Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/8a430f-40c5-474b-8fd9-074ed70b4673/1/XcYkXKggiZ1-tBQDAsIQQbXbygY.mft
File: XcYkXKggiZ1-tBQDAsIQQbXbygY.mft (raw, json)
Hash identifier: KbSU/De8DJPCgoMSucvi+Dx12rKEl/aXDk8wtHxKISI=
Subject key identifier: 44:B9:F3:DF:37:33:22:53:39:E7:A8:11:C6:5A:05:73:D2:F4:24:0B
Authority key identifier: 5D:C6:24:5C:A8:20:89:9D:7E:B4:14:03:02:C2:10:41:B5:DB:CA:06
Certificate issuer: /CN=5dc6245ca820899d7eb4140302c21041b5dbca06
Certificate serial: 019A72CA4FDB79116A4F284B21940CD71903
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XcYkXKggiZ1-tBQDAsIQQbXbygY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/8a430f-40c5-474b-8fd9-074ed70b4673/1/XcYkXKggiZ1-tBQDAsIQQbXbygY.mft
Manifest number: 070A
Signing time: Tue 11 Nov 2025 12:00:52 +0000
Manifest this update: Tue 11 Nov 2025 12:00:52 +0000
Manifest next update: Wed 12 Nov 2025 12:00:52 +0000
Files and hashes: 1: XcYkXKggiZ1-tBQDAsIQQbXbygY.crl (hash: RgkEvpRFT8M/E71GZ5x1V4vrrm5OUfGzirx5WKyBWr0=)
2: p3q-BDwRqsq597BmScWC04Uizbg.roa (hash: vEfpkI+83ThIFnHcYAP8l+1vWWpuU+kEjWNLTSj4mUg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/8a430f-40c5-474b-8fd9-074ed70b4673/1/XcYkXKggiZ1-tBQDAsIQQbXbygY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/8a430f-40c5-474b-8fd9-074ed70b4673/1/XcYkXKggiZ1-tBQDAsIQQbXbygY.mft
rsync://rpki.ripe.net/repository/DEFAULT/XcYkXKggiZ1-tBQDAsIQQbXbygY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:ca:4f:db:79:11:6a:4f:28:4b:21:94:0c:d7:19:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dc6245ca820899d7eb4140302c21041b5dbca06
Validity
Not Before: Nov 11 12:00:52 2025 GMT
Not After : Nov 12 12:00:52 2025 GMT
Subject: CN=44b9f3df3733225339e7a811c65a0573d2f4240b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:10:f8:db:47:2c:93:e9:f2:fb:bc:bc:2c:b5:
54:b4:02:e6:d0:a2:e0:ca:6a:ff:cb:ae:a6:96:84:
e8:e0:11:a5:9e:ee:23:59:52:e6:2f:4c:55:8e:1a:
53:1b:11:cd:a8:88:d1:be:e6:cc:e1:eb:16:6a:82:
74:22:48:8c:73:17:f4:47:43:18:a0:46:e6:85:c1:
d0:20:bd:15:33:6f:0a:14:d1:cb:6b:7d:c8:01:4d:
92:01:c4:d4:16:45:45:d3:e1:a5:0a:48:07:bf:e8:
30:5b:cc:77:26:5a:e5:58:b4:26:c3:a5:b3:97:ed:
58:00:22:ec:49:9e:73:94:2f:b2:99:1e:dd:1e:22:
31:46:9a:8e:b6:5e:b4:41:3b:b6:cc:55:8f:0f:cc:
27:04:0a:d7:c8:be:da:37:19:ad:1d:c5:8d:eb:1e:
db:fd:3b:11:39:ea:54:ab:a9:a7:41:de:39:f8:b3:
f3:b4:ec:9d:83:52:18:72:ed:cb:2f:9c:fa:10:71:
19:e0:42:90:7e:95:46:3b:a0:62:b9:86:a4:63:70:
37:ce:74:a2:8e:2c:6a:94:01:0f:cb:5d:96:6d:13:
19:4b:d0:76:77:21:07:df:a5:f9:ec:1f:d0:2a:ea:
10:ee:2c:5a:5d:a6:3b:3e:6e:ce:cc:ba:c7:cf:fc:
3f:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:B9:F3:DF:37:33:22:53:39:E7:A8:11:C6:5A:05:73:D2:F4:24:0B
X509v3 Authority Key Identifier:
keyid:5D:C6:24:5C:A8:20:89:9D:7E:B4:14:03:02:C2:10:41:B5:DB:CA:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XcYkXKggiZ1-tBQDAsIQQbXbygY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/8a430f-40c5-474b-8fd9-074ed70b4673/1/XcYkXKggiZ1-tBQDAsIQQbXbygY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/8a430f-40c5-474b-8fd9-074ed70b4673/1/XcYkXKggiZ1-tBQDAsIQQbXbygY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
70:f3:df:47:11:fb:37:f3:7d:ff:18:c1:5a:4e:b2:ff:e8:10:
77:79:1d:cd:6c:7c:82:a3:de:84:fb:53:5e:42:3b:64:e1:d7:
73:52:f0:b8:de:d3:59:5f:c6:08:3a:f5:d9:12:3c:83:7a:37:
f8:f2:c4:ba:0e:2c:3b:7c:cb:77:1a:d9:3c:c0:9c:bf:8c:b7:
4c:e9:8c:fb:20:17:99:cd:39:ec:bb:8a:85:ed:2b:6a:62:91:
b5:a0:d8:a5:a5:30:58:45:bd:72:94:64:6a:2a:20:19:97:8f:
ba:50:1d:c8:b5:e5:1d:92:9e:27:f2:01:72:4a:88:09:67:5d:
58:e5:b3:72:ec:67:a4:ad:b6:9c:56:1b:ab:c8:d6:33:26:dc:
d0:2b:af:48:eb:2f:2b:3d:c5:0a:82:c1:ef:92:ed:ff:cb:fe:
67:3a:60:7c:08:75:a2:93:81:b5:98:06:df:8f:a2:87:ec:00:
a3:d6:60:5c:01:a6:92:f8:f5:49:17:76:7a:ba:7e:e9:38:85:
f1:56:76:9f:aa:7a:9e:cc:d6:f1:22:d3:21:a8:c8:aa:c9:6f:
60:66:c4:14:e9:07:d7:56:c9:02:49:6b:b5:fa:7d:7c:93:a9:
60:08:7c:9f:32:b5:6b:75:dd:4b:f3:ae:d3:f3:2c:0e:ba:60:
88:7b:d5:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyyk/beRFqTyhLIZQM1xkDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYzYyNDVjYTgyMDg5OWQ3ZWI0MTQwMzAyYzIxMDQxYjVk
YmNhMDYwHhcNMjUxMTExMTIwMDUyWhcNMjUxMTEyMTIwMDUyWjAzMTEwLwYDVQQD
Eyg0NGI5ZjNkZjM3MzMyMjUzMzllN2E4MTFjNjVhMDU3M2QyZjQyNDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhD420csk+ny+7y8LLVUtALm0KLg
ymr/y66mloTo4BGlnu4jWVLmL0xVjhpTGxHNqIjRvubM4esWaoJ0IkiMcxf0R0MY
oEbmhcHQIL0VM28KFNHLa33IAU2SAcTUFkVF0+GlCkgHv+gwW8x3JlrlWLQmw6Wz
l+1YACLsSZ5zlC+ymR7dHiIxRpqOtl60QTu2zFWPD8wnBArXyL7aNxmtHcWN6x7b
/TsROepUq6mnQd45+LPztOydg1IYcu3LL5z6EHEZ4EKQfpVGO6BiuYakY3A3znSi
jixqlAEPy12WbRMZS9B2dyEH36X57B/QKuoQ7ixaXaY7Pm7OzLrHz/w/fQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFES58983MyJTOeeoEcZaBXPS9CQLMB8GA1UdIwQY
MBaAFF3GJFyoIImdfrQUAwLCEEG128oGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGNZa1hLZ2dpWjEtdEJRREFzSVFRYlhieWdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi84YTQzMGYtNDBjNS00NzRiLThmZDkt
MDc0ZWQ3MGI0NjczLzEvWGNZa1hLZ2dpWjEtdEJRREFzSVFRYlhieWdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi84YTQzMGYtNDBjNS00NzRiLThmZDktMDc0ZWQ3MGI0Njcz
LzEvWGNZa1hLZ2dpWjEtdEJRREFzSVFRYlhieWdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcPPfRxH7
N/N9/xjBWk6y/+gQd3kdzWx8gqPehPtTXkI7ZOHXc1LwuN7TWV/GCDr12RI8g3o3
+PLEug4sO3zLdxrZPMCcv4y3TOmM+yAXmc057LuKhe0ramKRtaDYpaUwWEW9cpRk
aiogGZePulAdyLXlHZKeJ/IBckqICWddWOWzcuxnpK22nFYbq8jWMybc0CuvSOsv
Kz3FCoLB75Lt/8v+ZzpgfAh1opOBtZgG34+ih+wAo9ZgXAGmkvj1SRd2erp+6TiF
8VZ2n6p6nszW8SLTIajIqslvYGbEFOkH11bJAklrtfp9fJOpYAh8nzK1a3XdS/Ou
0/MsDrpgiHvV/w==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:49:31 2025 by rpki-client