Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/3e23d7-a3b7-416f-8810-1efa7cf773a0/1/XqaMhTgQ0DILFWhE8pMXcBtYYQ0.mft
File: XqaMhTgQ0DILFWhE8pMXcBtYYQ0.mft (raw, json)
Hash identifier: okwr0vMcdqA5yuRylj7gH+izrKZproQZhP2BgRAgfOs=
Subject key identifier: 27:74:36:B1:2F:89:90:83:35:25:00:09:1D:B6:60:19:64:FF:16:20
Authority key identifier: 5E:A6:8C:85:38:10:D0:32:0B:15:68:44:F2:93:17:70:1B:58:61:0D
Certificate issuer: /CN=5ea68c853810d0320b156844f29317701b58610d
Certificate serial: 019A722595C4D9419D0559A8593AEE42AB3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XqaMhTgQ0DILFWhE8pMXcBtYYQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/3e23d7-a3b7-416f-8810-1efa7cf773a0/1/XqaMhTgQ0DILFWhE8pMXcBtYYQ0.mft
Manifest number: 0B5D
Signing time: Tue 11 Nov 2025 09:00:57 +0000
Manifest this update: Tue 11 Nov 2025 09:00:57 +0000
Manifest next update: Wed 12 Nov 2025 09:00:57 +0000
Files and hashes: 1: XqaMhTgQ0DILFWhE8pMXcBtYYQ0.crl (hash: yBm7Epv9upqG+b5h4ShTBdyaMtza2TnDm1SDVhyoBd0=)
2: zWctF490hB_hw_nmdFUFC_bPmMM.roa (hash: SsIXLaayVDdukX1So7HtLQgGu/7qBD8U27FPnJFIDDE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/3e23d7-a3b7-416f-8810-1efa7cf773a0/1/XqaMhTgQ0DILFWhE8pMXcBtYYQ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/3e23d7-a3b7-416f-8810-1efa7cf773a0/1/XqaMhTgQ0DILFWhE8pMXcBtYYQ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/XqaMhTgQ0DILFWhE8pMXcBtYYQ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:95:c4:d9:41:9d:05:59:a8:59:3a:ee:42:ab:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ea68c853810d0320b156844f29317701b58610d
Validity
Not Before: Nov 11 09:00:57 2025 GMT
Not After : Nov 12 09:00:57 2025 GMT
Subject: CN=277436b12f899083352500091db6601964ff1620
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:07:6c:dc:da:75:c8:b8:9f:04:aa:5b:68:d8:
26:39:dc:68:d3:36:86:77:1d:2a:df:46:a3:b7:48:
6b:33:57:17:e4:dc:f9:34:e2:7e:b3:b6:40:e9:0d:
37:02:4a:79:47:79:96:5f:17:72:71:27:8e:5e:53:
d7:1c:5a:4f:04:47:9e:60:c3:de:f5:ed:a7:b4:09:
b9:68:ac:3a:fe:da:5e:6c:20:8f:87:8d:41:89:af:
7a:c5:c7:45:be:2f:3e:a2:67:b6:c3:c7:88:85:42:
17:e5:7e:60:23:aa:ec:dc:7b:a8:dd:9a:5b:36:85:
57:49:03:3c:ae:dc:b1:1e:b2:4e:59:b1:ee:2c:9c:
35:d8:e0:03:02:82:c3:b8:cf:cc:b7:de:32:63:d8:
e3:71:28:0a:d6:e0:db:7d:2a:bd:4c:a2:bc:78:66:
3a:9b:18:5b:59:6b:39:19:78:5c:e9:24:cb:08:c0:
48:c5:0c:c1:96:ba:3b:21:3d:79:33:f0:7a:94:7c:
92:aa:de:f7:d3:bd:52:d0:0d:a0:dc:a9:c5:b4:fa:
07:46:c8:43:d9:a5:c7:bd:62:5f:fb:9c:29:6b:ac:
c1:ec:a1:10:a1:f5:5f:7c:31:98:33:20:d3:cf:95:
18:9d:90:7b:ee:33:9d:be:c6:11:30:4b:d4:d6:02:
6d:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:74:36:B1:2F:89:90:83:35:25:00:09:1D:B6:60:19:64:FF:16:20
X509v3 Authority Key Identifier:
keyid:5E:A6:8C:85:38:10:D0:32:0B:15:68:44:F2:93:17:70:1B:58:61:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XqaMhTgQ0DILFWhE8pMXcBtYYQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/3e23d7-a3b7-416f-8810-1efa7cf773a0/1/XqaMhTgQ0DILFWhE8pMXcBtYYQ0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/3e23d7-a3b7-416f-8810-1efa7cf773a0/1/XqaMhTgQ0DILFWhE8pMXcBtYYQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2e:d7:4e:d0:08:97:03:c2:bf:8d:29:11:f8:b2:2a:cc:cc:f2:
cb:1a:3e:ee:e4:dd:8b:92:fe:b7:f8:e2:b4:e6:bb:8e:f0:5d:
ab:a0:a7:d4:2c:4d:d8:c2:09:e5:aa:54:95:8b:d5:d6:b6:d9:
9a:90:ae:4f:0d:cc:36:d6:ce:4e:d2:a1:ae:b2:9e:2b:7d:0f:
e7:ce:50:44:5c:40:8b:df:12:f9:70:8e:8a:24:c0:21:65:fc:
7e:34:82:87:67:c7:b9:0e:30:1c:e4:8e:78:09:64:e5:18:5e:
ad:d6:77:eb:5a:91:18:15:29:a2:f8:0f:0e:44:9a:39:1c:56:
87:27:1d:08:61:ed:a2:2e:a6:aa:4d:da:b9:df:09:20:3e:2e:
e4:6f:e6:67:64:cf:91:40:bf:40:b6:77:ce:c2:d4:f6:40:14:
41:d2:06:d2:00:38:19:ed:4f:39:95:7c:26:e3:5d:45:2b:c5:
f8:a6:c2:9d:94:77:85:a6:d9:b6:d1:b8:91:fa:63:bd:17:33:
63:8e:61:0c:53:38:83:0f:f1:26:d3:1d:d1:0b:bd:df:b5:93:
e8:78:07:09:dc:f3:fd:e7:e3:14:c4:72:99:0a:30:d6:21:0a:
6e:27:46:2c:5d:a5:b0:1e:74:f6:3e:8e:cc:44:45:c1:e5:6e:
cb:2e:0e:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJZXE2UGdBVmoWTruQqs8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYTY4Yzg1MzgxMGQwMzIwYjE1Njg0NGYyOTMxNzcwMWI1
ODYxMGQwHhcNMjUxMTExMDkwMDU3WhcNMjUxMTEyMDkwMDU3WjAzMTEwLwYDVQQD
EygyNzc0MzZiMTJmODk5MDgzMzUyNTAwMDkxZGI2NjAxOTY0ZmYxNjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswds3Np1yLifBKpbaNgmOdxo0zaG
dx0q30ajt0hrM1cX5Nz5NOJ+s7ZA6Q03Akp5R3mWXxdycSeOXlPXHFpPBEeeYMPe
9e2ntAm5aKw6/tpebCCPh41Bia96xcdFvi8+ome2w8eIhUIX5X5gI6rs3Huo3Zpb
NoVXSQM8rtyxHrJOWbHuLJw12OADAoLDuM/Mt94yY9jjcSgK1uDbfSq9TKK8eGY6
mxhbWWs5GXhc6STLCMBIxQzBlro7IT15M/B6lHySqt73071S0A2g3KnFtPoHRshD
2aXHvWJf+5wpa6zB7KEQofVffDGYMyDTz5UYnZB77jOdvsYRMEvU1gJtpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCd0NrEviZCDNSUACR22YBlk/xYgMB8GA1UdIwQY
MBaAFF6mjIU4ENAyCxVoRPKTF3AbWGENMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHFhTWhUZ1EwRElMRldoRThwTVhjQnRZWVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8zZTIzZDctYTNiNy00MTZmLTg4MTAt
MWVmYTdjZjc3M2EwLzEvWHFhTWhUZ1EwRElMRldoRThwTVhjQnRZWVEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8zZTIzZDctYTNiNy00MTZmLTg4MTAtMWVmYTdjZjc3M2Ew
LzEvWHFhTWhUZ1EwRElMRldoRThwTVhjQnRZWVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALtdO0AiX
A8K/jSkR+LIqzMzyyxo+7uTdi5L+t/jitOa7jvBdq6Cn1CxN2MIJ5apUlYvV1rbZ
mpCuTw3MNtbOTtKhrrKeK30P585QRFxAi98S+XCOiiTAIWX8fjSCh2fHuQ4wHOSO
eAlk5RherdZ361qRGBUpovgPDkSaORxWhycdCGHtoi6mqk3aud8JID4u5G/mZ2TP
kUC/QLZ3zsLU9kAUQdIG0gA4Ge1POZV8JuNdRSvF+KbCnZR3habZttG4kfpjvRcz
Y45hDFM4gw/xJtMd0Qu937WT6HgHCdzz/efjFMRymQow1iEKbidGLF2lsB509j6O
zERFweVuyy4Ohg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:44:22 2025 by rpki-client