Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/d71ef8-4b98-400a-89ee-c61bf7749df5/1/XEXOsYsUpzcoK3WvC6Fs_9emq64.mft
File: XEXOsYsUpzcoK3WvC6Fs_9emq64.mft (raw, json)
Hash identifier: L/3JcMcs+IJW/f/KJXdfelXxrW/1H+ndS/R1oprIdug=
Subject key identifier: BA:80:D7:1E:54:75:67:0C:64:DD:43:4E:16:36:07:89:22:21:DF:73
Authority key identifier: 5C:45:CE:B1:8B:14:A7:37:28:2B:75:AF:0B:A1:6C:FF:D7:A6:AB:AE
Certificate issuer: /CN=5c45ceb18b14a737282b75af0ba16cffd7a6abae
Certificate serial: 019A73388A3AA42F59B779802FB8C8646E83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XEXOsYsUpzcoK3WvC6Fs_9emq64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/d71ef8-4b98-400a-89ee-c61bf7749df5/1/XEXOsYsUpzcoK3WvC6Fs_9emq64.mft
Manifest number: 0DB7
Signing time: Tue 11 Nov 2025 14:01:16 +0000
Manifest this update: Tue 11 Nov 2025 14:01:16 +0000
Manifest next update: Wed 12 Nov 2025 14:01:16 +0000
Files and hashes: 1: E83frRAKntD4nIpmLLlDFnDmwrE.roa (hash: no2xUk2K6bJpEcjtJeTqAFy6TGnwm5W/7draqh+RfBA=)
2: XEXOsYsUpzcoK3WvC6Fs_9emq64.crl (hash: Q0mEDKd1mec0zM1UGXBcQS7EoHwdBMHFz/BngulEruU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/d71ef8-4b98-400a-89ee-c61bf7749df5/1/XEXOsYsUpzcoK3WvC6Fs_9emq64.crl
rsync://rpki.ripe.net/repository/DEFAULT/3e/d71ef8-4b98-400a-89ee-c61bf7749df5/1/XEXOsYsUpzcoK3WvC6Fs_9emq64.mft
rsync://rpki.ripe.net/repository/DEFAULT/XEXOsYsUpzcoK3WvC6Fs_9emq64.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:38:8a:3a:a4:2f:59:b7:79:80:2f:b8:c8:64:6e:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c45ceb18b14a737282b75af0ba16cffd7a6abae
Validity
Not Before: Nov 11 14:01:16 2025 GMT
Not After : Nov 12 14:01:16 2025 GMT
Subject: CN=ba80d71e5475670c64dd434e163607892221df73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:0b:f9:d1:ed:dc:2c:58:ff:0f:f4:44:b8:3a:
d4:d6:74:6a:9b:01:59:62:7c:95:b6:2d:f4:82:17:
55:b0:2b:d4:ae:14:9e:5d:53:81:68:df:bf:02:b3:
b6:fc:f0:a7:33:c2:b9:5b:f9:f5:59:5a:c6:5f:51:
c1:11:b4:b5:ec:26:2b:94:ae:8d:74:23:72:25:2b:
91:cf:3d:20:a9:7b:4f:3f:cc:6b:0c:a9:aa:0b:f6:
3b:c3:37:4f:1b:43:f8:d4:ad:b2:8b:47:f5:c5:2a:
67:cc:14:00:38:2b:2c:4f:27:4b:1f:60:bd:16:b0:
31:d2:a8:9c:d8:1d:c9:f2:c2:26:3a:ad:4f:ad:a3:
e7:c6:77:11:f6:5a:7f:df:10:90:af:cb:3c:cf:2a:
1d:10:e3:dc:d6:62:46:4f:0d:f4:95:33:4a:eb:05:
b2:8b:1f:67:92:ea:66:8b:1c:8e:de:f5:77:00:93:
74:e6:81:be:d6:ea:ba:33:54:3c:ff:ff:70:60:78:
80:5e:23:62:18:1f:30:b2:da:fd:a8:a5:34:3c:b5:
43:ed:db:39:39:b0:b4:6e:4f:d5:18:e6:47:e0:60:
3e:d6:e8:3e:1f:de:b5:fd:14:67:88:aa:61:e3:79:
34:76:14:20:65:eb:9a:ae:80:d5:1e:08:62:10:4a:
1d:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:80:D7:1E:54:75:67:0C:64:DD:43:4E:16:36:07:89:22:21:DF:73
X509v3 Authority Key Identifier:
keyid:5C:45:CE:B1:8B:14:A7:37:28:2B:75:AF:0B:A1:6C:FF:D7:A6:AB:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XEXOsYsUpzcoK3WvC6Fs_9emq64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/d71ef8-4b98-400a-89ee-c61bf7749df5/1/XEXOsYsUpzcoK3WvC6Fs_9emq64.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/d71ef8-4b98-400a-89ee-c61bf7749df5/1/XEXOsYsUpzcoK3WvC6Fs_9emq64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
44:12:51:57:22:fb:6a:84:81:bc:63:7f:b0:1c:7b:fd:20:ba:
eb:4f:d3:b5:cb:fc:85:05:15:8e:ad:43:89:5c:de:6a:24:ea:
34:b3:5f:04:6c:f8:03:b7:cc:f4:42:0c:d0:5b:bc:cf:94:6e:
62:f9:a4:d9:3c:94:4f:e5:8c:0f:f3:fd:ca:7d:d9:f8:2d:c8:
a9:48:66:4f:b8:b0:c6:ce:79:b0:a3:40:8f:e2:5b:19:e7:b8:
9e:57:72:9f:6d:4a:ef:8a:86:be:f7:22:86:2f:4f:d4:a6:23:
c3:3e:e2:fe:22:47:8e:d5:92:70:0e:64:5d:a6:7f:e2:f6:2b:
78:dd:d4:29:1b:8e:0c:cb:f7:ea:fa:f2:59:2a:5d:5b:50:9f:
36:54:42:64:68:32:ea:56:c4:cd:61:3c:e8:a3:fc:e8:1b:6d:
ce:45:da:a0:b6:4e:02:1b:7f:e6:70:9c:96:34:08:ff:dd:a2:
78:4e:cf:c5:12:75:b1:ed:e4:e4:ce:70:0a:ae:f1:3c:a3:fe:
ce:94:9e:0f:6e:8f:56:a9:66:2b:64:26:6a:df:73:37:c2:a2:
59:0a:3b:64:50:0f:93:2d:ff:67:f3:f5:00:6c:02:91:90:c5:
38:66:7d:39:d7:0d:54:8c:6e:6a:9c:af:a9:cb:f6:2e:ca:5e:
2b:a9:f5:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzOIo6pC9Zt3mAL7jIZG6DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNDVjZWIxOGIxNGE3MzcyODJiNzVhZjBiYTE2Y2ZmZDdh
NmFiYWUwHhcNMjUxMTExMTQwMTE2WhcNMjUxMTEyMTQwMTE2WjAzMTEwLwYDVQQD
EyhiYTgwZDcxZTU0NzU2NzBjNjRkZDQzNGUxNjM2MDc4OTIyMjFkZjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAv50e3cLFj/D/REuDrU1nRqmwFZ
YnyVti30ghdVsCvUrhSeXVOBaN+/ArO2/PCnM8K5W/n1WVrGX1HBEbS17CYrlK6N
dCNyJSuRzz0gqXtPP8xrDKmqC/Y7wzdPG0P41K2yi0f1xSpnzBQAOCssTydLH2C9
FrAx0qic2B3J8sImOq1PraPnxncR9lp/3xCQr8s8zyodEOPc1mJGTw30lTNK6wWy
ix9nkupmixyO3vV3AJN05oG+1uq6M1Q8//9wYHiAXiNiGB8wstr9qKU0PLVD7ds5
ObC0bk/VGOZH4GA+1ug+H961/RRniKph43k0dhQgZeuaroDVHghiEEodaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLqA1x5UdWcMZN1DThY2B4kiId9zMB8GA1UdIwQY
MBaAFFxFzrGLFKc3KCt1rwuhbP/XpquuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEVYT3NZc1VwemNvSzNXdkM2RnNfOWVtcTY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9kNzFlZjgtNGI5OC00MDBhLTg5ZWUt
YzYxYmY3NzQ5ZGY1LzEvWEVYT3NZc1VwemNvSzNXdkM2RnNfOWVtcTY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9kNzFlZjgtNGI5OC00MDBhLTg5ZWUtYzYxYmY3NzQ5ZGY1
LzEvWEVYT3NZc1VwemNvSzNXdkM2RnNfOWVtcTY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARBJRVyL7
aoSBvGN/sBx7/SC660/Ttcv8hQUVjq1DiVzeaiTqNLNfBGz4A7fM9EIM0Fu8z5Ru
Yvmk2TyUT+WMD/P9yn3Z+C3IqUhmT7iwxs55sKNAj+JbGee4nldyn21K74qGvvci
hi9P1KYjwz7i/iJHjtWScA5kXaZ/4vYreN3UKRuODMv36vryWSpdW1CfNlRCZGgy
6lbEzWE86KP86BttzkXaoLZOAht/5nCcljQI/92ieE7PxRJ1se3k5M5wCq7xPKP+
zpSeD26PVqlmK2Qmat9zN8KiWQo7ZFAPky3/Z/P1AGwCkZDFOGZ9OdcNVIxuapyv
qcv2LspeK6n1Kg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:35:51 2025 by rpki-client