Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/95e060-fa2a-4057-9578-b0898fbb1cab/1/xHKa8T09FW9BGXaxduVU-mcddvc.mft
File: xHKa8T09FW9BGXaxduVU-mcddvc.mft (raw, json)
Hash identifier: voWwz8M3tFyMg9PYq7Jcb2Dqk8yznocqZaR0Jz7q1sQ=
Subject key identifier: C8:8D:43:C0:BB:07:2C:34:D5:6F:D6:41:54:C2:71:60:CA:2B:E0:16
Authority key identifier: C4:72:9A:F1:3D:3D:15:6F:41:19:76:B1:76:E5:54:FA:67:1D:76:F7
Certificate issuer: /CN=c4729af13d3d156f411976b176e554fa671d76f7
Certificate serial: 019A71B7960BEF5F4F9836C89891A1FD3FAA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xHKa8T09FW9BGXaxduVU-mcddvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/95e060-fa2a-4057-9578-b0898fbb1cab/1/xHKa8T09FW9BGXaxduVU-mcddvc.mft
Manifest number: 1463
Signing time: Tue 11 Nov 2025 07:00:48 +0000
Manifest this update: Tue 11 Nov 2025 07:00:48 +0000
Manifest next update: Wed 12 Nov 2025 07:00:48 +0000
Files and hashes: 1: qFZMGyq85ztg5ytAQ7RbzglxnGU.roa (hash: kMRZIxRuZxVhg2DxKXhubRuKlbKba7EMDPUaAyexKng=)
2: xHKa8T09FW9BGXaxduVU-mcddvc.crl (hash: GfXG7FEtf7eTNx8fM5ijAfv5Ki7u1HW6+ykj/T5uNM0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/95e060-fa2a-4057-9578-b0898fbb1cab/1/xHKa8T09FW9BGXaxduVU-mcddvc.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/95e060-fa2a-4057-9578-b0898fbb1cab/1/xHKa8T09FW9BGXaxduVU-mcddvc.mft
rsync://rpki.ripe.net/repository/DEFAULT/xHKa8T09FW9BGXaxduVU-mcddvc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:96:0b:ef:5f:4f:98:36:c8:98:91:a1:fd:3f:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4729af13d3d156f411976b176e554fa671d76f7
Validity
Not Before: Nov 11 07:00:48 2025 GMT
Not After : Nov 12 07:00:48 2025 GMT
Subject: CN=c88d43c0bb072c34d56fd64154c27160ca2be016
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:0a:61:31:7f:7e:1c:8d:d3:46:b4:c6:58:4d:
f4:df:3f:f3:9c:8d:01:23:5b:08:6a:3e:dd:25:56:
e0:2d:af:22:9b:66:9d:c8:9b:a1:e1:95:0c:c8:37:
5b:89:22:b1:5f:8b:4b:f3:a4:4e:a3:7c:ea:d2:11:
2e:d8:7b:88:6a:3c:3b:32:25:16:c0:c9:ed:e3:c8:
aa:53:a6:54:41:1d:c0:11:ff:9a:12:59:b0:a3:77:
bc:6c:04:28:b2:17:af:5e:f7:34:6d:cf:b6:d5:92:
26:11:88:7a:0f:fd:c5:65:e9:14:68:04:ef:36:6b:
f0:31:a8:11:35:d7:48:44:31:5a:d5:ee:c9:c8:61:
c8:31:27:ed:11:98:74:98:b2:89:7f:d0:c2:cf:af:
78:6c:e0:aa:08:3d:38:5d:59:ab:c3:a6:47:7a:d9:
64:b8:2d:84:59:14:1f:9b:b0:be:f1:52:e8:fe:1c:
56:a5:3b:a5:83:44:0e:88:81:65:37:0c:e9:ee:f9:
17:66:c1:95:43:a4:b7:e3:00:97:dd:49:ff:b6:b5:
c0:56:fa:46:83:27:92:64:34:18:ae:b7:40:59:6b:
10:af:0a:23:fa:81:48:a3:02:2b:88:ff:93:21:8d:
72:0c:78:dd:e3:02:a3:4a:12:90:03:b3:25:65:c3:
dc:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:8D:43:C0:BB:07:2C:34:D5:6F:D6:41:54:C2:71:60:CA:2B:E0:16
X509v3 Authority Key Identifier:
keyid:C4:72:9A:F1:3D:3D:15:6F:41:19:76:B1:76:E5:54:FA:67:1D:76:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xHKa8T09FW9BGXaxduVU-mcddvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/95e060-fa2a-4057-9578-b0898fbb1cab/1/xHKa8T09FW9BGXaxduVU-mcddvc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/95e060-fa2a-4057-9578-b0898fbb1cab/1/xHKa8T09FW9BGXaxduVU-mcddvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5c:00:30:9b:42:5a:d3:ee:4d:68:cc:da:1b:5a:8f:5b:24:5c:
6e:b0:f8:82:e1:a9:d1:fc:1f:31:fa:ea:a7:8f:56:24:8d:8f:
e6:cc:2f:d7:96:4b:a6:de:45:65:45:4a:07:da:9a:2c:20:d7:
92:9f:af:87:53:31:7a:10:11:a8:88:1b:f1:d8:ea:d8:d7:3e:
45:7b:95:22:ca:1b:6b:ed:4d:e8:41:01:97:66:61:86:2e:ea:
35:01:d4:36:3c:1f:df:61:3c:59:70:60:05:1c:3d:b1:d6:f4:
09:c2:39:d1:0b:dc:3b:3e:32:68:82:79:1f:f9:88:1d:64:52:
33:89:54:29:04:fb:54:0b:39:07:20:52:75:68:79:47:7b:fa:
18:84:d5:3d:db:d3:3b:f2:de:48:22:5d:cc:71:64:1a:a7:a2:
1e:c4:4b:59:00:cd:a2:1a:86:05:89:44:c5:3c:53:5d:a2:e5:
ec:a9:35:75:ea:cb:54:ef:f5:9b:76:9d:ed:15:0c:9e:09:3f:
2f:04:2c:0f:5b:e0:52:00:14:4e:95:a6:ba:d1:f9:55:1f:46:
35:1f:ad:c6:09:02:6f:0a:48:0e:a4:a6:55:da:49:28:a7:c2:
8e:aa:e5:a3:f8:57:37:2c:4f:0d:a1:a7:6a:f2:c9:3d:ab:2e:
0d:e1:be:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt5YL719PmDbImJGh/T+qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NzI5YWYxM2QzZDE1NmY0MTE5NzZiMTc2ZTU1NGZhNjcx
ZDc2ZjcwHhcNMjUxMTExMDcwMDQ4WhcNMjUxMTEyMDcwMDQ4WjAzMTEwLwYDVQQD
EyhjODhkNDNjMGJiMDcyYzM0ZDU2ZmQ2NDE1NGMyNzE2MGNhMmJlMDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAphMX9+HI3TRrTGWE303z/znI0B
I1sIaj7dJVbgLa8im2adyJuh4ZUMyDdbiSKxX4tL86ROo3zq0hEu2HuIajw7MiUW
wMnt48iqU6ZUQR3AEf+aElmwo3e8bAQoshevXvc0bc+21ZImEYh6D/3FZekUaATv
NmvwMagRNddIRDFa1e7JyGHIMSftEZh0mLKJf9DCz694bOCqCD04XVmrw6ZHetlk
uC2EWRQfm7C+8VLo/hxWpTulg0QOiIFlNwzp7vkXZsGVQ6S34wCX3Un/trXAVvpG
gyeSZDQYrrdAWWsQrwoj+oFIowIriP+TIY1yDHjd4wKjShKQA7MlZcPcewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMiNQ8C7Byw01W/WQVTCcWDKK+AWMB8GA1UdIwQY
MBaAFMRymvE9PRVvQRl2sXblVPpnHXb3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEhLYThUMDlGVzlCR1hheGR1VlUtbWNkZHZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85NWUwNjAtZmEyYS00MDU3LTk1Nzgt
YjA4OThmYmIxY2FiLzEveEhLYThUMDlGVzlCR1hheGR1VlUtbWNkZHZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85NWUwNjAtZmEyYS00MDU3LTk1NzgtYjA4OThmYmIxY2Fi
LzEveEhLYThUMDlGVzlCR1hheGR1VlUtbWNkZHZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXAAwm0Ja
0+5NaMzaG1qPWyRcbrD4guGp0fwfMfrqp49WJI2P5swv15ZLpt5FZUVKB9qaLCDX
kp+vh1MxehARqIgb8djq2Nc+RXuVIsoba+1N6EEBl2Zhhi7qNQHUNjwf32E8WXBg
BRw9sdb0CcI50QvcOz4yaIJ5H/mIHWRSM4lUKQT7VAs5ByBSdWh5R3v6GITVPdvT
O/LeSCJdzHFkGqeiHsRLWQDNohqGBYlExTxTXaLl7Kk1derLVO/1m3ad7RUMngk/
LwQsD1vgUgAUTpWmutH5VR9GNR+txgkCbwpIDqSmVdpJKKfCjqrlo/hXNyxPDaGn
avLJPasuDeG+5g==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:47:01 2025 by rpki-client