Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft
File: XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft (raw, json)
Hash identifier: fCQOEbkiqr31HBY3pEQrXLwMuDXNzrUFJKuI/31ZUrQ=
Subject key identifier: EE:BE:F1:E1:A9:FA:6E:13:A3:BC:57:48:E5:20:45:4A:13:27:CD:BB
Authority key identifier: 5D:A3:8F:7C:3E:CA:D2:9E:C5:06:44:B7:00:68:B9:2A:1B:E4:70:74
Certificate issuer: /CN=5da38f7c3ecad29ec50644b70068b92a1be47074
Certificate serial: 0198D4DFE6AB483ED3B571DDDC4CEBAC1F11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft
Manifest number: 057E
Signing time: Sat 23 Aug 2025 03:01:40 +0000
Manifest this update: Sat 23 Aug 2025 03:01:40 +0000
Manifest next update: Sun 24 Aug 2025 03:01:40 +0000
Files and hashes: 1: SzmhUfWJuFhyT5TGLouRAgBLoIM.roa (hash: Qov0MeRXvHn6kZBTJQaoc48+Yw0xT2B5xVOV+b6Nifs=)
2: XaOPfD7K0p7FBkS3AGi5KhvkcHQ.crl (hash: YfPuVZkqAHGKDvuauz1x/obRBlAf3TN72xWWv545O00=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d4:df:e6:ab:48:3e:d3:b5:71:dd:dc:4c:eb:ac:1f:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da38f7c3ecad29ec50644b70068b92a1be47074
Validity
Not Before: Aug 23 03:01:40 2025 GMT
Not After : Aug 24 03:01:40 2025 GMT
Subject: CN=eebef1e1a9fa6e13a3bc5748e520454a1327cdbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:79:20:16:1d:5f:b1:65:2c:1c:dc:9d:74:73:
a2:05:4b:cb:87:5a:43:ba:c9:76:10:33:6d:5a:c1:
21:39:0a:6b:02:97:d5:3b:ec:cb:75:c2:5c:c5:91:
c1:20:7b:16:d5:d0:59:ff:f5:69:f4:05:2e:4c:07:
32:10:3d:43:f9:b4:87:94:bf:17:6b:ed:5f:7d:70:
be:1a:92:8f:2a:31:c5:81:17:b9:7b:65:b3:4a:b8:
53:cf:c5:9e:8d:13:60:7c:1e:78:5e:37:94:1e:aa:
e9:27:a0:69:61:aa:d0:a7:d9:fb:18:69:3c:ab:b7:
aa:e9:c0:35:db:bf:12:7c:cf:1a:ae:8a:aa:47:95:
9f:63:a9:56:ff:ae:6a:e8:44:c5:11:7c:17:32:20:
9a:37:78:b6:b2:9d:b6:8c:5f:f7:e5:48:e9:31:8a:
60:1c:44:1c:c2:f3:6b:a3:b7:79:4b:89:bb:06:a4:
f3:94:18:12:ec:fb:96:c0:1f:5d:f6:b5:38:ac:9d:
21:1d:aa:61:30:a9:ca:a1:36:91:22:36:6d:0d:16:
e4:91:66:b9:8c:13:b7:b9:cd:d3:3f:6a:80:2b:5e:
6d:4e:36:ef:1f:95:cd:ad:f0:16:6b:30:80:06:14:
b4:3d:e0:70:da:21:c6:5c:4b:67:70:e8:95:e3:e7:
49:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:BE:F1:E1:A9:FA:6E:13:A3:BC:57:48:E5:20:45:4A:13:27:CD:BB
X509v3 Authority Key Identifier:
keyid:5D:A3:8F:7C:3E:CA:D2:9E:C5:06:44:B7:00:68:B9:2A:1B:E4:70:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
68:f1:f9:8e:58:8e:e8:fb:75:d0:c6:68:72:8a:88:fa:b3:b5:
d7:91:8c:6b:1b:02:00:75:ee:35:87:2e:f7:25:35:30:1e:1e:
b1:61:0c:aa:5f:6b:60:d0:a0:b8:4b:1b:9d:04:7f:1f:09:91:
0e:80:54:34:94:44:f5:9f:b5:ef:8c:d5:61:bb:f0:51:90:60:
ae:02:3e:9b:27:25:ec:7d:f4:6f:c8:6d:da:05:d3:4d:bf:dd:
83:81:7c:28:8c:cf:eb:2f:0c:d1:7e:9a:fa:42:07:b5:14:c4:
d0:c6:9f:12:0f:2f:96:8a:9e:f1:4e:84:3c:e2:e0:04:6a:f6:
71:93:ee:bf:68:51:06:87:d1:99:67:24:dc:f7:8d:33:10:43:
ff:88:1a:10:2d:31:c5:64:db:97:4d:e4:10:ed:e2:7a:53:7b:
bc:78:39:19:70:86:40:02:bf:52:59:f2:0d:16:07:76:87:57:
48:da:e9:00:8d:21:a1:02:b9:e8:7a:86:e1:7b:8f:56:32:f1:
fb:8e:36:e2:3b:f7:72:c4:5b:0b:d8:a2:3b:8c:3a:2e:7a:34:
f8:ef:48:90:6c:8b:52:6f:2e:71:ab:f8:06:a2:ca:9d:a9:70:
1a:70:b6:81:6a:bd:a2:23:f2:57:e1:e1:d2:63:39:63:ae:01:
2c:07:0d:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU3+arSD7TtXHd3EzrrB8RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM4ZjdjM2VjYWQyOWVjNTA2NDRiNzAwNjhiOTJhMWJl
NDcwNzQwHhcNMjUwODIzMDMwMTQwWhcNMjUwODI0MDMwMTQwWjAzMTEwLwYDVQQD
EyhlZWJlZjFlMWE5ZmE2ZTEzYTNiYzU3NDhlNTIwNDU0YTEzMjdjZGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0HkgFh1fsWUsHNyddHOiBUvLh1pD
usl2EDNtWsEhOQprApfVO+zLdcJcxZHBIHsW1dBZ//Vp9AUuTAcyED1D+bSHlL8X
a+1ffXC+GpKPKjHFgRe5e2WzSrhTz8WejRNgfB54XjeUHqrpJ6BpYarQp9n7GGk8
q7eq6cA1278SfM8aroqqR5WfY6lW/65q6ETFEXwXMiCaN3i2sp22jF/35UjpMYpg
HEQcwvNro7d5S4m7BqTzlBgS7PuWwB9d9rU4rJ0hHaphMKnKoTaRIjZtDRbkkWa5
jBO3uc3TP2qAK15tTjbvH5XNrfAWazCABhS0PeBw2iHGXEtncOiV4+dJEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO6+8eGp+m4To7xXSOUgRUoTJ827MB8GA1UdIwQY
MBaAFF2jj3w+ytKexQZEtwBouSob5HB0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPUGZEN0swcDdGQmtTM0FHaTVLaHZrY0hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9iYmE4ZTctYjlkMi00ZDliLTg4Yjkt
OTQwOGYxYmMwZDEyLzEvWGFPUGZEN0swcDdGQmtTM0FHaTVLaHZrY0hRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9iYmE4ZTctYjlkMi00ZDliLTg4YjktOTQwOGYxYmMwZDEy
LzEvWGFPUGZEN0swcDdGQmtTM0FHaTVLaHZrY0hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaPH5jliO
6Pt10MZocoqI+rO115GMaxsCAHXuNYcu9yU1MB4esWEMql9rYNCguEsbnQR/HwmR
DoBUNJRE9Z+174zVYbvwUZBgrgI+mycl7H30b8ht2gXTTb/dg4F8KIzP6y8M0X6a
+kIHtRTE0MafEg8vloqe8U6EPOLgBGr2cZPuv2hRBofRmWck3PeNMxBD/4gaEC0x
xWTbl03kEO3ielN7vHg5GXCGQAK/UlnyDRYHdodXSNrpAI0hoQK56HqG4XuPVjLx
+4424jv3csRbC9iiO4w6Lno0+O9IkGyLUm8ucav4BqLKnalwGnC2gWq9oiPyV+Hh
0mM5Y64BLAcNNA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:31:28 2025 by rpki-client