Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/6797a5-5410-4c0d-b9b7-d99b9f48d0dc/1/X8IN7HFLtUY7Fk4VpfihOYolUF0.mft
File: X8IN7HFLtUY7Fk4VpfihOYolUF0.mft (raw, json)
Hash identifier: tbg9QfSMYXd6FYsViT0RwgPzo3v+DxJFNWjuszZEYcI=
Subject key identifier: 8A:59:3F:58:FE:2D:CE:9D:39:7D:1A:44:C3:2B:A0:62:6A:7B:36:7E
Authority key identifier: 5F:C2:0D:EC:71:4B:B5:46:3B:16:4E:15:A5:F8:A1:39:8A:25:50:5D
Certificate issuer: /CN=5fc20dec714bb5463b164e15a5f8a1398a25505d
Certificate serial: 019A7149D94CF96954A8BA288CF90E083810
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X8IN7HFLtUY7Fk4VpfihOYolUF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/6797a5-5410-4c0d-b9b7-d99b9f48d0dc/1/X8IN7HFLtUY7Fk4VpfihOYolUF0.mft
Manifest number: 0417
Signing time: Tue 11 Nov 2025 05:00:56 +0000
Manifest this update: Tue 11 Nov 2025 05:00:56 +0000
Manifest next update: Wed 12 Nov 2025 05:00:56 +0000
Files and hashes: 1: VYOhWlm2y2YZ6EHcFnibmzsOVGY.roa (hash: GJjtJqaW4pHP1Y4i0oHxZvwkAfFAfi2jd3zkxgKT3N8=)
2: X8IN7HFLtUY7Fk4VpfihOYolUF0.crl (hash: vMxuf433hZ4LTIRVVT4/+2/5tPHvvc/ihfOWvkr3xB0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/6797a5-5410-4c0d-b9b7-d99b9f48d0dc/1/X8IN7HFLtUY7Fk4VpfihOYolUF0.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/6797a5-5410-4c0d-b9b7-d99b9f48d0dc/1/X8IN7HFLtUY7Fk4VpfihOYolUF0.mft
rsync://rpki.ripe.net/repository/DEFAULT/X8IN7HFLtUY7Fk4VpfihOYolUF0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:49:d9:4c:f9:69:54:a8:ba:28:8c:f9:0e:08:38:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fc20dec714bb5463b164e15a5f8a1398a25505d
Validity
Not Before: Nov 11 05:00:56 2025 GMT
Not After : Nov 12 05:00:56 2025 GMT
Subject: CN=8a593f58fe2dce9d397d1a44c32ba0626a7b367e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e7:dc:53:90:31:d3:e9:e5:d8:a4:8e:87:f0:
ba:54:06:c3:81:e0:0c:62:9e:7a:34:92:81:03:d7:
9f:80:4b:ec:f5:2f:dc:ae:85:94:84:fe:e2:37:57:
79:fe:1d:50:e6:82:96:be:ce:67:73:f6:ce:4b:e7:
5f:ae:c1:14:4b:b3:30:be:82:14:c5:49:2d:c6:61:
6d:f6:80:44:23:63:da:85:c8:6f:1d:ca:90:45:88:
5c:b7:b9:9d:4d:30:c0:77:cc:c1:f1:56:79:da:b6:
c7:0a:fb:bf:27:67:55:c6:05:d5:51:9b:9c:d5:e3:
ef:18:f5:cd:49:a9:cd:86:8e:ab:46:43:d8:0d:f0:
c6:20:10:81:5b:e5:9c:13:7a:6b:7e:56:c9:9b:17:
21:67:c6:ff:0a:27:9e:47:9a:72:fb:1c:91:25:ee:
be:36:6d:2f:22:5b:06:28:01:cd:72:34:75:e9:14:
01:fb:42:03:bd:01:85:a7:1f:b4:72:46:bb:cd:c0:
93:b7:04:2c:59:d0:b2:0e:d4:c9:82:d4:43:ee:73:
85:7e:13:bd:fe:88:5e:ed:d4:2f:4b:50:a1:95:18:
eb:d5:c4:f0:2e:f3:33:70:77:d4:e8:28:f7:f7:ba:
5a:b3:b3:db:4d:fe:e0:66:1e:55:7b:c6:49:dc:e0:
be:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:59:3F:58:FE:2D:CE:9D:39:7D:1A:44:C3:2B:A0:62:6A:7B:36:7E
X509v3 Authority Key Identifier:
keyid:5F:C2:0D:EC:71:4B:B5:46:3B:16:4E:15:A5:F8:A1:39:8A:25:50:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X8IN7HFLtUY7Fk4VpfihOYolUF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/6797a5-5410-4c0d-b9b7-d99b9f48d0dc/1/X8IN7HFLtUY7Fk4VpfihOYolUF0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/6797a5-5410-4c0d-b9b7-d99b9f48d0dc/1/X8IN7HFLtUY7Fk4VpfihOYolUF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
37:8f:88:55:2f:c0:5a:b5:1a:91:10:93:97:58:88:1c:fd:93:
34:8f:b5:bb:11:d5:fd:29:b2:18:9f:3e:09:fe:44:7c:99:7b:
9c:92:44:76:eb:ba:d6:9e:48:a6:bf:40:56:9b:66:df:b4:d4:
da:e9:3f:48:c2:56:cc:d5:82:b6:fc:6a:80:f7:29:4e:04:1a:
15:6b:a0:98:f5:ac:20:8f:55:24:50:e6:fd:63:90:e5:44:33:
d0:33:43:53:f8:ac:2d:60:a1:88:e4:b2:f5:4f:0e:56:61:63:
9a:64:71:de:97:78:b1:9f:29:ec:c0:1b:cc:26:bd:b5:5e:b8:
cd:dd:87:88:3f:df:99:89:6e:c4:bd:e7:3f:1b:60:9f:48:28:
7d:f2:69:c2:e7:97:63:f5:26:7b:66:83:d8:99:92:96:69:e3:
94:51:93:be:84:18:30:81:ac:5f:90:20:5b:39:0a:66:87:1e:
52:d7:a2:13:20:c6:ad:f6:82:ae:00:61:97:16:a8:81:f8:dd:
5d:f7:c3:e9:8f:52:db:4a:5a:74:8c:36:b5:1d:ef:12:b2:d4:
7d:6e:34:1c:38:da:f7:4c:0b:d6:72:89:71:14:1c:6b:bc:64:
2a:6e:46:99:56:26:6a:6e:86:5a:c8:54:0d:72:a9:07:28:86:
37:9d:28:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSdlM+WlUqLoojPkOCDgQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYzIwZGVjNzE0YmI1NDYzYjE2NGUxNWE1ZjhhMTM5OGEy
NTUwNWQwHhcNMjUxMTExMDUwMDU2WhcNMjUxMTEyMDUwMDU2WjAzMTEwLwYDVQQD
Eyg4YTU5M2Y1OGZlMmRjZTlkMzk3ZDFhNDRjMzJiYTA2MjZhN2IzNjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+fcU5Ax0+nl2KSOh/C6VAbDgeAM
Yp56NJKBA9efgEvs9S/croWUhP7iN1d5/h1Q5oKWvs5nc/bOS+dfrsEUS7MwvoIU
xUktxmFt9oBEI2PahchvHcqQRYhct7mdTTDAd8zB8VZ52rbHCvu/J2dVxgXVUZuc
1ePvGPXNSanNho6rRkPYDfDGIBCBW+WcE3prflbJmxchZ8b/CieeR5py+xyRJe6+
Nm0vIlsGKAHNcjR16RQB+0IDvQGFpx+0cka7zcCTtwQsWdCyDtTJgtRD7nOFfhO9
/ohe7dQvS1ChlRjr1cTwLvMzcHfU6Cj397pas7PbTf7gZh5Ve8ZJ3OC+vQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIpZP1j+Lc6dOX0aRMMroGJqezZ+MB8GA1UdIwQY
MBaAFF/CDexxS7VGOxZOFaX4oTmKJVBdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDhJTjdIRkx0VVk3Rms0VnBmaWhPWW9sVUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS82Nzk3YTUtNTQxMC00YzBkLWI5Yjct
ZDk5YjlmNDhkMGRjLzEvWDhJTjdIRkx0VVk3Rms0VnBmaWhPWW9sVUYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS82Nzk3YTUtNTQxMC00YzBkLWI5YjctZDk5YjlmNDhkMGRj
LzEvWDhJTjdIRkx0VVk3Rms0VnBmaWhPWW9sVUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN4+IVS/A
WrUakRCTl1iIHP2TNI+1uxHV/SmyGJ8+Cf5EfJl7nJJEduu61p5Ipr9AVptm37TU
2uk/SMJWzNWCtvxqgPcpTgQaFWugmPWsII9VJFDm/WOQ5UQz0DNDU/isLWChiOSy
9U8OVmFjmmRx3pd4sZ8p7MAbzCa9tV64zd2HiD/fmYluxL3nPxtgn0goffJpwueX
Y/Ume2aD2JmSlmnjlFGTvoQYMIGsX5AgWzkKZoceUteiEyDGrfaCrgBhlxaogfjd
XffD6Y9S20padIw2tR3vErLUfW40HDja90wL1nKJcRQca7xkKm5GmVYmam6GWshU
DXKpByiGN50o7w==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:24:59 2025 by rpki-client