Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.mft
File: XGGrSm35u5XP3orwdmaKWVs0HeE.mft (raw, json)
Hash identifier: Vc101xZFTFWXMBUPeBMntCQTCjwy+sXcSv5EQMRuvuU=
Subject key identifier: DB:EA:E8:C6:3A:80:01:2E:3A:03:79:05:BD:F6:A2:70:E2:FF:15:6C
Authority key identifier: 5C:61:AB:4A:6D:F9:BB:95:CF:DE:8A:F0:76:66:8A:59:5B:34:1D:E1
Certificate issuer: /CN=5c61ab4a6df9bb95cfde8af076668a595b341de1
Certificate serial: 019A73018AB048778F2F74B7125C31E5D325
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGGrSm35u5XP3orwdmaKWVs0HeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.mft
Manifest number: 0407
Signing time: Tue 11 Nov 2025 13:01:12 +0000
Manifest this update: Tue 11 Nov 2025 13:01:12 +0000
Manifest next update: Wed 12 Nov 2025 13:01:12 +0000
Files and hashes: 1: P7g82oQa9maLUZf-zyJXFEwQ_Tk.roa (hash: R1Jxxc/Qby3IEt4xnho0adyCsC1rCUaoaz24WlyrPXE=)
2: XGGrSm35u5XP3orwdmaKWVs0HeE.crl (hash: X/QN22Cf+8HyVzfh4lKNDIP9fJtb7hLw5pm9XGaIP1U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.mft
rsync://rpki.ripe.net/repository/DEFAULT/XGGrSm35u5XP3orwdmaKWVs0HeE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:01:8a:b0:48:77:8f:2f:74:b7:12:5c:31:e5:d3:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c61ab4a6df9bb95cfde8af076668a595b341de1
Validity
Not Before: Nov 11 13:01:12 2025 GMT
Not After : Nov 12 13:01:12 2025 GMT
Subject: CN=dbeae8c63a80012e3a037905bdf6a270e2ff156c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:64:37:7d:5e:82:40:fb:93:0b:21:d9:4d:73:
66:18:0d:a3:24:d7:ff:17:fc:9e:ac:11:6f:7d:1e:
05:b3:07:54:96:40:52:28:ad:f2:ee:e9:60:a0:42:
43:f1:d5:70:64:87:84:71:c2:01:47:aa:25:6c:bf:
bd:77:b7:9f:13:63:38:05:38:1c:15:f1:1a:fe:95:
3e:53:1e:60:51:98:2c:7a:f8:8d:2a:83:5b:70:d4:
1f:6e:f5:ac:22:ba:c5:7a:7b:2e:28:c9:f3:59:51:
bb:a5:4a:7e:34:69:1e:d1:f3:48:29:cf:d4:21:89:
a9:19:d2:d5:1f:6f:a1:65:e6:cb:7c:e2:64:b2:63:
08:4b:e1:ec:19:ee:9a:6d:e7:a3:7c:1d:72:0e:6a:
b8:f5:2b:b0:01:9c:98:e2:48:12:76:7b:45:9d:6c:
47:f6:90:c8:4c:2d:1b:64:00:48:54:3f:f2:ba:79:
dd:23:e2:f4:0c:65:70:cc:b0:b9:1a:23:23:6a:5b:
a1:9d:f6:52:06:16:9a:81:4a:3b:91:7d:ed:52:fe:
05:1f:d6:6e:6e:5e:1c:35:ef:a9:20:17:e2:59:7d:
dc:74:69:87:fc:2c:9b:52:83:29:5a:eb:26:9c:a8:
ff:91:da:d8:4e:e0:9c:73:e3:1a:ae:1f:f8:1f:1c:
89:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:EA:E8:C6:3A:80:01:2E:3A:03:79:05:BD:F6:A2:70:E2:FF:15:6C
X509v3 Authority Key Identifier:
keyid:5C:61:AB:4A:6D:F9:BB:95:CF:DE:8A:F0:76:66:8A:59:5B:34:1D:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGGrSm35u5XP3orwdmaKWVs0HeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
51:30:ba:e1:8f:51:77:87:79:a2:48:c0:37:52:81:cd:18:d8:
76:1c:a9:ee:d4:d4:e6:cc:70:f4:2d:2f:e2:b6:b4:8c:9b:8f:
78:46:1b:24:3a:85:64:e1:47:08:4b:9b:69:6f:0a:65:a7:3a:
38:1b:fe:5e:81:30:87:63:3b:ac:73:f2:d6:86:9d:84:f5:ba:
b2:41:14:4b:4c:28:18:d3:c3:f7:c6:43:f1:47:96:53:8d:48:
84:34:c9:03:89:68:0e:f6:8b:aa:ac:ab:14:4a:b7:02:76:e9:
b7:50:97:9f:d6:d0:ce:55:bf:b1:02:3a:a4:36:29:cc:d4:c4:
ef:d1:4a:7d:0b:07:2c:b4:51:8b:dd:35:e4:67:85:fa:5d:19:
85:6a:21:d2:ea:d8:34:3b:ee:71:e8:43:f1:9d:38:ac:2b:9e:
8c:93:d4:21:7d:a8:f4:7c:91:f2:4e:c1:a3:1b:e2:1f:20:2f:
99:66:1a:1c:4a:c2:c4:44:86:54:e0:a3:b1:f5:94:67:b9:ae:
a1:52:70:78:62:a4:40:ee:98:b0:85:93:f3:9c:fc:69:ff:06:
ba:d4:72:27:49:9d:a1:f9:2a:51:9c:b6:d2:a0:93:b9:4e:0a:
9e:05:6b:a5:eb:7e:18:bf:83:a0:1f:61:17:05:53:bd:0d:cc:
4c:4c:ec:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzAYqwSHePL3S3Elwx5dMlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNjFhYjRhNmRmOWJiOTVjZmRlOGFmMDc2NjY4YTU5NWIz
NDFkZTEwHhcNMjUxMTExMTMwMTEyWhcNMjUxMTEyMTMwMTEyWjAzMTEwLwYDVQQD
EyhkYmVhZThjNjNhODAwMTJlM2EwMzc5MDViZGY2YTI3MGUyZmYxNTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWQ3fV6CQPuTCyHZTXNmGA2jJNf/
F/yerBFvfR4FswdUlkBSKK3y7ulgoEJD8dVwZIeEccIBR6olbL+9d7efE2M4BTgc
FfEa/pU+Ux5gUZgseviNKoNbcNQfbvWsIrrFensuKMnzWVG7pUp+NGke0fNIKc/U
IYmpGdLVH2+hZebLfOJksmMIS+HsGe6abeejfB1yDmq49SuwAZyY4kgSdntFnWxH
9pDITC0bZABIVD/yunndI+L0DGVwzLC5GiMjaluhnfZSBhaagUo7kX3tUv4FH9Zu
bl4cNe+pIBfiWX3cdGmH/CybUoMpWusmnKj/kdrYTuCcc+Marh/4HxyJBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNvq6MY6gAEuOgN5Bb32onDi/xVsMB8GA1UdIwQY
MBaAFFxhq0pt+buVz96K8HZmillbNB3hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEdHclNtMzV1NVhQM29yd2RtYUtXVnMwSGVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9mZDVhOTgtMjcyZi00MDc4LTk0OGQt
NmZhODY4OTIxZGZiLzEvWEdHclNtMzV1NVhQM29yd2RtYUtXVnMwSGVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9mZDVhOTgtMjcyZi00MDc4LTk0OGQtNmZhODY4OTIxZGZi
LzEvWEdHclNtMzV1NVhQM29yd2RtYUtXVnMwSGVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUTC64Y9R
d4d5okjAN1KBzRjYdhyp7tTU5sxw9C0v4ra0jJuPeEYbJDqFZOFHCEubaW8KZac6
OBv+XoEwh2M7rHPy1oadhPW6skEUS0woGNPD98ZD8UeWU41IhDTJA4loDvaLqqyr
FEq3Anbpt1CXn9bQzlW/sQI6pDYpzNTE79FKfQsHLLRRi9015GeF+l0ZhWoh0urY
NDvucehD8Z04rCuejJPUIX2o9HyR8k7BoxviHyAvmWYaHErCxESGVOCjsfWUZ7mu
oVJweGKkQO6YsIWT85z8af8GutRyJ0mdofkqUZy20qCTuU4KngVrpet+GL+DoB9h
FwVTvQ3MTEzsTw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:49:36 2025 by rpki-client