Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/908a62-f4e0-4985-9e34-12053ade9faf/1/xT4qugUV7JDRCREGD88pI2123d8.mft
File: xT4qugUV7JDRCREGD88pI2123d8.mft (raw, json)
Hash identifier: TT4/jH6vQPkTUOprPzk4H42fpILIsXfMrt+5q423El0=
Subject key identifier: 55:FF:E6:E5:7A:0D:77:F4:0B:BC:6E:1F:75:2F:09:FA:41:6F:34:AB
Authority key identifier: C5:3E:2A:BA:05:15:EC:90:D1:09:11:06:0F:CF:29:23:6D:76:DD:DF
Certificate issuer: /CN=c53e2aba0515ec90d10911060fcf29236d76dddf
Certificate serial: 019A71EE71723A48AB7D116BC504C55CEBE6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xT4qugUV7JDRCREGD88pI2123d8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/908a62-f4e0-4985-9e34-12053ade9faf/1/xT4qugUV7JDRCREGD88pI2123d8.mft
Manifest number: 0ED5
Signing time: Tue 11 Nov 2025 08:00:43 +0000
Manifest this update: Tue 11 Nov 2025 08:00:43 +0000
Manifest next update: Wed 12 Nov 2025 08:00:43 +0000
Files and hashes: 1: f0yhahkLcuZ1yoHAyLMFgYV-0C4.roa (hash: o3wGDB8+TAGkWavLVm8YXjs+gVitRLdf6b5WKa02EC8=)
2: xT4qugUV7JDRCREGD88pI2123d8.crl (hash: 8zt6RyyGr3VZT0AvW6Jfh0y2dBwxHEN6fqEZ4EQm4rY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/908a62-f4e0-4985-9e34-12053ade9faf/1/xT4qugUV7JDRCREGD88pI2123d8.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/908a62-f4e0-4985-9e34-12053ade9faf/1/xT4qugUV7JDRCREGD88pI2123d8.mft
rsync://rpki.ripe.net/repository/DEFAULT/xT4qugUV7JDRCREGD88pI2123d8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:71:72:3a:48:ab:7d:11:6b:c5:04:c5:5c:eb:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c53e2aba0515ec90d10911060fcf29236d76dddf
Validity
Not Before: Nov 11 08:00:43 2025 GMT
Not After : Nov 12 08:00:43 2025 GMT
Subject: CN=55ffe6e57a0d77f40bbc6e1f752f09fa416f34ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:5e:31:08:a9:02:58:c3:d0:30:b7:8b:66:20:
1f:06:99:5c:af:6e:f7:9c:84:55:e2:90:ff:2c:ee:
e6:ae:53:d7:85:64:e5:ea:56:8b:f0:30:69:f3:67:
51:d5:f8:11:bc:22:29:3e:98:99:c4:b7:5e:33:5c:
77:e9:e8:cc:08:26:e1:8a:3e:d0:07:97:9e:d3:fb:
29:14:1f:80:9e:e6:47:63:ff:97:f3:0a:bf:9f:ea:
33:af:1b:9f:fb:d7:c1:af:4e:ce:5b:d3:02:0c:50:
1c:2e:c2:6c:45:b8:7b:cb:17:3a:fa:7b:1b:49:11:
49:75:bb:ca:4e:eb:89:26:e3:c0:e3:97:23:73:13:
0e:d7:9e:21:95:c9:8b:32:50:12:8c:1f:a4:a1:7c:
16:74:bc:d9:5b:b0:66:c2:f6:34:fa:35:b1:01:d8:
01:8c:13:59:7c:61:0a:4d:3d:f3:1f:b0:a2:6e:b4:
c5:6f:a6:7f:99:b7:75:aa:29:7b:4e:d1:0e:99:aa:
69:cd:b4:7b:36:86:43:c1:d2:b1:0e:ca:84:bd:da:
08:01:cf:b8:0b:02:35:ea:4d:44:3a:5c:89:d8:c6:
81:60:1f:90:75:6a:ee:a5:3a:63:01:95:70:cd:c9:
cf:49:85:82:2b:13:b7:a9:55:50:0a:34:06:85:e6:
e8:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:FF:E6:E5:7A:0D:77:F4:0B:BC:6E:1F:75:2F:09:FA:41:6F:34:AB
X509v3 Authority Key Identifier:
keyid:C5:3E:2A:BA:05:15:EC:90:D1:09:11:06:0F:CF:29:23:6D:76:DD:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xT4qugUV7JDRCREGD88pI2123d8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/908a62-f4e0-4985-9e34-12053ade9faf/1/xT4qugUV7JDRCREGD88pI2123d8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/908a62-f4e0-4985-9e34-12053ade9faf/1/xT4qugUV7JDRCREGD88pI2123d8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6f:a0:03:e7:1c:86:7b:71:44:90:37:01:07:ae:6d:bb:d3:d2:
88:9e:1d:5b:48:2c:53:36:65:4e:a7:93:99:86:29:0a:86:63:
a6:53:c7:91:54:7e:6b:ea:45:4f:36:c5:7c:a2:eb:3e:7c:a1:
3f:b6:0a:67:6c:3c:d9:0c:53:d1:bc:6b:45:84:3f:48:0f:e6:
f7:ee:3f:97:47:ed:25:0d:e1:c6:e6:92:d3:ef:0c:19:59:f9:
31:cc:2a:6f:93:b9:6c:30:57:7b:10:11:3d:15:26:a5:74:18:
8b:e9:e8:2e:d7:15:65:97:36:1e:68:79:53:b4:1b:62:9f:e1:
92:c7:b0:76:d5:65:cd:0f:47:ef:5f:74:10:a0:f4:c3:d2:1d:
86:93:48:a6:3e:a4:f6:64:a4:04:c6:79:b6:7c:d2:25:ee:4c:
bf:05:f9:bd:ad:04:82:11:47:3c:10:b1:2f:07:73:91:7e:f0:
fc:ff:d5:7d:82:87:08:76:97:e7:9b:a2:7b:3d:1d:01:be:ac:
97:00:70:0a:2e:19:9a:2c:1e:5a:6f:12:07:dc:2b:7f:a8:40:
bd:25:1b:9c:37:1c:a1:0c:5f:63:cd:0d:a2:46:a7:6c:3d:23:
ad:ce:51:fc:b6:aa:da:af:7a:02:49:4a:d3:f3:6e:57:6d:03:
be:f5:80:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7nFyOkirfRFrxQTFXOvmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1M2UyYWJhMDUxNWVjOTBkMTA5MTEwNjBmY2YyOTIzNmQ3
NmRkZGYwHhcNMjUxMTExMDgwMDQzWhcNMjUxMTEyMDgwMDQzWjAzMTEwLwYDVQQD
Eyg1NWZmZTZlNTdhMGQ3N2Y0MGJiYzZlMWY3NTJmMDlmYTQxNmYzNGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAll4xCKkCWMPQMLeLZiAfBplcr273
nIRV4pD/LO7mrlPXhWTl6laL8DBp82dR1fgRvCIpPpiZxLdeM1x36ejMCCbhij7Q
B5ee0/spFB+AnuZHY/+X8wq/n+ozrxuf+9fBr07OW9MCDFAcLsJsRbh7yxc6+nsb
SRFJdbvKTuuJJuPA45cjcxMO154hlcmLMlASjB+koXwWdLzZW7BmwvY0+jWxAdgB
jBNZfGEKTT3zH7CibrTFb6Z/mbd1qil7TtEOmappzbR7NoZDwdKxDsqEvdoIAc+4
CwI16k1EOlyJ2MaBYB+QdWrupTpjAZVwzcnPSYWCKxO3qVVQCjQGhebodwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFX/5uV6DXf0C7xuH3UvCfpBbzSrMB8GA1UdIwQY
MBaAFMU+KroFFeyQ0QkRBg/PKSNtdt3fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFQ0cXVnVVY3SkRSQ1JFR0Q4OHBJMjEyM2Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi85MDhhNjItZjRlMC00OTg1LTllMzQt
MTIwNTNhZGU5ZmFmLzEveFQ0cXVnVVY3SkRSQ1JFR0Q4OHBJMjEyM2Q4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi85MDhhNjItZjRlMC00OTg1LTllMzQtMTIwNTNhZGU5ZmFm
LzEveFQ0cXVnVVY3SkRSQ1JFR0Q4OHBJMjEyM2Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb6AD5xyG
e3FEkDcBB65tu9PSiJ4dW0gsUzZlTqeTmYYpCoZjplPHkVR+a+pFTzbFfKLrPnyh
P7YKZ2w82QxT0bxrRYQ/SA/m9+4/l0ftJQ3hxuaS0+8MGVn5Mcwqb5O5bDBXexAR
PRUmpXQYi+noLtcVZZc2Hmh5U7QbYp/hksewdtVlzQ9H7190EKD0w9IdhpNIpj6k
9mSkBMZ5tnzSJe5MvwX5va0EghFHPBCxLwdzkX7w/P/VfYKHCHaX55uiez0dAb6s
lwBwCi4ZmiweWm8SB9wrf6hAvSUbnDccoQxfY80NokanbD0jrc5R/Laq2q96AklK
0/NuV20DvvWAQw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:53:40 2025 by rpki-client