Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.mft
File: XTcKSLWfuBFJXxHElzRILyKxo5I.mft (raw, json)
Hash identifier: 6ON6osgh+uI6LfuR5OlXt2VLqX3e+G8t9muIxs91Pnc=
Subject key identifier: A2:46:42:4F:9F:21:C2:B9:D1:78:F2:DA:88:32:E5:BD:86:50:6D:2B
Authority key identifier: 5D:37:0A:48:B5:9F:B8:11:49:5F:11:C4:97:34:48:2F:22:B1:A3:92
Certificate issuer: /CN=5d370a48b59fb811495f11c49734482f22b1a392
Certificate serial: 0197B7EA107E748CEE269C2E96452037717D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTcKSLWfuBFJXxHElzRILyKxo5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.mft
Manifest number: 12BE
Signing time: Sat 28 Jun 2025 19:00:59 +0000
Manifest this update: Sat 28 Jun 2025 19:00:59 +0000
Manifest next update: Sun 29 Jun 2025 19:00:59 +0000
Files and hashes: 1: NKYWlz4gwZY4JXbw2fZ-33Yiq7Q.roa (hash: 78EN8i32FjxMTLLdcIXwd9Vb1kdj7OWCE2WX2/B4rLA=)
2: VUj2jDG1P5mpu3G51mRFUhrIbU4.roa (hash: twr8z4nqYemreBGHT9Kr4AfrcVcZYqpeai7rZry08Us=)
3: XTcKSLWfuBFJXxHElzRILyKxo5I.crl (hash: /LISU+PvyW3mnminkMZuDX0YC8X0A+j8DxAkEwJUvq0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.mft
rsync://rpki.ripe.net/repository/DEFAULT/XTcKSLWfuBFJXxHElzRILyKxo5I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:ea:10:7e:74:8c:ee:26:9c:2e:96:45:20:37:71:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d370a48b59fb811495f11c49734482f22b1a392
Validity
Not Before: Jun 28 19:00:59 2025 GMT
Not After : Jun 29 19:00:59 2025 GMT
Subject: CN=a246424f9f21c2b9d178f2da8832e5bd86506d2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:46:20:bc:a2:12:ec:7a:6d:d5:b3:b5:e6:c5:
2f:83:1b:a1:7c:4c:00:4d:6c:04:ee:7a:5c:c0:d7:
f3:42:9a:57:a8:06:dd:77:a5:49:ac:c9:3f:88:ac:
6c:b9:65:84:41:ab:90:bc:6f:ba:02:1c:be:f2:b3:
78:32:d6:81:c7:f4:0c:a8:34:38:6e:9f:a8:56:10:
2a:c0:be:8e:75:e0:c3:a5:38:4f:dd:fe:98:34:59:
33:3d:a9:ea:59:00:32:17:47:af:17:34:66:09:54:
d1:65:84:ec:e2:2c:be:eb:07:3d:4e:00:7b:0f:d1:
97:68:b7:7e:d8:16:58:3d:dc:e2:5a:94:1c:e9:92:
dd:7a:a2:4e:a4:21:98:90:48:ce:8b:f0:6a:04:b7:
10:52:5d:73:da:7d:85:8d:6a:94:62:69:60:9a:52:
9f:1f:73:4b:5b:c5:94:e1:b0:6a:60:96:6d:7a:92:
c9:eb:39:cb:ae:b7:ef:7d:c9:a1:c3:3a:16:25:18:
fa:0e:c2:37:55:32:7d:58:bc:94:fb:2f:26:2a:2b:
5b:82:ff:71:d4:52:11:dc:74:de:16:ad:c7:07:ad:
59:78:d9:20:4c:e0:d2:8b:00:cc:28:ad:8f:a0:f8:
5b:98:e9:bb:f3:80:64:08:94:6c:18:25:12:fc:5f:
9e:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:46:42:4F:9F:21:C2:B9:D1:78:F2:DA:88:32:E5:BD:86:50:6D:2B
X509v3 Authority Key Identifier:
keyid:5D:37:0A:48:B5:9F:B8:11:49:5F:11:C4:97:34:48:2F:22:B1:A3:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTcKSLWfuBFJXxHElzRILyKxo5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
42:ad:48:99:9f:32:27:b1:ec:c4:34:42:cd:58:63:96:aa:49:
f7:1a:79:21:61:a9:2a:a2:06:d6:d8:63:85:2c:d7:81:3e:e6:
aa:d8:af:3c:f3:b2:0c:c4:6a:e8:7b:28:7a:7b:5d:1e:96:aa:
67:76:04:d5:00:41:84:e3:ea:29:e9:d3:61:84:05:28:b4:8c:
5e:47:b5:ba:05:92:c4:e1:ba:d6:68:fd:3d:05:7d:e8:68:77:
9d:70:ba:0c:74:cc:b1:19:fd:82:2c:5a:ee:77:c8:26:42:f8:
50:a4:e1:ea:14:2c:c6:a4:7f:e3:22:4b:70:a8:09:23:89:8f:
b9:e3:cd:98:ce:69:9f:2e:2e:66:0f:bf:70:d3:02:3f:08:21:
de:50:68:cc:44:6a:6f:04:57:e4:1f:70:5e:a3:50:95:00:e5:
3e:aa:d6:e5:16:dc:37:e6:c5:46:7d:d7:5c:15:39:82:67:5b:
08:b5:ce:b5:2a:c9:8d:1c:94:8f:96:7c:a4:fd:83:61:4b:42:
34:e4:44:32:b5:79:b0:66:b2:99:ce:85:f6:18:a9:58:ae:be:
1d:cb:61:bc:a7:c9:1a:52:ec:14:32:f6:68:8f:05:f9:22:69:
38:7a:63:57:ab:ac:0b:76:07:26:2c:62:68:06:27:7f:39:c6:
ee:80:d8:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36hB+dIzuJpwulkUgN3F9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMzcwYTQ4YjU5ZmI4MTE0OTVmMTFjNDk3MzQ0ODJmMjJi
MWEzOTIwHhcNMjUwNjI4MTkwMDU5WhcNMjUwNjI5MTkwMDU5WjAzMTEwLwYDVQQD
EyhhMjQ2NDI0ZjlmMjFjMmI5ZDE3OGYyZGE4ODMyZTViZDg2NTA2ZDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6kYgvKIS7Hpt1bO15sUvgxuhfEwA
TWwE7npcwNfzQppXqAbdd6VJrMk/iKxsuWWEQauQvG+6Ahy+8rN4MtaBx/QMqDQ4
bp+oVhAqwL6OdeDDpThP3f6YNFkzPanqWQAyF0evFzRmCVTRZYTs4iy+6wc9TgB7
D9GXaLd+2BZYPdziWpQc6ZLdeqJOpCGYkEjOi/BqBLcQUl1z2n2FjWqUYmlgmlKf
H3NLW8WU4bBqYJZtepLJ6znLrrfvfcmhwzoWJRj6DsI3VTJ9WLyU+y8mKitbgv9x
1FIR3HTeFq3HB61ZeNkgTODSiwDMKK2PoPhbmOm784BkCJRsGCUS/F+eewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKJGQk+fIcK50Xjy2ogy5b2GUG0rMB8GA1UdIwQY
MBaAFF03Cki1n7gRSV8RxJc0SC8isaOSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRjS1NMV2Z1QkZKWHhIRWx6UklMeUt4bzVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83MDg1OGEtNjM5NS00MDJkLTlhY2Ut
ZTI3MjAxMzAyNmI0LzEvWFRjS1NMV2Z1QkZKWHhIRWx6UklMeUt4bzVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS83MDg1OGEtNjM5NS00MDJkLTlhY2UtZTI3MjAxMzAyNmI0
LzEvWFRjS1NMV2Z1QkZKWHhIRWx6UklMeUt4bzVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQq1ImZ8y
J7HsxDRCzVhjlqpJ9xp5IWGpKqIG1thjhSzXgT7mqtivPPOyDMRq6HsoentdHpaq
Z3YE1QBBhOPqKenTYYQFKLSMXke1ugWSxOG61mj9PQV96Gh3nXC6DHTMsRn9gixa
7nfIJkL4UKTh6hQsxqR/4yJLcKgJI4mPuePNmM5pny4uZg+/cNMCPwgh3lBozERq
bwRX5B9wXqNQlQDlPqrW5RbcN+bFRn3XXBU5gmdbCLXOtSrJjRyUj5Z8pP2DYUtC
NOREMrV5sGaymc6F9hipWK6+HcthvKfJGlLsFDL2aI8F+SJpOHpjV6usC3YHJixi
aAYnfznG7oDYaw==
-----END CERTIFICATE-----
Generated at Sat Jun 28 20:52:33 2025 by rpki-client