Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/c03d37-4efc-4c3c-8281-3c738544482e/1/fXhWyXvrl8KzhvuVjC2xIsV9s2w.mft
File: fXhWyXvrl8KzhvuVjC2xIsV9s2w.mft (raw, json)
Hash identifier: Lgxgd5psWszrCCcfW3HZjIGgILJcMlqIOLAb7cqJ71Q=
Subject key identifier: E8:98:BC:DE:83:12:31:23:73:42:23:86:19:10:6D:0C:83:BA:53:10
Authority key identifier: 7D:78:56:C9:7B:EB:97:C2:B3:86:FB:95:8C:2D:B1:22:C5:7D:B3:6C
Certificate issuer: /CN=7d7856c97beb97c2b386fb958c2db122c57db36c
Certificate serial: 019A725CF5C192709FCB5B9A2FCFC4EBD4D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fXhWyXvrl8KzhvuVjC2xIsV9s2w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/c03d37-4efc-4c3c-8281-3c738544482e/1/fXhWyXvrl8KzhvuVjC2xIsV9s2w.mft
Manifest number: 0568
Signing time: Tue 11 Nov 2025 10:01:26 +0000
Manifest this update: Tue 11 Nov 2025 10:01:26 +0000
Manifest next update: Wed 12 Nov 2025 10:01:26 +0000
Files and hashes: 1: 7IU0huufqQxYxItg8zFZPOwzYRM.roa (hash: I4C8M2jxvU1m60xK7AT2Uz7jOA8Cd0LrtZ3lmEnNBLc=)
2: fXhWyXvrl8KzhvuVjC2xIsV9s2w.crl (hash: 0+K85DfJFQCgH/jleoa9ipxuLf2bRKW+A3wFhpHcamI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/c03d37-4efc-4c3c-8281-3c738544482e/1/fXhWyXvrl8KzhvuVjC2xIsV9s2w.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/c03d37-4efc-4c3c-8281-3c738544482e/1/fXhWyXvrl8KzhvuVjC2xIsV9s2w.mft
rsync://rpki.ripe.net/repository/DEFAULT/fXhWyXvrl8KzhvuVjC2xIsV9s2w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:f5:c1:92:70:9f:cb:5b:9a:2f:cf:c4:eb:d4:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d7856c97beb97c2b386fb958c2db122c57db36c
Validity
Not Before: Nov 11 10:01:26 2025 GMT
Not After : Nov 12 10:01:26 2025 GMT
Subject: CN=e898bcde831231237342238619106d0c83ba5310
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:4e:d3:b6:fe:c5:6a:cf:a4:38:95:a4:e8:41:
a0:f3:52:60:9d:36:4c:39:98:43:cf:aa:50:ac:17:
be:f2:9e:e5:fd:b2:cf:df:d1:e4:74:14:79:1d:e6:
ce:43:25:91:7d:68:80:2e:64:00:92:30:d4:12:19:
ff:4a:a7:71:ba:ac:44:74:c1:18:90:54:d1:5f:57:
bb:f9:fa:75:c0:28:e7:de:8a:fe:e8:c3:fd:29:dc:
e3:7f:4d:92:29:ec:0a:c3:59:fd:74:79:99:98:e7:
6a:09:da:dd:ba:2f:9c:36:96:10:ad:82:32:36:5f:
bd:17:05:fc:48:1a:6f:0d:3b:ab:19:81:1a:21:7e:
79:0e:2f:1c:bf:d8:15:cc:cb:0c:15:4f:67:6c:69:
3f:e3:3c:b0:8a:63:d5:1f:a4:46:37:f3:5a:16:18:
3e:91:c0:3f:9a:72:d6:4b:47:8a:a8:be:04:db:d3:
00:6a:80:ac:91:51:37:8a:fe:9e:f5:22:97:36:11:
a4:4d:6d:ac:aa:fa:a0:ee:42:24:a2:78:e4:5b:ea:
b0:2f:ef:47:8b:1f:4f:9b:14:9f:b2:e1:f5:2a:75:
cc:39:30:20:67:77:ba:8d:cc:4e:e0:21:b0:e6:6f:
57:85:8e:47:44:e1:a6:f0:75:e5:1d:85:93:1e:87:
f2:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:98:BC:DE:83:12:31:23:73:42:23:86:19:10:6D:0C:83:BA:53:10
X509v3 Authority Key Identifier:
keyid:7D:78:56:C9:7B:EB:97:C2:B3:86:FB:95:8C:2D:B1:22:C5:7D:B3:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fXhWyXvrl8KzhvuVjC2xIsV9s2w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c03d37-4efc-4c3c-8281-3c738544482e/1/fXhWyXvrl8KzhvuVjC2xIsV9s2w.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c03d37-4efc-4c3c-8281-3c738544482e/1/fXhWyXvrl8KzhvuVjC2xIsV9s2w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
47:ea:7b:f1:f6:bc:d4:13:6f:66:7e:89:ff:25:db:d3:b0:17:
03:33:84:ab:df:5a:90:7a:fd:f1:b5:9f:b9:96:35:4f:c7:66:
d0:fe:99:58:44:79:21:43:86:41:91:18:ae:c1:63:19:53:32:
2c:de:41:46:3a:42:dc:2a:64:aa:a1:60:76:a6:46:9b:6b:7f:
37:fc:c5:e1:e4:2e:fb:d5:90:74:1f:d2:64:56:6c:d0:af:aa:
09:ac:2d:e6:cb:c7:0f:0f:ee:32:ce:73:78:82:5c:ca:f9:d6:
9b:34:d0:b1:48:12:cf:23:cb:ca:2f:ac:85:19:c8:c7:d9:4a:
28:a5:e1:e6:f3:b8:bf:dc:b3:97:6a:cf:f9:d9:53:d0:19:73:
12:49:61:50:47:59:08:7c:7d:08:2c:f9:88:e0:8b:32:d4:2f:
86:9c:e9:15:b8:21:48:93:2f:5a:0a:61:6d:79:fc:aa:05:f2:
45:b4:96:6e:87:dc:ad:fa:ec:63:f5:89:fe:ad:e5:bc:ac:2a:
e9:ad:17:db:6b:42:53:98:89:f0:40:9c:67:74:b2:4d:4c:07:
41:c8:04:13:70:83:4e:2e:ad:2f:f5:07:30:b1:ad:d9:f5:ae:
e3:0d:be:be:1b:e8:f0:d1:4b:ec:aa:a5:24:01:ea:a0:a4:0c:
b8:0f:89:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXPXBknCfy1uaL8/E69TYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNzg1NmM5N2JlYjk3YzJiMzg2ZmI5NThjMmRiMTIyYzU3
ZGIzNmMwHhcNMjUxMTExMTAwMTI2WhcNMjUxMTEyMTAwMTI2WjAzMTEwLwYDVQQD
EyhlODk4YmNkZTgzMTIzMTIzNzM0MjIzODYxOTEwNmQwYzgzYmE1MzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmk7Ttv7Fas+kOJWk6EGg81JgnTZM
OZhDz6pQrBe+8p7l/bLP39HkdBR5HebOQyWRfWiALmQAkjDUEhn/SqdxuqxEdMEY
kFTRX1e7+fp1wCjn3or+6MP9Kdzjf02SKewKw1n9dHmZmOdqCdrdui+cNpYQrYIy
Nl+9FwX8SBpvDTurGYEaIX55Di8cv9gVzMsMFU9nbGk/4zywimPVH6RGN/NaFhg+
kcA/mnLWS0eKqL4E29MAaoCskVE3iv6e9SKXNhGkTW2sqvqg7kIkonjkW+qwL+9H
ix9PmxSfsuH1KnXMOTAgZ3e6jcxO4CGw5m9XhY5HROGm8HXlHYWTHofyAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOiYvN6DEjEjc0IjhhkQbQyDulMQMB8GA1UdIwQY
MBaAFH14Vsl765fCs4b7lYwtsSLFfbNsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlhoV3lYdnJsOEt6aHZ1VmpDMnhJc1Y5czJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jMDNkMzctNGVmYy00YzNjLTgyODEt
M2M3Mzg1NDQ0ODJlLzEvZlhoV3lYdnJsOEt6aHZ1VmpDMnhJc1Y5czJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9jMDNkMzctNGVmYy00YzNjLTgyODEtM2M3Mzg1NDQ0ODJl
LzEvZlhoV3lYdnJsOEt6aHZ1VmpDMnhJc1Y5czJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR+p78fa8
1BNvZn6J/yXb07AXAzOEq99akHr98bWfuZY1T8dm0P6ZWER5IUOGQZEYrsFjGVMy
LN5BRjpC3CpkqqFgdqZGm2t/N/zF4eQu+9WQdB/SZFZs0K+qCawt5svHDw/uMs5z
eIJcyvnWmzTQsUgSzyPLyi+shRnIx9lKKKXh5vO4v9yzl2rP+dlT0BlzEklhUEdZ
CHx9CCz5iOCLMtQvhpzpFbghSJMvWgphbXn8qgXyRbSWbofcrfrsY/WJ/q3lvKwq
6a0X22tCU5iJ8ECcZ3SyTUwHQcgEE3CDTi6tL/UHMLGt2fWu4w2+vhvo8NFL7Kql
JAHqoKQMuA+JgA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 17:17:12 2025 by rpki-client