Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/a0475f-ca97-4b16-96db-2145ca75e383/1/XWU9B97R6Nf08uoEvTaELFsS8V4.mft
File: XWU9B97R6Nf08uoEvTaELFsS8V4.mft (raw, json)
Hash identifier: wHGGoMbBe/v1f8TUhbzsFo+BcTIi07B9ssnQV0FhHWE=
Subject key identifier: D1:C2:F6:04:5F:5A:38:B9:68:E0:B7:D0:2C:68:F6:D5:A4:68:94:C7
Authority key identifier: 5D:65:3D:07:DE:D1:E8:D7:F4:F2:EA:04:BD:36:84:2C:5B:12:F1:5E
Certificate issuer: /CN=5d653d07ded1e8d7f4f2ea04bd36842c5b12f15e
Certificate serial: 019A72257BB2B594AABF15E725B7A2099778
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XWU9B97R6Nf08uoEvTaELFsS8V4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/a0475f-ca97-4b16-96db-2145ca75e383/1/XWU9B97R6Nf08uoEvTaELFsS8V4.mft
Manifest number: 0F47
Signing time: Tue 11 Nov 2025 09:00:50 +0000
Manifest this update: Tue 11 Nov 2025 09:00:50 +0000
Manifest next update: Wed 12 Nov 2025 09:00:50 +0000
Files and hashes: 1: LETlz166RFHGtOnMtZqu-hVYTtY.roa (hash: R/HDeBwYS+y6cI45NJn8rpNKDr4lgvNm8JPFpPhGnoo=)
2: XWU9B97R6Nf08uoEvTaELFsS8V4.crl (hash: PUNNlE83zTsRUpfYvGqIpSVhMbZWaXtPjbAwtVQtxXU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/a0475f-ca97-4b16-96db-2145ca75e383/1/XWU9B97R6Nf08uoEvTaELFsS8V4.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/a0475f-ca97-4b16-96db-2145ca75e383/1/XWU9B97R6Nf08uoEvTaELFsS8V4.mft
rsync://rpki.ripe.net/repository/DEFAULT/XWU9B97R6Nf08uoEvTaELFsS8V4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:7b:b2:b5:94:aa:bf:15:e7:25:b7:a2:09:97:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d653d07ded1e8d7f4f2ea04bd36842c5b12f15e
Validity
Not Before: Nov 11 09:00:50 2025 GMT
Not After : Nov 12 09:00:50 2025 GMT
Subject: CN=d1c2f6045f5a38b968e0b7d02c68f6d5a46894c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:30:a9:62:01:18:72:e0:2d:97:11:82:d8:51:
75:bf:4e:4e:db:07:ca:8f:88:09:04:25:1d:a1:8f:
33:89:ee:b0:ab:6f:2e:84:4d:9a:9f:ca:4d:90:46:
9f:af:7d:92:59:52:34:fb:a5:31:fc:2d:21:11:da:
d7:f4:64:4c:1e:cb:68:4e:e5:f8:ed:72:08:53:ae:
af:13:f2:67:00:95:ca:db:16:a0:54:37:90:f9:bd:
3f:34:7e:48:82:d6:9c:06:b4:2d:23:34:af:28:06:
7e:9a:b2:4a:39:97:d8:20:55:d8:f1:16:6d:69:3f:
26:ee:ed:66:16:63:1c:3d:47:61:08:8f:7d:7c:a8:
12:4f:25:51:36:0e:81:30:2f:8c:9b:1f:3b:18:a7:
25:f5:ee:ca:8e:a9:40:61:88:2e:55:e6:98:c4:76:
d5:5a:91:18:6e:6e:af:9d:aa:c7:6a:45:f9:bc:1a:
32:3c:91:f8:66:49:90:52:32:9a:51:3e:fa:8e:ed:
fd:65:97:06:96:81:6f:85:1e:87:a6:53:96:bb:1e:
43:60:5b:71:58:06:78:8a:b6:7a:b8:79:ca:ef:7e:
89:ed:2c:61:a3:81:ff:17:ce:50:8b:9c:5d:f7:2b:
6c:fe:6b:70:34:cc:35:73:e8:5f:7c:97:39:1e:30:
3a:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:C2:F6:04:5F:5A:38:B9:68:E0:B7:D0:2C:68:F6:D5:A4:68:94:C7
X509v3 Authority Key Identifier:
keyid:5D:65:3D:07:DE:D1:E8:D7:F4:F2:EA:04:BD:36:84:2C:5B:12:F1:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XWU9B97R6Nf08uoEvTaELFsS8V4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a0475f-ca97-4b16-96db-2145ca75e383/1/XWU9B97R6Nf08uoEvTaELFsS8V4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a0475f-ca97-4b16-96db-2145ca75e383/1/XWU9B97R6Nf08uoEvTaELFsS8V4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1e:92:ed:63:e2:7b:40:f1:be:0e:0d:e1:7e:96:b9:3c:9c:91:
2e:31:b7:ef:6d:6c:25:3d:44:a8:98:bc:be:77:24:62:f2:a9:
25:96:1f:54:29:3d:e5:48:1e:ed:90:a4:8f:ba:32:4f:16:e6:
09:7d:b5:0d:30:59:0c:03:4c:fc:f0:01:9b:da:1d:d7:37:76:
82:b2:4a:db:86:cc:3a:bb:c0:ed:9f:a9:3c:51:02:2b:2c:0a:
e5:9b:84:73:69:33:af:a6:8e:9e:d7:65:c0:ee:5e:ea:0e:25:
82:e2:9c:f1:14:2a:36:2b:09:2b:05:d4:7d:72:cd:e8:16:4a:
b0:f8:11:54:4e:da:61:5c:e9:6b:5c:fd:93:3e:10:85:47:0e:
8d:83:a8:da:6b:29:06:da:90:13:05:d7:93:c0:5e:19:81:58:
96:cc:71:bc:dc:45:b0:53:dc:17:45:b3:ad:4f:6d:ba:fd:76:
22:ca:cd:a9:58:65:b4:e9:51:cd:de:04:85:b2:8d:57:f3:f3:
33:e4:60:a0:3a:5b:8b:cd:94:a9:a0:f4:60:ae:d7:8c:d4:e7:
0c:8d:45:17:2a:ba:9d:fd:21:6e:e6:5d:0e:98:d4:7d:49:a7:
58:88:3b:68:2e:77:3b:fd:69:b1:70:7e:ea:33:d4:06:40:b1:
34:ad:19:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJXuytZSqvxXnJbeiCZd4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkNjUzZDA3ZGVkMWU4ZDdmNGYyZWEwNGJkMzY4NDJjNWIx
MmYxNWUwHhcNMjUxMTExMDkwMDUwWhcNMjUxMTEyMDkwMDUwWjAzMTEwLwYDVQQD
EyhkMWMyZjYwNDVmNWEzOGI5NjhlMGI3ZDAyYzY4ZjZkNWE0Njg5NGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTCpYgEYcuAtlxGC2FF1v05O2wfK
j4gJBCUdoY8zie6wq28uhE2an8pNkEafr32SWVI0+6Ux/C0hEdrX9GRMHstoTuX4
7XIIU66vE/JnAJXK2xagVDeQ+b0/NH5IgtacBrQtIzSvKAZ+mrJKOZfYIFXY8RZt
aT8m7u1mFmMcPUdhCI99fKgSTyVRNg6BMC+Mmx87GKcl9e7KjqlAYYguVeaYxHbV
WpEYbm6vnarHakX5vBoyPJH4ZkmQUjKaUT76ju39ZZcGloFvhR6HplOWux5DYFtx
WAZ4irZ6uHnK736J7Sxho4H/F85Qi5xd9yts/mtwNMw1c+hffJc5HjA6awIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNHC9gRfWji5aOC30Cxo9tWkaJTHMB8GA1UdIwQY
MBaAFF1lPQfe0ejX9PLqBL02hCxbEvFeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFdVOUI5N1I2TmYwOHVvRXZUYUVMRnNTOFY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hMDQ3NWYtY2E5Ny00YjE2LTk2ZGIt
MjE0NWNhNzVlMzgzLzEvWFdVOUI5N1I2TmYwOHVvRXZUYUVMRnNTOFY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9hMDQ3NWYtY2E5Ny00YjE2LTk2ZGItMjE0NWNhNzVlMzgz
LzEvWFdVOUI5N1I2TmYwOHVvRXZUYUVMRnNTOFY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHpLtY+J7
QPG+Dg3hfpa5PJyRLjG3721sJT1EqJi8vnckYvKpJZYfVCk95Uge7ZCkj7oyTxbm
CX21DTBZDANM/PABm9od1zd2grJK24bMOrvA7Z+pPFECKywK5ZuEc2kzr6aOntdl
wO5e6g4lguKc8RQqNisJKwXUfXLN6BZKsPgRVE7aYVzpa1z9kz4QhUcOjYOo2msp
BtqQEwXXk8BeGYFYlsxxvNxFsFPcF0WzrU9tuv12IsrNqVhltOlRzd4EhbKNV/Pz
M+RgoDpbi82UqaD0YK7XjNTnDI1FFyq6nf0hbuZdDpjUfUmnWIg7aC53O/1psXB+
6jPUBkCxNK0ZGw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:32:23 2025 by rpki-client