Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/b7fe75-30ee-4a6f-b528-fa3071c435f1/1/XFe2FhFxnsfI4AErGv9-gfx2ib0.mft
File: XFe2FhFxnsfI4AErGv9-gfx2ib0.mft (raw, json)
Hash identifier: MvDMWJKUjMxZauOM+ySk+hZnOhaTWjUB2QnBmTd7qj8=
Subject key identifier: BD:9E:1C:8E:A9:12:87:F5:B3:33:9B:D7:01:0D:40:1F:2F:52:38:3C
Authority key identifier: 5C:57:B6:16:11:71:9E:C7:C8:E0:01:2B:1A:FF:7E:81:FC:76:89:BD
Certificate issuer: /CN=5c57b61611719ec7c8e0012b1aff7e81fc7689bd
Certificate serial: 019A722599B37705A1D0D1C8E13891757672
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XFe2FhFxnsfI4AErGv9-gfx2ib0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/b7fe75-30ee-4a6f-b528-fa3071c435f1/1/XFe2FhFxnsfI4AErGv9-gfx2ib0.mft
Manifest number: 111A
Signing time: Tue 11 Nov 2025 09:00:58 +0000
Manifest this update: Tue 11 Nov 2025 09:00:58 +0000
Manifest next update: Wed 12 Nov 2025 09:00:58 +0000
Files and hashes: 1: 736mr1KkVtoBPW1oR7owGe-ullo.roa (hash: uR2lVV+jre6sPLOQey9198pgiqdr//RLVlkZmwpBaQw=)
2: XFe2FhFxnsfI4AErGv9-gfx2ib0.crl (hash: McMoSQVqfINzTPwUnPj5mBhikdRzMVbW6xf7IG6Al20=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/b7fe75-30ee-4a6f-b528-fa3071c435f1/1/XFe2FhFxnsfI4AErGv9-gfx2ib0.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/b7fe75-30ee-4a6f-b528-fa3071c435f1/1/XFe2FhFxnsfI4AErGv9-gfx2ib0.mft
rsync://rpki.ripe.net/repository/DEFAULT/XFe2FhFxnsfI4AErGv9-gfx2ib0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:99:b3:77:05:a1:d0:d1:c8:e1:38:91:75:76:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c57b61611719ec7c8e0012b1aff7e81fc7689bd
Validity
Not Before: Nov 11 09:00:58 2025 GMT
Not After : Nov 12 09:00:58 2025 GMT
Subject: CN=bd9e1c8ea91287f5b3339bd7010d401f2f52383c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:9d:dc:96:13:ee:a8:6e:78:06:be:0d:fc:7f:
36:14:db:e7:85:4b:60:30:8e:3e:b0:98:34:3e:bb:
83:6c:a0:00:ab:37:76:d7:09:38:7c:bd:29:3e:fb:
3c:74:4f:28:1f:79:a3:fc:69:f1:ec:80:a2:44:db:
dc:0e:af:45:42:d1:7e:f2:56:47:d3:9a:93:c8:13:
2f:7c:7f:bf:26:68:d4:82:61:00:ed:7a:99:5f:c3:
15:82:75:1f:10:71:20:99:8a:c1:f1:55:27:1a:2b:
92:d4:f4:04:3e:1d:af:01:97:04:3d:10:09:54:18:
80:bc:5d:51:31:ab:be:ba:d1:82:3c:b4:9e:38:10:
80:8f:d2:8f:40:1b:5a:c4:5e:ca:5f:91:a6:49:b5:
1f:3b:43:84:70:c9:64:46:51:90:7e:a5:39:7b:bd:
8d:23:5c:9f:eb:11:b5:62:55:a2:46:4f:09:0c:1c:
a5:f4:b7:b1:b8:86:2c:03:58:f5:f4:42:ef:26:8f:
49:45:12:93:31:ca:5f:a9:d0:4d:b0:2d:15:10:6c:
ef:3a:19:15:2a:5b:04:87:74:fd:18:77:c6:42:64:
da:5c:05:62:9a:9b:17:9a:5f:b1:78:21:97:37:f1:
ad:0c:ff:8b:11:f3:f6:9b:f6:17:07:43:78:6e:3b:
b7:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:9E:1C:8E:A9:12:87:F5:B3:33:9B:D7:01:0D:40:1F:2F:52:38:3C
X509v3 Authority Key Identifier:
keyid:5C:57:B6:16:11:71:9E:C7:C8:E0:01:2B:1A:FF:7E:81:FC:76:89:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XFe2FhFxnsfI4AErGv9-gfx2ib0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/b7fe75-30ee-4a6f-b528-fa3071c435f1/1/XFe2FhFxnsfI4AErGv9-gfx2ib0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/b7fe75-30ee-4a6f-b528-fa3071c435f1/1/XFe2FhFxnsfI4AErGv9-gfx2ib0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a6:45:aa:1e:66:fa:88:44:b3:8c:8f:87:55:e6:9f:4c:b1:4c:
87:26:cf:5d:a4:78:ed:84:43:e0:ef:83:ce:7d:cc:01:e8:12:
fe:4c:33:61:1a:d0:39:7c:08:97:a5:3e:03:0a:af:6d:38:9d:
e2:50:18:fa:06:c5:2a:53:a8:1c:50:8f:c6:5b:73:c7:2f:51:
2a:d8:60:fa:20:c5:b8:3d:fd:63:b4:a4:b6:d1:68:d2:62:90:
9b:79:c3:0a:a7:6d:48:e1:92:04:56:17:a3:98:04:81:24:71:
a2:f6:dd:cd:06:a6:af:40:84:c2:8b:7a:0a:34:f3:04:ac:2c:
ae:03:02:4f:2e:80:14:cd:f1:8f:7a:15:f9:0f:65:d7:b8:4d:
4a:08:a7:8f:22:04:72:bd:95:d9:24:99:e5:14:27:d4:68:39:
6b:fb:6a:de:90:8c:61:5b:3f:97:50:c5:b3:41:9e:e1:50:65:
a3:cf:6b:d5:e6:d1:8f:b2:3c:7a:bb:ba:f1:9d:55:89:bf:bf:
32:31:b9:85:1b:ea:d0:9e:29:55:07:c5:bd:c2:60:f4:cd:fa:
d6:cd:f4:12:00:09:dd:e1:8b:b6:e6:9d:94:9c:dc:0a:23:30:
a7:f0:2d:67:26:f8:43:89:ee:01:09:95:cf:0f:77:d9:23:b1:
5f:e9:f7:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJZmzdwWh0NHI4TiRdXZyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNTdiNjE2MTE3MTllYzdjOGUwMDEyYjFhZmY3ZTgxZmM3
Njg5YmQwHhcNMjUxMTExMDkwMDU4WhcNMjUxMTEyMDkwMDU4WjAzMTEwLwYDVQQD
EyhiZDllMWM4ZWE5MTI4N2Y1YjMzMzliZDcwMTBkNDAxZjJmNTIzODNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZ3clhPuqG54Br4N/H82FNvnhUtg
MI4+sJg0PruDbKAAqzd21wk4fL0pPvs8dE8oH3mj/Gnx7ICiRNvcDq9FQtF+8lZH
05qTyBMvfH+/JmjUgmEA7XqZX8MVgnUfEHEgmYrB8VUnGiuS1PQEPh2vAZcEPRAJ
VBiAvF1RMau+utGCPLSeOBCAj9KPQBtaxF7KX5GmSbUfO0OEcMlkRlGQfqU5e72N
I1yf6xG1YlWiRk8JDByl9LexuIYsA1j19ELvJo9JRRKTMcpfqdBNsC0VEGzvOhkV
KlsEh3T9GHfGQmTaXAVimpsXml+xeCGXN/GtDP+LEfP2m/YXB0N4bju3zwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL2eHI6pEof1szOb1wENQB8vUjg8MB8GA1UdIwQY
MBaAFFxXthYRcZ7HyOABKxr/foH8dom9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEZlMkZoRnhuc2ZJNEFFckd2OS1nZngyaWIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9iN2ZlNzUtMzBlZS00YTZmLWI1Mjgt
ZmEzMDcxYzQzNWYxLzEvWEZlMkZoRnhuc2ZJNEFFckd2OS1nZngyaWIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9iN2ZlNzUtMzBlZS00YTZmLWI1MjgtZmEzMDcxYzQzNWYx
LzEvWEZlMkZoRnhuc2ZJNEFFckd2OS1nZngyaWIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApkWqHmb6
iESzjI+HVeafTLFMhybPXaR47YRD4O+Dzn3MAegS/kwzYRrQOXwIl6U+AwqvbTid
4lAY+gbFKlOoHFCPxltzxy9RKthg+iDFuD39Y7SkttFo0mKQm3nDCqdtSOGSBFYX
o5gEgSRxovbdzQamr0CEwot6CjTzBKwsrgMCTy6AFM3xj3oV+Q9l17hNSginjyIE
cr2V2SSZ5RQn1Gg5a/tq3pCMYVs/l1DFs0Ge4VBlo89r1ebRj7I8eru68Z1Vib+/
MjG5hRvq0J4pVQfFvcJg9M361s30EgAJ3eGLtuadlJzcCiMwp/AtZyb4Q4nuAQmV
zw932SOxX+n3yw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:43:00 2025 by rpki-client