Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft
File: XasLCOUfgYIkYp-zohHYPVvjVEA.mft (raw, json)
Hash identifier: pzwo8/Lo54+wW+r4CViL9YIMHJG1I74cxgTo2zaWEJo=
Subject key identifier: E8:E1:FA:AE:6F:94:EF:87:C3:F6:1C:72:0A:B5:5C:53:58:27:FC:BC
Authority key identifier: 5D:AB:0B:08:E5:1F:81:82:24:62:9F:B3:A2:11:D8:3D:5B:E3:54:40
Certificate issuer: /CN=5dab0b08e51f818224629fb3a211d83d5be35440
Certificate serial: 019A714A0DA46B272ECA6C953D285D371544
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft
Manifest number: 152C
Signing time: Tue 11 Nov 2025 05:01:09 +0000
Manifest this update: Tue 11 Nov 2025 05:01:09 +0000
Manifest next update: Wed 12 Nov 2025 05:01:09 +0000
Files and hashes: 1: J3IfRy5hJG3sO5FFR3klCa0Rmag.roa (hash: y8cOLwfC28T1Q/CwomIs12ZpdB8agP1zP7ErrJL2HLM=)
2: XasLCOUfgYIkYp-zohHYPVvjVEA.crl (hash: Ulslozwg/vqpo5lX9Km14po5E08fCDsRo4IUHt+/7yc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft
rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:4a:0d:a4:6b:27:2e:ca:6c:95:3d:28:5d:37:15:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dab0b08e51f818224629fb3a211d83d5be35440
Validity
Not Before: Nov 11 05:01:09 2025 GMT
Not After : Nov 12 05:01:09 2025 GMT
Subject: CN=e8e1faae6f94ef87c3f61c720ab55c535827fcbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:60:0d:af:69:1e:99:fb:d5:19:d4:90:8c:f6:
b9:18:0a:bf:95:c0:22:06:bf:d0:6b:57:e2:c0:88:
36:d3:8d:3b:b4:c6:47:13:83:a4:bc:f5:1d:12:17:
ab:13:6a:fb:a8:c9:45:ab:fe:d0:70:08:8e:e2:26:
8a:61:7f:fe:da:6f:85:a8:75:8b:e0:bd:1d:7a:7f:
07:71:d7:4b:23:4e:ec:09:f6:ac:ec:de:30:e6:81:
24:66:14:62:ca:2c:8e:fe:84:79:60:dc:f8:ec:2f:
dc:5b:e2:0c:28:da:c3:97:e4:61:6f:cf:1e:b7:b7:
e3:34:d2:4a:c5:76:86:33:8b:01:16:59:13:76:22:
0c:85:66:47:d4:1b:8e:e2:6b:07:91:36:d9:32:3e:
45:4a:0c:f5:ff:b3:46:c1:bc:9b:a3:cf:e5:98:47:
05:27:2e:83:c0:b8:ed:78:07:36:d0:96:36:49:47:
88:dc:e9:2a:30:eb:bb:54:d0:6c:1c:0c:76:7d:8d:
f3:0b:81:dc:26:ad:5b:41:7b:f0:07:2e:54:92:2e:
20:c6:80:24:0f:28:eb:1c:6a:dc:2b:8d:ed:9b:51:
96:70:c9:59:3d:b6:d9:1d:91:8e:0b:b0:e4:fd:ad:
e4:61:1e:4a:f7:4d:d3:9b:5a:fd:f0:09:5b:41:c4:
5f:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:E1:FA:AE:6F:94:EF:87:C3:F6:1C:72:0A:B5:5C:53:58:27:FC:BC
X509v3 Authority Key Identifier:
keyid:5D:AB:0B:08:E5:1F:81:82:24:62:9F:B3:A2:11:D8:3D:5B:E3:54:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
31:70:c0:78:b1:4e:f3:11:7e:b3:2f:5a:bb:37:a0:97:4c:0a:
f9:d1:cb:de:26:52:2f:c1:cd:b5:bb:c7:d1:7d:f6:94:09:af:
f8:bb:72:48:a1:2f:64:fb:96:f2:7e:96:93:62:e9:84:cf:e5:
7a:63:a3:7b:e9:05:f2:b5:ff:81:90:fc:05:d7:00:5e:57:26:
56:ed:3d:6f:91:2a:aa:5c:01:65:b4:9e:2d:4c:5c:8a:cb:58:
10:51:83:b1:ec:5d:83:f6:cf:12:da:aa:46:b8:c2:db:e8:9d:
8e:19:df:7f:67:6b:66:1c:7d:ac:b8:41:10:03:9f:3a:99:7e:
ff:cc:a4:7b:d4:22:ab:9c:f0:01:c6:a6:3a:aa:de:da:41:e0:
b1:49:d8:1f:e1:a2:39:dc:0a:86:a7:30:e6:e3:2c:0d:8b:e7:
48:43:25:c6:ba:0c:c9:60:1a:3b:20:ef:8e:e0:3e:ef:f9:6c:
ea:76:e3:47:21:27:09:9c:87:ed:9c:f2:05:e0:56:f3:f4:d8:
ee:62:c1:f9:e7:d2:3a:48:39:38:5b:e8:d7:04:72:33:33:7e:
06:19:ae:61:09:ee:71:1a:02:45:ca:c6:e2:31:2c:83:eb:c2:
55:c2:60:d3:b6:1d:dc:2e:5d:78:ce:63:58:66:17:c3:f6:50:
d9:ed:10:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSg2kaycuymyVPShdNxVEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYWIwYjA4ZTUxZjgxODIyNDYyOWZiM2EyMTFkODNkNWJl
MzU0NDAwHhcNMjUxMTExMDUwMTA5WhcNMjUxMTEyMDUwMTA5WjAzMTEwLwYDVQQD
EyhlOGUxZmFhZTZmOTRlZjg3YzNmNjFjNzIwYWI1NWM1MzU4MjdmY2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGANr2kemfvVGdSQjPa5GAq/lcAi
Br/Qa1fiwIg20407tMZHE4OkvPUdEherE2r7qMlFq/7QcAiO4iaKYX/+2m+FqHWL
4L0den8HcddLI07sCfas7N4w5oEkZhRiyiyO/oR5YNz47C/cW+IMKNrDl+Rhb88e
t7fjNNJKxXaGM4sBFlkTdiIMhWZH1BuO4msHkTbZMj5FSgz1/7NGwbybo8/lmEcF
Jy6DwLjteAc20JY2SUeI3OkqMOu7VNBsHAx2fY3zC4HcJq1bQXvwBy5Uki4gxoAk
DyjrHGrcK43tm1GWcMlZPbbZHZGOC7Dk/a3kYR5K903Tm1r98AlbQcRfZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOjh+q5vlO+Hw/Yccgq1XFNYJ/y8MB8GA1UdIwQY
MBaAFF2rCwjlH4GCJGKfs6IR2D1b41RAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9lNjIwODktYjk4YS00ZmRkLTljNGUt
NjI3ODkxODJhMGYzLzEvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9lNjIwODktYjk4YS00ZmRkLTljNGUtNjI3ODkxODJhMGYz
LzEvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMXDAeLFO
8xF+sy9auzegl0wK+dHL3iZSL8HNtbvH0X32lAmv+LtySKEvZPuW8n6Wk2LphM/l
emOje+kF8rX/gZD8BdcAXlcmVu09b5EqqlwBZbSeLUxcistYEFGDsexdg/bPEtqq
RrjC2+idjhnff2drZhx9rLhBEAOfOpl+/8yke9Qiq5zwAcamOqre2kHgsUnYH+Gi
OdwKhqcw5uMsDYvnSEMlxroMyWAaOyDvjuA+7/ls6nbjRyEnCZyH7ZzyBeBW8/TY
7mLB+efSOkg5OFvo1wRyMzN+BhmuYQnucRoCRcrG4jEsg+vCVcJg07Yd3C5deM5j
WGYXw/ZQ2e0Q1Q==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:20:29 2025 by rpki-client