Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/652780-3ea1-415e-839e-844729137ee5/1/X2c9L2Ia4xQHABdIu95jisvYYFA.mft
File: X2c9L2Ia4xQHABdIu95jisvYYFA.mft (raw, json)
Hash identifier: 0i69QyeISU1q09LmY8bTbBA1h1HdoG9rzyC4vv3gmG0=
Subject key identifier: A4:8D:42:C9:DA:56:16:DB:7C:69:3A:9B:F0:68:7C:55:B7:17:EA:4A
Authority key identifier: 5F:67:3D:2F:62:1A:E3:14:07:00:17:48:BB:DE:63:8A:CB:D8:60:50
Certificate issuer: /CN=5f673d2f621ae31407001748bbde638acbd86050
Certificate serial: 019A71B7F141B609DADD650599F4C9761BEE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X2c9L2Ia4xQHABdIu95jisvYYFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/652780-3ea1-415e-839e-844729137ee5/1/X2c9L2Ia4xQHABdIu95jisvYYFA.mft
Manifest number: 0794
Signing time: Tue 11 Nov 2025 07:01:11 +0000
Manifest this update: Tue 11 Nov 2025 07:01:11 +0000
Manifest next update: Wed 12 Nov 2025 07:01:11 +0000
Files and hashes: 1: HqDRIksWN36QXauqYoD2knIGjbc.roa (hash: 05DMa/ontaHtCWdbIzNxIFAgYET2ZoK4nwid3joHlm8=)
2: X2c9L2Ia4xQHABdIu95jisvYYFA.crl (hash: Z8mvYvMr5uM6uR1S6IoQQdvEUTdOhqsw1PtS/SyXcbE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/652780-3ea1-415e-839e-844729137ee5/1/X2c9L2Ia4xQHABdIu95jisvYYFA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/652780-3ea1-415e-839e-844729137ee5/1/X2c9L2Ia4xQHABdIu95jisvYYFA.mft
rsync://rpki.ripe.net/repository/DEFAULT/X2c9L2Ia4xQHABdIu95jisvYYFA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:f1:41:b6:09:da:dd:65:05:99:f4:c9:76:1b:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f673d2f621ae31407001748bbde638acbd86050
Validity
Not Before: Nov 11 07:01:11 2025 GMT
Not After : Nov 12 07:01:11 2025 GMT
Subject: CN=a48d42c9da5616db7c693a9bf0687c55b717ea4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:bc:ef:0f:12:00:6b:55:17:09:18:05:85:68:
7c:2c:9b:87:b4:7d:a6:ba:29:8a:a2:23:af:39:f6:
8a:b3:a0:98:3d:0e:a8:e0:54:e3:0b:fb:f7:b8:a3:
18:07:2d:19:07:ea:76:df:e4:87:05:c7:1d:e2:9c:
3f:d3:5b:5e:34:16:22:74:9a:79:5c:05:1c:c9:d6:
2e:f1:f6:b7:fd:10:68:e1:2f:6e:e1:42:de:e4:0a:
4d:1a:30:bd:85:72:2b:1c:84:f8:13:fd:f5:fd:2d:
28:8c:b9:4b:0d:06:a9:a3:f0:58:aa:c6:a1:ce:64:
65:29:1c:d1:9f:3d:e2:bc:35:73:50:e0:d1:22:be:
c7:c0:de:bc:70:b0:de:b7:71:4a:0a:b3:0a:8f:d6:
e8:52:23:af:a1:b8:b0:13:f1:f5:36:4b:0b:7e:34:
06:03:e1:35:ae:71:13:c6:92:4f:61:11:fc:4d:f4:
a2:dd:12:99:4b:03:cc:84:b9:41:44:d2:99:09:c2:
e4:b4:a6:88:b5:0f:b6:18:4b:7d:aa:db:07:f1:e9:
3b:18:a1:9f:e6:18:83:81:23:7b:ea:44:f1:98:e2:
69:14:c2:f1:ae:05:28:78:7c:7d:2b:b4:bf:c7:7f:
62:a3:93:08:70:7b:7c:e5:da:24:e9:ef:6e:2e:40:
bc:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:8D:42:C9:DA:56:16:DB:7C:69:3A:9B:F0:68:7C:55:B7:17:EA:4A
X509v3 Authority Key Identifier:
keyid:5F:67:3D:2F:62:1A:E3:14:07:00:17:48:BB:DE:63:8A:CB:D8:60:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X2c9L2Ia4xQHABdIu95jisvYYFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/652780-3ea1-415e-839e-844729137ee5/1/X2c9L2Ia4xQHABdIu95jisvYYFA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/652780-3ea1-415e-839e-844729137ee5/1/X2c9L2Ia4xQHABdIu95jisvYYFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1f:a1:d7:66:c2:e4:2b:45:ad:73:49:ce:44:4f:54:9b:27:41:
29:6b:87:33:ed:0b:5e:4f:78:ca:4b:4b:12:be:32:e7:63:a0:
ea:a7:fe:ce:93:ee:52:2d:cc:0b:c2:e8:f0:93:46:ef:c3:d5:
38:74:0a:9b:89:86:ce:6c:75:c8:18:98:bf:bf:d2:8a:05:22:
52:23:a7:0e:96:45:87:4b:bc:47:57:9a:2d:ab:0e:6d:52:d5:
78:99:7f:52:77:ac:c6:c7:d2:23:cb:03:de:f7:2f:03:fa:40:
5f:3b:21:57:49:4a:43:82:53:70:1b:f3:3f:68:5a:06:31:eb:
8a:0c:da:53:c8:a0:8b:64:64:1a:6c:7d:e3:4a:6e:84:51:a1:
3b:cc:41:b8:e7:ae:a2:4b:b7:dc:10:e8:95:13:3f:24:c8:ee:
ff:f2:a2:25:dc:f8:f7:8d:e4:6a:ee:73:f3:fb:48:de:c5:e2:
7e:6d:63:43:56:9d:3f:0e:a4:3a:80:7f:5d:23:2c:e3:c7:6e:
fb:27:d3:ee:5e:b1:b8:c9:66:a6:8b:cb:03:e4:10:e4:d8:e4:
46:53:c7:4c:39:06:21:c2:3d:4b:05:65:14:35:ff:78:a5:16:
4b:fe:b2:2b:84:e1:eb:c9:4f:19:9d:19:a6:5a:cf:42:06:9c:
91:da:bb:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt/FBtgna3WUFmfTJdhvuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmNjczZDJmNjIxYWUzMTQwNzAwMTc0OGJiZGU2MzhhY2Jk
ODYwNTAwHhcNMjUxMTExMDcwMTExWhcNMjUxMTEyMDcwMTExWjAzMTEwLwYDVQQD
EyhhNDhkNDJjOWRhNTYxNmRiN2M2OTNhOWJmMDY4N2M1NWI3MTdlYTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbzvDxIAa1UXCRgFhWh8LJuHtH2m
uimKoiOvOfaKs6CYPQ6o4FTjC/v3uKMYBy0ZB+p23+SHBccd4pw/01teNBYidJp5
XAUcydYu8fa3/RBo4S9u4ULe5ApNGjC9hXIrHIT4E/31/S0ojLlLDQapo/BYqsah
zmRlKRzRnz3ivDVzUODRIr7HwN68cLDet3FKCrMKj9boUiOvobiwE/H1NksLfjQG
A+E1rnETxpJPYRH8TfSi3RKZSwPMhLlBRNKZCcLktKaItQ+2GEt9qtsH8ek7GKGf
5hiDgSN76kTxmOJpFMLxrgUoeHx9K7S/x39io5MIcHt85dok6e9uLkC8fQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKSNQsnaVhbbfGk6m/BofFW3F+pKMB8GA1UdIwQY
MBaAFF9nPS9iGuMUBwAXSLveY4rL2GBQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDJjOUwySWE0eFFIQUJkSXU5NWppc3ZZWUZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC82NTI3ODAtM2VhMS00MTVlLTgzOWUt
ODQ0NzI5MTM3ZWU1LzEvWDJjOUwySWE0eFFIQUJkSXU5NWppc3ZZWUZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC82NTI3ODAtM2VhMS00MTVlLTgzOWUtODQ0NzI5MTM3ZWU1
LzEvWDJjOUwySWE0eFFIQUJkSXU5NWppc3ZZWUZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH6HXZsLk
K0Wtc0nORE9UmydBKWuHM+0LXk94yktLEr4y52Og6qf+zpPuUi3MC8Lo8JNG78PV
OHQKm4mGzmx1yBiYv7/SigUiUiOnDpZFh0u8R1eaLasObVLVeJl/UnesxsfSI8sD
3vcvA/pAXzshV0lKQ4JTcBvzP2haBjHrigzaU8igi2RkGmx940puhFGhO8xBuOeu
oku33BDolRM/JMju//KiJdz4943kau5z8/tI3sXifm1jQ1adPw6kOoB/XSMs48du
+yfT7l6xuMlmpovLA+QQ5NjkRlPHTDkGIcI9SwVlFDX/eKUWS/6yK4Th68lPGZ0Z
plrPQgackdq7sg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:20:39 2025 by rpki-client