Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/76275a-6f41-4804-837b-89799deadc47/1/XcZ8a-Nnq56UHRQn0FBElEe4hlw.mft
File: XcZ8a-Nnq56UHRQn0FBElEe4hlw.mft (raw, json)
Hash identifier: zNKuVsxwtUO9EYnEyT6SPsfHA90yT75CIeHGSOhLrqs=
Subject key identifier: 24:D3:52:02:C1:50:51:D9:BC:9F:86:40:29:B4:06:3C:19:0C:5C:AE
Authority key identifier: 5D:C6:7C:6B:E3:67:AB:9E:94:1D:14:27:D0:50:44:94:47:B8:86:5C
Certificate issuer: /CN=5dc67c6be367ab9e941d1427d050449447b8865c
Certificate serial: 019A725C80655D77C04A8492D8B504713300
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XcZ8a-Nnq56UHRQn0FBElEe4hlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/76275a-6f41-4804-837b-89799deadc47/1/XcZ8a-Nnq56UHRQn0FBElEe4hlw.mft
Manifest number: 1726
Signing time: Tue 11 Nov 2025 10:00:55 +0000
Manifest this update: Tue 11 Nov 2025 10:00:55 +0000
Manifest next update: Wed 12 Nov 2025 10:00:55 +0000
Files and hashes: 1: XcZ8a-Nnq56UHRQn0FBElEe4hlw.crl (hash: WbITYjltY7nKUHZiFp6d0Pc70DFizZCjuURPnpOa28o=)
2: yPiwl9qBas0_CWwr3HhvXq6bAGE.roa (hash: yb05fvQGJfFhNZnnjkljRSCUExMNOud+I+YEv/Cdk1I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/76275a-6f41-4804-837b-89799deadc47/1/XcZ8a-Nnq56UHRQn0FBElEe4hlw.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/76275a-6f41-4804-837b-89799deadc47/1/XcZ8a-Nnq56UHRQn0FBElEe4hlw.mft
rsync://rpki.ripe.net/repository/DEFAULT/XcZ8a-Nnq56UHRQn0FBElEe4hlw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:80:65:5d:77:c0:4a:84:92:d8:b5:04:71:33:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dc67c6be367ab9e941d1427d050449447b8865c
Validity
Not Before: Nov 11 10:00:55 2025 GMT
Not After : Nov 12 10:00:55 2025 GMT
Subject: CN=24d35202c15051d9bc9f864029b4063c190c5cae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d2:15:8f:7b:f5:b7:53:9e:d8:04:68:9a:de:
ef:9f:6c:a7:47:10:25:a3:2e:0d:b4:33:90:19:db:
37:62:23:9a:5c:98:4e:e5:58:59:a5:d5:fc:43:f1:
1c:7f:41:aa:c9:6e:c9:2b:d9:ed:a1:a3:96:83:78:
d1:d9:e8:13:8b:12:69:91:07:bf:80:99:9e:60:3c:
77:be:f8:08:ab:72:e0:7d:fe:80:8b:11:bb:1a:6b:
6f:4a:45:2c:ce:46:ea:05:bd:67:42:39:27:7c:1d:
a7:49:78:6b:99:13:30:b5:c5:b6:9f:44:1d:f2:14:
dc:42:51:7d:05:3a:43:87:da:9e:37:86:8f:7f:a9:
f3:f6:5a:74:e9:09:61:5c:49:35:30:3e:a9:8d:0c:
ab:3e:cc:eb:c3:91:50:b9:dc:15:e7:91:03:0a:bc:
78:45:54:da:43:23:ed:46:5a:04:8b:c7:25:8b:09:
10:67:6c:49:c8:6f:c8:0e:24:df:d6:2b:c5:60:d3:
d7:67:b4:0d:21:5e:e3:28:b9:4b:ff:d0:54:43:5e:
ee:5e:d1:dd:c0:84:0e:57:ec:58:ed:65:46:d2:58:
b6:2f:e1:55:1f:2c:36:9d:b4:cd:92:81:37:83:18:
82:dc:9b:e2:11:ef:33:2a:d5:01:2a:0c:61:e9:46:
4f:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:D3:52:02:C1:50:51:D9:BC:9F:86:40:29:B4:06:3C:19:0C:5C:AE
X509v3 Authority Key Identifier:
keyid:5D:C6:7C:6B:E3:67:AB:9E:94:1D:14:27:D0:50:44:94:47:B8:86:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XcZ8a-Nnq56UHRQn0FBElEe4hlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/76275a-6f41-4804-837b-89799deadc47/1/XcZ8a-Nnq56UHRQn0FBElEe4hlw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/76275a-6f41-4804-837b-89799deadc47/1/XcZ8a-Nnq56UHRQn0FBElEe4hlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
42:ca:11:d2:b6:5b:86:b2:eb:91:6c:4f:bd:44:6e:85:f2:79:
8a:da:b1:cb:f0:e4:98:fd:e4:cb:ab:1c:81:3f:22:25:77:23:
cf:fe:17:49:08:7d:53:e1:7d:1f:c3:37:75:49:5a:9c:f8:45:
dd:a9:42:1b:23:25:33:26:f3:8f:78:b6:10:28:7d:ce:0e:c7:
fd:9c:c0:8d:13:27:a7:6a:ac:df:34:34:87:42:69:05:cf:28:
25:79:c7:f9:00:fd:e5:6e:50:f9:7c:5d:ca:dd:21:5c:c4:5f:
e3:ad:1c:83:58:67:d1:36:45:24:88:ba:a0:e7:25:1f:1b:9d:
e6:c9:e0:23:9a:b4:cb:d5:c2:63:5c:78:61:e9:3b:50:05:f6:
0c:05:13:12:f6:05:b8:1f:97:40:94:fe:c6:e6:fe:fa:3a:91:
a4:fe:69:d8:07:61:1a:f9:57:da:b8:ba:33:ae:a6:c1:94:86:
6d:f3:38:90:3a:92:65:f5:0d:76:18:51:01:ad:c8:7e:e5:41:
2b:8b:a3:33:43:26:4e:02:4a:c5:4d:5f:6c:d4:f0:b6:70:3c:
65:9d:47:7c:82:23:d0:c1:b2:71:f4:87:2a:8b:8c:ba:f6:1c:
30:da:b0:1b:7a:34:28:f8:84:d6:7a:0d:94:be:4d:b5:b5:bb:
bc:ee:2e:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXIBlXXfASoSS2LUEcTMAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYzY3YzZiZTM2N2FiOWU5NDFkMTQyN2QwNTA0NDk0NDdi
ODg2NWMwHhcNMjUxMTExMTAwMDU1WhcNMjUxMTEyMTAwMDU1WjAzMTEwLwYDVQQD
EygyNGQzNTIwMmMxNTA1MWQ5YmM5Zjg2NDAyOWI0MDYzYzE5MGM1Y2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotIVj3v1t1Oe2ARomt7vn2ynRxAl
oy4NtDOQGds3YiOaXJhO5VhZpdX8Q/Ecf0GqyW7JK9ntoaOWg3jR2egTixJpkQe/
gJmeYDx3vvgIq3Lgff6AixG7GmtvSkUszkbqBb1nQjknfB2nSXhrmRMwtcW2n0Qd
8hTcQlF9BTpDh9qeN4aPf6nz9lp06QlhXEk1MD6pjQyrPszrw5FQudwV55EDCrx4
RVTaQyPtRloEi8cliwkQZ2xJyG/IDiTf1ivFYNPXZ7QNIV7jKLlL/9BUQ17uXtHd
wIQOV+xY7WVG0li2L+FVHyw2nbTNkoE3gxiC3JviEe8zKtUBKgxh6UZPRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCTTUgLBUFHZvJ+GQCm0BjwZDFyuMB8GA1UdIwQY
MBaAFF3GfGvjZ6uelB0UJ9BQRJRHuIZcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGNaOGEtTm5xNTZVSFJRbjBGQkVsRWU0aGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy83NjI3NWEtNmY0MS00ODA0LTgzN2It
ODk3OTlkZWFkYzQ3LzEvWGNaOGEtTm5xNTZVSFJRbjBGQkVsRWU0aGx3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy83NjI3NWEtNmY0MS00ODA0LTgzN2ItODk3OTlkZWFkYzQ3
LzEvWGNaOGEtTm5xNTZVSFJRbjBGQkVsRWU0aGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQsoR0rZb
hrLrkWxPvURuhfJ5itqxy/DkmP3ky6scgT8iJXcjz/4XSQh9U+F9H8M3dUlanPhF
3alCGyMlMybzj3i2ECh9zg7H/ZzAjRMnp2qs3zQ0h0JpBc8oJXnH+QD95W5Q+Xxd
yt0hXMRf460cg1hn0TZFJIi6oOclHxud5sngI5q0y9XCY1x4Yek7UAX2DAUTEvYF
uB+XQJT+xub++jqRpP5p2AdhGvlX2ri6M66mwZSGbfM4kDqSZfUNdhhRAa3IfuVB
K4ujM0MmTgJKxU1fbNTwtnA8ZZ1HfIIj0MGycfSHKouMuvYcMNqwG3o0KPiE1noN
lL5NtbW7vO4uFQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 17:19:37 2025 by rpki-client