Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/dbb5e4-c558-4efe-9c9a-fa5d7b48aae9/1/xmCFijitXhG3sYk5KIO8g-trNh0.mft
File: xmCFijitXhG3sYk5KIO8g-trNh0.mft (raw, json)
Hash identifier: ZCJbMsRamzm5G6rUGW8wPfdY2ZQc+tY+DDWFrSlTMaA=
Subject key identifier: CB:C6:AE:CD:2C:3F:1B:E2:72:04:E1:87:4A:46:07:4E:FC:34:38:7E
Authority key identifier: C6:60:85:8A:38:AD:5E:11:B7:B1:89:39:28:83:BC:83:EB:6B:36:1D
Certificate issuer: /CN=c660858a38ad5e11b7b189392883bc83eb6b361d
Certificate serial: 019A71B8D63BFF2A6414B5A5164D1828E924
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmCFijitXhG3sYk5KIO8g-trNh0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/dbb5e4-c558-4efe-9c9a-fa5d7b48aae9/1/xmCFijitXhG3sYk5KIO8g-trNh0.mft
Manifest number: 171D
Signing time: Tue 11 Nov 2025 07:02:10 +0000
Manifest this update: Tue 11 Nov 2025 07:02:10 +0000
Manifest next update: Wed 12 Nov 2025 07:02:10 +0000
Files and hashes: 1: xmCFijitXhG3sYk5KIO8g-trNh0.crl (hash: QQgcL1IR0b9GeyxfDGqQDO3fzx7gdTOcK6bPHAGGz0A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/dbb5e4-c558-4efe-9c9a-fa5d7b48aae9/1/xmCFijitXhG3sYk5KIO8g-trNh0.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/dbb5e4-c558-4efe-9c9a-fa5d7b48aae9/1/xmCFijitXhG3sYk5KIO8g-trNh0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmCFijitXhG3sYk5KIO8g-trNh0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:d6:3b:ff:2a:64:14:b5:a5:16:4d:18:28:e9:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c660858a38ad5e11b7b189392883bc83eb6b361d
Validity
Not Before: Nov 11 07:02:10 2025 GMT
Not After : Nov 12 07:02:10 2025 GMT
Subject: CN=cbc6aecd2c3f1be27204e1874a46074efc34387e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ba:2f:0b:56:42:1c:1e:5e:77:61:45:2d:0c:
81:7d:66:46:33:20:fb:94:f1:ae:dd:5d:7a:c0:18:
15:8d:5d:f4:34:5d:50:48:29:88:ae:de:a4:5f:61:
e6:2d:25:8e:c3:e1:03:89:9e:7e:1c:9b:fc:ba:38:
7d:88:d5:50:aa:7d:b7:21:34:42:fe:26:b3:bc:0d:
cf:31:94:e5:81:37:f9:4b:fd:fe:ef:09:c6:32:6e:
5a:2b:90:96:7c:db:bd:bf:36:95:20:af:d9:ba:f5:
fe:3d:00:63:bb:25:9d:96:22:1f:9f:38:1d:56:5e:
60:8f:86:ff:7b:21:dd:63:f5:4a:22:76:75:13:bb:
c5:2e:7b:48:26:b2:72:2b:e2:29:e4:7f:c8:e0:7d:
77:c2:79:4d:1d:54:cc:c4:50:30:2c:69:86:50:3d:
9e:89:84:be:e2:34:f5:fc:79:0c:aa:b8:57:8a:9a:
ef:87:5e:0a:77:87:1a:50:56:a1:ac:e2:02:02:fc:
83:52:13:5a:1d:c2:1a:1a:0e:0d:62:8b:04:c9:6e:
a2:39:f9:e3:72:22:50:3b:0b:49:d3:5f:0d:af:4d:
de:39:71:bc:5f:d3:3a:60:12:5d:c8:b3:97:88:74:
b4:68:46:a9:e4:b0:f2:9f:b2:31:58:d5:a2:35:05:
e7:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:C6:AE:CD:2C:3F:1B:E2:72:04:E1:87:4A:46:07:4E:FC:34:38:7E
X509v3 Authority Key Identifier:
keyid:C6:60:85:8A:38:AD:5E:11:B7:B1:89:39:28:83:BC:83:EB:6B:36:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmCFijitXhG3sYk5KIO8g-trNh0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/dbb5e4-c558-4efe-9c9a-fa5d7b48aae9/1/xmCFijitXhG3sYk5KIO8g-trNh0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/dbb5e4-c558-4efe-9c9a-fa5d7b48aae9/1/xmCFijitXhG3sYk5KIO8g-trNh0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
60:37:5b:83:2c:43:51:70:f6:3c:b2:ca:6f:fb:df:98:f2:d5:
8b:5a:22:21:ab:a2:ba:66:2d:e5:45:6a:e0:1f:64:ec:80:06:
f2:d5:54:84:1a:4a:d4:39:7a:f4:4b:a3:c6:a0:44:d9:02:f3:
46:f5:42:3f:a6:f4:94:9f:f5:56:ab:92:d5:58:a7:1f:38:e4:
0e:74:cc:8b:87:f5:2e:b4:8c:76:84:92:17:df:1d:4d:c4:f6:
bf:64:3d:bf:dd:78:35:9d:65:75:43:bb:fc:38:cb:03:ce:b9:
0e:d9:ff:6e:6f:94:58:8e:ab:6e:e5:c2:ba:63:26:59:98:4a:
c8:52:8e:f2:df:c2:c6:f4:70:a2:37:af:a0:70:47:18:23:bb:
b2:62:82:34:bf:60:ac:03:61:e6:ec:16:38:10:ed:fd:fa:f7:
1a:0e:c1:d3:ec:75:21:aa:cc:e6:ae:0a:7c:80:1b:a4:f2:70:
85:90:8d:ae:6d:e6:ff:e9:68:53:93:e4:2b:46:62:08:03:d6:
27:6b:bf:1c:a4:db:cc:14:a1:09:5f:12:da:f3:35:1c:c3:81:
5a:3f:8f:63:9b:ea:1c:90:64:11:c0:84:1b:90:c3:2e:ca:6e:
4f:6b:b6:3a:77:50:2a:95:85:e3:f2:8b:28:95:68:ac:17:5f:
53:42:4b:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuNY7/ypkFLWlFk0YKOkkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjA4NThhMzhhZDVlMTFiN2IxODkzOTI4ODNiYzgzZWI2
YjM2MWQwHhcNMjUxMTExMDcwMjEwWhcNMjUxMTEyMDcwMjEwWjAzMTEwLwYDVQQD
EyhjYmM2YWVjZDJjM2YxYmUyNzIwNGUxODc0YTQ2MDc0ZWZjMzQzODdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrovC1ZCHB5ed2FFLQyBfWZGMyD7
lPGu3V16wBgVjV30NF1QSCmIrt6kX2HmLSWOw+EDiZ5+HJv8ujh9iNVQqn23ITRC
/iazvA3PMZTlgTf5S/3+7wnGMm5aK5CWfNu9vzaVIK/ZuvX+PQBjuyWdliIfnzgd
Vl5gj4b/eyHdY/VKInZ1E7vFLntIJrJyK+Ip5H/I4H13wnlNHVTMxFAwLGmGUD2e
iYS+4jT1/HkMqrhXiprvh14Kd4caUFahrOICAvyDUhNaHcIaGg4NYosEyW6iOfnj
ciJQOwtJ018Nr03eOXG8X9M6YBJdyLOXiHS0aEap5LDyn7IxWNWiNQXnLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMvGrs0sPxvicgThh0pGB078NDh+MB8GA1UdIwQY
MBaAFMZghYo4rV4Rt7GJOSiDvIPrazYdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1DRmlqaXRYaEczc1lrNUtJTzhnLXRyTmgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9kYmI1ZTQtYzU1OC00ZWZlLTljOWEt
ZmE1ZDdiNDhhYWU5LzEveG1DRmlqaXRYaEczc1lrNUtJTzhnLXRyTmgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9kYmI1ZTQtYzU1OC00ZWZlLTljOWEtZmE1ZDdiNDhhYWU5
LzEveG1DRmlqaXRYaEczc1lrNUtJTzhnLXRyTmgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYDdbgyxD
UXD2PLLKb/vfmPLVi1oiIauiumYt5UVq4B9k7IAG8tVUhBpK1Dl69EujxqBE2QLz
RvVCP6b0lJ/1VquS1VinHzjkDnTMi4f1LrSMdoSSF98dTcT2v2Q9v914NZ1ldUO7
/DjLA865Dtn/bm+UWI6rbuXCumMmWZhKyFKO8t/CxvRwojevoHBHGCO7smKCNL9g
rANh5uwWOBDt/fr3Gg7B0+x1IarM5q4KfIAbpPJwhZCNrm3m/+loU5PkK0ZiCAPW
J2u/HKTbzBShCV8S2vM1HMOBWj+PY5vqHJBkEcCEG5DDLspuT2u2OndQKpWF4/KL
KJVorBdfU0JLTg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:22:30 2025 by rpki-client