Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/4e414f-0a76-4fe9-8b7b-135a93982931/1/XbomMhShFwVRmA7pFxn42Ixia14.mft
File: XbomMhShFwVRmA7pFxn42Ixia14.mft (raw, json)
Hash identifier: wrdUUv4u7vkxhkVzkZpMNWt+01+rO4Til6ocbqSjPUM=
Subject key identifier: 38:6B:6E:73:FA:17:1F:2C:C2:EA:E9:13:9C:72:B2:F1:34:F9:9F:36
Authority key identifier: 5D:BA:26:32:14:A1:17:05:51:98:0E:E9:17:19:F8:D8:8C:62:6B:5E
Certificate issuer: /CN=5dba263214a1170551980ee91719f8d88c626b5e
Certificate serial: 019A70A55D333B6F62EECE28DD8ABB00C965
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XbomMhShFwVRmA7pFxn42Ixia14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/4e414f-0a76-4fe9-8b7b-135a93982931/1/XbomMhShFwVRmA7pFxn42Ixia14.mft
Manifest number: 1289
Signing time: Tue 11 Nov 2025 02:01:16 +0000
Manifest this update: Tue 11 Nov 2025 02:01:16 +0000
Manifest next update: Wed 12 Nov 2025 02:01:16 +0000
Files and hashes: 1: XbomMhShFwVRmA7pFxn42Ixia14.crl (hash: r4M6S3bNIyx+d/G3HqE5WNjIXFABcsdZVtYIWeOuZjM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/4e414f-0a76-4fe9-8b7b-135a93982931/1/XbomMhShFwVRmA7pFxn42Ixia14.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/4e414f-0a76-4fe9-8b7b-135a93982931/1/XbomMhShFwVRmA7pFxn42Ixia14.mft
rsync://rpki.ripe.net/repository/DEFAULT/XbomMhShFwVRmA7pFxn42Ixia14.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 02:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:a5:5d:33:3b:6f:62:ee:ce:28:dd:8a:bb:00:c9:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dba263214a1170551980ee91719f8d88c626b5e
Validity
Not Before: Nov 11 02:01:16 2025 GMT
Not After : Nov 12 02:01:16 2025 GMT
Subject: CN=386b6e73fa171f2cc2eae9139c72b2f134f99f36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:bd:56:2f:9e:91:e7:16:c8:dd:d5:ee:ed:f7:
16:ee:9f:ab:bc:c5:e2:c8:31:d6:48:2c:5f:3a:40:
97:48:5e:29:8d:00:80:09:c7:b2:e9:b5:50:f5:76:
f8:77:3d:2a:4e:f2:ba:70:2d:61:d8:8c:a9:2b:ed:
2d:ca:52:2f:e8:c5:68:c3:84:cd:b2:20:c6:72:90:
74:b9:c1:9f:95:e8:e0:30:45:ee:22:50:f6:c1:88:
6f:df:6f:b0:21:9e:d1:09:c3:ec:03:f1:11:31:d6:
2c:e3:1a:11:26:be:d9:5d:1a:0d:e3:56:ee:f5:8c:
3c:14:69:34:00:02:90:78:b1:33:b4:b2:c7:83:8f:
27:62:14:08:78:40:15:af:aa:22:e2:c5:1f:00:6a:
94:c5:2c:00:34:88:7b:e2:59:26:4d:80:10:00:63:
45:1d:6a:fb:72:5b:d8:9e:ed:36:f0:0b:6c:16:22:
94:d1:69:32:76:b3:b6:44:cf:50:23:5d:5a:c2:39:
90:89:7e:d7:03:38:20:dd:ff:c9:21:50:d0:d1:c2:
0a:6c:6d:94:2f:ac:47:ba:0f:93:b2:7b:ee:de:29:
d1:3c:28:8f:57:d4:c9:2e:f6:84:75:6d:5b:ae:70:
de:b5:09:5f:41:39:20:b6:eb:2f:86:9d:64:85:80:
c0:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:6B:6E:73:FA:17:1F:2C:C2:EA:E9:13:9C:72:B2:F1:34:F9:9F:36
X509v3 Authority Key Identifier:
keyid:5D:BA:26:32:14:A1:17:05:51:98:0E:E9:17:19:F8:D8:8C:62:6B:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XbomMhShFwVRmA7pFxn42Ixia14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/4e414f-0a76-4fe9-8b7b-135a93982931/1/XbomMhShFwVRmA7pFxn42Ixia14.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/4e414f-0a76-4fe9-8b7b-135a93982931/1/XbomMhShFwVRmA7pFxn42Ixia14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
57:7c:2c:65:61:89:92:da:75:ac:55:af:f9:b4:23:94:59:58:
d2:73:fc:19:a0:b7:2f:26:b4:bb:57:90:b6:59:44:4a:a2:8f:
43:e6:1c:6a:a3:60:a7:ee:79:e8:ba:f5:95:fd:98:3c:f0:b5:
9a:45:47:6f:7d:7c:09:5d:9d:ff:35:4f:a1:d1:04:3a:f4:1d:
e8:9f:9e:35:1d:a2:fc:4a:97:70:3d:4c:f4:c0:cc:0a:38:bc:
44:dd:be:d9:bb:4a:11:b5:52:8e:4c:ed:34:b6:ee:70:51:63:
c3:67:ee:ed:bd:66:ee:52:3e:3a:fa:36:b3:95:dd:82:cc:89:
02:79:fa:bb:ad:33:3b:3a:c7:8c:7f:d0:5f:53:2d:2f:d0:4b:
52:1b:37:0d:ff:a6:78:c1:fc:fb:8e:2e:2d:b2:7c:a3:3f:7e:
75:22:cd:45:7d:00:53:65:b2:84:d4:11:0e:f6:c2:fe:a5:a0:
d9:d2:a7:de:18:55:54:f1:69:43:42:0c:63:f9:a2:8a:b7:18:
0e:62:b4:d7:82:35:67:8a:53:e4:75:69:a4:5b:ce:0d:07:a9:
d6:00:98:d5:4e:11:b4:03:a8:6c:12:88:90:41:80:0f:c4:d4:
39:a5:e6:2b:72:c9:77:42:c4:8b:11:a6:d0:f5:00:cf:c9:65:
16:75:c4:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpV0zO29i7s4o3Yq7AMllMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYmEyNjMyMTRhMTE3MDU1MTk4MGVlOTE3MTlmOGQ4OGM2
MjZiNWUwHhcNMjUxMTExMDIwMTE2WhcNMjUxMTEyMDIwMTE2WjAzMTEwLwYDVQQD
EygzODZiNmU3M2ZhMTcxZjJjYzJlYWU5MTM5YzcyYjJmMTM0Zjk5ZjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq71WL56R5xbI3dXu7fcW7p+rvMXi
yDHWSCxfOkCXSF4pjQCACcey6bVQ9Xb4dz0qTvK6cC1h2IypK+0tylIv6MVow4TN
siDGcpB0ucGflejgMEXuIlD2wYhv32+wIZ7RCcPsA/ERMdYs4xoRJr7ZXRoN41bu
9Yw8FGk0AAKQeLEztLLHg48nYhQIeEAVr6oi4sUfAGqUxSwANIh74lkmTYAQAGNF
HWr7clvYnu028AtsFiKU0WkydrO2RM9QI11awjmQiX7XAzgg3f/JIVDQ0cIKbG2U
L6xHug+Tsnvu3inRPCiPV9TJLvaEdW1brnDetQlfQTkgtusvhp1khYDAQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDhrbnP6Fx8swurpE5xysvE0+Z82MB8GA1UdIwQY
MBaAFF26JjIUoRcFUZgO6RcZ+NiMYmteMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGJvbU1oU2hGd1ZSbUE3cEZ4bjQySXhpYTE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi80ZTQxNGYtMGE3Ni00ZmU5LThiN2It
MTM1YTkzOTgyOTMxLzEvWGJvbU1oU2hGd1ZSbUE3cEZ4bjQySXhpYTE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi80ZTQxNGYtMGE3Ni00ZmU5LThiN2ItMTM1YTkzOTgyOTMx
LzEvWGJvbU1oU2hGd1ZSbUE3cEZ4bjQySXhpYTE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV3wsZWGJ
ktp1rFWv+bQjlFlY0nP8GaC3Lya0u1eQtllESqKPQ+YcaqNgp+556Lr1lf2YPPC1
mkVHb318CV2d/zVPodEEOvQd6J+eNR2i/EqXcD1M9MDMCji8RN2+2btKEbVSjkzt
NLbucFFjw2fu7b1m7lI+Ovo2s5XdgsyJAnn6u60zOzrHjH/QX1MtL9BLUhs3Df+m
eMH8+44uLbJ8oz9+dSLNRX0AU2WyhNQRDvbC/qWg2dKn3hhVVPFpQ0IMY/miircY
DmK014I1Z4pT5HVppFvODQep1gCY1U4RtAOobBKIkEGAD8TUOaXmK3LJd0LEixGm
0PUAz8llFnXEaQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:46:17 2025 by rpki-client