Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/bcd792-8956-45fe-8534-0931fd3e5bee/1/XZrYiZ1byFSe7dPlny0NYhNczxQ.mft
File: XZrYiZ1byFSe7dPlny0NYhNczxQ.mft (raw, json)
Hash identifier: ZNi8A3H5omYANdpZZ28CcEu6vOG/548cAR4QYsi9UxQ=
Subject key identifier: 48:60:DE:6E:39:D3:55:3C:B3:E9:FB:64:DE:7C:1C:ED:7C:6B:37:9E
Authority key identifier: 5D:9A:D8:89:9D:5B:C8:54:9E:ED:D3:E5:9F:2D:0D:62:13:5C:CF:14
Certificate issuer: /CN=5d9ad8899d5bc8549eedd3e59f2d0d62135ccf14
Certificate serial: 019A7225BB4AD8EE72B6A6C725A2A552EC52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XZrYiZ1byFSe7dPlny0NYhNczxQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/bcd792-8956-45fe-8534-0931fd3e5bee/1/XZrYiZ1byFSe7dPlny0NYhNczxQ.mft
Manifest number: 028F
Signing time: Tue 11 Nov 2025 09:01:06 +0000
Manifest this update: Tue 11 Nov 2025 09:01:06 +0000
Manifest next update: Wed 12 Nov 2025 09:01:06 +0000
Files and hashes: 1: XZrYiZ1byFSe7dPlny0NYhNczxQ.crl (hash: XzDHYJ7BXcqiQts8QPV9n1m6bgECktvrSOczdzbxf+g=)
2: m5GOwP2RAjr9d7tTC7l8N6PV3Js.roa (hash: 1yLaEhuOSXYxSo5HpHGS5B2c9njKUwnBpqElWVTZ0t4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/bcd792-8956-45fe-8534-0931fd3e5bee/1/XZrYiZ1byFSe7dPlny0NYhNczxQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/bcd792-8956-45fe-8534-0931fd3e5bee/1/XZrYiZ1byFSe7dPlny0NYhNczxQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/XZrYiZ1byFSe7dPlny0NYhNczxQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:bb:4a:d8:ee:72:b6:a6:c7:25:a2:a5:52:ec:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d9ad8899d5bc8549eedd3e59f2d0d62135ccf14
Validity
Not Before: Nov 11 09:01:06 2025 GMT
Not After : Nov 12 09:01:06 2025 GMT
Subject: CN=4860de6e39d3553cb3e9fb64de7c1ced7c6b379e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:8e:41:01:1c:a3:19:70:68:c9:ac:2a:6a:45:
13:1b:9b:38:80:99:a1:44:28:5b:84:9b:3a:a1:9f:
74:5e:00:1e:08:c6:d4:48:4d:86:50:6f:3a:62:8b:
0a:83:50:c6:94:a8:ed:b5:4b:36:d9:41:0d:e2:14:
eb:fa:42:27:e8:14:19:72:c1:ec:0a:c9:c4:6e:02:
68:42:e4:6f:f0:fb:27:00:fd:19:db:96:17:41:88:
cb:34:15:21:ac:bb:52:0a:5e:1f:ef:99:f5:0b:f5:
59:d9:a2:f0:50:6a:c0:6f:14:a3:80:7b:74:c5:aa:
93:64:ce:48:58:b7:d4:a4:60:98:7b:3e:f8:3f:84:
c0:e3:63:71:84:78:4a:23:d2:2d:b3:72:7c:45:e0:
1b:86:1e:ef:93:c7:1a:71:bb:8b:5b:3b:54:71:f6:
65:ea:69:60:86:b1:ca:f1:58:16:22:ec:3b:9e:07:
35:d7:5e:b4:65:a0:08:a8:6a:8a:d2:9b:cf:32:d5:
40:14:9e:3c:b3:44:d1:3e:b8:5f:db:da:26:95:46:
77:a2:23:5e:7b:09:c0:1b:f0:b9:11:5a:ac:10:7d:
cc:84:5c:56:f9:18:88:fb:6d:e1:6a:02:b4:81:ab:
f1:e7:8a:ca:a7:11:6a:16:5a:fa:6a:3a:b2:83:a0:
cb:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:60:DE:6E:39:D3:55:3C:B3:E9:FB:64:DE:7C:1C:ED:7C:6B:37:9E
X509v3 Authority Key Identifier:
keyid:5D:9A:D8:89:9D:5B:C8:54:9E:ED:D3:E5:9F:2D:0D:62:13:5C:CF:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XZrYiZ1byFSe7dPlny0NYhNczxQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/bcd792-8956-45fe-8534-0931fd3e5bee/1/XZrYiZ1byFSe7dPlny0NYhNczxQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/bcd792-8956-45fe-8534-0931fd3e5bee/1/XZrYiZ1byFSe7dPlny0NYhNczxQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
05:00:dd:62:50:c9:f1:fb:3a:b0:79:e7:90:da:5a:59:b7:77:
2f:e3:9a:c6:c0:2f:cb:3c:f5:cc:58:8e:6a:f7:16:fb:2e:f9:
62:ca:f9:ac:46:4c:31:3e:ac:b2:4b:29:f6:4e:9d:22:c3:37:
68:02:27:3a:9a:22:cb:15:26:43:db:6d:13:90:78:ac:80:99:
e5:28:95:cf:57:c1:64:d2:c5:1a:2c:8c:8e:7c:9e:3f:9d:52:
4c:11:43:9c:cc:a2:09:d2:78:83:45:22:06:02:fe:e7:e3:03:
e9:b0:14:12:fd:90:d2:ea:39:de:f2:c2:79:b8:56:ef:bb:66:
69:f9:47:f5:5c:f9:01:94:bd:0b:8d:6a:98:9b:4c:f8:a2:fb:
b0:d1:d7:e0:7f:6d:23:16:f8:78:26:73:24:bd:6e:27:7b:3d:
2c:13:6b:f0:34:a0:2f:c4:31:4b:03:60:d1:0d:c5:6a:5c:11:
53:48:d4:3c:28:cd:05:bc:3e:16:5f:1d:b8:2b:0d:87:56:ab:
4e:be:83:ac:40:6b:c6:c9:6e:41:f0:c1:5a:f9:c6:dd:63:39:
a2:dd:a9:1e:84:cd:2d:10:13:04:38:ba:d6:9a:75:b2:32:ba:
f1:2c:6f:78:6c:a9:78:c9:87:e9:5f:29:87:0c:ef:84:2c:0e:
3e:a8:af:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJbtK2O5ytqbHJaKlUuxSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkOWFkODg5OWQ1YmM4NTQ5ZWVkZDNlNTlmMmQwZDYyMTM1
Y2NmMTQwHhcNMjUxMTExMDkwMTA2WhcNMjUxMTEyMDkwMTA2WjAzMTEwLwYDVQQD
Eyg0ODYwZGU2ZTM5ZDM1NTNjYjNlOWZiNjRkZTdjMWNlZDdjNmIzNzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqo5BARyjGXBoyawqakUTG5s4gJmh
RChbhJs6oZ90XgAeCMbUSE2GUG86YosKg1DGlKjttUs22UEN4hTr+kIn6BQZcsHs
CsnEbgJoQuRv8PsnAP0Z25YXQYjLNBUhrLtSCl4f75n1C/VZ2aLwUGrAbxSjgHt0
xaqTZM5IWLfUpGCYez74P4TA42NxhHhKI9Its3J8ReAbhh7vk8cacbuLWztUcfZl
6mlghrHK8VgWIuw7ngc11160ZaAIqGqK0pvPMtVAFJ48s0TRPrhf29omlUZ3oiNe
ewnAG/C5EVqsEH3MhFxW+RiI+23hagK0gavx54rKpxFqFlr6ajqyg6DL0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEhg3m4501U8s+n7ZN58HO18azeeMB8GA1UdIwQY
MBaAFF2a2ImdW8hUnu3T5Z8tDWITXM8UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFpyWWlaMWJ5RlNlN2RQbG55ME5ZaE5jenhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9iY2Q3OTItODk1Ni00NWZlLTg1MzQt
MDkzMWZkM2U1YmVlLzEvWFpyWWlaMWJ5RlNlN2RQbG55ME5ZaE5jenhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9iY2Q3OTItODk1Ni00NWZlLTg1MzQtMDkzMWZkM2U1YmVl
LzEvWFpyWWlaMWJ5RlNlN2RQbG55ME5ZaE5jenhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABQDdYlDJ
8fs6sHnnkNpaWbd3L+OaxsAvyzz1zFiOavcW+y75Ysr5rEZMMT6ssksp9k6dIsM3
aAInOpoiyxUmQ9ttE5B4rICZ5SiVz1fBZNLFGiyMjnyeP51STBFDnMyiCdJ4g0Ui
BgL+5+MD6bAUEv2Q0uo53vLCebhW77tmaflH9Vz5AZS9C41qmJtM+KL7sNHX4H9t
Ixb4eCZzJL1uJ3s9LBNr8DSgL8QxSwNg0Q3FalwRU0jUPCjNBbw+Fl8duCsNh1ar
Tr6DrEBrxsluQfDBWvnG3WM5ot2pHoTNLRATBDi61pp1sjK68SxveGypeMmH6V8p
hwzvhCwOPqivlg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:56:09 2025 by rpki-client