Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/674496-97bd-4eb0-a886-82119978d6bb/1/XkLDVhL0WvQRA1IK8nYc2qUeOqQ.mft
File: XkLDVhL0WvQRA1IK8nYc2qUeOqQ.mft (raw, json)
Hash identifier: NxE4NdAdADUisJhrYErNDV6wt2fNEujqM8kagRJm5j0=
Subject key identifier: 87:0E:3F:53:35:6B:33:82:67:38:D5:E8:EB:25:29:B8:45:F1:66:59
Authority key identifier: 5E:42:C3:56:12:F4:5A:F4:11:03:52:0A:F2:76:1C:DA:A5:1E:3A:A4
Certificate issuer: /CN=5e42c35612f45af41103520af2761cdaa51e3aa4
Certificate serial: 019A7225FE2B62500F7B4C0D460F6CF9F28B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XkLDVhL0WvQRA1IK8nYc2qUeOqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/674496-97bd-4eb0-a886-82119978d6bb/1/XkLDVhL0WvQRA1IK8nYc2qUeOqQ.mft
Manifest number: 161E
Signing time: Tue 11 Nov 2025 09:01:23 +0000
Manifest this update: Tue 11 Nov 2025 09:01:23 +0000
Manifest next update: Wed 12 Nov 2025 09:01:23 +0000
Files and hashes: 1: XkLDVhL0WvQRA1IK8nYc2qUeOqQ.crl (hash: 01pS29NX5SHIFjS2Rk5m6zgnFuMpYRGmhI27zV4v0/o=)
2: xyAqUo1cBCxwcVbYVeKIYjCComY.roa (hash: 5YKuscwS6gvAjWMFAp+aYRLvaxsng69DrIJ3z9uUMo8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/674496-97bd-4eb0-a886-82119978d6bb/1/XkLDVhL0WvQRA1IK8nYc2qUeOqQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/674496-97bd-4eb0-a886-82119978d6bb/1/XkLDVhL0WvQRA1IK8nYc2qUeOqQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/XkLDVhL0WvQRA1IK8nYc2qUeOqQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:fe:2b:62:50:0f:7b:4c:0d:46:0f:6c:f9:f2:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e42c35612f45af41103520af2761cdaa51e3aa4
Validity
Not Before: Nov 11 09:01:23 2025 GMT
Not After : Nov 12 09:01:23 2025 GMT
Subject: CN=870e3f53356b33826738d5e8eb2529b845f16659
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f5:9b:fd:64:83:98:9d:79:d0:37:d7:13:e5:
7e:fc:28:46:17:95:27:d4:9e:16:63:ac:4f:ad:78:
f4:f4:1a:28:35:85:a3:cd:3c:b2:c4:65:06:ab:df:
57:ac:ae:99:a5:4f:0d:99:4d:eb:68:b9:38:2c:82:
f8:57:0c:35:28:50:7f:64:38:27:f0:79:d7:76:ab:
8a:4d:89:c2:6c:85:08:9a:96:f6:0a:b6:c9:bc:97:
f5:1e:e7:c9:f8:12:fd:4a:f7:07:79:2b:c5:63:6c:
d6:11:c2:5b:e1:4e:b7:a6:02:ac:18:40:92:43:9c:
ed:77:d4:9a:49:5b:8f:91:e6:28:3f:e6:4f:d6:11:
45:47:5a:57:94:2f:f4:ff:04:21:30:06:9e:0d:8c:
93:41:3b:f3:9b:71:f6:74:34:49:00:15:7d:e4:c2:
f0:c1:1a:70:b4:e0:53:53:82:a8:9d:13:45:fc:09:
cf:0a:c0:94:4e:c4:64:77:76:2d:0c:ff:b8:80:e3:
49:4f:ba:c9:c5:4e:6e:0b:8b:36:de:5f:93:38:17:
04:fa:0a:f2:7d:6e:3e:01:61:65:52:9d:d5:c7:94:
f3:a2:4a:eb:01:e3:a1:0e:2b:27:e8:a6:e5:9f:cc:
2d:8f:c7:cd:5b:1b:33:4e:96:13:fc:a4:29:bb:fa:
70:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:0E:3F:53:35:6B:33:82:67:38:D5:E8:EB:25:29:B8:45:F1:66:59
X509v3 Authority Key Identifier:
keyid:5E:42:C3:56:12:F4:5A:F4:11:03:52:0A:F2:76:1C:DA:A5:1E:3A:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XkLDVhL0WvQRA1IK8nYc2qUeOqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/674496-97bd-4eb0-a886-82119978d6bb/1/XkLDVhL0WvQRA1IK8nYc2qUeOqQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/674496-97bd-4eb0-a886-82119978d6bb/1/XkLDVhL0WvQRA1IK8nYc2qUeOqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9c:1b:0a:a6:60:09:08:fb:39:ab:c1:e0:fb:e0:10:b6:1f:4b:
38:b7:39:03:b0:48:39:23:b0:71:7a:bc:07:e2:43:74:1a:47:
27:96:a8:a4:8a:c3:a8:76:b9:b9:24:a8:b0:56:42:98:1f:28:
b4:0a:04:00:90:b9:55:b5:bf:c2:18:a5:32:1d:2b:2a:92:b8:
5f:0c:ec:84:31:5c:54:0a:a8:34:8f:86:9c:0a:32:cf:25:2a:
79:89:46:0e:f0:62:ec:4b:49:e3:d4:af:7c:2d:73:75:4e:e7:
66:29:2d:14:15:75:1d:57:ad:1d:eb:84:26:41:67:16:6a:33:
57:af:29:1c:df:b0:bc:5d:63:70:34:a5:bf:ef:52:59:98:4a:
48:6d:46:50:6c:bd:e3:d8:02:fb:1b:d0:f8:7f:82:54:75:e4:
68:81:a9:99:bd:3e:87:c0:59:f3:ba:c9:29:7c:0d:96:10:01:
ae:d8:b3:5e:64:ce:4e:80:6f:da:0b:79:c3:a4:fb:b2:a6:76:
1d:7c:57:03:55:52:85:94:41:38:7f:e2:76:a2:c5:9d:29:c2:
4d:e1:bb:ff:a8:b0:e3:d0:45:c7:c8:1c:5c:ee:1d:4d:db:25:
4e:65:4d:06:63:1a:a1:98:7e:54:83:92:d9:c3:00:67:6e:9a:
2b:b7:05:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJf4rYlAPe0wNRg9s+fKLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNDJjMzU2MTJmNDVhZjQxMTAzNTIwYWYyNzYxY2RhYTUx
ZTNhYTQwHhcNMjUxMTExMDkwMTIzWhcNMjUxMTEyMDkwMTIzWjAzMTEwLwYDVQQD
Eyg4NzBlM2Y1MzM1NmIzMzgyNjczOGQ1ZThlYjI1MjliODQ1ZjE2NjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/Wb/WSDmJ150DfXE+V+/ChGF5Un
1J4WY6xPrXj09BooNYWjzTyyxGUGq99XrK6ZpU8NmU3raLk4LIL4Vww1KFB/ZDgn
8HnXdquKTYnCbIUImpb2CrbJvJf1HufJ+BL9SvcHeSvFY2zWEcJb4U63pgKsGECS
Q5ztd9SaSVuPkeYoP+ZP1hFFR1pXlC/0/wQhMAaeDYyTQTvzm3H2dDRJABV95MLw
wRpwtOBTU4KonRNF/AnPCsCUTsRkd3YtDP+4gONJT7rJxU5uC4s23l+TOBcE+gry
fW4+AWFlUp3Vx5TzokrrAeOhDisn6Kbln8wtj8fNWxszTpYT/KQpu/pwDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIcOP1M1azOCZzjV6OslKbhF8WZZMB8GA1UdIwQY
MBaAFF5Cw1YS9Fr0EQNSCvJ2HNqlHjqkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGtMRFZoTDBXdlFSQTFJSzhuWWMycVVlT3FRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC82NzQ0OTYtOTdiZC00ZWIwLWE4ODYt
ODIxMTk5NzhkNmJiLzEvWGtMRFZoTDBXdlFSQTFJSzhuWWMycVVlT3FRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC82NzQ0OTYtOTdiZC00ZWIwLWE4ODYtODIxMTk5NzhkNmJi
LzEvWGtMRFZoTDBXdlFSQTFJSzhuWWMycVVlT3FRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnBsKpmAJ
CPs5q8Hg++AQth9LOLc5A7BIOSOwcXq8B+JDdBpHJ5aopIrDqHa5uSSosFZCmB8o
tAoEAJC5VbW/whilMh0rKpK4XwzshDFcVAqoNI+GnAoyzyUqeYlGDvBi7EtJ49Sv
fC1zdU7nZiktFBV1HVetHeuEJkFnFmozV68pHN+wvF1jcDSlv+9SWZhKSG1GUGy9
49gC+xvQ+H+CVHXkaIGpmb0+h8BZ87rJKXwNlhABrtizXmTOToBv2gt5w6T7sqZ2
HXxXA1VShZRBOH/idqLFnSnCTeG7/6iw49BFx8gcXO4dTdslTmVNBmMaoZh+VIOS
2cMAZ26aK7cFeA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:19:38 2025 by rpki-client