Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/d28ac8-f6b8-4b47-ba93-de7b41678b6f/1/XlWv3jQhG87mp_2ZJIiiSSe0aUc.mft
File: XlWv3jQhG87mp_2ZJIiiSSe0aUc.mft (raw, json)
Hash identifier: 2pGrR941hF86+53iccDE/JC5+qAhq1CG+gTUMryGvgA=
Subject key identifier: 43:38:E9:AA:7C:CE:01:24:C2:F8:72:E9:A5:AB:5E:0F:D1:F3:4C:38
Authority key identifier: 5E:55:AF:DE:34:21:1B:CE:E6:A7:FD:99:24:88:A2:49:27:B4:69:47
Certificate issuer: /CN=5e55afde34211bcee6a7fd992488a24927b46947
Certificate serial: 019A70DC1DA59C6D33CB0BF0AADE775EAAD2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XlWv3jQhG87mp_2ZJIiiSSe0aUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/d28ac8-f6b8-4b47-ba93-de7b41678b6f/1/XlWv3jQhG87mp_2ZJIiiSSe0aUc.mft
Manifest number: 0368
Signing time: Tue 11 Nov 2025 03:01:04 +0000
Manifest this update: Tue 11 Nov 2025 03:01:04 +0000
Manifest next update: Wed 12 Nov 2025 03:01:04 +0000
Files and hashes: 1: XlWv3jQhG87mp_2ZJIiiSSe0aUc.crl (hash: GD74inVIBYSkv+z5EA38I8cgSSrfHepeQcStzOBwdBA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/d28ac8-f6b8-4b47-ba93-de7b41678b6f/1/XlWv3jQhG87mp_2ZJIiiSSe0aUc.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/d28ac8-f6b8-4b47-ba93-de7b41678b6f/1/XlWv3jQhG87mp_2ZJIiiSSe0aUc.mft
rsync://rpki.ripe.net/repository/DEFAULT/XlWv3jQhG87mp_2ZJIiiSSe0aUc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:dc:1d:a5:9c:6d:33:cb:0b:f0:aa:de:77:5e:aa:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e55afde34211bcee6a7fd992488a24927b46947
Validity
Not Before: Nov 11 03:01:04 2025 GMT
Not After : Nov 12 03:01:04 2025 GMT
Subject: CN=4338e9aa7cce0124c2f872e9a5ab5e0fd1f34c38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:7e:22:5e:04:06:05:0a:35:00:21:47:d9:c9:
75:37:ad:56:23:81:44:5b:f2:06:71:ef:d5:18:53:
fd:c8:d6:e8:d7:18:ec:14:a3:c9:dc:90:ea:e5:f1:
56:64:69:67:2d:71:08:18:31:35:b8:fa:8a:c3:1d:
c3:c2:9c:9f:42:cc:e8:f3:80:67:4b:cc:f9:56:68:
3e:44:b5:9a:ee:4f:e5:06:3a:03:6b:53:29:66:aa:
eb:0d:b2:fb:83:77:7a:2a:ed:5d:9c:1d:b5:ab:b1:
2b:33:63:bc:f2:59:63:6a:80:04:87:fd:63:ac:5a:
71:52:3a:40:95:e2:8e:9e:ed:32:ac:28:13:52:7b:
56:af:8e:db:e4:65:e2:2f:d1:93:a3:ab:16:79:6e:
48:16:d2:5a:5b:02:ff:b6:e0:42:73:2e:32:90:50:
fd:89:16:e4:f8:19:0d:07:b6:34:f7:8b:89:72:1e:
e2:0c:31:8e:58:19:6a:9b:74:1b:d4:b1:4d:a2:7e:
1d:68:ef:b1:98:bc:3a:ac:cb:d5:f3:2e:ee:ee:fe:
74:61:31:9d:93:d2:34:0c:d1:a0:a9:22:e6:9d:94:
50:06:53:8e:a7:b8:92:a0:6d:01:99:ed:67:ab:66:
44:ee:87:08:a6:fa:e3:39:c0:3c:13:7b:04:de:c9:
8a:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:38:E9:AA:7C:CE:01:24:C2:F8:72:E9:A5:AB:5E:0F:D1:F3:4C:38
X509v3 Authority Key Identifier:
keyid:5E:55:AF:DE:34:21:1B:CE:E6:A7:FD:99:24:88:A2:49:27:B4:69:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XlWv3jQhG87mp_2ZJIiiSSe0aUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/d28ac8-f6b8-4b47-ba93-de7b41678b6f/1/XlWv3jQhG87mp_2ZJIiiSSe0aUc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/d28ac8-f6b8-4b47-ba93-de7b41678b6f/1/XlWv3jQhG87mp_2ZJIiiSSe0aUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a8:e6:93:e3:08:0f:28:f3:b5:5d:77:18:61:6d:90:cb:5e:93:
f8:97:24:d0:25:03:2e:53:47:92:c9:69:cf:8d:c5:22:c8:60:
46:34:73:9d:d8:c4:98:ac:c3:9d:a1:3a:d9:81:d8:ac:5a:3f:
fa:ea:7d:15:ea:2a:f0:b0:e2:44:6c:9a:60:5f:b9:1d:b7:c6:
19:4b:98:0d:ab:b8:3e:31:fc:8f:a5:c3:f7:d1:cf:51:6a:1b:
5f:b3:21:81:7c:12:11:e2:1a:b1:03:ad:2e:9c:2c:6c:54:87:
07:0f:17:1b:57:2e:0a:a2:cd:04:b1:55:33:ef:c0:37:04:d9:
49:32:c8:1e:51:49:7a:b3:c0:be:c6:25:30:14:27:18:c7:66:
8c:a9:e7:db:ee:e8:4c:6e:9b:8f:07:2b:30:38:33:bd:22:2e:
ab:6c:be:78:11:ac:2a:0a:5d:48:0e:c0:b7:4f:1d:3a:63:28:
d1:5b:fd:9a:4d:1f:d8:87:52:d3:91:b6:31:ba:14:4b:72:57:
c6:de:a4:ba:92:d4:e8:bb:d7:f4:37:7d:8b:bf:a4:b9:3b:cc:
c1:2a:05:05:61:0c:75:c3:be:e9:79:59:5b:3e:0c:c2:e7:95:
17:03:fa:4e:b3:0b:0e:82:5e:cb:33:56:01:5f:c6:f7:db:a7:
94:b2:d3:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3B2lnG0zywvwqt53XqrSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNTVhZmRlMzQyMTFiY2VlNmE3ZmQ5OTI0ODhhMjQ5Mjdi
NDY5NDcwHhcNMjUxMTExMDMwMTA0WhcNMjUxMTEyMDMwMTA0WjAzMTEwLwYDVQQD
Eyg0MzM4ZTlhYTdjY2UwMTI0YzJmODcyZTlhNWFiNWUwZmQxZjM0YzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvn4iXgQGBQo1ACFH2cl1N61WI4FE
W/IGce/VGFP9yNbo1xjsFKPJ3JDq5fFWZGlnLXEIGDE1uPqKwx3DwpyfQszo84Bn
S8z5Vmg+RLWa7k/lBjoDa1MpZqrrDbL7g3d6Ku1dnB21q7ErM2O88lljaoAEh/1j
rFpxUjpAleKOnu0yrCgTUntWr47b5GXiL9GTo6sWeW5IFtJaWwL/tuBCcy4ykFD9
iRbk+BkNB7Y094uJch7iDDGOWBlqm3Qb1LFNon4daO+xmLw6rMvV8y7u7v50YTGd
k9I0DNGgqSLmnZRQBlOOp7iSoG0Bme1nq2ZE7ocIpvrjOcA8E3sE3smKfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEM46ap8zgEkwvhy6aWrXg/R80w4MB8GA1UdIwQY
MBaAFF5Vr940IRvO5qf9mSSIokkntGlHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGxXdjNqUWhHODdtcF8yWkpJaWlTU2UwYVVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9kMjhhYzgtZjZiOC00YjQ3LWJhOTMt
ZGU3YjQxNjc4YjZmLzEvWGxXdjNqUWhHODdtcF8yWkpJaWlTU2UwYVVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9kMjhhYzgtZjZiOC00YjQ3LWJhOTMtZGU3YjQxNjc4YjZm
LzEvWGxXdjNqUWhHODdtcF8yWkpJaWlTU2UwYVVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqOaT4wgP
KPO1XXcYYW2Qy16T+Jck0CUDLlNHkslpz43FIshgRjRzndjEmKzDnaE62YHYrFo/
+up9Feoq8LDiRGyaYF+5HbfGGUuYDau4PjH8j6XD99HPUWobX7MhgXwSEeIasQOt
LpwsbFSHBw8XG1cuCqLNBLFVM+/ANwTZSTLIHlFJerPAvsYlMBQnGMdmjKnn2+7o
TG6bjwcrMDgzvSIuq2y+eBGsKgpdSA7At08dOmMo0Vv9mk0f2IdS05G2MboUS3JX
xt6kupLU6LvX9Dd9i7+kuTvMwSoFBWEMdcO+6XlZWz4MwueVFwP6TrMLDoJeyzNW
AV/G99unlLLTkw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:43:20 2025 by rpki-client