Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/57b891-a912-4c6a-8e3b-d41fcdf57598/1/XYO1pn2S_6hHbJMhqnv21KINPas.mft
File: XYO1pn2S_6hHbJMhqnv21KINPas.mft (raw, json)
Hash identifier: VYU2eCfIsI4sNtSC5L4D+QFoJVdKsiGzEEa+XXOhccE=
Subject key identifier: 7A:F5:42:B7:09:37:CE:7F:71:BD:8F:1E:F8:DF:8F:20:17:C7:45:42
Authority key identifier: 5D:83:B5:A6:7D:92:FF:A8:47:6C:93:21:AA:7B:F6:D4:A2:0D:3D:AB
Certificate issuer: /CN=5d83b5a67d92ffa8476c9321aa7bf6d4a20d3dab
Certificate serial: 019A70DC36E48BDD38BD75D5B000C1B7E393
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XYO1pn2S_6hHbJMhqnv21KINPas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/57b891-a912-4c6a-8e3b-d41fcdf57598/1/XYO1pn2S_6hHbJMhqnv21KINPas.mft
Manifest number: 1119
Signing time: Tue 11 Nov 2025 03:01:11 +0000
Manifest this update: Tue 11 Nov 2025 03:01:11 +0000
Manifest next update: Wed 12 Nov 2025 03:01:11 +0000
Files and hashes: 1: XYO1pn2S_6hHbJMhqnv21KINPas.crl (hash: Vs6a6BHn4oHugn9e2ch0Q+X1aldC6vZSC8L8iJBimPg=)
2: yQMt2r0-C951BN6h68fRFJDbCC8.roa (hash: tYqh+1wBm4KwmsyhvHbFDKO/UGyJb2eTnTj9n8iYekw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/57b891-a912-4c6a-8e3b-d41fcdf57598/1/XYO1pn2S_6hHbJMhqnv21KINPas.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/57b891-a912-4c6a-8e3b-d41fcdf57598/1/XYO1pn2S_6hHbJMhqnv21KINPas.mft
rsync://rpki.ripe.net/repository/DEFAULT/XYO1pn2S_6hHbJMhqnv21KINPas.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:dc:36:e4:8b:dd:38:bd:75:d5:b0:00:c1:b7:e3:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d83b5a67d92ffa8476c9321aa7bf6d4a20d3dab
Validity
Not Before: Nov 11 03:01:11 2025 GMT
Not After : Nov 12 03:01:11 2025 GMT
Subject: CN=7af542b70937ce7f71bd8f1ef8df8f2017c74542
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:d1:7b:99:3c:0a:94:22:cd:ef:94:ed:a8:d8:
40:8d:da:99:87:c5:ba:35:08:29:f5:e3:86:47:79:
36:38:2c:ce:66:40:a5:d2:78:bb:30:24:66:d7:fe:
10:08:44:4b:e5:67:a8:8b:f5:d8:1e:f5:47:7a:ea:
71:82:95:bc:b4:1f:9e:8a:97:b3:d3:2a:49:d4:9f:
65:0c:0b:88:4e:27:b7:b5:c5:0d:43:76:fb:10:fe:
c9:32:c2:d9:a7:15:d6:29:d6:89:54:0c:06:8f:72:
29:8c:54:33:72:f3:9d:f4:8e:e0:6b:a8:19:b7:b1:
33:a6:da:58:b0:5e:1b:ef:b1:71:dd:1d:d7:d5:24:
bd:9f:c9:62:d5:f4:3e:41:84:89:5a:43:19:85:bf:
f3:60:90:d9:52:3b:3f:2e:a2:ad:a0:8a:fb:ca:f7:
85:29:36:a5:7d:35:cd:04:38:ef:8e:e0:e3:65:f7:
18:80:16:24:24:3f:b4:fa:9c:e1:3e:9f:61:c2:bf:
de:3e:5e:da:31:00:5d:09:2c:3a:fd:65:44:b7:3d:
0b:f5:67:91:14:3e:26:d9:db:c5:ef:7e:4f:df:f7:
86:6d:8d:55:0a:dc:c2:11:46:69:15:b7:e5:2a:47:
55:7f:b7:1e:05:74:e0:d8:de:34:cb:8f:ef:65:93:
8d:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:F5:42:B7:09:37:CE:7F:71:BD:8F:1E:F8:DF:8F:20:17:C7:45:42
X509v3 Authority Key Identifier:
keyid:5D:83:B5:A6:7D:92:FF:A8:47:6C:93:21:AA:7B:F6:D4:A2:0D:3D:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYO1pn2S_6hHbJMhqnv21KINPas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/57b891-a912-4c6a-8e3b-d41fcdf57598/1/XYO1pn2S_6hHbJMhqnv21KINPas.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/57b891-a912-4c6a-8e3b-d41fcdf57598/1/XYO1pn2S_6hHbJMhqnv21KINPas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
98:74:ce:80:d0:9c:30:49:e7:f3:9e:61:8c:fb:62:2e:7a:48:
47:6f:68:fb:62:0d:cd:ec:bb:6d:1b:49:e8:0b:52:da:59:73:
e2:3b:4e:d5:21:0f:5b:61:31:f9:77:79:92:66:55:d8:4a:3f:
73:c6:39:fb:a4:94:81:a3:80:f7:f9:16:87:7a:ca:17:db:b5:
d2:c8:9e:30:b3:0c:50:75:6b:f1:6e:13:0b:f2:b4:3e:80:28:
58:4f:69:72:7c:1e:b5:23:1f:dc:50:f2:0e:04:63:c4:cd:eb:
c8:44:08:79:ae:72:49:22:16:b7:f2:9d:e1:d7:9d:83:c5:59:
af:c1:da:24:bf:e2:ae:1c:8f:dd:c9:db:3a:66:64:a1:11:1a:
b3:5e:e4:6d:6c:f2:ce:e0:61:61:69:ff:88:f8:6e:f0:85:ea:
4d:98:ad:9a:a5:12:bd:ae:7d:29:1b:e0:db:75:7f:c9:c6:4d:
0c:a6:b8:42:86:87:06:9a:28:8c:a1:40:bc:fe:3d:48:de:93:
95:77:d0:da:95:80:03:93:16:83:f9:1b:7e:02:f8:9a:bd:b6:
d0:22:a8:4f:c0:04:2c:3b:f6:92:59:1a:42:93:54:7d:a4:ae:
cc:11:ad:16:02:f4:62:93:c6:c5:13:d3:7f:d1:96:1e:cc:d8:
da:b6:98:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3Dbki904vXXVsADBt+OTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkODNiNWE2N2Q5MmZmYTg0NzZjOTMyMWFhN2JmNmQ0YTIw
ZDNkYWIwHhcNMjUxMTExMDMwMTExWhcNMjUxMTEyMDMwMTExWjAzMTEwLwYDVQQD
Eyg3YWY1NDJiNzA5MzdjZTdmNzFiZDhmMWVmOGRmOGYyMDE3Yzc0NTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3dF7mTwKlCLN75TtqNhAjdqZh8W6
NQgp9eOGR3k2OCzOZkCl0ni7MCRm1/4QCERL5Weoi/XYHvVHeupxgpW8tB+eipez
0ypJ1J9lDAuITie3tcUNQ3b7EP7JMsLZpxXWKdaJVAwGj3IpjFQzcvOd9I7ga6gZ
t7EzptpYsF4b77Fx3R3X1SS9n8li1fQ+QYSJWkMZhb/zYJDZUjs/LqKtoIr7yveF
KTalfTXNBDjvjuDjZfcYgBYkJD+0+pzhPp9hwr/ePl7aMQBdCSw6/WVEtz0L9WeR
FD4m2dvF735P3/eGbY1VCtzCEUZpFbflKkdVf7ceBXTg2N40y4/vZZON+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHr1QrcJN85/cb2PHvjfjyAXx0VCMB8GA1UdIwQY
MBaAFF2DtaZ9kv+oR2yTIap79tSiDT2rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFlPMXBuMlNfNmhIYkpNaHFudjIxS0lOUGFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi81N2I4OTEtYTkxMi00YzZhLThlM2It
ZDQxZmNkZjU3NTk4LzEvWFlPMXBuMlNfNmhIYkpNaHFudjIxS0lOUGFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi81N2I4OTEtYTkxMi00YzZhLThlM2ItZDQxZmNkZjU3NTk4
LzEvWFlPMXBuMlNfNmhIYkpNaHFudjIxS0lOUGFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmHTOgNCc
MEnn855hjPtiLnpIR29o+2INzey7bRtJ6AtS2llz4jtO1SEPW2Ex+Xd5kmZV2Eo/
c8Y5+6SUgaOA9/kWh3rKF9u10sieMLMMUHVr8W4TC/K0PoAoWE9pcnwetSMf3FDy
DgRjxM3ryEQIea5ySSIWt/Kd4dedg8VZr8HaJL/irhyP3cnbOmZkoREas17kbWzy
zuBhYWn/iPhu8IXqTZitmqUSva59KRvg23V/ycZNDKa4QoaHBpoojKFAvP49SN6T
lXfQ2pWAA5MWg/kbfgL4mr220CKoT8AELDv2klkaQpNUfaSuzBGtFgL0YpPGxRPT
f9GWHszY2raYvQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:27:23 2025 by rpki-client