Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/82c4e6-0ab8-4f46-aed1-a4c3a85f3f0a/1/XiZD7Cn4sE-DjW5dxQacEGTFvSU.mft
File: XiZD7Cn4sE-DjW5dxQacEGTFvSU.mft (raw, json)
Hash identifier: pN+3TvSY3TmF52ecJLx8xpSYYNqyM9zI8YiCags4Nw0=
Subject key identifier: 53:1F:F4:39:37:31:53:62:83:84:A9:37:8C:7D:C0:D8:C1:29:A4:46
Authority key identifier: 5E:26:43:EC:29:F8:B0:4F:83:8D:6E:5D:C5:06:9C:10:64:C5:BD:25
Certificate issuer: /CN=5e2643ec29f8b04f838d6e5dc5069c1064c5bd25
Certificate serial: 019A7226320D1657A26F43169583721A225C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XiZD7Cn4sE-DjW5dxQacEGTFvSU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/82c4e6-0ab8-4f46-aed1-a4c3a85f3f0a/1/XiZD7Cn4sE-DjW5dxQacEGTFvSU.mft
Manifest number: 171D
Signing time: Tue 11 Nov 2025 09:01:36 +0000
Manifest this update: Tue 11 Nov 2025 09:01:36 +0000
Manifest next update: Wed 12 Nov 2025 09:01:36 +0000
Files and hashes: 1: XiZD7Cn4sE-DjW5dxQacEGTFvSU.crl (hash: Zij1ZIMUMc6LOjmbgKEgrnzzTttjp/vP5rlkrxKmREU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/82c4e6-0ab8-4f46-aed1-a4c3a85f3f0a/1/XiZD7Cn4sE-DjW5dxQacEGTFvSU.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/82c4e6-0ab8-4f46-aed1-a4c3a85f3f0a/1/XiZD7Cn4sE-DjW5dxQacEGTFvSU.mft
rsync://rpki.ripe.net/repository/DEFAULT/XiZD7Cn4sE-DjW5dxQacEGTFvSU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:32:0d:16:57:a2:6f:43:16:95:83:72:1a:22:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e2643ec29f8b04f838d6e5dc5069c1064c5bd25
Validity
Not Before: Nov 11 09:01:36 2025 GMT
Not After : Nov 12 09:01:36 2025 GMT
Subject: CN=531ff439373153628384a9378c7dc0d8c129a446
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:77:75:a2:de:52:d3:df:e8:5d:6b:ab:a7:93:
92:a8:6f:b3:d4:e2:71:3d:17:d4:6b:d3:21:a3:66:
e5:3b:eb:f1:19:b0:39:2d:4c:70:59:8d:bd:b4:d5:
e3:2e:33:5b:86:6a:86:4b:7b:2a:36:ae:6e:a3:98:
12:92:f5:36:aa:d8:03:e9:0c:88:5d:d0:8c:89:bb:
90:e3:5d:b5:26:f7:e9:f1:bc:65:48:2d:99:55:c1:
d3:cb:93:ce:5c:f5:78:ad:b9:cc:b8:10:60:77:3e:
a3:e7:d0:8f:fc:45:e8:76:1f:aa:b3:7d:78:24:89:
84:3c:f2:88:49:4a:0d:12:41:b5:a1:34:e2:d3:03:
9b:f1:f5:12:33:d8:de:ec:5a:b0:e7:e8:2a:60:d3:
bc:1f:f9:33:9c:b3:5e:f3:38:bf:49:25:49:5e:b1:
36:e1:ea:a1:c9:c6:1d:c9:8e:0f:2b:7e:b4:3a:9e:
ad:fe:3a:87:f3:5a:02:af:ba:02:42:5b:b3:aa:a6:
24:09:8b:d5:7c:16:54:c9:3c:b2:2f:07:12:d2:2f:
d2:c9:82:66:b0:85:55:09:bd:d7:a2:04:3d:08:94:
7e:a8:2c:cf:f4:b8:47:6a:da:34:cb:cf:08:54:c3:
9a:c6:2e:33:a1:c4:6a:67:16:db:49:b6:a5:53:59:
65:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:1F:F4:39:37:31:53:62:83:84:A9:37:8C:7D:C0:D8:C1:29:A4:46
X509v3 Authority Key Identifier:
keyid:5E:26:43:EC:29:F8:B0:4F:83:8D:6E:5D:C5:06:9C:10:64:C5:BD:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XiZD7Cn4sE-DjW5dxQacEGTFvSU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/82c4e6-0ab8-4f46-aed1-a4c3a85f3f0a/1/XiZD7Cn4sE-DjW5dxQacEGTFvSU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/82c4e6-0ab8-4f46-aed1-a4c3a85f3f0a/1/XiZD7Cn4sE-DjW5dxQacEGTFvSU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1c:68:1a:dc:ec:d5:29:2b:5b:7c:25:76:9c:71:5c:f2:f1:3c:
b1:db:6f:77:67:b4:26:26:5f:07:5c:ea:aa:4f:4b:95:dd:fd:
51:ca:ac:0f:3b:70:96:17:ea:9c:ae:09:b9:43:47:ef:13:d9:
28:15:80:f8:59:e7:c4:12:29:83:38:1c:53:2c:41:e1:d8:ad:
fa:a6:fe:ec:c6:44:c4:ea:13:0b:16:d3:54:07:19:68:ce:f8:
f7:ab:11:89:a7:68:f0:8e:4d:8c:f4:1d:2d:b7:0a:b4:88:89:
74:30:4b:56:c6:3b:25:42:b6:c8:7a:54:7e:2c:4e:4a:34:e4:
35:13:62:b4:4c:2a:3f:7c:e0:75:9a:ca:15:38:7e:7b:41:c2:
5f:6c:14:20:59:47:bb:86:e1:c4:b8:09:08:46:76:be:51:0d:
a5:52:be:da:04:27:7f:5f:2b:5d:75:f6:47:23:77:45:43:71:
58:a4:a5:69:b5:dd:1c:d6:62:b1:36:3b:e2:d1:23:c7:95:5c:
c5:69:de:e2:26:8c:08:8c:b5:11:5f:84:99:9a:0a:31:51:48:
2e:db:f7:89:22:1a:2b:15:21:87:0d:ad:56:cf:84:c3:65:57:
be:63:4b:ec:bd:53:83:c9:a1:e3:20:72:03:72:d1:b9:71:1c:
29:22:73:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJjINFleib0MWlYNyGiJcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMjY0M2VjMjlmOGIwNGY4MzhkNmU1ZGM1MDY5YzEwNjRj
NWJkMjUwHhcNMjUxMTExMDkwMTM2WhcNMjUxMTEyMDkwMTM2WjAzMTEwLwYDVQQD
Eyg1MzFmZjQzOTM3MzE1MzYyODM4NGE5Mzc4YzdkYzBkOGMxMjlhNDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXd1ot5S09/oXWurp5OSqG+z1OJx
PRfUa9Mho2blO+vxGbA5LUxwWY29tNXjLjNbhmqGS3sqNq5uo5gSkvU2qtgD6QyI
XdCMibuQ4121Jvfp8bxlSC2ZVcHTy5POXPV4rbnMuBBgdz6j59CP/EXodh+qs314
JImEPPKISUoNEkG1oTTi0wOb8fUSM9je7Fqw5+gqYNO8H/kznLNe8zi/SSVJXrE2
4eqhycYdyY4PK360Op6t/jqH81oCr7oCQluzqqYkCYvVfBZUyTyyLwcS0i/SyYJm
sIVVCb3XogQ9CJR+qCzP9LhHato0y88IVMOaxi4zocRqZxbbSbalU1llkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFMf9Dk3MVNig4SpN4x9wNjBKaRGMB8GA1UdIwQY
MBaAFF4mQ+wp+LBPg41uXcUGnBBkxb0lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGlaRDdDbjRzRS1Ealc1ZHhRYWNFR1RGdlNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC84MmM0ZTYtMGFiOC00ZjQ2LWFlZDEt
YTRjM2E4NWYzZjBhLzEvWGlaRDdDbjRzRS1Ealc1ZHhRYWNFR1RGdlNVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC84MmM0ZTYtMGFiOC00ZjQ2LWFlZDEtYTRjM2E4NWYzZjBh
LzEvWGlaRDdDbjRzRS1Ealc1ZHhRYWNFR1RGdlNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHGga3OzV
KStbfCV2nHFc8vE8sdtvd2e0JiZfB1zqqk9Lld39UcqsDztwlhfqnK4JuUNH7xPZ
KBWA+FnnxBIpgzgcUyxB4dit+qb+7MZExOoTCxbTVAcZaM7496sRiado8I5NjPQd
LbcKtIiJdDBLVsY7JUK2yHpUfixOSjTkNRNitEwqP3zgdZrKFTh+e0HCX2wUIFlH
u4bhxLgJCEZ2vlENpVK+2gQnf18rXXX2RyN3RUNxWKSlabXdHNZisTY74tEjx5Vc
xWne4iaMCIy1EV+EmZoKMVFILtv3iSIaKxUhhw2tVs+Ew2VXvmNL7L1Tg8mh4yBy
A3LRuXEcKSJz7w==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:32:38 2025 by rpki-client