Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/XTgiOCiaiALPUrZ9m_Suh6UJM8M.mft
File: XTgiOCiaiALPUrZ9m_Suh6UJM8M.mft (raw, json)
Hash identifier: lXJCpuYcxgr+FyBL1Uz8IhPdyQRT1qIrzHQXO1uFX1M=
Subject key identifier: F5:4C:81:9D:00:C7:92:1B:8B:86:2B:7C:B1:5A:48:35:33:91:8C:7C
Authority key identifier: 5D:38:22:38:28:9A:88:02:CF:52:B6:7D:9B:F4:AE:87:A5:09:33:C3
Certificate issuer: /CN=5d382238289a8802cf52b67d9bf4ae87a50933c3
Certificate serial: 0197BA0F49B47490CBA75197E5016C3E8C09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTgiOCiaiALPUrZ9m_Suh6UJM8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/XTgiOCiaiALPUrZ9m_Suh6UJM8M.mft
Manifest number: 1523
Signing time: Sun 29 Jun 2025 05:00:53 +0000
Manifest this update: Sun 29 Jun 2025 05:00:53 +0000
Manifest next update: Mon 30 Jun 2025 05:00:53 +0000
Files and hashes: 1: 2ywpCRCtpz6hrb_B5Z2UyYL2m-g.roa (hash: Z+2VK2G2lzN86LoPcE9VgbDrrppkQUiQOHGoi5RCAY8=)
2: XTgiOCiaiALPUrZ9m_Suh6UJM8M.crl (hash: u+/sHH8SR0KFvIOlF3bNqThu8NhqeKAegqSgeyAjTb0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/XTgiOCiaiALPUrZ9m_Suh6UJM8M.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/XTgiOCiaiALPUrZ9m_Suh6UJM8M.mft
rsync://rpki.ripe.net/repository/DEFAULT/XTgiOCiaiALPUrZ9m_Suh6UJM8M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 04:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ba:0f:49:b4:74:90:cb:a7:51:97:e5:01:6c:3e:8c:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d382238289a8802cf52b67d9bf4ae87a50933c3
Validity
Not Before: Jun 29 05:00:53 2025 GMT
Not After : Jun 30 05:00:53 2025 GMT
Subject: CN=f54c819d00c7921b8b862b7cb15a483533918c7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:20:94:a2:48:3a:78:f9:69:d4:32:5b:ec:e4:
39:8c:b9:46:1c:70:f4:49:d7:d6:da:6c:9b:fa:ef:
13:56:36:91:57:df:d9:18:c0:87:07:3c:20:71:63:
aa:91:f4:d1:ef:d8:a1:ee:6f:3d:dd:e2:01:d9:99:
32:4f:fe:b0:5f:2c:ea:1e:ec:61:72:3a:75:93:53:
09:48:ed:c6:84:47:50:0e:29:30:93:58:e6:f6:e3:
a7:2a:49:27:f7:f8:1a:21:d8:25:de:b4:30:eb:1e:
74:60:f7:29:32:8e:09:1b:9b:80:45:7f:4a:36:99:
78:16:dc:02:a4:ab:aa:0d:3b:f0:37:65:27:19:ba:
9b:ca:8b:92:42:09:3b:04:70:7f:f7:e3:96:28:ce:
fe:81:d3:39:b0:13:70:19:2e:82:59:a8:74:97:da:
47:19:3e:5f:0b:5d:d8:6b:44:8e:16:e4:f1:97:cc:
26:11:86:d3:2b:84:c3:7a:98:06:4b:30:1d:9f:4c:
38:c1:43:00:6a:b0:fe:4d:63:da:28:63:7e:60:94:
2a:f1:74:22:88:6f:73:32:db:74:9d:af:bb:c8:33:
93:8d:51:92:fd:36:1e:6a:4e:aa:1f:a2:d5:e4:90:
94:92:a8:8d:4a:83:48:87:b5:57:e0:ec:e5:5b:14:
11:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:4C:81:9D:00:C7:92:1B:8B:86:2B:7C:B1:5A:48:35:33:91:8C:7C
X509v3 Authority Key Identifier:
keyid:5D:38:22:38:28:9A:88:02:CF:52:B6:7D:9B:F4:AE:87:A5:09:33:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTgiOCiaiALPUrZ9m_Suh6UJM8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/XTgiOCiaiALPUrZ9m_Suh6UJM8M.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/XTgiOCiaiALPUrZ9m_Suh6UJM8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3f:df:ad:8b:dc:fd:81:e1:cd:18:fb:2d:cf:79:ac:ab:72:54:
2a:55:5a:94:ff:05:88:6d:77:b1:72:98:50:11:94:f7:d3:30:
2a:68:68:5e:0a:e5:2a:37:83:99:56:98:4f:a1:f3:b7:50:60:
a2:80:11:c2:59:38:3e:70:20:50:d4:ed:e5:22:10:f6:87:a7:
21:64:55:6f:b1:59:fa:ad:4d:37:39:5c:15:9b:b2:9e:48:9c:
43:18:8c:6d:7a:e1:4c:16:b2:1c:37:7f:b6:b2:c7:d5:6b:bd:
e4:a3:c7:dc:14:68:91:c2:66:0f:a0:f9:f7:6f:f6:f8:8a:e8:
b2:e4:d2:06:ff:e5:b8:bb:6f:f6:9f:92:78:32:cc:84:96:3f:
86:d8:eb:e4:eb:b9:66:cf:87:f9:0d:a3:fa:6c:6e:a6:c6:20:
4b:95:82:eb:f0:53:4c:0b:ab:bb:64:ad:45:b1:76:71:2f:a9:
28:5d:84:70:76:b7:91:99:e4:87:68:4a:85:b8:f8:20:4e:89:
65:62:80:1a:d3:12:4d:de:9f:14:c3:7c:f3:77:a9:1d:bd:72:
eb:47:2f:b1:9a:17:5d:74:97:dc:de:21:86:85:41:3a:0a:46:
77:ea:eb:40:a7:ce:2e:59:d7:82:e8:ea:81:5e:6c:e4:22:57:
f1:77:b5:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe6D0m0dJDLp1GX5QFsPowJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMzgyMjM4Mjg5YTg4MDJjZjUyYjY3ZDliZjRhZTg3YTUw
OTMzYzMwHhcNMjUwNjI5MDUwMDUzWhcNMjUwNjMwMDUwMDUzWjAzMTEwLwYDVQQD
EyhmNTRjODE5ZDAwYzc5MjFiOGI4NjJiN2NiMTVhNDgzNTMzOTE4YzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSCUokg6ePlp1DJb7OQ5jLlGHHD0
SdfW2myb+u8TVjaRV9/ZGMCHBzwgcWOqkfTR79ih7m893eIB2ZkyT/6wXyzqHuxh
cjp1k1MJSO3GhEdQDikwk1jm9uOnKkkn9/gaIdgl3rQw6x50YPcpMo4JG5uARX9K
Npl4FtwCpKuqDTvwN2UnGbqbyouSQgk7BHB/9+OWKM7+gdM5sBNwGS6CWah0l9pH
GT5fC13Ya0SOFuTxl8wmEYbTK4TDepgGSzAdn0w4wUMAarD+TWPaKGN+YJQq8XQi
iG9zMtt0na+7yDOTjVGS/TYeak6qH6LV5JCUkqiNSoNIh7VX4OzlWxQR9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPVMgZ0Ax5Ibi4YrfLFaSDUzkYx8MB8GA1UdIwQY
MBaAFF04IjgomogCz1K2fZv0roelCTPDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRnaU9DaWFpQUxQVXJaOW1fU3VoNlVKTThNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi84NTAxOGEtYzIzOC00MzE5LWFkNDIt
ODg1NzU3YzEyNDhmLzEvWFRnaU9DaWFpQUxQVXJaOW1fU3VoNlVKTThNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi84NTAxOGEtYzIzOC00MzE5LWFkNDItODg1NzU3YzEyNDhm
LzEvWFRnaU9DaWFpQUxQVXJaOW1fU3VoNlVKTThNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP9+ti9z9
geHNGPstz3msq3JUKlValP8FiG13sXKYUBGU99MwKmhoXgrlKjeDmVaYT6Hzt1Bg
ooARwlk4PnAgUNTt5SIQ9oenIWRVb7FZ+q1NNzlcFZuynkicQxiMbXrhTBayHDd/
trLH1Wu95KPH3BRokcJmD6D592/2+IrosuTSBv/luLtv9p+SeDLMhJY/htjr5Ou5
Zs+H+Q2j+mxupsYgS5WC6/BTTAuru2StRbF2cS+pKF2EcHa3kZnkh2hKhbj4IE6J
ZWKAGtMSTd6fFMN883epHb1y60cvsZoXXXSX3N4hhoVBOgpGd+rrQKfOLlnXgujq
gV5s5CJX8Xe1YA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 08:57:12 2025 by rpki-client