Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/53ad5a-0a37-4f65-a6c6-737e78c87012/1/xfFStqDQBGJ9KF2Hmqg-WEYast8.mft
File: xfFStqDQBGJ9KF2Hmqg-WEYast8.mft (raw, json)
Hash identifier: lVH9PJ/1EMdtQgmF7Iak6SRminbC1irIyX0iwHWUt1s=
Subject key identifier: C5:3F:7A:32:61:FA:D9:AD:AE:B1:B5:53:69:DB:46:EF:E8:A7:C4:D7
Authority key identifier: C5:F1:52:B6:A0:D0:04:62:7D:28:5D:87:9A:A8:3E:58:46:1A:B2:DF
Certificate issuer: /CN=c5f152b6a0d004627d285d879aa83e58461ab2df
Certificate serial: 019A71B95CABFE1728629E3E6E9018A80E6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xfFStqDQBGJ9KF2Hmqg-WEYast8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/53ad5a-0a37-4f65-a6c6-737e78c87012/1/xfFStqDQBGJ9KF2Hmqg-WEYast8.mft
Manifest number: 133F
Signing time: Tue 11 Nov 2025 07:02:44 +0000
Manifest this update: Tue 11 Nov 2025 07:02:44 +0000
Manifest next update: Wed 12 Nov 2025 07:02:44 +0000
Files and hashes: 1: xfFStqDQBGJ9KF2Hmqg-WEYast8.crl (hash: Ro33EvfOAOtiYzyGuhIAu17hpBSHP0X3+Wv5PMYGBpc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/53ad5a-0a37-4f65-a6c6-737e78c87012/1/xfFStqDQBGJ9KF2Hmqg-WEYast8.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/53ad5a-0a37-4f65-a6c6-737e78c87012/1/xfFStqDQBGJ9KF2Hmqg-WEYast8.mft
rsync://rpki.ripe.net/repository/DEFAULT/xfFStqDQBGJ9KF2Hmqg-WEYast8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b9:5c:ab:fe:17:28:62:9e:3e:6e:90:18:a8:0e:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5f152b6a0d004627d285d879aa83e58461ab2df
Validity
Not Before: Nov 11 07:02:44 2025 GMT
Not After : Nov 12 07:02:44 2025 GMT
Subject: CN=c53f7a3261fad9adaeb1b55369db46efe8a7c4d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ab:d4:d1:df:a3:88:87:d0:a9:ec:bd:03:37:
db:bf:ed:c4:c3:57:f1:45:0a:40:54:50:0d:d3:93:
95:3d:97:5b:c1:e4:6e:53:7b:04:c2:49:af:56:2b:
b1:76:14:0f:0f:29:ad:74:05:08:49:d1:59:6a:b3:
01:3f:65:4d:6d:e7:f0:24:09:77:f8:d2:14:f3:95:
b3:cb:f8:87:e8:45:6a:45:40:ad:86:79:fc:fd:23:
9e:c0:11:f5:bf:2c:3f:3a:ba:46:bc:d9:b5:76:53:
e9:7a:63:c9:84:db:64:c2:c5:4f:ac:d6:c6:bb:13:
b9:30:2d:d5:e5:38:97:e6:0e:3b:33:e8:db:38:c5:
17:17:92:d9:97:86:ef:75:42:97:ac:f9:81:c5:a3:
fd:72:1c:09:9a:51:d6:77:0d:f8:0c:d3:a9:a0:7a:
e7:8b:10:09:16:eb:47:75:29:60:2c:d2:59:3b:15:
a5:e5:b8:25:d3:2d:40:bf:c7:5f:d3:9e:4f:d0:7e:
0e:21:a5:39:ac:be:15:54:8a:c9:27:e0:c7:09:b2:
1c:16:5e:e0:e3:bd:0d:da:61:51:5e:33:bd:24:5e:
82:d9:63:ef:be:71:7e:92:5f:03:4e:60:af:96:7a:
e6:6e:00:4c:bf:0f:95:07:64:50:e6:61:46:5d:5f:
7d:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:3F:7A:32:61:FA:D9:AD:AE:B1:B5:53:69:DB:46:EF:E8:A7:C4:D7
X509v3 Authority Key Identifier:
keyid:C5:F1:52:B6:A0:D0:04:62:7D:28:5D:87:9A:A8:3E:58:46:1A:B2:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xfFStqDQBGJ9KF2Hmqg-WEYast8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/53ad5a-0a37-4f65-a6c6-737e78c87012/1/xfFStqDQBGJ9KF2Hmqg-WEYast8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/53ad5a-0a37-4f65-a6c6-737e78c87012/1/xfFStqDQBGJ9KF2Hmqg-WEYast8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
29:ac:12:04:84:c1:4e:ec:60:5b:39:c8:14:f3:67:7e:f0:4e:
b8:01:dd:44:d5:7f:f4:1c:6b:5f:09:46:80:09:1d:d8:7c:8b:
22:70:f3:42:a8:72:8c:1c:77:d4:16:13:da:18:a0:94:6f:a8:
9f:5b:6d:11:39:30:e6:ce:4a:86:7f:58:3f:44:5d:5f:13:82:
12:f5:63:14:e6:15:80:8c:13:a1:f1:33:90:76:8f:8a:ee:17:
58:67:49:5d:19:68:90:0b:f8:6b:97:0c:bb:0b:9b:df:63:7b:
08:47:5e:c2:3f:4e:01:d2:01:d7:93:95:5c:56:80:ad:4f:14:
b5:9b:e1:5b:8a:de:2c:9f:3d:5e:4e:b5:76:2e:1c:5e:3c:b0:
1a:81:34:57:58:fb:6d:8d:82:bb:d1:da:de:92:a9:8e:57:10:
92:d5:0d:58:40:b3:0a:0b:c5:29:e5:ff:12:84:e6:82:9a:53:
7e:1d:26:f9:c2:81:f1:38:38:cd:d9:99:1a:bf:57:b6:19:bc:
4b:d8:00:f4:c7:a0:ec:55:dd:e5:ef:cb:39:a1:a2:16:c8:f1:
44:5a:e6:7a:2c:18:95:1a:2e:85:d0:17:a6:4b:b4:a0:15:42:
20:b4:81:51:88:e8:9e:ba:71:24:f4:77:db:39:39:50:dc:76:
d8:1b:e0:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuVyr/hcoYp4+bpAYqA5vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1ZjE1MmI2YTBkMDA0NjI3ZDI4NWQ4NzlhYTgzZTU4NDYx
YWIyZGYwHhcNMjUxMTExMDcwMjQ0WhcNMjUxMTEyMDcwMjQ0WjAzMTEwLwYDVQQD
EyhjNTNmN2EzMjYxZmFkOWFkYWViMWI1NTM2OWRiNDZlZmU4YTdjNGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6vU0d+jiIfQqey9Azfbv+3Ew1fx
RQpAVFAN05OVPZdbweRuU3sEwkmvViuxdhQPDymtdAUISdFZarMBP2VNbefwJAl3
+NIU85Wzy/iH6EVqRUCthnn8/SOewBH1vyw/OrpGvNm1dlPpemPJhNtkwsVPrNbG
uxO5MC3V5TiX5g47M+jbOMUXF5LZl4bvdUKXrPmBxaP9chwJmlHWdw34DNOpoHrn
ixAJFutHdSlgLNJZOxWl5bgl0y1Av8df055P0H4OIaU5rL4VVIrJJ+DHCbIcFl7g
470N2mFRXjO9JF6C2WPvvnF+kl8DTmCvlnrmbgBMvw+VB2RQ5mFGXV998QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMU/ejJh+tmtrrG1U2nbRu/op8TXMB8GA1UdIwQY
MBaAFMXxUrag0ARifShdh5qoPlhGGrLfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGZGU3RxRFFCR0o5S0YySG1xZy1XRVlhc3Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi81M2FkNWEtMGEzNy00ZjY1LWE2YzYt
NzM3ZTc4Yzg3MDEyLzEveGZGU3RxRFFCR0o5S0YySG1xZy1XRVlhc3Q4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi81M2FkNWEtMGEzNy00ZjY1LWE2YzYtNzM3ZTc4Yzg3MDEy
LzEveGZGU3RxRFFCR0o5S0YySG1xZy1XRVlhc3Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKawSBITB
TuxgWznIFPNnfvBOuAHdRNV/9BxrXwlGgAkd2HyLInDzQqhyjBx31BYT2higlG+o
n1ttETkw5s5Khn9YP0RdXxOCEvVjFOYVgIwTofEzkHaPiu4XWGdJXRlokAv4a5cM
uwub32N7CEdewj9OAdIB15OVXFaArU8UtZvhW4reLJ89Xk61di4cXjywGoE0V1j7
bY2Cu9Ha3pKpjlcQktUNWECzCgvFKeX/EoTmgppTfh0m+cKB8Tg4zdmZGr9Xthm8
S9gA9Meg7FXd5e/LOaGiFsjxRFrmeiwYlRouhdAXpku0oBVCILSBUYjonrpxJPR3
2zk5UNx22Bvgug==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:14:16 2025 by rpki-client