Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.mft
File: XX2xSVjPTXheWe9cbGefjvVMHYs.mft (raw, json)
Hash identifier: f6K0BB3aYMsA9gSahAnLJ3kWJ6qKqRuqOELAVL5Nscc=
Subject key identifier: E7:C7:04:82:57:FD:7D:5D:1F:A4:C6:B9:8A:7D:11:25:9B:D1:34:69
Authority key identifier: 5D:7D:B1:49:58:CF:4D:78:5E:59:EF:5C:6C:67:9F:8E:F5:4C:1D:8B
Certificate issuer: /CN=5d7db14958cf4d785e59ef5c6c679f8ef54c1d8b
Certificate serial: 019A7225DCC6C79AFC754D309551A0A0104F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XX2xSVjPTXheWe9cbGefjvVMHYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.mft
Manifest number: 0707
Signing time: Tue 11 Nov 2025 09:01:15 +0000
Manifest this update: Tue 11 Nov 2025 09:01:15 +0000
Manifest next update: Wed 12 Nov 2025 09:01:15 +0000
Files and hashes: 1: XX2xSVjPTXheWe9cbGefjvVMHYs.crl (hash: 0eTQNcdDRbSn48uqqGdZW5nkuKFAANwgEHUYpOt6eIA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.mft
rsync://rpki.ripe.net/repository/DEFAULT/XX2xSVjPTXheWe9cbGefjvVMHYs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:dc:c6:c7:9a:fc:75:4d:30:95:51:a0:a0:10:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d7db14958cf4d785e59ef5c6c679f8ef54c1d8b
Validity
Not Before: Nov 11 09:01:15 2025 GMT
Not After : Nov 12 09:01:15 2025 GMT
Subject: CN=e7c7048257fd7d5d1fa4c6b98a7d11259bd13469
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:6a:69:64:91:7c:0c:41:22:92:40:f6:d8:e3:
f0:0d:5f:d7:de:60:f1:e7:e6:8f:f9:fb:50:8e:b4:
b6:f1:ac:d3:11:0f:62:4a:af:f6:bb:4e:75:3b:b4:
6d:8b:36:e9:2b:4c:53:74:a8:8e:ce:e5:d9:e7:ab:
01:2c:41:e0:17:1e:04:d1:77:3c:70:34:03:7d:31:
2b:73:83:56:a5:e3:54:2d:93:60:77:91:db:8b:c1:
f1:da:66:23:31:15:14:cf:74:bd:18:c9:39:8c:5f:
37:44:1f:91:e0:ea:f6:a1:d4:45:89:de:89:4c:9b:
e8:8c:b7:73:00:35:0e:49:6b:3c:71:35:c6:50:d0:
20:8b:0a:d8:b0:81:7e:2b:9b:c3:d7:8e:bd:ce:68:
73:eb:fa:eb:33:02:3f:4c:32:da:09:e3:1d:e9:2d:
1a:51:da:ea:e4:3a:ba:03:43:83:e2:d7:20:64:2a:
8e:4e:a0:bb:b2:7f:8a:12:84:1e:26:f2:5a:fd:f5:
fe:1e:58:e0:e6:1b:4c:70:5c:72:54:43:88:11:a2:
e4:58:0e:23:2a:91:0d:01:4d:3d:45:c1:a8:bc:58:
16:e6:ff:6e:18:0d:b8:c3:b3:16:8a:30:80:ff:38:
18:ac:f3:96:60:d9:4a:56:d0:e6:ff:f7:7b:8d:35:
10:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:C7:04:82:57:FD:7D:5D:1F:A4:C6:B9:8A:7D:11:25:9B:D1:34:69
X509v3 Authority Key Identifier:
keyid:5D:7D:B1:49:58:CF:4D:78:5E:59:EF:5C:6C:67:9F:8E:F5:4C:1D:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XX2xSVjPTXheWe9cbGefjvVMHYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
39:2b:40:d4:ad:bc:90:7d:39:27:62:82:25:51:71:93:f7:51:
e3:e2:e0:39:63:8e:86:84:d7:af:92:8b:b9:69:9a:eb:4a:06:
07:3c:b4:08:20:bf:ba:ad:72:57:60:93:1b:61:28:af:c6:8a:
25:3a:71:74:41:9a:e5:09:0d:ff:d1:8d:38:c6:0e:a0:a6:1a:
b2:38:fc:af:0d:e7:7f:bc:f3:54:f5:b9:15:2b:1c:28:07:6a:
b3:5a:31:40:2d:66:48:e9:aa:00:8b:5e:81:02:9b:1d:e7:a5:
74:ea:11:be:b1:a7:fa:ab:1d:8c:a1:c2:bb:51:f4:8e:bf:84:
1b:12:41:e8:58:11:f7:3d:7b:1c:93:37:7b:7b:e7:8e:8f:c3:
3c:81:ae:08:d7:51:e7:fd:d1:1d:64:aa:c3:fc:65:01:a3:59:
8e:d7:ea:f7:a7:15:03:bd:38:18:69:f4:2d:cc:32:71:25:d1:
4a:34:4e:b3:5c:30:b1:5e:02:8c:b2:10:02:8b:ed:a7:b7:e7:
23:54:5c:8c:3a:a3:12:e0:8e:6a:f2:a8:73:ea:08:73:72:9f:
b0:b4:6c:e5:b9:c9:85:0d:50:9d:78:aa:07:3c:83:de:56:ed:
26:66:c8:ad:6f:98:87:bb:2d:08:2f:95:15:5e:d1:d4:1e:cf:
67:78:06:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJdzGx5r8dU0wlVGgoBBPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkN2RiMTQ5NThjZjRkNzg1ZTU5ZWY1YzZjNjc5ZjhlZjU0
YzFkOGIwHhcNMjUxMTExMDkwMTE1WhcNMjUxMTEyMDkwMTE1WjAzMTEwLwYDVQQD
EyhlN2M3MDQ4MjU3ZmQ3ZDVkMWZhNGM2Yjk4YTdkMTEyNTliZDEzNDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomppZJF8DEEikkD22OPwDV/X3mDx
5+aP+ftQjrS28azTEQ9iSq/2u051O7RtizbpK0xTdKiOzuXZ56sBLEHgFx4E0Xc8
cDQDfTErc4NWpeNULZNgd5Hbi8Hx2mYjMRUUz3S9GMk5jF83RB+R4Or2odRFid6J
TJvojLdzADUOSWs8cTXGUNAgiwrYsIF+K5vD1469zmhz6/rrMwI/TDLaCeMd6S0a
Udrq5Dq6A0OD4tcgZCqOTqC7sn+KEoQeJvJa/fX+Hljg5htMcFxyVEOIEaLkWA4j
KpENAU09RcGovFgW5v9uGA24w7MWijCA/zgYrPOWYNlKVtDm//d7jTUQDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOfHBIJX/X1dH6TGuYp9ESWb0TRpMB8GA1UdIwQY
MBaAFF19sUlYz014XlnvXGxnn471TB2LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFgyeFNWalBUWGhlV2U5Y2JHZWZqdlZNSFlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yMTdlOTctNmIyYy00YTVkLTkxNWIt
OTQ5YzYyOGU1ZjNjLzEvWFgyeFNWalBUWGhlV2U5Y2JHZWZqdlZNSFlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8yMTdlOTctNmIyYy00YTVkLTkxNWItOTQ5YzYyOGU1ZjNj
LzEvWFgyeFNWalBUWGhlV2U5Y2JHZWZqdlZNSFlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOStA1K28
kH05J2KCJVFxk/dR4+LgOWOOhoTXr5KLuWma60oGBzy0CCC/uq1yV2CTG2Eor8aK
JTpxdEGa5QkN/9GNOMYOoKYasjj8rw3nf7zzVPW5FSscKAdqs1oxQC1mSOmqAIte
gQKbHeeldOoRvrGn+qsdjKHCu1H0jr+EGxJB6FgR9z17HJM3e3vnjo/DPIGuCNdR
5/3RHWSqw/xlAaNZjtfq96cVA704GGn0LcwycSXRSjROs1wwsV4CjLIQAovtp7fn
I1RcjDqjEuCOavKoc+oIc3KfsLRs5bnJhQ1QnXiqBzyD3lbtJmbIrW+Yh7stCC+V
FV7R1B7PZ3gG+A==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:35:51 2025 by rpki-client