Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/2aeb79-3582-4ebf-b19a-79348e8366bc/1/XVn0kNO2myLh4nwya69yMRBW3bg.mft
File: XVn0kNO2myLh4nwya69yMRBW3bg.mft (raw, json)
Hash identifier: dzzP1A955wQyOMvXNczCqARptIr/m4iqaCZXf8VnF4E=
Subject key identifier: CC:85:10:C1:51:0C:4D:0C:1A:33:12:65:98:E7:48:9F:00:F8:D2:87
Authority key identifier: 5D:59:F4:90:D3:B6:9B:22:E1:E2:7C:32:6B:AF:72:31:10:56:DD:B8
Certificate issuer: /CN=5d59f490d3b69b22e1e27c326baf72311056ddb8
Certificate serial: 019A72264DA313AFCAAE143928A69CF214ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XVn0kNO2myLh4nwya69yMRBW3bg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/2aeb79-3582-4ebf-b19a-79348e8366bc/1/XVn0kNO2myLh4nwya69yMRBW3bg.mft
Manifest number: 0BA9
Signing time: Tue 11 Nov 2025 09:01:44 +0000
Manifest this update: Tue 11 Nov 2025 09:01:44 +0000
Manifest next update: Wed 12 Nov 2025 09:01:44 +0000
Files and hashes: 1: VRTGeEzF5FtK76qOfPyLSRNqkOo.roa (hash: pOO7nnFTp0Qht5tDg13SMXctJEqxWl0GtVbovHy2WzY=)
2: XVn0kNO2myLh4nwya69yMRBW3bg.crl (hash: YqAPU36nJLEmg/3K9YYK1E2aOGJuWf9q+DQqh4D13dg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/2aeb79-3582-4ebf-b19a-79348e8366bc/1/XVn0kNO2myLh4nwya69yMRBW3bg.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/2aeb79-3582-4ebf-b19a-79348e8366bc/1/XVn0kNO2myLh4nwya69yMRBW3bg.mft
rsync://rpki.ripe.net/repository/DEFAULT/XVn0kNO2myLh4nwya69yMRBW3bg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:4d:a3:13:af:ca:ae:14:39:28:a6:9c:f2:14:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d59f490d3b69b22e1e27c326baf72311056ddb8
Validity
Not Before: Nov 11 09:01:44 2025 GMT
Not After : Nov 12 09:01:44 2025 GMT
Subject: CN=cc8510c1510c4d0c1a33126598e7489f00f8d287
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:81:0d:a6:cd:bc:d3:97:6a:92:1f:47:c0:1e:
84:dc:c1:01:da:4c:ac:6b:6a:85:81:dd:82:df:2b:
2d:83:69:9c:2c:d7:14:c0:34:58:bf:18:60:53:84:
3b:6d:8e:e0:f5:6e:d1:88:90:ae:77:4a:e9:44:cb:
36:20:94:c6:93:ad:ab:f6:4e:12:a3:02:e6:b2:3d:
dd:d4:ad:bd:43:b4:ba:c6:75:97:e8:53:bd:7a:5a:
96:1f:b3:7d:a1:b1:23:e0:80:f5:2c:28:8b:ec:d0:
65:c4:b0:c3:36:3f:f9:ac:f7:ed:75:f6:0b:8d:cd:
6a:d9:b4:c1:e6:b7:97:47:67:80:92:20:76:e4:bd:
76:b1:78:53:9f:21:87:d7:99:48:f4:e2:5c:1a:c8:
84:ce:6d:e4:7e:29:38:1d:15:d1:4c:0c:bb:32:53:
f5:cc:a2:91:b7:c7:6f:3e:22:89:06:d9:91:e0:4c:
05:00:3b:1c:3c:a4:3f:59:8b:1f:e0:9f:c7:51:50:
b7:98:92:ec:94:34:a3:48:8e:7e:5a:37:3e:98:19:
0c:fc:41:f4:bc:72:e4:5c:36:ef:d1:7d:72:a3:7f:
f8:fb:b6:6c:9d:77:5a:c6:ce:f7:f0:6d:93:00:d6:
9b:29:e4:64:a4:a5:a5:e4:cf:c9:49:a0:5a:bb:a7:
a5:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:85:10:C1:51:0C:4D:0C:1A:33:12:65:98:E7:48:9F:00:F8:D2:87
X509v3 Authority Key Identifier:
keyid:5D:59:F4:90:D3:B6:9B:22:E1:E2:7C:32:6B:AF:72:31:10:56:DD:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XVn0kNO2myLh4nwya69yMRBW3bg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/2aeb79-3582-4ebf-b19a-79348e8366bc/1/XVn0kNO2myLh4nwya69yMRBW3bg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/2aeb79-3582-4ebf-b19a-79348e8366bc/1/XVn0kNO2myLh4nwya69yMRBW3bg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
52:50:54:85:2a:ed:a5:f0:e2:9c:16:90:79:e1:2b:aa:e2:d1:
e2:07:5a:39:ea:c9:87:01:94:21:1f:dc:a5:71:61:3e:ba:be:
da:f7:2b:17:d9:4c:1e:50:bc:ba:6b:7e:aa:06:aa:12:ce:eb:
a9:51:64:43:82:c8:f2:09:ec:19:3c:7c:16:6a:42:77:8b:10:
8a:43:f5:ea:37:7c:1c:cc:d0:16:d1:49:75:05:c7:c7:db:15:
02:a4:79:b0:c3:a4:74:69:20:32:1a:da:24:84:09:c8:97:28:
98:af:36:c5:73:1b:e4:74:3e:f9:38:6b:ec:52:6e:e3:56:a2:
05:d9:5d:c8:67:7e:dc:16:92:79:82:1b:f0:66:00:75:41:e9:
3b:be:f9:f5:a4:7d:5f:2f:57:13:fd:88:aa:2b:84:83:32:21:
eb:f8:cc:83:78:5d:e3:95:0f:7c:f4:64:74:32:d4:fc:2e:3f:
49:03:cb:6e:0f:87:fc:3e:3f:fa:2c:be:9f:05:5f:37:2e:f0:
06:0c:8b:3d:67:f8:9f:4f:d8:0e:6f:30:7f:a3:43:22:7b:f8:
18:7d:5e:c3:23:ad:5e:76:6c:89:92:99:26:e1:c4:5e:9f:39:
23:f9:55:8e:b3:58:76:6d:32:e0:ca:d5:60:89:5f:93:12:e7:
f6:42:ff:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJk2jE6/KrhQ5KKac8hTtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkNTlmNDkwZDNiNjliMjJlMWUyN2MzMjZiYWY3MjMxMTA1
NmRkYjgwHhcNMjUxMTExMDkwMTQ0WhcNMjUxMTEyMDkwMTQ0WjAzMTEwLwYDVQQD
EyhjYzg1MTBjMTUxMGM0ZDBjMWEzMzEyNjU5OGU3NDg5ZjAwZjhkMjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwoENps2805dqkh9HwB6E3MEB2kys
a2qFgd2C3ystg2mcLNcUwDRYvxhgU4Q7bY7g9W7RiJCud0rpRMs2IJTGk62r9k4S
owLmsj3d1K29Q7S6xnWX6FO9elqWH7N9obEj4ID1LCiL7NBlxLDDNj/5rPftdfYL
jc1q2bTB5reXR2eAkiB25L12sXhTnyGH15lI9OJcGsiEzm3kfik4HRXRTAy7MlP1
zKKRt8dvPiKJBtmR4EwFADscPKQ/WYsf4J/HUVC3mJLslDSjSI5+Wjc+mBkM/EH0
vHLkXDbv0X1yo3/4+7ZsnXdaxs738G2TANabKeRkpKWl5M/JSaBau6elqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMyFEMFRDE0MGjMSZZjnSJ8A+NKHMB8GA1UdIwQY
MBaAFF1Z9JDTtpsi4eJ8MmuvcjEQVt24MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFZuMGtOTzJteUxoNG53eWE2OXlNUkJXM2JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8yYWViNzktMzU4Mi00ZWJmLWIxOWEt
NzkzNDhlODM2NmJjLzEvWFZuMGtOTzJteUxoNG53eWE2OXlNUkJXM2JnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8yYWViNzktMzU4Mi00ZWJmLWIxOWEtNzkzNDhlODM2NmJj
LzEvWFZuMGtOTzJteUxoNG53eWE2OXlNUkJXM2JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUlBUhSrt
pfDinBaQeeErquLR4gdaOerJhwGUIR/cpXFhPrq+2vcrF9lMHlC8umt+qgaqEs7r
qVFkQ4LI8gnsGTx8FmpCd4sQikP16jd8HMzQFtFJdQXHx9sVAqR5sMOkdGkgMhra
JIQJyJcomK82xXMb5HQ++Thr7FJu41aiBdldyGd+3BaSeYIb8GYAdUHpO7759aR9
Xy9XE/2IqiuEgzIh6/jMg3hd45UPfPRkdDLU/C4/SQPLbg+H/D4/+iy+nwVfNy7w
BgyLPWf4n0/YDm8wf6NDInv4GH1ewyOtXnZsiZKZJuHEXp85I/lVjrNYdm0y4MrV
YIlfkxLn9kL/fQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:17:35 2025 by rpki-client