Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/XTgiOCiaiALPUrZ9m_Suh6UJM8M.mft
File: XTgiOCiaiALPUrZ9m_Suh6UJM8M.mft (raw, json)
Hash identifier: LRoPOB02CuF2gjmguoJlGbkoLcWd4kUMilsYBXlcap0=
Subject key identifier: 93:0D:8E:64:8C:F9:D1:06:FD:A0:82:E0:DA:9A:35:EA:8F:6D:42:46
Authority key identifier: 5D:38:22:38:28:9A:88:02:CF:52:B6:7D:9B:F4:AE:87:A5:09:33:C3
Certificate issuer: /CN=5d382238289a8802cf52b67d9bf4ae87a50933c3
Certificate serial: 019A0147FEEC5C4209D5E68D3A34CB16C311
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTgiOCiaiALPUrZ9m_Suh6UJM8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/XTgiOCiaiALPUrZ9m_Suh6UJM8M.mft
Manifest number: 1651
Signing time: Mon 20 Oct 2025 11:01:26 +0000
Manifest this update: Mon 20 Oct 2025 11:01:26 +0000
Manifest next update: Tue 21 Oct 2025 11:01:26 +0000
Files and hashes: 1: 2ywpCRCtpz6hrb_B5Z2UyYL2m-g.roa (hash: Z+2VK2G2lzN86LoPcE9VgbDrrppkQUiQOHGoi5RCAY8=)
2: XTgiOCiaiALPUrZ9m_Suh6UJM8M.crl (hash: 9ILz8weSWB3FQ5PM5GJnb5wyTS6Ebe9KKQLtp4W4Rhs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/XTgiOCiaiALPUrZ9m_Suh6UJM8M.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/XTgiOCiaiALPUrZ9m_Suh6UJM8M.mft
rsync://rpki.ripe.net/repository/DEFAULT/XTgiOCiaiALPUrZ9m_Suh6UJM8M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:01:47:fe:ec:5c:42:09:d5:e6:8d:3a:34:cb:16:c3:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d382238289a8802cf52b67d9bf4ae87a50933c3
Validity
Not Before: Oct 20 11:01:26 2025 GMT
Not After : Oct 21 11:01:26 2025 GMT
Subject: CN=930d8e648cf9d106fda082e0da9a35ea8f6d4246
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:eb:fe:68:a1:35:12:48:0d:0f:32:2c:e8:0c:
0a:0f:a6:e7:59:3f:00:7e:3a:88:0a:10:12:f2:99:
f1:9c:0b:5a:a4:83:94:e3:5b:50:e7:d1:b2:41:58:
dc:5d:bd:53:71:f9:c7:dd:33:71:9a:88:3d:1f:73:
3b:cf:f0:17:a9:d1:68:6a:10:ff:6a:45:cc:10:4b:
da:25:1a:0f:82:26:fd:be:7e:65:19:7c:18:53:bd:
fe:74:59:ba:5c:40:f5:20:76:a7:a4:ec:cf:f3:7b:
c8:87:5c:4d:10:1d:d6:75:52:ac:54:32:5f:92:80:
53:c3:77:06:18:89:48:fe:b8:f4:4c:fc:65:0c:99:
89:46:58:cc:f1:af:63:63:8e:21:79:9b:f2:4d:35:
b5:46:d6:b9:0f:8c:41:73:67:fa:1e:fe:91:25:60:
ac:ef:ad:37:4a:ae:7c:5d:02:61:4a:5a:23:0c:30:
30:b4:59:27:fc:71:15:d5:57:05:fe:bb:a1:d3:43:
28:73:e5:01:9b:99:dd:42:e9:a6:47:c4:88:49:b1:
52:94:f6:8f:d5:f8:dd:81:8b:89:d9:c0:69:b1:be:
f0:d8:3b:f0:d3:f1:8d:32:db:de:17:90:37:14:47:
f7:40:b2:bc:e8:ec:66:33:87:56:6a:ab:7f:9a:2b:
3f:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:0D:8E:64:8C:F9:D1:06:FD:A0:82:E0:DA:9A:35:EA:8F:6D:42:46
X509v3 Authority Key Identifier:
keyid:5D:38:22:38:28:9A:88:02:CF:52:B6:7D:9B:F4:AE:87:A5:09:33:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTgiOCiaiALPUrZ9m_Suh6UJM8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/XTgiOCiaiALPUrZ9m_Suh6UJM8M.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/XTgiOCiaiALPUrZ9m_Suh6UJM8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5a:a3:a0:c9:c8:79:ef:7c:9d:c2:c6:e4:d1:cb:c2:6b:1c:67:
b3:44:f1:c4:6a:9d:4a:0d:bd:a1:1e:f9:e1:d7:e9:9d:21:44:
eb:44:c3:3d:0f:66:2e:42:55:43:7d:57:f4:ae:40:27:3d:3a:
0c:af:e9:5f:5e:9f:57:68:7f:ad:f8:41:b3:92:e5:41:e3:54:
10:9b:23:c4:ce:9a:66:c7:bd:57:af:37:da:40:90:8e:fd:ae:
1e:b2:a0:9b:cb:37:e1:8f:e7:9f:c9:fb:9a:40:92:c9:90:5b:
28:31:de:04:20:4f:58:37:cc:d0:04:98:57:40:d8:13:76:fa:
29:28:58:c3:e0:73:70:1a:aa:7f:85:73:db:9d:33:8c:45:bb:
b6:ed:70:a4:0d:1a:05:dd:68:94:e2:ac:d8:c6:d9:fd:55:b8:
84:04:de:41:2f:56:0a:1c:04:7b:fa:c4:e8:cb:40:7d:db:c1:
36:ab:46:b2:67:40:e5:32:ab:9a:fa:20:bd:13:08:42:6a:da:
70:13:96:69:80:bb:6e:4e:76:54:15:da:f4:4a:cb:75:0b:c5:
37:51:96:b9:3c:5d:6b:09:f0:f3:e1:98:97:dd:76:cd:23:7b:
92:4c:77:6d:8c:a4:8d:d7:77:77:24:63:93:66:06:06:68:bf:
05:48:de:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoBR/7sXEIJ1eaNOjTLFsMRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMzgyMjM4Mjg5YTg4MDJjZjUyYjY3ZDliZjRhZTg3YTUw
OTMzYzMwHhcNMjUxMDIwMTEwMTI2WhcNMjUxMDIxMTEwMTI2WjAzMTEwLwYDVQQD
Eyg5MzBkOGU2NDhjZjlkMTA2ZmRhMDgyZTBkYTlhMzVlYThmNmQ0MjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAouv+aKE1EkgNDzIs6AwKD6bnWT8A
fjqIChAS8pnxnAtapIOU41tQ59GyQVjcXb1TcfnH3TNxmog9H3M7z/AXqdFoahD/
akXMEEvaJRoPgib9vn5lGXwYU73+dFm6XED1IHanpOzP83vIh1xNEB3WdVKsVDJf
koBTw3cGGIlI/rj0TPxlDJmJRljM8a9jY44heZvyTTW1Rta5D4xBc2f6Hv6RJWCs
7603Sq58XQJhSlojDDAwtFkn/HEV1VcF/ruh00Moc+UBm5ndQummR8SISbFSlPaP
1fjdgYuJ2cBpsb7w2Dvw0/GNMtveF5A3FEf3QLK86OxmM4dWaqt/mis/ZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJMNjmSM+dEG/aCC4NqaNeqPbUJGMB8GA1UdIwQY
MBaAFF04IjgomogCz1K2fZv0roelCTPDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRnaU9DaWFpQUxQVXJaOW1fU3VoNlVKTThNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi84NTAxOGEtYzIzOC00MzE5LWFkNDIt
ODg1NzU3YzEyNDhmLzEvWFRnaU9DaWFpQUxQVXJaOW1fU3VoNlVKTThNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi84NTAxOGEtYzIzOC00MzE5LWFkNDItODg1NzU3YzEyNDhm
LzEvWFRnaU9DaWFpQUxQVXJaOW1fU3VoNlVKTThNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWqOgych5
73ydwsbk0cvCaxxns0TxxGqdSg29oR754dfpnSFE60TDPQ9mLkJVQ31X9K5AJz06
DK/pX16fV2h/rfhBs5LlQeNUEJsjxM6aZse9V6832kCQjv2uHrKgm8s34Y/nn8n7
mkCSyZBbKDHeBCBPWDfM0ASYV0DYE3b6KShYw+BzcBqqf4Vz250zjEW7tu1wpA0a
Bd1olOKs2MbZ/VW4hATeQS9WChwEe/rE6MtAfdvBNqtGsmdA5TKrmvogvRMIQmra
cBOWaYC7bk52VBXa9ErLdQvFN1GWuTxdawnw8+GYl912zSN7kkx3bYykjdd3dyRj
k2YGBmi/BUjeOg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 15:01:03 2025 by rpki-client