Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/89a872-d04d-4217-8fc4-c90db8235f39/1/XEKIRvhNgYNh9rnApGOy5XQqFJs.mft
File: XEKIRvhNgYNh9rnApGOy5XQqFJs.mft (raw, json)
Hash identifier: O3Egp4glS+hAsdrD/4+152Rtl84ENzTBySTCSwnBvKA=
Subject key identifier: 7F:5F:D5:2F:6D:3F:BA:C3:64:EA:F7:0B:CD:CC:3C:F9:17:33:7E:BE
Authority key identifier: 5C:42:88:46:F8:4D:81:83:61:F6:B9:C0:A4:63:B2:E5:74:2A:14:9B
Certificate issuer: /CN=5c428846f84d818361f6b9c0a463b2e5742a149b
Certificate serial: 019A7149B61172075DDB445F6C9110C63255
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XEKIRvhNgYNh9rnApGOy5XQqFJs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/89a872-d04d-4217-8fc4-c90db8235f39/1/XEKIRvhNgYNh9rnApGOy5XQqFJs.mft
Manifest number: 73
Signing time: Tue 11 Nov 2025 05:00:47 +0000
Manifest this update: Tue 11 Nov 2025 05:00:47 +0000
Manifest next update: Wed 12 Nov 2025 05:00:47 +0000
Files and hashes: 1: NGqc3PXNR68XW7YXcEn1g2VSKl8.roa (hash: +/PHsnyXGebFnTuzYemBsGLnJ0LY3kDT60X4/tWYA0k=)
2: XEKIRvhNgYNh9rnApGOy5XQqFJs.crl (hash: 3KxctYpdfoo8yehAEmbjQSuol4jSCSp7N6kjR1ofjmg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/89a872-d04d-4217-8fc4-c90db8235f39/1/XEKIRvhNgYNh9rnApGOy5XQqFJs.crl
rsync://rpki.ripe.net/repository/DEFAULT/73/89a872-d04d-4217-8fc4-c90db8235f39/1/XEKIRvhNgYNh9rnApGOy5XQqFJs.mft
rsync://rpki.ripe.net/repository/DEFAULT/XEKIRvhNgYNh9rnApGOy5XQqFJs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:49:b6:11:72:07:5d:db:44:5f:6c:91:10:c6:32:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c428846f84d818361f6b9c0a463b2e5742a149b
Validity
Not Before: Nov 11 05:00:47 2025 GMT
Not After : Nov 12 05:00:47 2025 GMT
Subject: CN=7f5fd52f6d3fbac364eaf70bcdcc3cf917337ebe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:3c:74:7e:68:13:e1:9e:f3:72:06:84:6e:aa:
52:ea:5d:fa:9e:31:5a:20:e0:de:33:67:c8:4d:4d:
54:01:96:84:e6:58:c8:7d:b8:44:fc:98:ef:24:48:
57:bc:92:1c:26:ef:35:7e:ed:43:af:a5:6f:b1:a9:
79:4a:fc:cc:3f:7c:50:47:61:b1:1a:96:5a:17:ec:
31:68:b0:a9:84:80:66:10:b9:66:20:5c:19:fb:04:
31:b6:a8:57:01:00:89:37:ac:ec:dc:29:2c:95:ca:
af:ae:28:cf:71:7d:df:a0:85:8d:de:ac:4d:57:b5:
3f:5d:aa:c1:c2:27:4b:03:4f:0c:18:9d:01:be:42:
2e:d1:8e:ae:ea:a6:b8:90:c1:97:63:6c:c2:fa:9a:
64:1a:9b:e5:e2:9e:b7:9b:70:3c:1d:b5:f3:3e:48:
67:c3:09:f6:a4:44:e2:ce:a1:0d:d9:dc:96:b4:7a:
04:81:3b:60:a6:cb:2f:da:85:73:cb:f8:46:b4:6e:
fe:68:d6:11:b0:fc:5b:21:8c:6d:77:2b:97:0f:0a:
c0:99:5f:41:ef:04:a8:cb:3a:df:2c:a9:4e:a4:a1:
b5:2a:51:44:21:6e:59:34:1d:50:d4:31:a2:0d:4d:
13:aa:f7:fc:a3:36:58:17:bc:ae:6f:c2:b3:78:c4:
f6:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:5F:D5:2F:6D:3F:BA:C3:64:EA:F7:0B:CD:CC:3C:F9:17:33:7E:BE
X509v3 Authority Key Identifier:
keyid:5C:42:88:46:F8:4D:81:83:61:F6:B9:C0:A4:63:B2:E5:74:2A:14:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XEKIRvhNgYNh9rnApGOy5XQqFJs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/89a872-d04d-4217-8fc4-c90db8235f39/1/XEKIRvhNgYNh9rnApGOy5XQqFJs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/89a872-d04d-4217-8fc4-c90db8235f39/1/XEKIRvhNgYNh9rnApGOy5XQqFJs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3f:3d:21:8a:8e:29:9b:aa:01:79:b8:f6:5c:65:39:ef:ff:f6:
b5:af:4c:88:b9:23:cf:46:df:25:34:c9:5c:be:fe:c0:76:90:
e4:b7:cc:c5:0a:03:ff:d6:67:f0:ef:0d:0e:d7:6d:7f:17:cc:
42:70:01:a2:bc:34:84:54:b4:5d:13:d7:96:e2:0b:27:e5:e8:
89:97:44:32:8a:c3:5b:82:fe:1a:fe:8a:cc:bb:d8:65:40:4d:
8c:f4:cf:f1:7c:41:da:a2:0b:22:74:0c:79:1a:39:d9:27:20:
37:ba:fa:a8:6d:4a:f3:79:16:44:22:b4:fa:26:cd:82:fa:9d:
bf:46:aa:56:19:c4:e2:a3:f0:7e:50:14:e2:a9:77:91:e0:a9:
1b:a9:0c:49:a4:0b:86:d8:72:20:9a:de:01:26:97:16:44:0b:
3a:6d:5f:90:51:9a:09:1e:4e:7f:c7:6c:33:99:45:6a:a1:af:
24:56:78:3b:ee:a1:5c:57:3c:1c:4b:11:ce:05:49:3e:4c:b1:
5f:d0:54:c1:f6:b3:68:9f:54:de:96:10:b4:aa:8c:bc:00:86:
b3:7d:42:01:0a:93:03:a0:13:38:d0:1e:c7:2e:4b:0b:fe:9c:
3c:34:70:d1:6e:a3:43:c0:84:d3:2c:c2:ba:d1:46:60:9e:fe:
a9:cc:f5:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSbYRcgdd20RfbJEQxjJVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNDI4ODQ2Zjg0ZDgxODM2MWY2YjljMGE0NjNiMmU1NzQy
YTE0OWIwHhcNMjUxMTExMDUwMDQ3WhcNMjUxMTEyMDUwMDQ3WjAzMTEwLwYDVQQD
Eyg3ZjVmZDUyZjZkM2ZiYWMzNjRlYWY3MGJjZGNjM2NmOTE3MzM3ZWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Dx0fmgT4Z7zcgaEbqpS6l36njFa
IODeM2fITU1UAZaE5ljIfbhE/JjvJEhXvJIcJu81fu1Dr6Vvsal5SvzMP3xQR2Gx
GpZaF+wxaLCphIBmELlmIFwZ+wQxtqhXAQCJN6zs3CkslcqvrijPcX3foIWN3qxN
V7U/XarBwidLA08MGJ0BvkIu0Y6u6qa4kMGXY2zC+ppkGpvl4p63m3A8HbXzPkhn
wwn2pETizqEN2dyWtHoEgTtgpssv2oVzy/hGtG7+aNYRsPxbIYxtdyuXDwrAmV9B
7wSoyzrfLKlOpKG1KlFEIW5ZNB1Q1DGiDU0Tqvf8ozZYF7yub8KzeMT20wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH9f1S9tP7rDZOr3C83MPPkXM36+MB8GA1UdIwQY
MBaAFFxCiEb4TYGDYfa5wKRjsuV0KhSbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEVLSVJ2aE5nWU5oOXJuQXBHT3k1WFFxRkpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My84OWE4NzItZDA0ZC00MjE3LThmYzQt
YzkwZGI4MjM1ZjM5LzEvWEVLSVJ2aE5nWU5oOXJuQXBHT3k1WFFxRkpzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My84OWE4NzItZDA0ZC00MjE3LThmYzQtYzkwZGI4MjM1ZjM5
LzEvWEVLSVJ2aE5nWU5oOXJuQXBHT3k1WFFxRkpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPz0hio4p
m6oBebj2XGU57//2ta9MiLkjz0bfJTTJXL7+wHaQ5LfMxQoD/9Zn8O8NDtdtfxfM
QnABorw0hFS0XRPXluILJ+XoiZdEMorDW4L+Gv6KzLvYZUBNjPTP8XxB2qILInQM
eRo52ScgN7r6qG1K83kWRCK0+ibNgvqdv0aqVhnE4qPwflAU4ql3keCpG6kMSaQL
hthyIJreASaXFkQLOm1fkFGaCR5Of8dsM5lFaqGvJFZ4O+6hXFc8HEsRzgVJPkyx
X9BUwfazaJ9U3pYQtKqMvACGs31CAQqTA6ATONAexy5LC/6cPDRw0W6jQ8CE0yzC
utFGYJ7+qcz1cg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:37:28 2025 by rpki-client