Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft
File: XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft (raw, json)
Hash identifier: 4l7bgDRu+FpGjrN7PXTti3ahwH9YnwbHg/Nx32MDIDI=
Subject key identifier: 3F:57:A5:C2:F3:65:FC:9A:B9:BD:FC:C9:F5:34:57:51:68:B0:BB:49
Authority key identifier: 5D:A3:8F:7C:3E:CA:D2:9E:C5:06:44:B7:00:68:B9:2A:1B:E4:70:74
Certificate issuer: /CN=5da38f7c3ecad29ec50644b70068b92a1be47074
Certificate serial: 019A041184F31BBDD7D8779FC4DA71EB5FD4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft
Manifest number: 061B
Signing time: Tue 21 Oct 2025 00:00:48 +0000
Manifest this update: Tue 21 Oct 2025 00:00:48 +0000
Manifest next update: Wed 22 Oct 2025 00:00:48 +0000
Files and hashes: 1: SzmhUfWJuFhyT5TGLouRAgBLoIM.roa (hash: Qov0MeRXvHn6kZBTJQaoc48+Yw0xT2B5xVOV+b6Nifs=)
2: XaOPfD7K0p7FBkS3AGi5KhvkcHQ.crl (hash: calnj0YPiqSOEbz1ppuuoJRbQ+YfIBybBAP9VtTULDE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 22:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:04:11:84:f3:1b:bd:d7:d8:77:9f:c4:da:71:eb:5f:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da38f7c3ecad29ec50644b70068b92a1be47074
Validity
Not Before: Oct 21 00:00:48 2025 GMT
Not After : Oct 22 00:00:48 2025 GMT
Subject: CN=3f57a5c2f365fc9ab9bdfcc9f534575168b0bb49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:61:01:2a:9d:a5:a5:28:e0:7a:4a:e8:b8:aa:
88:de:72:02:cd:5f:82:d9:d6:82:fb:17:3b:5c:4e:
39:15:0b:a8:4d:48:d9:c1:d3:5e:e0:c1:35:88:d4:
e4:d0:fa:e9:72:ed:cb:7b:69:20:fb:c6:4a:96:18:
42:ce:64:5c:16:74:a9:f3:eb:31:7a:ae:05:57:0b:
f3:a7:13:4c:74:a5:07:cc:61:c8:04:0b:87:b0:7e:
c8:42:b7:9a:bc:cd:4c:82:53:30:e9:71:8b:22:f3:
78:6c:2d:2a:e0:c6:ce:1b:a6:2b:35:27:a2:b3:94:
fc:11:8f:46:c9:f3:91:08:64:73:0a:5a:a8:b1:17:
62:d5:e9:d4:2c:c6:a5:bb:73:05:a2:82:51:f7:40:
60:b7:7e:f6:58:c4:8d:62:08:f3:da:3d:c0:aa:84:
11:76:46:c8:b2:4d:91:ae:03:c6:55:bf:31:a0:3b:
54:f2:e9:96:80:48:ef:bd:9b:77:61:fe:ef:2f:22:
2e:e6:22:6f:95:15:ab:a4:e3:f1:64:c9:a0:a1:95:
28:7f:18:5e:d1:66:ea:f3:35:16:45:80:6e:d7:38:
a0:55:e6:88:f0:7b:27:bf:81:e4:c6:78:40:56:c9:
d2:51:9a:88:ff:48:1a:62:25:5b:2f:bd:fa:96:6e:
a1:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:57:A5:C2:F3:65:FC:9A:B9:BD:FC:C9:F5:34:57:51:68:B0:BB:49
X509v3 Authority Key Identifier:
keyid:5D:A3:8F:7C:3E:CA:D2:9E:C5:06:44:B7:00:68:B9:2A:1B:E4:70:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0b:e7:e2:99:f8:af:9a:fb:db:34:97:e0:32:53:09:43:75:e9:
53:e5:a4:c5:8e:b3:64:80:93:7e:aa:5e:b0:76:5d:ab:3e:7b:
7a:7c:b9:33:92:05:54:7c:66:f1:b1:80:09:93:65:2e:2e:8e:
24:46:a0:f8:0f:d4:68:79:d0:96:4d:2c:f9:0a:48:55:3d:2b:
43:7d:da:13:d8:f8:a3:d3:f5:53:dd:c2:dd:2f:95:3d:e6:72:
3d:75:4e:71:c0:e9:3c:1a:19:07:4f:45:b0:3d:6b:2d:62:8f:
60:44:05:6c:a6:d3:8f:71:77:7f:0b:da:db:61:1f:6e:84:a0:
a3:74:80:c8:61:14:37:77:35:38:4f:89:22:8b:86:c4:cd:25:
1e:12:90:ea:03:f1:58:60:e7:22:ca:45:71:08:a4:cf:95:ad:
81:23:20:26:b1:20:f4:ee:c3:a1:0f:4c:e0:24:b1:84:76:f8:
03:89:94:1a:41:6b:11:de:da:8f:c4:cb:d6:d0:4a:9f:91:1d:
1f:0a:98:90:e7:5d:4a:68:9c:eb:4e:b1:88:42:8e:72:f2:5b:
a2:0a:09:3b:18:13:33:c6:82:0e:44:59:b3:51:74:db:21:3b:
e2:24:8f:46:9f:bf:84:ac:4b:12:53:19:ea:7a:c1:d5:c3:ec:
8c:1f:67:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoEEYTzG73X2HefxNpx61/UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM4ZjdjM2VjYWQyOWVjNTA2NDRiNzAwNjhiOTJhMWJl
NDcwNzQwHhcNMjUxMDIxMDAwMDQ4WhcNMjUxMDIyMDAwMDQ4WjAzMTEwLwYDVQQD
EygzZjU3YTVjMmYzNjVmYzlhYjliZGZjYzlmNTM0NTc1MTY4YjBiYjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8WEBKp2lpSjgekrouKqI3nICzV+C
2daC+xc7XE45FQuoTUjZwdNe4ME1iNTk0Prpcu3Le2kg+8ZKlhhCzmRcFnSp8+sx
eq4FVwvzpxNMdKUHzGHIBAuHsH7IQreavM1MglMw6XGLIvN4bC0q4MbOG6YrNSei
s5T8EY9GyfORCGRzClqosRdi1enULMalu3MFooJR90Bgt372WMSNYgjz2j3AqoQR
dkbIsk2RrgPGVb8xoDtU8umWgEjvvZt3Yf7vLyIu5iJvlRWrpOPxZMmgoZUofxhe
0Wbq8zUWRYBu1zigVeaI8Hsnv4HkxnhAVsnSUZqI/0gaYiVbL736lm6h7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD9XpcLzZfyaub38yfU0V1FosLtJMB8GA1UdIwQY
MBaAFF2jj3w+ytKexQZEtwBouSob5HB0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPUGZEN0swcDdGQmtTM0FHaTVLaHZrY0hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9iYmE4ZTctYjlkMi00ZDliLTg4Yjkt
OTQwOGYxYmMwZDEyLzEvWGFPUGZEN0swcDdGQmtTM0FHaTVLaHZrY0hRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9iYmE4ZTctYjlkMi00ZDliLTg4YjktOTQwOGYxYmMwZDEy
LzEvWGFPUGZEN0swcDdGQmtTM0FHaTVLaHZrY0hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC+fimfiv
mvvbNJfgMlMJQ3XpU+WkxY6zZICTfqpesHZdqz57eny5M5IFVHxm8bGACZNlLi6O
JEag+A/UaHnQlk0s+QpIVT0rQ33aE9j4o9P1U93C3S+VPeZyPXVOccDpPBoZB09F
sD1rLWKPYEQFbKbTj3F3fwva22EfboSgo3SAyGEUN3c1OE+JIouGxM0lHhKQ6gPx
WGDnIspFcQikz5WtgSMgJrEg9O7DoQ9M4CSxhHb4A4mUGkFrEd7aj8TL1tBKn5Ed
HwqYkOddSmic606xiEKOcvJbogoJOxgTM8aCDkRZs1F02yE74iSPRp+/hKxLElMZ
6nrB1cPsjB9ncQ==
-----END CERTIFICATE-----
Generated at Tue Oct 21 02:11:09 2025 by rpki-client