Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/af54e8-bd63-427d-8cc8-f4ecebbb1ec2/1/1-XMgliXioD3e7PkbtIBUjlcp1Hk.mft
File: 1-XMgliXioD3e7PkbtIBUjlcp1Hk.mft (raw, json)
Hash identifier: dKBXYjrn7u1b4dp2kW1H6DL8URC20vsfzToYKUSNqSE=
Subject key identifier: 43:DF:09:D0:D6:69:90:94:F1:CD:34:87:7A:C8:30:75:F1:ED:94:14
Authority key identifier: F9:73:20:96:25:E2:A0:3D:DE:EC:F9:1B:B4:80:54:8E:57:29:D4:79
Certificate issuer: /CN=f973209625e2a03ddeecf91bb480548e5729d479
Certificate serial: 019A7226686D18D9A53DA65011CB9AB7A376
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-XMgliXioD3e7PkbtIBUjlcp1Hk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/af54e8-bd63-427d-8cc8-f4ecebbb1ec2/1/1-XMgliXioD3e7PkbtIBUjlcp1Hk.mft
Manifest number: 171D
Signing time: Tue 11 Nov 2025 09:01:50 +0000
Manifest this update: Tue 11 Nov 2025 09:01:50 +0000
Manifest next update: Wed 12 Nov 2025 09:01:50 +0000
Files and hashes: 1: 1-XMgliXioD3e7PkbtIBUjlcp1Hk.crl (hash: bgOip9Za6ttXURHI3BdTPSo4BydPsXzJioagfTES/J8=)
2: l3JzatKnSb-qTPQjQ9VOzx8MD7g.roa (hash: 40hMQclA6AyvTYjGgbc8RhGg1fGmdxgMO6uT9Avjx2U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/af54e8-bd63-427d-8cc8-f4ecebbb1ec2/1/1-XMgliXioD3e7PkbtIBUjlcp1Hk.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/af54e8-bd63-427d-8cc8-f4ecebbb1ec2/1/1-XMgliXioD3e7PkbtIBUjlcp1Hk.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-XMgliXioD3e7PkbtIBUjlcp1Hk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:68:6d:18:d9:a5:3d:a6:50:11:cb:9a:b7:a3:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f973209625e2a03ddeecf91bb480548e5729d479
Validity
Not Before: Nov 11 09:01:50 2025 GMT
Not After : Nov 12 09:01:50 2025 GMT
Subject: CN=43df09d0d6699094f1cd34877ac83075f1ed9414
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:6a:52:64:63:69:6a:99:5c:40:1e:6a:c1:fc:
ed:00:c0:0d:2c:44:a3:c6:7b:b8:2e:56:62:f4:2b:
71:8f:30:dc:7b:98:44:be:b3:fe:5c:aa:31:f8:dc:
78:65:25:92:d0:ee:36:89:e0:98:34:58:bc:1d:7c:
ad:d1:c6:a3:3d:db:4a:65:ac:a8:65:fa:60:d5:94:
77:a6:50:c3:cc:09:26:30:c8:7d:b5:d3:60:36:6c:
a1:73:6e:6e:06:93:72:21:07:27:8b:ab:44:ee:a7:
98:95:93:8f:af:fc:5c:2a:a1:10:e8:c2:e0:2e:9c:
7a:d8:18:d3:57:25:03:45:f0:bf:f5:3b:a5:fe:24:
fc:e1:f3:e7:a5:07:eb:4d:ea:89:f5:8f:41:e2:86:
29:df:b0:3a:75:b5:4a:2f:bf:a7:36:b1:1a:b8:b5:
2e:fd:aa:ce:2f:27:df:bd:f2:83:30:64:e9:d4:a2:
5f:ff:d3:81:44:3a:ad:10:b3:0a:0c:fb:91:59:b5:
67:d0:72:4d:c9:a4:24:23:44:4b:f9:36:59:67:12:
3d:7b:b7:d8:61:09:20:1a:4e:43:ec:54:e6:3a:cf:
49:82:7b:f2:05:5f:5a:7b:1a:79:eb:ab:20:c4:0d:
3e:d9:3d:0f:3f:e1:a7:35:8e:c0:16:a3:eb:04:db:
73:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:DF:09:D0:D6:69:90:94:F1:CD:34:87:7A:C8:30:75:F1:ED:94:14
X509v3 Authority Key Identifier:
keyid:F9:73:20:96:25:E2:A0:3D:DE:EC:F9:1B:B4:80:54:8E:57:29:D4:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-XMgliXioD3e7PkbtIBUjlcp1Hk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/af54e8-bd63-427d-8cc8-f4ecebbb1ec2/1/1-XMgliXioD3e7PkbtIBUjlcp1Hk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/af54e8-bd63-427d-8cc8-f4ecebbb1ec2/1/1-XMgliXioD3e7PkbtIBUjlcp1Hk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
66:d1:1c:77:40:42:ab:d6:37:78:db:6e:e9:15:5c:71:b1:b6:
e0:04:c0:32:2d:03:9b:b6:30:2e:af:4e:78:66:e1:5b:38:21:
ba:37:e6:e2:63:df:d4:5b:66:b6:e1:c0:b9:aa:5a:78:fd:cf:
a6:e3:fc:c8:99:93:43:bb:75:19:5c:06:24:06:8b:da:58:9b:
8c:88:25:32:08:02:23:b1:c6:5e:d1:67:0a:49:c4:57:0b:0b:
93:8f:46:3e:74:da:6a:03:34:14:2b:18:8e:4c:dc:39:36:0e:
de:2d:d3:6d:6f:f6:f7:03:48:64:0f:ba:bf:a4:da:47:84:d1:
f0:03:b9:74:88:00:20:7f:8b:d9:5b:6f:07:0f:06:8b:81:16:
bd:aa:6e:d4:3d:40:89:9d:16:c6:4e:2f:c5:a7:64:66:eb:9f:
9b:13:fe:d5:7d:19:3b:40:0a:2d:99:27:af:78:27:66:fa:ed:
c4:a6:1a:e4:0f:b3:a9:fd:da:7f:a3:d3:50:45:07:0f:40:45:
e6:61:9f:75:3f:2b:16:6e:fa:3f:ee:74:b7:5b:24:a2:8b:5e:
16:28:66:7e:f9:1b:70:59:7e:06:e0:f4:47:05:b3:91:dc:75:
4e:80:e8:d3:28:8e:d7:28:35:d0:ed:0d:0e:0f:7f:db:92:00:
c3:95:65:c0
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZpyJmhtGNmlPaZQEcuat6N2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5NzMyMDk2MjVlMmEwM2RkZWVjZjkxYmI0ODA1NDhlNTcy
OWQ0NzkwHhcNMjUxMTExMDkwMTUwWhcNMjUxMTEyMDkwMTUwWjAzMTEwLwYDVQQD
Eyg0M2RmMDlkMGQ2Njk5MDk0ZjFjZDM0ODc3YWM4MzA3NWYxZWQ5NDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhmpSZGNpaplcQB5qwfztAMANLESj
xnu4LlZi9CtxjzDce5hEvrP+XKox+Nx4ZSWS0O42ieCYNFi8HXyt0cajPdtKZayo
Zfpg1ZR3plDDzAkmMMh9tdNgNmyhc25uBpNyIQcni6tE7qeYlZOPr/xcKqEQ6MLg
Lpx62BjTVyUDRfC/9Tul/iT84fPnpQfrTeqJ9Y9B4oYp37A6dbVKL7+nNrEauLUu
/arOLyffvfKDMGTp1KJf/9OBRDqtELMKDPuRWbVn0HJNyaQkI0RL+TZZZxI9e7fY
YQkgGk5D7FTmOs9JgnvyBV9aexp566sgxA0+2T0PP+GnNY7AFqPrBNtzdwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFEPfCdDWaZCU8c00h3rIMHXx7ZQUMB8GA1UdIwQY
MBaAFPlzIJYl4qA93uz5G7SAVI5XKdR5MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1YTWdsaVhpb0QzZTdQa2J0SUJVamxjcDFIay5jZXIw
gY4GCCsGAQUFBwELBIGBMH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWQvYWY1NGU4LWJkNjMtNDI3ZC04Y2M4
LWY0ZWNlYmJiMWVjMi8xLzEtWE1nbGlYaW9EM2U3UGtidElCVWpsY3AxSGsubWZ0
MIGCBgNVHR8EezB5MHegdaBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3Np
dG9yeS9ERUZBVUxULzVkL2FmNTRlOC1iZDYzLTQyN2QtOGNjOC1mNGVjZWJiYjFl
YzIvMS8xLVhNZ2xpWGlvRDNlN1BrYnRJQlVqbGNwMUhrLmNybDAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgAC
BQAwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZtEc
d0BCq9Y3eNtu6RVccbG24ATAMi0Dm7YwLq9OeGbhWzghujfm4mPf1FtmtuHAuapa
eP3PpuP8yJmTQ7t1GVwGJAaL2libjIglMggCI7HGXtFnCknEVwsLk49GPnTaagM0
FCsYjkzcOTYO3i3TbW/29wNIZA+6v6TaR4TR8AO5dIgAIH+L2VtvBw8Gi4EWvapu
1D1AiZ0Wxk4vxadkZuufmxP+1X0ZO0AKLZknr3gnZvrtxKYa5A+zqf3af6PTUEUH
D0BF5mGfdT8rFm76P+50t1skooteFihmfvkbcFl+BuD0RwWzkdx1ToDo0yiO1yg1
0O0NDg9/25IAw5VlwA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:44:25 2025 by rpki-client