Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/XYHR_0WxVHwAqEtG75nsot-9Rbw.mft
File: XYHR_0WxVHwAqEtG75nsot-9Rbw.mft (raw, json)
Hash identifier: 2RNgPAmZln2y6HSqDUBI+cu0BEPaO4/fgKhi1N5yzz0=
Subject key identifier: 26:1D:D4:E5:49:27:1A:E6:BC:BA:41:57:F4:87:32:89:D6:25:88:47
Authority key identifier: 5D:81:D1:FF:45:B1:54:7C:00:A8:4B:46:EF:99:EC:A2:DF:BD:45:BC
Certificate issuer: /CN=5d81d1ff45b1547c00a84b46ef99eca2dfbd45bc
Certificate serial: 019A7293ED80E35C6031FEB6D523C0241C2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XYHR_0WxVHwAqEtG75nsot-9Rbw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/XYHR_0WxVHwAqEtG75nsot-9Rbw.mft
Manifest number: 1722
Signing time: Tue 11 Nov 2025 11:01:28 +0000
Manifest this update: Tue 11 Nov 2025 11:01:28 +0000
Manifest next update: Wed 12 Nov 2025 11:01:28 +0000
Files and hashes: 1: C-JYvDSVCc5Zd_4Sd7FiFR4ridU.roa (hash: Fud1edK7T1C6PqdOPqDnlVWq4JxXY+eiVXIDYHC1t50=)
2: XYHR_0WxVHwAqEtG75nsot-9Rbw.crl (hash: eu9m6Aus9DTObj1ZHVdpCoJVsS/nHM75Sz57YHx0OGg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/XYHR_0WxVHwAqEtG75nsot-9Rbw.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/XYHR_0WxVHwAqEtG75nsot-9Rbw.mft
rsync://rpki.ripe.net/repository/DEFAULT/XYHR_0WxVHwAqEtG75nsot-9Rbw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:ed:80:e3:5c:60:31:fe:b6:d5:23:c0:24:1c:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d81d1ff45b1547c00a84b46ef99eca2dfbd45bc
Validity
Not Before: Nov 11 11:01:28 2025 GMT
Not After : Nov 12 11:01:28 2025 GMT
Subject: CN=261dd4e549271ae6bcba4157f4873289d6258847
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:9f:84:e0:40:d6:cb:4a:fc:f3:40:99:78:29:
4e:4f:9d:b3:d6:77:ae:25:a0:2e:08:77:ab:3e:7b:
ea:45:5e:b3:4f:51:53:46:9b:e1:a8:d1:53:71:58:
17:64:32:08:5d:9b:bd:ce:44:57:93:b4:b2:80:ab:
8e:75:8a:f7:d9:40:17:8c:f1:35:77:b8:6b:2e:e6:
54:d0:1b:aa:2d:51:29:9e:0e:68:cb:6f:11:5a:2e:
8b:0d:00:55:f2:01:e6:8f:b6:73:f1:0f:65:56:7b:
76:34:6c:42:0a:fb:a1:4a:7a:7f:af:b6:70:c3:cf:
e2:60:3c:34:92:0d:88:ee:60:1f:3f:b6:6c:25:de:
6c:15:ce:f8:c3:ac:73:2e:51:1d:e4:9e:d1:69:89:
24:8c:7c:0c:23:2a:d6:f5:79:eb:8b:43:5d:7c:d3:
19:ee:31:cb:aa:a1:06:e5:88:f5:39:a2:67:09:54:
2b:1e:51:b6:a7:43:77:4c:d0:7f:f9:f1:7b:2b:91:
44:3d:9b:3a:31:74:c7:7a:4c:b6:c4:d0:2f:80:b8:
83:a4:56:f6:83:0c:e0:d4:9f:2d:05:09:f4:76:2f:
fb:9e:23:a0:50:30:11:cc:4c:54:63:02:cd:d1:fd:
00:f8:e2:12:bd:0b:c1:50:af:0a:c5:eb:c5:1c:0d:
f2:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:1D:D4:E5:49:27:1A:E6:BC:BA:41:57:F4:87:32:89:D6:25:88:47
X509v3 Authority Key Identifier:
keyid:5D:81:D1:FF:45:B1:54:7C:00:A8:4B:46:EF:99:EC:A2:DF:BD:45:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYHR_0WxVHwAqEtG75nsot-9Rbw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/XYHR_0WxVHwAqEtG75nsot-9Rbw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/XYHR_0WxVHwAqEtG75nsot-9Rbw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a2:15:cf:30:78:53:6f:f0:49:40:30:62:60:1b:9f:43:5c:21:
9c:ff:39:77:29:dc:06:0b:b8:6d:ea:52:9d:bd:68:3a:f9:ad:
f1:05:87:0e:bf:56:c3:57:63:6d:4b:2f:67:fc:c5:98:1b:55:
ac:3e:cd:71:57:b8:aa:ab:8a:2d:32:6c:1d:4c:7a:0b:aa:5b:
e6:fa:29:5c:c1:47:fd:d0:f0:41:bf:76:de:77:93:a0:ab:0e:
e6:7f:16:f3:7e:0f:eb:07:d2:20:70:1a:0e:7a:c2:50:15:e4:
ab:19:9b:58:5e:e7:b1:ad:3e:60:49:93:d5:2b:22:31:98:cb:
f8:d9:2c:05:35:cb:43:77:cc:33:79:56:3c:5c:4d:1f:db:b0:
82:45:e4:4f:3d:fa:aa:6e:fd:ec:71:f6:1b:01:4f:90:e3:9c:
1a:d9:19:b5:58:4d:df:36:c7:50:dd:72:a4:b6:51:9b:e5:5b:
ea:f4:ed:0f:94:a2:3e:cd:ad:20:54:10:90:cd:f1:ec:07:c0:
b2:1f:2d:34:2a:48:0c:89:95:41:f6:4d:65:4b:13:2a:dd:67:
79:06:6b:6e:a7:5e:d6:4c:22:05:f5:af:41:52:8c:11:f1:47:
57:a0:82:9b:bd:59:03:0d:4d:51:dd:7b:71:84:f6:77:ec:52:
5f:76:e2:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk+2A41xgMf621SPAJBwrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkODFkMWZmNDViMTU0N2MwMGE4NGI0NmVmOTllY2EyZGZi
ZDQ1YmMwHhcNMjUxMTExMTEwMTI4WhcNMjUxMTEyMTEwMTI4WjAzMTEwLwYDVQQD
EygyNjFkZDRlNTQ5MjcxYWU2YmNiYTQxNTdmNDg3MzI4OWQ2MjU4ODQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZ+E4EDWy0r880CZeClOT52z1neu
JaAuCHerPnvqRV6zT1FTRpvhqNFTcVgXZDIIXZu9zkRXk7SygKuOdYr32UAXjPE1
d7hrLuZU0BuqLVEpng5oy28RWi6LDQBV8gHmj7Zz8Q9lVnt2NGxCCvuhSnp/r7Zw
w8/iYDw0kg2I7mAfP7ZsJd5sFc74w6xzLlEd5J7RaYkkjHwMIyrW9Xnri0NdfNMZ
7jHLqqEG5Yj1OaJnCVQrHlG2p0N3TNB/+fF7K5FEPZs6MXTHeky2xNAvgLiDpFb2
gwzg1J8tBQn0di/7niOgUDARzExUYwLN0f0A+OISvQvBUK8KxevFHA3y8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCYd1OVJJxrmvLpBV/SHMonWJYhHMB8GA1UdIwQY
MBaAFF2B0f9FsVR8AKhLRu+Z7KLfvUW8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFlIUl8wV3hWSHdBcUV0Rzc1bnNvdC05UmJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9hY2Q3ZTMtOWM3Ni00ZmY2LWI1YWUt
ZWU4MGEyZDI5NTJkLzEvWFlIUl8wV3hWSHdBcUV0Rzc1bnNvdC05UmJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9hY2Q3ZTMtOWM3Ni00ZmY2LWI1YWUtZWU4MGEyZDI5NTJk
LzEvWFlIUl8wV3hWSHdBcUV0Rzc1bnNvdC05UmJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAohXPMHhT
b/BJQDBiYBufQ1whnP85dyncBgu4bepSnb1oOvmt8QWHDr9Ww1djbUsvZ/zFmBtV
rD7NcVe4qquKLTJsHUx6C6pb5vopXMFH/dDwQb923neToKsO5n8W834P6wfSIHAa
DnrCUBXkqxmbWF7nsa0+YEmT1SsiMZjL+NksBTXLQ3fMM3lWPFxNH9uwgkXkTz36
qm797HH2GwFPkOOcGtkZtVhN3zbHUN1ypLZRm+Vb6vTtD5SiPs2tIFQQkM3x7AfA
sh8tNCpIDImVQfZNZUsTKt1neQZrbqde1kwiBfWvQVKMEfFHV6CCm71ZAw1NUd17
cYT2d+xSX3biAg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:49:41 2025 by rpki-client