Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.mft
File: XeYTaCVSAQKY86aUoA18WQYGC5U.mft (raw, json)
Hash identifier: lsLWQJRq7RcmTn5NPqFPkV29bOFCBbVddj2/zPebVBM=
Subject key identifier: ED:5B:EC:B9:09:9A:96:AD:C0:68:F4:05:41:44:83:09:B7:AF:77:42
Authority key identifier: 5D:E6:13:68:25:52:01:02:98:F3:A6:94:A0:0D:7C:59:06:06:0B:95
Certificate issuer: /CN=5de613682552010298f3a694a00d7c5906060b95
Certificate serial: 019A725CA0BD35C4EA7D3A084E9CA8FF5443
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XeYTaCVSAQKY86aUoA18WQYGC5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.mft
Manifest number: 1722
Signing time: Tue 11 Nov 2025 10:01:04 +0000
Manifest this update: Tue 11 Nov 2025 10:01:04 +0000
Manifest next update: Wed 12 Nov 2025 10:01:04 +0000
Files and hashes: 1: XeYTaCVSAQKY86aUoA18WQYGC5U.crl (hash: E3kZ591X535pUl0EKWgboKKUkraMwfF6JGw8aLzpf40=)
2: auYlcZnEp-yqavQsok9_TPLHAq0.roa (hash: kbe3quRrlIxTjuDhfKrAisNkV8HOTBuxWR/raJshlU4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.mft
rsync://rpki.ripe.net/repository/DEFAULT/XeYTaCVSAQKY86aUoA18WQYGC5U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:a0:bd:35:c4:ea:7d:3a:08:4e:9c:a8:ff:54:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5de613682552010298f3a694a00d7c5906060b95
Validity
Not Before: Nov 11 10:01:04 2025 GMT
Not After : Nov 12 10:01:04 2025 GMT
Subject: CN=ed5becb9099a96adc068f40541448309b7af7742
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b7:fc:69:29:e8:f2:60:59:95:30:4e:ac:36:
d6:fe:f5:5b:9d:3f:1e:44:ac:f0:2f:2e:30:47:01:
e0:52:a3:1c:71:21:d5:13:ac:b0:64:dd:17:6f:23:
26:6f:8c:63:0c:a4:5d:1a:85:c7:c5:0c:b3:24:f3:
72:09:63:5b:05:f1:8a:fe:e7:80:1c:ec:03:f5:7f:
01:f5:90:78:1a:41:0b:ab:2b:71:cd:fd:2c:3d:95:
08:e0:cd:d1:ee:c5:8d:e9:bb:e3:06:ef:8f:70:9f:
38:1a:6c:47:a7:aa:b8:b0:e9:b7:a5:7b:ae:e8:05:
91:a6:c1:9e:f3:48:fe:bf:8e:30:ad:37:7e:89:ed:
3a:df:02:72:d4:dc:ba:fb:eb:fc:65:a8:24:e9:a9:
b3:94:31:dd:e1:2b:0b:ab:61:9e:de:d7:34:17:b1:
cc:d5:b4:78:87:87:c8:d9:cf:2c:a1:8e:ae:9e:65:
1b:de:fe:9b:1d:ac:55:e6:48:bc:60:69:f9:e1:4f:
79:20:fa:bd:8f:a8:08:be:c7:36:0a:0c:00:e3:5d:
82:8a:88:c6:56:44:bd:62:39:36:5a:7e:8d:d0:ec:
85:42:34:2f:0c:94:fa:de:51:cb:e0:45:a1:15:d8:
96:6c:3c:f5:80:cd:ad:05:aa:dc:6d:75:23:d3:28:
4c:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:5B:EC:B9:09:9A:96:AD:C0:68:F4:05:41:44:83:09:B7:AF:77:42
X509v3 Authority Key Identifier:
keyid:5D:E6:13:68:25:52:01:02:98:F3:A6:94:A0:0D:7C:59:06:06:0B:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XeYTaCVSAQKY86aUoA18WQYGC5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
98:d0:c7:6c:af:48:60:cd:af:bd:7c:65:5e:2e:90:33:80:37:
0d:9c:5a:d6:f3:e8:ec:5e:62:3d:30:fc:48:62:16:1b:7f:2e:
1d:68:69:28:57:88:df:dc:44:08:d8:b4:10:8c:b4:d0:a9:5d:
eb:62:b8:c3:bb:b0:5a:76:2d:1a:67:b8:10:e7:d6:e8:7f:25:
ac:07:4d:e8:4a:ae:46:26:04:00:42:b9:11:0b:c2:e6:dc:7c:
c5:b6:48:1e:6d:72:c6:51:e3:2e:e6:e7:37:fc:12:5f:04:ce:
2c:24:83:3b:ee:01:0f:43:a9:5c:09:5f:a8:e7:5a:29:89:86:
8b:cd:31:b1:6e:10:74:c9:db:69:86:10:3c:e3:1e:40:98:f7:
8d:97:ad:74:08:03:43:a6:97:0d:20:28:02:de:09:4e:1b:fc:
55:a1:43:63:bd:7e:65:b2:78:1c:68:74:67:fa:b9:ab:11:45:
53:e0:4d:84:ca:f1:95:2f:d8:03:17:d7:a3:57:a3:e3:9d:0b:
f9:1b:2e:75:69:88:23:8e:9f:87:0d:7d:f7:63:58:27:cb:d9:
6c:ea:29:c5:7f:04:76:09:c5:ba:1c:d2:93:43:53:75:45:91:
37:07:09:fb:2f:26:3d:ad:87:49:48:a9:04:3e:07:d6:a2:25:
a1:71:6f:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXKC9NcTqfToITpyo/1RDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZTYxMzY4MjU1MjAxMDI5OGYzYTY5NGEwMGQ3YzU5MDYw
NjBiOTUwHhcNMjUxMTExMTAwMTA0WhcNMjUxMTEyMTAwMTA0WjAzMTEwLwYDVQQD
EyhlZDViZWNiOTA5OWE5NmFkYzA2OGY0MDU0MTQ0ODMwOWI3YWY3NzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLf8aSno8mBZlTBOrDbW/vVbnT8e
RKzwLy4wRwHgUqMccSHVE6ywZN0XbyMmb4xjDKRdGoXHxQyzJPNyCWNbBfGK/ueA
HOwD9X8B9ZB4GkELqytxzf0sPZUI4M3R7sWN6bvjBu+PcJ84GmxHp6q4sOm3pXuu
6AWRpsGe80j+v44wrTd+ie063wJy1Ny6++v8Zagk6amzlDHd4SsLq2Ge3tc0F7HM
1bR4h4fI2c8soY6unmUb3v6bHaxV5ki8YGn54U95IPq9j6gIvsc2CgwA412CiojG
VkS9Yjk2Wn6N0OyFQjQvDJT63lHL4EWhFdiWbDz1gM2tBarcbXUj0yhMUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO1b7LkJmpatwGj0BUFEgwm3r3dCMB8GA1UdIwQY
MBaAFF3mE2glUgECmPOmlKANfFkGBguVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGVZVGFDVlNBUUtZODZhVW9BMThXUVlHQzVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8wYzIzMjAtYmE5NS00NTMxLThjODEt
MjIyOTVkZjEyYjI3LzEvWGVZVGFDVlNBUUtZODZhVW9BMThXUVlHQzVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8wYzIzMjAtYmE5NS00NTMxLThjODEtMjIyOTVkZjEyYjI3
LzEvWGVZVGFDVlNBUUtZODZhVW9BMThXUVlHQzVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmNDHbK9I
YM2vvXxlXi6QM4A3DZxa1vPo7F5iPTD8SGIWG38uHWhpKFeI39xECNi0EIy00Kld
62K4w7uwWnYtGme4EOfW6H8lrAdN6EquRiYEAEK5EQvC5tx8xbZIHm1yxlHjLubn
N/wSXwTOLCSDO+4BD0OpXAlfqOdaKYmGi80xsW4QdMnbaYYQPOMeQJj3jZetdAgD
Q6aXDSAoAt4JThv8VaFDY71+ZbJ4HGh0Z/q5qxFFU+BNhMrxlS/YAxfXo1ej450L
+RsudWmII46fhw1992NYJ8vZbOopxX8EdgnFuhzSk0NTdUWRNwcJ+y8mPa2HSUip
BD4H1qIloXFvtQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:54:50 2025 by rpki-client