Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft
File: xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft (raw, json)
Hash identifier: RbkwrRTwEMtYWScP8MlP6OWm1Yxsl3diP6raEMAtqXY=
Subject key identifier: 99:03:85:4D:96:C3:38:68:E8:F0:CC:F5:76:ED:D5:0E:E5:E6:BB:70
Authority key identifier: C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB
Certificate issuer: /CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb
Certificate serial: 019A8AD43979C48CC1631AF1D75C4DA7519A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft
Manifest number: 16BF
Signing time: Sun 16 Nov 2025 04:02:35 +0000
Manifest this update: Sun 16 Nov 2025 04:02:35 +0000
Manifest next update: Mon 17 Nov 2025 04:02:35 +0000
Files and hashes: 1: kFAWzJxAiMhkm4NOvHOiD5PY66g.roa (hash: QJZEuzHLkJsVvRtJ8dcL8i0clH/1NRZmPUpPgEFazCw=)
2: xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl (hash: z/upGEjr5IKU0BArAJlZtrUob21FOPETImsWCqGCE3c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft
rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Nov 2025 04:02:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:8a:d4:39:79:c4:8c:c1:63:1a:f1:d7:5c:4d:a7:51:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb
Validity
Not Before: Nov 16 04:02:35 2025 GMT
Not After : Nov 17 04:02:35 2025 GMT
Subject: CN=9903854d96c33868e8f0ccf576edd50ee5e6bb70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:2a:fe:a9:4d:eb:73:e6:9b:10:a6:cd:8c:8e:
84:47:6b:ab:1b:f2:37:7a:aa:b1:e5:c2:d7:ff:ac:
d4:7b:2b:5d:77:b3:66:a9:cf:45:a3:87:70:08:78:
ab:43:1c:b1:bd:6b:68:c1:fe:cd:d5:06:ae:b3:fb:
50:5c:3c:0f:54:c9:38:cd:14:f3:57:dc:74:00:e9:
3e:e8:50:14:aa:e8:91:b3:1c:37:f5:5d:71:d5:58:
6f:a5:56:92:cd:30:5d:36:b0:5a:16:c1:10:b2:e6:
b9:6a:a8:ba:ff:86:37:90:8c:7b:f4:1d:88:19:9e:
c4:ec:8f:9d:ef:42:54:de:af:66:7a:47:78:3c:e1:
89:12:47:ae:30:77:e0:5a:67:d5:27:64:5a:00:0d:
0b:e7:5c:20:9a:f0:5b:a4:4f:50:fb:89:44:8a:c6:
ca:68:be:ed:c0:16:4b:23:f4:0d:c7:65:af:ab:b8:
af:3b:f3:3b:50:9d:69:8e:fa:b2:17:e8:9e:97:57:
57:cc:37:95:71:2c:03:8b:d4:80:7b:a7:d5:c7:07:
a0:ef:99:76:d3:2a:41:bb:e8:8a:96:0f:43:21:7d:
e0:12:2a:77:1c:94:73:69:82:6a:0e:7b:a4:ae:c0:
35:cf:99:79:c7:56:0c:ab:84:8e:77:8b:8a:26:0d:
30:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:03:85:4D:96:C3:38:68:E8:F0:CC:F5:76:ED:D5:0E:E5:E6:BB:70
X509v3 Authority Key Identifier:
keyid:C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
95:57:23:d2:a7:05:8a:7d:bb:51:2a:84:91:63:c2:60:b3:36:
38:6c:ee:63:e5:45:ea:a6:ce:0d:6f:3c:86:26:96:a4:32:d2:
58:71:ec:cc:99:a8:eb:77:f7:d2:f0:c3:55:c5:a1:a9:31:39:
8c:3a:c0:92:e4:a6:98:48:f8:67:cd:c9:7e:26:c1:c3:12:3d:
31:2c:b8:42:65:83:6a:1f:72:7d:05:41:22:ae:9d:a4:b2:2c:
9f:b7:72:96:20:8f:6d:c1:e3:3f:58:06:fb:f9:b3:73:5f:52:
83:44:03:30:cb:f8:b7:b7:d5:d1:9c:9a:ed:78:e8:15:b6:22:
e9:b5:b4:2c:58:4f:41:66:16:94:ef:8f:c0:c9:84:27:fd:54:
c0:4a:15:2d:93:fd:b1:d3:32:92:35:6f:bd:9e:37:9d:2d:16:
c9:d7:13:74:fe:8c:92:ce:64:30:6d:61:56:9c:37:fa:1c:0d:
91:8a:7c:35:ae:15:3a:63:e1:a5:aa:5b:83:74:9e:6e:ea:6c:
b4:f2:62:28:3c:e3:d0:be:d4:8f:ce:c6:78:78:2c:c7:38:8f:
22:8c:ed:b7:46:9d:e2:0a:6a:43:16:0e:48:ab:bb:c5:93:95:
7b:ea:be:a1:ed:bd:7c:bf:87:36:50:4a:55:ff:f9:df:d9:42:
1b:80:56:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZqK1Dl5xIzBYxrx11xNp1GaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YTAxOWNiNTRkNzAwYTFiMWM1MGU4ZjkwZWJlZTJhNWVl
YTU3YmIwHhcNMjUxMTE2MDQwMjM1WhcNMjUxMTE3MDQwMjM1WjAzMTEwLwYDVQQD
Eyg5OTAzODU0ZDk2YzMzODY4ZThmMGNjZjU3NmVkZDUwZWU1ZTZiYjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Sr+qU3rc+abEKbNjI6ER2urG/I3
eqqx5cLX/6zUeytdd7Nmqc9Fo4dwCHirQxyxvWtowf7N1Qaus/tQXDwPVMk4zRTz
V9x0AOk+6FAUquiRsxw39V1x1VhvpVaSzTBdNrBaFsEQsua5aqi6/4Y3kIx79B2I
GZ7E7I+d70JU3q9mekd4POGJEkeuMHfgWmfVJ2RaAA0L51wgmvBbpE9Q+4lEisbK
aL7twBZLI/QNx2Wvq7ivO/M7UJ1pjvqyF+iel1dXzDeVcSwDi9SAe6fVxweg75l2
0ypBu+iKlg9DIX3gEip3HJRzaYJqDnukrsA1z5l5x1YMq4SOd4uKJg0wywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJkDhU2Wwzho6PDM9Xbt1Q7l5rtwMB8GA1UdIwQY
MBaAFMWgGctU1wChscUOj5Dr7ipe6le7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQt
MzFhM2VjZjFiZGI2LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQtMzFhM2VjZjFiZGI2
LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlVcj0qcF
in27USqEkWPCYLM2OGzuY+VF6qbODW88hiaWpDLSWHHszJmo63f30vDDVcWhqTE5
jDrAkuSmmEj4Z83JfibBwxI9MSy4QmWDah9yfQVBIq6dpLIsn7dyliCPbcHjP1gG
+/mzc19Sg0QDMMv4t7fV0Zya7XjoFbYi6bW0LFhPQWYWlO+PwMmEJ/1UwEoVLZP9
sdMykjVvvZ43nS0WydcTdP6Mks5kMG1hVpw3+hwNkYp8Na4VOmPhpapbg3Sebups
tPJiKDzj0L7Uj87GeHgsxziPIoztt0ad4gpqQxYOSKu7xZOVe+q+oe29fL+HNlBK
Vf/539lCG4BWvg==
-----END CERTIFICATE-----
Generated at Sun Nov 16 11:23:22 2025 by rpki-client