:17:71:11:44:ba:ef:06:91:c3:3d:
93:02:60:86:fe:52:24:f9:40:8d:f3:67:6a:3f:85:
d0:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:45:29:C8:24:AE:09:82:E7:CA:D5:1B:C0:63:F1:23:D7:86:5D:F6
X509v3 Authority Key Identifier:
keyid:5D:47:28:BD:1F:5D:13:6D:76:8B:F1:75:34:61:C5:3D:A4:57:46:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XUcovR9dE212i_F1NGHFPaRXRss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/dbe773-befc-4a77-b513-5e23672673d2/1/XUcovR9dE212i_F1NGHFPaRXRss.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/dbe773-befc-4a77-b513-5e23672673d2/1/XUcovR9dE212i_F1NGHFPaRXRss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9b:36:f0:65:00:f2:a2:d9:35:ab:68:fb:e1:6b:43:ed:b9:a3:
e9:1a:c2:5d:70:79:3d:ca:1c:6a:b4:a4:17:77:0d:63:be:66:
7c:40:b8:c7:97:10:b4:a3:8c:64:7f:7a:db:d9:68:52:6d:c1:
9d:94:fc:01:7b:da:30:b1:7b:fc:a7:91:d6:26:c5:b2:52:26:
8d:fa:34:58:a7:1f:02:6a:10:40:a9:87:fc:f5:ba:77:58:70:
80:3e:8f:6e:4c:4c:f0:a0:ee:31:7e:ae:ff:8f:f6:24:47:55:
2c:ee:b3:a1:27:18:32:dc:0d:41:f8:ad:d9:af:49:49:f8:55:
6d:9a:25:6a:99:49:06:b7:74:7b:e9:a4:f0:64:50:e3:3c:ce:
b0:10:25:a6:21:10:ab:90:e5:9c:ae:be:d7:cb:65:b1:06:e4:
3b:a2:72:c3:17:b1:a3:fb:98:04:40:3c:6f:e5:2b:29:00:43:
0a:ba:86:11:da:b5:92:d8:ae:c0:9a:15:b2:cf:34:a4:c0:51:
8b:26:3d:d5:20:88:a4:57:c6:25:3c:86:3b:8d:37:3f:cd:23:
1c:2c:83:4a:96:55:3a:e8:bd:8f:0d:9e:d5:3d:13:f2:d2:5f:
2b:99:56:5b:83:2a:59:3e:8e:b3:f5:06:1b:0f:59:d5:9e:e2:
03:e4:06:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36k6R8loG2nfsmbr8KlEtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkNDcyOGJkMWY1ZDEzNmQ3NjhiZjE3NTM0NjFjNTNkYTQ1
NzQ2Y2IwHhcNMjUwNjI4MTkwMTE1WhcNMjUwNjI5MTkwMTE1WjAzMTEwLwYDVQQD
EyhjZTQ1MjljODI0YWUwOTgyZTdjYWQ1MWJjMDYzZjEyM2Q3ODY1ZGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMMyH6agD7w13myjDoDK3f44+wxB
a9tucDnPF+19shyUfiH10zuqnKIpEt6fxCaM2JXCm+LacWdW3WQZW1j7UVOo4fKs
pgx7P6ikL7WpI1QDA3LCsc4Pmxa5tXLxaYALDz12qqJEUkffjQRdcMz3AG+/9V2f
OTLdy88JU/aG22TBr4mfiR3B/zFNY/23aJ+TAB8z6yi8l/qs5Dt5TBsWN06wOJhj
Jq68cI7xzxwTkvY1UCVRA34n7YIXYANSQWje+y6UaAt4ko6K7X40pw7cLJiiJGj0
2BXfBjxfhwMrLbRD5/+DCRdxEUS67waRwz2TAmCG/lIk+UCN82dqP4XQ+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM5FKcgkrgmC58rVG8Bj8SPXhl32MB8GA1UdIwQY
MBaAFF1HKL0fXRNtdovxdTRhxT2kV0bLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFVjb3ZSOWRFMjEyaV9GMU5HSEZQYVJYUnNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9kYmU3NzMtYmVmYy00YTc3LWI1MTMt
NWUyMzY3MjY3M2QyLzEvWFVjb3ZSOWRFMjEyaV9GMU5HSEZQYVJYUnNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9kYmU3NzMtYmVmYy00YTc3LWI1MTMtNWUyMzY3MjY3M2Qy
LzEvWFVjb3ZSOWRFMjEyaV9GMU5HSEZQYVJYUnNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmzbwZQDy
otk1q2j74WtD7bmj6RrCXXB5PcocarSkF3cNY75mfEC4x5cQtKOMZH9629loUm3B
nZT8AXvaMLF7/KeR1ibFslImjfo0WKcfAmoQQKmH/PW6d1hwgD6PbkxM8KDuMX6u
/4/2JEdVLO6zoScYMtwNQfit2a9JSfhVbZolaplJBrd0e+mk8GRQ4zzOsBAlpiEQ
q5DlnK6+18tlsQbkO6Jywxexo/uYBEA8b+UrKQBDCrqGEdq1ktiuwJoVss80pMBR
iyY91SCIpFfGJTyGO403P80jHCyDSpZVOui9jw2e1T0T8tJfK5lWW4MqWT6Os/UG
Gw9Z1Z7iA+QGNw==
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:05:57 2025 by rpki-client