Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.mft
File: XTTdv33KsQy_aCKXkh61gS2QUHE.mft (raw, json)
Hash identifier: u9qo2HnMU5h8x/FSPl+pbB23mFE3jZlwbmxqSJAMgoA=
Subject key identifier: 3B:E5:40:EA:9F:47:DA:DC:1A:A0:6D:D6:36:1E:5E:E8:19:BD:52:44
Authority key identifier: 5D:34:DD:BF:7D:CA:B1:0C:BF:68:22:97:92:1E:B5:81:2D:90:50:71
Certificate issuer: /CN=5d34ddbf7dcab10cbf682297921eb5812d905071
Certificate serial: 0199FBEB7483ACACB2070B0E06D2FD55FCED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTTdv33KsQy_aCKXkh61gS2QUHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.mft
Manifest number: 05E0
Signing time: Sun 19 Oct 2025 10:02:16 +0000
Manifest this update: Sun 19 Oct 2025 10:02:16 +0000
Manifest next update: Mon 20 Oct 2025 10:02:16 +0000
Files and hashes: 1: S6aYdrXE8VeCcP5w8D7hhhcOGoc.roa (hash: csN/l/mC6C7LyFwDFQUEKU3wX0HgZWqjImlEztzBO3Q=)
2: XTTdv33KsQy_aCKXkh61gS2QUHE.crl (hash: kRZsImU/t7uU/5Ydi39awKuFbPxNfS1RzmSCukH1JFE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/XTTdv33KsQy_aCKXkh61gS2QUHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:eb:74:83:ac:ac:b2:07:0b:0e:06:d2:fd:55:fc:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d34ddbf7dcab10cbf682297921eb5812d905071
Validity
Not Before: Oct 19 10:02:16 2025 GMT
Not After : Oct 20 10:02:16 2025 GMT
Subject: CN=3be540ea9f47dadc1aa06dd6361e5ee819bd5244
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:48:df:dd:1b:71:12:b6:65:ae:9f:62:47:61:
f7:9e:07:a7:cc:c8:71:c2:67:da:fa:78:cc:3c:ed:
91:81:43:55:fa:5f:14:24:2e:c1:f4:53:01:0f:65:
18:84:d3:63:95:0f:c1:e1:2b:fa:d1:0e:1f:ad:7e:
ca:a4:12:35:db:be:ac:75:0d:a5:52:bd:b3:25:fb:
34:59:5f:42:30:fd:49:9c:5d:09:ff:f2:78:c8:e9:
45:77:31:00:89:70:43:70:67:b6:8c:56:33:4e:e1:
f2:3d:26:ae:a9:53:0d:1f:c7:f6:b4:2e:b2:ba:b9:
3f:0d:93:24:1c:a6:26:66:b3:35:0a:2d:86:ce:c0:
01:63:2b:c0:c9:78:d9:b2:ad:7f:ec:26:85:89:96:
84:89:72:1e:02:9a:57:16:fc:1b:aa:cb:f5:ff:21:
6e:0c:cc:83:2a:0c:d2:63:ea:95:33:11:9a:53:bc:
27:cb:5f:1d:d0:1a:26:62:a3:44:d9:20:4a:f8:da:
16:10:ab:f5:4f:cd:2a:20:c4:13:ff:8d:11:d6:3e:
2b:26:e4:0a:fc:fa:7c:9a:c7:20:e9:a5:c0:bd:b7:
f7:08:69:20:e7:88:3d:6a:82:8d:a1:1b:32:35:a5:
2f:18:8e:c4:d1:b8:1e:98:61:aa:56:3e:6a:24:e0:
6e:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:E5:40:EA:9F:47:DA:DC:1A:A0:6D:D6:36:1E:5E:E8:19:BD:52:44
X509v3 Authority Key Identifier:
keyid:5D:34:DD:BF:7D:CA:B1:0C:BF:68:22:97:92:1E:B5:81:2D:90:50:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTTdv33KsQy_aCKXkh61gS2QUHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
04:00:dc:d2:cf:fc:cd:e3:04:2e:8c:94:d9:8b:e5:96:6a:90:
1a:7c:3a:83:aa:6a:a1:96:bd:7e:f6:50:32:b2:f0:53:3f:da:
70:05:e9:7f:ad:95:3c:6f:ed:98:85:1b:dd:7b:14:d6:c6:ad:
32:38:87:a1:6f:89:ce:86:33:91:db:92:53:6e:b9:34:fe:67:
21:a0:0e:c5:79:9e:4d:9b:b7:1a:cf:9d:5d:05:63:94:86:bb:
16:1b:57:57:0d:41:85:61:a7:e3:a6:ef:0a:e5:0f:45:e6:e4:
8b:ae:b7:c5:70:0e:07:f4:60:f5:e3:3c:41:1b:75:20:fb:55:
af:b8:ff:d5:36:15:18:63:9a:bc:fe:14:b1:66:2e:42:6a:b1:
75:52:43:15:e3:3f:6b:e4:9c:f3:c3:65:e7:0f:2c:8e:18:43:
79:51:77:8d:e1:c6:f0:4e:9b:80:a6:c1:45:22:21:4b:08:38:
a5:e7:78:64:ac:43:16:d5:2c:88:cb:ed:0c:de:5a:d4:a1:a3:
ca:92:06:d0:c0:46:2a:f7:62:89:d8:07:01:aa:19:1b:9b:52:
0e:ba:03:11:66:70:04:b6:76:00:d7:ca:71:52:ba:a0:f3:a8:
6c:08:21:19:70:ce:87:e5:5f:54:a5:eb:47:3f:c8:bb:d6:48:
8f:c7:ad:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn763SDrKyyBwsOBtL9VfztMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMzRkZGJmN2RjYWIxMGNiZjY4MjI5NzkyMWViNTgxMmQ5
MDUwNzEwHhcNMjUxMDE5MTAwMjE2WhcNMjUxMDIwMTAwMjE2WjAzMTEwLwYDVQQD
EygzYmU1NDBlYTlmNDdkYWRjMWFhMDZkZDYzNjFlNWVlODE5YmQ1MjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUjf3RtxErZlrp9iR2H3ngenzMhx
wmfa+njMPO2RgUNV+l8UJC7B9FMBD2UYhNNjlQ/B4Sv60Q4frX7KpBI1276sdQ2l
Ur2zJfs0WV9CMP1JnF0J//J4yOlFdzEAiXBDcGe2jFYzTuHyPSauqVMNH8f2tC6y
urk/DZMkHKYmZrM1Ci2GzsABYyvAyXjZsq1/7CaFiZaEiXIeAppXFvwbqsv1/yFu
DMyDKgzSY+qVMxGaU7wny18d0BomYqNE2SBK+NoWEKv1T80qIMQT/40R1j4rJuQK
/Pp8mscg6aXAvbf3CGkg54g9aoKNoRsyNaUvGI7E0bgemGGqVj5qJOBuEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDvlQOqfR9rcGqBt1jYeXugZvVJEMB8GA1UdIwQY
MBaAFF003b99yrEMv2gil5IetYEtkFBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRUZHYzM0tzUXlfYUNLWGtoNjFnUzJRVUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMTk3MGQtOWY3ZS00YzRhLThiMDQt
NWNlZTZkNWYxYTEyLzEvWFRUZHYzM0tzUXlfYUNLWGtoNjFnUzJRVUhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMTk3MGQtOWY3ZS00YzRhLThiMDQtNWNlZTZkNWYxYTEy
LzEvWFRUZHYzM0tzUXlfYUNLWGtoNjFnUzJRVUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABADc0s/8
zeMELoyU2YvllmqQGnw6g6pqoZa9fvZQMrLwUz/acAXpf62VPG/tmIUb3XsU1sat
MjiHoW+JzoYzkduSU265NP5nIaAOxXmeTZu3Gs+dXQVjlIa7FhtXVw1BhWGn46bv
CuUPRebki663xXAOB/Rg9eM8QRt1IPtVr7j/1TYVGGOavP4UsWYuQmqxdVJDFeM/
a+Sc88Nl5w8sjhhDeVF3jeHG8E6bgKbBRSIhSwg4ped4ZKxDFtUsiMvtDN5a1KGj
ypIG0MBGKvdiidgHAaoZG5tSDroDEWZwBLZ2ANfKcVK6oPOobAghGXDOh+VfVKXr
Rz/Iu9ZIj8etUA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:08:27 2025 by rpki-client