Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/a6c5f6-604f-4399-9443-d12a90bf502e/1/xKDzEQmEzPv1KZgLbUFt3U4aiCU.mft
File: xKDzEQmEzPv1KZgLbUFt3U4aiCU.mft (raw, json)
Hash identifier: /KoHgAVF/QL6rcomWtBKEMlmjfnTs4EpL3PeTkkd8pk=
Subject key identifier: 1C:BB:D6:1F:2B:72:13:1F:26:2E:B3:5A:CF:A1:19:03:EF:96:2F:4D
Authority key identifier: C4:A0:F3:11:09:84:CC:FB:F5:29:98:0B:6D:41:6D:DD:4E:1A:88:25
Certificate issuer: /CN=c4a0f3110984ccfbf529980b6d416ddd4e1a8825
Certificate serial: 019A72CA32B1FAD09C38496C49D3D8AF0946
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xKDzEQmEzPv1KZgLbUFt3U4aiCU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/a6c5f6-604f-4399-9443-d12a90bf502e/1/xKDzEQmEzPv1KZgLbUFt3U4aiCU.mft
Manifest number: 0508
Signing time: Tue 11 Nov 2025 12:00:44 +0000
Manifest this update: Tue 11 Nov 2025 12:00:44 +0000
Manifest next update: Wed 12 Nov 2025 12:00:44 +0000
Files and hashes: 1: SGkYily7UQPusAexDOf3Pto8qlU.roa (hash: suweJqoDq78riZx1pHsROfmVS4S86mc1JzDxd3RsgQs=)
2: xKDzEQmEzPv1KZgLbUFt3U4aiCU.crl (hash: fnV8anILvn6kRCDyfnZoVC+Ha5i5ZTKyExedBayihHI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/a6c5f6-604f-4399-9443-d12a90bf502e/1/xKDzEQmEzPv1KZgLbUFt3U4aiCU.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/a6c5f6-604f-4399-9443-d12a90bf502e/1/xKDzEQmEzPv1KZgLbUFt3U4aiCU.mft
rsync://rpki.ripe.net/repository/DEFAULT/xKDzEQmEzPv1KZgLbUFt3U4aiCU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:ca:32:b1:fa:d0:9c:38:49:6c:49:d3:d8:af:09:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4a0f3110984ccfbf529980b6d416ddd4e1a8825
Validity
Not Before: Nov 11 12:00:44 2025 GMT
Not After : Nov 12 12:00:44 2025 GMT
Subject: CN=1cbbd61f2b72131f262eb35acfa11903ef962f4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:cf:ef:fa:fd:c3:a8:0d:1a:dd:22:95:d4:64:
42:f8:60:96:a6:98:da:fa:31:1f:1d:bf:57:f9:14:
0c:e4:75:ad:c4:d0:e2:72:82:dc:a6:3c:08:dd:7b:
91:60:51:d8:82:50:9b:b2:22:68:65:c5:eb:a9:22:
64:cb:10:64:c5:10:22:f0:df:1c:ae:c3:1d:ff:d8:
b8:83:8b:17:13:5f:54:7c:44:68:44:82:14:fa:b8:
63:26:70:ae:31:2c:93:d3:7e:4e:b0:4e:67:33:16:
62:32:ba:2a:68:df:c2:4f:c2:ed:5d:97:1d:79:21:
48:68:98:2b:e2:c2:24:a0:a1:4f:5a:b9:8f:83:9b:
91:db:a4:6b:13:2f:10:05:4e:56:cc:b3:55:65:ba:
f4:5b:5e:b7:74:a3:b2:94:a8:6f:17:17:4c:69:7b:
1f:4a:c5:24:39:01:86:bd:44:2b:95:91:8f:27:0f:
4d:48:0c:f6:77:ca:cb:bc:a0:32:27:5f:60:8e:0d:
74:d2:de:b4:7b:c5:73:46:02:ca:ec:4e:aa:bd:ae:
20:f1:63:ae:24:b4:23:c9:c3:67:e5:b6:5f:dd:43:
44:cf:9a:5b:4b:5e:48:86:c7:65:a8:3c:2b:5a:e8:
1f:41:96:bc:bb:c8:ee:5c:dd:19:0a:83:f5:c2:46:
8b:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:BB:D6:1F:2B:72:13:1F:26:2E:B3:5A:CF:A1:19:03:EF:96:2F:4D
X509v3 Authority Key Identifier:
keyid:C4:A0:F3:11:09:84:CC:FB:F5:29:98:0B:6D:41:6D:DD:4E:1A:88:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xKDzEQmEzPv1KZgLbUFt3U4aiCU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a6c5f6-604f-4399-9443-d12a90bf502e/1/xKDzEQmEzPv1KZgLbUFt3U4aiCU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a6c5f6-604f-4399-9443-d12a90bf502e/1/xKDzEQmEzPv1KZgLbUFt3U4aiCU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3a:b4:66:40:be:01:32:de:8b:15:60:45:97:f1:31:55:20:1a:
0b:1d:6a:ce:8c:1f:3a:1d:f0:91:c0:c6:9d:07:91:aa:ef:fe:
86:a9:dc:04:5a:9c:03:26:64:2c:08:f9:51:98:84:a4:ef:ec:
15:81:c2:77:a2:25:67:06:da:c1:2e:04:50:8f:d1:2e:c7:81:
8d:52:1b:ba:42:23:9b:86:d5:48:69:de:60:87:6e:dd:e7:9f:
4c:1b:2f:43:52:ae:31:1b:e0:ca:16:30:3b:cd:5e:67:16:32:
5f:4b:30:74:89:d4:63:06:dd:be:51:2c:d8:8f:cf:2b:a9:90:
ec:63:2f:e4:cc:4e:b2:79:cb:be:e4:ac:46:fc:e5:5f:38:8e:
aa:4d:44:fa:b5:9d:71:85:b9:e7:cc:cb:6b:f4:12:e3:b6:7d:
e4:62:e9:4a:6f:6f:cf:da:e1:43:64:74:bd:30:96:61:57:30:
0f:14:3f:a5:42:19:81:d0:58:49:8a:a3:30:51:db:b7:f7:b6:
3d:0f:22:90:66:65:2f:ea:0c:c9:89:e3:52:c7:21:24:4d:64:
83:0c:a8:69:2e:ec:8b:47:22:04:58:66:e1:5b:1b:5f:19:42:
ef:df:b1:4b:d1:77:10:39:5e:83:d1:cd:6b:fe:69:5b:dc:1f:
a0:70:1f:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyyjKx+tCcOElsSdPYrwlGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0YTBmMzExMDk4NGNjZmJmNTI5OTgwYjZkNDE2ZGRkNGUx
YTg4MjUwHhcNMjUxMTExMTIwMDQ0WhcNMjUxMTEyMTIwMDQ0WjAzMTEwLwYDVQQD
EygxY2JiZDYxZjJiNzIxMzFmMjYyZWIzNWFjZmExMTkwM2VmOTYyZjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzs/v+v3DqA0a3SKV1GRC+GCWppja
+jEfHb9X+RQM5HWtxNDicoLcpjwI3XuRYFHYglCbsiJoZcXrqSJkyxBkxRAi8N8c
rsMd/9i4g4sXE19UfERoRIIU+rhjJnCuMSyT035OsE5nMxZiMroqaN/CT8LtXZcd
eSFIaJgr4sIkoKFPWrmPg5uR26RrEy8QBU5WzLNVZbr0W163dKOylKhvFxdMaXsf
SsUkOQGGvUQrlZGPJw9NSAz2d8rLvKAyJ19gjg100t60e8VzRgLK7E6qva4g8WOu
JLQjycNn5bZf3UNEz5pbS15IhsdlqDwrWugfQZa8u8juXN0ZCoP1wkaLrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBy71h8rchMfJi6zWs+hGQPvli9NMB8GA1UdIwQY
MBaAFMSg8xEJhMz79SmYC21Bbd1OGoglMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEtEekVRbUV6UHYxS1pnTGJVRnQzVTRhaUNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hNmM1ZjYtNjA0Zi00Mzk5LTk0NDMt
ZDEyYTkwYmY1MDJlLzEveEtEekVRbUV6UHYxS1pnTGJVRnQzVTRhaUNVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9hNmM1ZjYtNjA0Zi00Mzk5LTk0NDMtZDEyYTkwYmY1MDJl
LzEveEtEekVRbUV6UHYxS1pnTGJVRnQzVTRhaUNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOrRmQL4B
Mt6LFWBFl/ExVSAaCx1qzowfOh3wkcDGnQeRqu/+hqncBFqcAyZkLAj5UZiEpO/s
FYHCd6IlZwbawS4EUI/RLseBjVIbukIjm4bVSGneYIdu3eefTBsvQ1KuMRvgyhYw
O81eZxYyX0swdInUYwbdvlEs2I/PK6mQ7GMv5MxOsnnLvuSsRvzlXziOqk1E+rWd
cYW558zLa/QS47Z95GLpSm9vz9rhQ2R0vTCWYVcwDxQ/pUIZgdBYSYqjMFHbt/e2
PQ8ikGZlL+oMyYnjUschJE1kgwyoaS7si0ciBFhm4VsbXxlC79+xS9F3EDleg9HN
a/5pW9wfoHAfsw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:17:14 2025 by rpki-client