Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft
File: XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft (raw, json)
Hash identifier: FpA9tHXpqwfK/h+1lw38xEcjQ83yOmTZ5XdEqowbYfU=
Subject key identifier: 79:92:5C:39:27:A7:38:6E:C7:8B:CB:A7:77:7D:FB:82:80:72:3D:05
Authority key identifier: 5E:77:44:67:E2:18:49:52:49:43:D2:BD:45:90:10:72:0F:3E:20:E4
Certificate issuer: /CN=5e774467e21849524943d2bd459010720f3e20e4
Certificate serial: 019A64341F9AF2D138AA28841A97A1145D51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft
Manifest number: 1227
Signing time: Sat 08 Nov 2025 16:02:08 +0000
Manifest this update: Sat 08 Nov 2025 16:02:08 +0000
Manifest next update: Sun 09 Nov 2025 16:02:08 +0000
Files and hashes: 1: QGKSiFavp9LMElSoLZBhqzLqFMM.roa (hash: ip/2uYmlI+BKnaF8k1mqNHwsPmNtHEQrk8aTeSCdMUA=)
2: XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.crl (hash: akgWmTzxv5c2EZu7XyjT2Rf7v/U7ElV7ccth1coUDK4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Nov 2025 16:02:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:64:34:1f:9a:f2:d1:38:aa:28:84:1a:97:a1:14:5d:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e774467e21849524943d2bd459010720f3e20e4
Validity
Not Before: Nov 8 16:02:08 2025 GMT
Not After : Nov 9 16:02:08 2025 GMT
Subject: CN=79925c3927a7386ec78bcba7777dfb8280723d05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:86:fb:84:d1:95:3a:a4:33:f5:da:7d:e7:06:
f0:55:9b:ff:79:29:c4:6d:68:64:d1:1a:0f:7d:bf:
13:60:63:2f:46:0e:f4:91:37:4d:9a:6f:5c:4e:c2:
ad:79:c7:54:a5:7e:03:3e:66:cf:34:b0:b3:2c:54:
bc:fb:b6:32:06:d8:87:db:04:1d:6a:ca:2b:7e:b9:
d5:9d:77:d6:86:d8:a3:ca:02:f6:93:5e:48:ff:2d:
a0:93:5d:d8:f3:66:a9:1e:33:79:e0:cc:1f:be:c2:
e8:c6:d3:b5:f2:b8:24:5e:5c:29:62:a0:f3:3c:e7:
a8:8c:b8:56:61:4b:6f:8d:d0:8f:54:46:2e:33:d3:
46:16:97:42:bc:f1:40:a0:26:03:27:a9:1d:85:ee:
0f:e8:d9:31:e0:c4:b0:0e:ec:8b:23:94:ca:12:1b:
73:19:a9:bd:91:c1:25:83:34:bb:8a:68:fa:e1:1f:
ad:fd:29:7b:6e:7e:f0:aa:1c:fa:a8:e4:41:ae:dd:
48:e5:28:cf:37:ea:68:e0:16:26:bf:9d:4b:94:ba:
99:20:97:8f:b9:7b:53:f7:ad:03:60:b8:75:ac:13:
7d:9c:35:71:e0:7b:e2:34:2d:fd:4e:61:ec:86:a0:
77:6a:1c:6e:2a:9b:58:d6:79:ea:60:d8:bf:50:8c:
20:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:92:5C:39:27:A7:38:6E:C7:8B:CB:A7:77:7D:FB:82:80:72:3D:05
X509v3 Authority Key Identifier:
keyid:5E:77:44:67:E2:18:49:52:49:43:D2:BD:45:90:10:72:0F:3E:20:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a9:f5:c7:db:58:55:9b:eb:3f:72:a1:3f:65:96:64:08:d6:5e:
60:dd:84:fb:81:83:40:ff:a9:f5:bd:83:a8:bb:de:d9:49:ce:
a2:eb:01:76:10:5d:91:a5:c7:94:70:c6:fe:a8:9a:7f:6f:89:
ce:47:a3:f0:33:d0:64:a4:f2:23:e8:7d:63:3f:e3:d7:bb:f9:
6a:b9:0f:05:9f:f6:79:a8:3f:76:59:2e:67:00:4b:93:a2:87:
67:74:8f:b0:c2:be:ac:9d:48:87:ff:4e:65:4f:10:f3:e5:e0:
06:ce:f9:02:65:e0:c2:de:c3:6a:ae:c2:fa:e7:b4:b8:73:4a:
d0:b6:f0:16:0f:fd:29:5c:fb:17:b2:26:6d:49:96:96:7e:97:
1f:99:36:78:14:06:49:7b:43:94:4d:45:a1:81:c8:06:e4:46:
b7:3f:ce:8a:3a:fa:cb:6d:42:69:13:06:6e:7b:66:a6:3f:1c:
30:f3:96:1c:33:65:ea:f3:a4:77:8e:27:97:71:f7:eb:aa:ee:
70:ba:42:9a:05:44:7d:1a:d3:98:e1:d3:80:69:75:a3:ae:c3:
99:d6:cd:cb:9f:5c:23:56:70:3b:7d:51:34:2f:e3:ae:58:42:
64:61:33:41:52:db:26:37:c9:ad:b0:36:18:73:f2:b1:03:b4:
11:09:fe:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpkNB+a8tE4qiiEGpehFF1RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNzc0NDY3ZTIxODQ5NTI0OTQzZDJiZDQ1OTAxMDcyMGYz
ZTIwZTQwHhcNMjUxMTA4MTYwMjA4WhcNMjUxMTA5MTYwMjA4WjAzMTEwLwYDVQQD
Eyg3OTkyNWMzOTI3YTczODZlYzc4YmNiYTc3NzdkZmI4MjgwNzIzZDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyYb7hNGVOqQz9dp95wbwVZv/eSnE
bWhk0RoPfb8TYGMvRg70kTdNmm9cTsKtecdUpX4DPmbPNLCzLFS8+7YyBtiH2wQd
asorfrnVnXfWhtijygL2k15I/y2gk13Y82apHjN54MwfvsLoxtO18rgkXlwpYqDz
POeojLhWYUtvjdCPVEYuM9NGFpdCvPFAoCYDJ6kdhe4P6Nkx4MSwDuyLI5TKEhtz
Gam9kcElgzS7imj64R+t/Sl7bn7wqhz6qORBrt1I5SjPN+po4BYmv51LlLqZIJeP
uXtT960DYLh1rBN9nDVx4HviNC39TmHshqB3ahxuKptY1nnqYNi/UIwgsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHmSXDknpzhux4vLp3d9+4KAcj0FMB8GA1UdIwQY
MBaAFF53RGfiGElSSUPSvUWQEHIPPiDkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWG5kRVotSVlTVkpKUTlLOVJaQVFjZzgtSU9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8yMGEyMmYtMjBmYS00ZDk4LThiMDMt
YWE0MDA1MzJkYWViLzEvWG5kRVotSVlTVkpKUTlLOVJaQVFjZzgtSU9RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8yMGEyMmYtMjBmYS00ZDk4LThiMDMtYWE0MDA1MzJkYWVi
LzEvWG5kRVotSVlTVkpKUTlLOVJaQVFjZzgtSU9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqfXH21hV
m+s/cqE/ZZZkCNZeYN2E+4GDQP+p9b2DqLve2UnOousBdhBdkaXHlHDG/qiaf2+J
zkej8DPQZKTyI+h9Yz/j17v5arkPBZ/2eag/dlkuZwBLk6KHZ3SPsMK+rJ1Ih/9O
ZU8Q8+XgBs75AmXgwt7Daq7C+ue0uHNK0LbwFg/9KVz7F7ImbUmWln6XH5k2eBQG
SXtDlE1FoYHIBuRGtz/Oijr6y21CaRMGbntmpj8cMPOWHDNl6vOkd44nl3H366ru
cLpCmgVEfRrTmOHTgGl1o67DmdbNy59cI1ZwO31RNC/jrlhCZGEzQVLbJjfJrbA2
GHPysQO0EQn+Nw==
-----END CERTIFICATE-----
Generated at Sun Nov 9 00:18:19 2025 by rpki-client