Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.mft
File: XTcKSLWfuBFJXxHElzRILyKxo5I.mft (raw, json)
Hash identifier: p9jva62gaGNwcHHM6hCl0iycWWEX4H/dCCEwiu+juXE=
Subject key identifier: CA:DA:12:90:C7:8F:1D:33:41:7B:2D:B8:A8:36:C5:14:44:23:B0:0E
Authority key identifier: 5D:37:0A:48:B5:9F:B8:11:49:5F:11:C4:97:34:48:2F:22:B1:A3:92
Certificate issuer: /CN=5d370a48b59fb811495f11c49734482f22b1a392
Certificate serial: 0198D5BC513C61D5C03CE9598DCB89390931
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTcKSLWfuBFJXxHElzRILyKxo5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.mft
Manifest number: 1352
Signing time: Sat 23 Aug 2025 07:02:25 +0000
Manifest this update: Sat 23 Aug 2025 07:02:25 +0000
Manifest next update: Sun 24 Aug 2025 07:02:25 +0000
Files and hashes: 1: NKYWlz4gwZY4JXbw2fZ-33Yiq7Q.roa (hash: 78EN8i32FjxMTLLdcIXwd9Vb1kdj7OWCE2WX2/B4rLA=)
2: VUj2jDG1P5mpu3G51mRFUhrIbU4.roa (hash: twr8z4nqYemreBGHT9Kr4AfrcVcZYqpeai7rZry08Us=)
3: XTcKSLWfuBFJXxHElzRILyKxo5I.crl (hash: bQmUg9cmLdhjuOzhpMkhQ27ViB5NHP/ndUOuE12wT8Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.mft
rsync://rpki.ripe.net/repository/DEFAULT/XTcKSLWfuBFJXxHElzRILyKxo5I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:bc:51:3c:61:d5:c0:3c:e9:59:8d:cb:89:39:09:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d370a48b59fb811495f11c49734482f22b1a392
Validity
Not Before: Aug 23 07:02:25 2025 GMT
Not After : Aug 24 07:02:25 2025 GMT
Subject: CN=cada1290c78f1d33417b2db8a836c5144423b00e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:52:eb:c3:b6:a8:b3:4d:4b:c0:b4:16:24:a0:
d9:d3:24:19:7c:a1:f3:2e:04:61:3a:a6:91:9b:80:
3e:46:2b:3e:94:ca:89:10:0e:af:49:d7:1f:eb:51:
b0:2d:f5:46:86:b0:ff:4a:bb:6d:68:27:fe:b0:8c:
63:9b:19:f4:96:90:e9:75:6e:7f:80:05:d7:ab:16:
b4:c9:67:12:0f:a3:b8:12:67:8c:25:5d:e6:b1:5c:
d9:20:8d:40:ac:c7:d3:62:47:0f:16:88:95:58:02:
13:19:75:34:97:7c:d3:36:15:0e:a9:c9:8a:1a:5c:
d2:a9:9f:e1:dd:90:76:64:bb:98:ca:fc:45:5d:5f:
ee:c5:2c:8c:f2:86:d0:09:79:f8:93:59:ee:98:cb:
d0:45:12:c9:d4:aa:f8:33:53:cd:b3:04:a7:33:cf:
20:11:20:a3:ad:49:b4:b0:65:ed:4d:4c:ac:df:7b:
ee:58:c7:43:2f:6a:08:a9:53:84:a5:e7:30:fe:92:
55:bb:3d:e2:15:a8:09:57:b0:3f:be:87:d1:93:7f:
e7:fb:a9:9a:3f:d7:34:4c:23:23:1d:db:18:0e:e8:
b4:43:5f:e1:e9:66:c4:3a:8d:23:f7:c2:d4:ba:43:
9d:61:47:bb:60:2b:4a:f3:46:2d:24:d3:b0:28:b3:
aa:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:DA:12:90:C7:8F:1D:33:41:7B:2D:B8:A8:36:C5:14:44:23:B0:0E
X509v3 Authority Key Identifier:
keyid:5D:37:0A:48:B5:9F:B8:11:49:5F:11:C4:97:34:48:2F:22:B1:A3:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTcKSLWfuBFJXxHElzRILyKxo5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4c:29:bf:6d:db:7d:56:22:77:db:5d:22:28:42:d9:d7:ae:81:
c8:4f:2c:70:02:11:e4:bf:61:19:9a:14:e8:00:cf:e1:f2:2b:
a2:55:70:7a:95:18:5e:ac:58:cc:d2:cd:62:1c:14:68:1a:35:
7c:0c:a0:ba:63:74:86:c2:8e:e8:1b:24:7e:0b:59:68:be:38:
d2:b7:59:e7:91:3d:c8:94:38:d0:46:bf:db:bf:7b:1d:5d:68:
2c:6f:79:df:b5:22:6c:39:d6:e2:3c:6c:3f:13:dc:b0:51:f1:
90:53:ac:2c:74:ab:f2:1e:0e:23:ee:77:e8:d0:d4:48:bb:f9:
21:7a:ea:33:15:9a:30:db:0f:cb:86:2e:19:62:90:44:a8:7b:
8b:20:bd:e9:16:9f:90:9e:73:55:ef:d6:69:eb:bd:c1:d5:de:
1a:a8:78:a0:09:e3:04:67:50:b8:f0:1d:32:76:42:17:42:f1:
7f:0d:37:0a:dc:99:5f:99:e7:77:47:4d:8d:53:1b:af:69:09:
0b:0e:6e:a0:ba:3e:58:3a:68:98:a1:0a:87:1d:02:c9:11:e0:
48:66:c9:52:2e:51:e7:63:47:1e:5b:bb:4e:83:80:10:de:fa:
49:45:bc:f3:9f:d3:6b:41:d8:c7:4e:d8:f4:e6:97:a4:bb:8d:
d0:f6:eb:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVvFE8YdXAPOlZjcuJOQkxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMzcwYTQ4YjU5ZmI4MTE0OTVmMTFjNDk3MzQ0ODJmMjJi
MWEzOTIwHhcNMjUwODIzMDcwMjI1WhcNMjUwODI0MDcwMjI1WjAzMTEwLwYDVQQD
EyhjYWRhMTI5MGM3OGYxZDMzNDE3YjJkYjhhODM2YzUxNDQ0MjNiMDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAilLrw7aos01LwLQWJKDZ0yQZfKHz
LgRhOqaRm4A+Ris+lMqJEA6vSdcf61GwLfVGhrD/SrttaCf+sIxjmxn0lpDpdW5/
gAXXqxa0yWcSD6O4EmeMJV3msVzZII1ArMfTYkcPFoiVWAITGXU0l3zTNhUOqcmK
GlzSqZ/h3ZB2ZLuYyvxFXV/uxSyM8obQCXn4k1numMvQRRLJ1Kr4M1PNswSnM88g
ESCjrUm0sGXtTUys33vuWMdDL2oIqVOEpecw/pJVuz3iFagJV7A/vofRk3/n+6ma
P9c0TCMjHdsYDui0Q1/h6WbEOo0j98LUukOdYUe7YCtK80YtJNOwKLOqIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMraEpDHjx0zQXstuKg2xRREI7AOMB8GA1UdIwQY
MBaAFF03Cki1n7gRSV8RxJc0SC8isaOSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRjS1NMV2Z1QkZKWHhIRWx6UklMeUt4bzVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83MDg1OGEtNjM5NS00MDJkLTlhY2Ut
ZTI3MjAxMzAyNmI0LzEvWFRjS1NMV2Z1QkZKWHhIRWx6UklMeUt4bzVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS83MDg1OGEtNjM5NS00MDJkLTlhY2UtZTI3MjAxMzAyNmI0
LzEvWFRjS1NMV2Z1QkZKWHhIRWx6UklMeUt4bzVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATCm/bdt9
ViJ3210iKELZ166ByE8scAIR5L9hGZoU6ADP4fIrolVwepUYXqxYzNLNYhwUaBo1
fAygumN0hsKO6BskfgtZaL440rdZ55E9yJQ40Ea/2797HV1oLG9537UibDnW4jxs
PxPcsFHxkFOsLHSr8h4OI+536NDUSLv5IXrqMxWaMNsPy4YuGWKQRKh7iyC96Raf
kJ5zVe/Waeu9wdXeGqh4oAnjBGdQuPAdMnZCF0Lxfw03CtyZX5nnd0dNjVMbr2kJ
Cw5uoLo+WDpomKEKhx0CyRHgSGbJUi5R52NHHlu7ToOAEN76SUW885/Ta0HYx07Y
9OaXpLuN0PbrHw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:25:31 2025 by rpki-client