Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/703902-7061-4ecb-9df1-c45620326491/1/xZKgYJDwFpQNMesbCbrhLZSxlbA.mft
File: xZKgYJDwFpQNMesbCbrhLZSxlbA.mft (raw, json)
Hash identifier: YmLPPm8xBkp+U+4ZADcoTh1gik8lBaOv/Q/jjkPvR98=
Subject key identifier: 49:96:62:73:E3:DB:1C:35:93:DF:94:AD:6D:43:13:E9:D1:00:4E:25
Authority key identifier: C5:92:A0:60:90:F0:16:94:0D:31:EB:1B:09:BA:E1:2D:94:B1:95:B0
Certificate issuer: /CN=c592a06090f016940d31eb1b09bae12d94b195b0
Certificate serial: 019A7180A162FF0BF736F274081763BD3F0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xZKgYJDwFpQNMesbCbrhLZSxlbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/703902-7061-4ecb-9df1-c45620326491/1/xZKgYJDwFpQNMesbCbrhLZSxlbA.mft
Manifest number: 05FF
Signing time: Tue 11 Nov 2025 06:00:46 +0000
Manifest this update: Tue 11 Nov 2025 06:00:46 +0000
Manifest next update: Wed 12 Nov 2025 06:00:46 +0000
Files and hashes: 1: G68GMPXMUX3Qhn5n2oFwnwjBDXg.roa (hash: 6TErr3RLE+4ObuY83LCNvVHOw/1OAYj91Y93qk/e+tA=)
2: xZKgYJDwFpQNMesbCbrhLZSxlbA.crl (hash: Mlad6bTjI3cMnvrTw7LpKeyp+bM17Vo4v6vPlO8yQT0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/703902-7061-4ecb-9df1-c45620326491/1/xZKgYJDwFpQNMesbCbrhLZSxlbA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/703902-7061-4ecb-9df1-c45620326491/1/xZKgYJDwFpQNMesbCbrhLZSxlbA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xZKgYJDwFpQNMesbCbrhLZSxlbA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 06:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:80:a1:62:ff:0b:f7:36:f2:74:08:17:63:bd:3f:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c592a06090f016940d31eb1b09bae12d94b195b0
Validity
Not Before: Nov 11 06:00:46 2025 GMT
Not After : Nov 12 06:00:46 2025 GMT
Subject: CN=49966273e3db1c3593df94ad6d4313e9d1004e25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:47:a5:ab:2a:4e:cb:65:b4:e1:01:56:80:75:
f8:9a:35:ff:19:18:7f:f4:ca:6b:0f:fa:e3:a8:a5:
99:aa:cf:04:0c:61:20:6a:5e:69:d1:e9:6d:7e:4b:
80:9d:27:44:03:c5:d4:7e:23:c2:2c:b1:0b:9f:c8:
19:c0:35:8b:57:79:3c:0e:b6:f2:43:4b:67:f2:03:
99:14:4a:a2:e3:b7:c5:07:13:4a:90:12:d3:57:7c:
54:33:4f:c7:1f:a7:22:13:e9:e0:5b:ea:91:92:fb:
4d:ec:90:c0:56:c6:7d:50:7e:59:5b:b4:87:55:16:
8d:63:6e:b0:6f:ef:19:0e:00:07:36:37:98:05:0f:
83:d6:53:33:c3:40:8b:2a:99:2f:53:eb:77:68:d1:
44:22:88:c1:7a:58:c9:d0:14:2b:06:df:79:34:18:
0d:87:4c:cc:78:58:fb:fc:54:87:76:27:11:38:7f:
53:13:a5:99:c8:62:dd:a7:d3:b6:d6:63:b8:41:e0:
79:39:6b:13:3e:0f:c9:36:08:52:4d:08:4c:5d:54:
0b:9f:32:de:d2:33:8d:7b:5e:dd:23:55:65:e8:8b:
3a:38:cb:77:b9:6e:09:ad:1b:1a:de:d9:9d:d3:a6:
c2:ec:cf:b2:2c:5b:23:ef:1e:36:34:65:9c:37:b6:
53:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:96:62:73:E3:DB:1C:35:93:DF:94:AD:6D:43:13:E9:D1:00:4E:25
X509v3 Authority Key Identifier:
keyid:C5:92:A0:60:90:F0:16:94:0D:31:EB:1B:09:BA:E1:2D:94:B1:95:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xZKgYJDwFpQNMesbCbrhLZSxlbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/703902-7061-4ecb-9df1-c45620326491/1/xZKgYJDwFpQNMesbCbrhLZSxlbA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/703902-7061-4ecb-9df1-c45620326491/1/xZKgYJDwFpQNMesbCbrhLZSxlbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8b:da:37:cb:cb:40:bb:45:18:e9:e4:d3:aa:02:40:6b:4b:ca:
33:3f:16:c0:a5:38:53:ca:08:04:b8:6a:60:d8:17:d9:39:ea:
59:c3:72:23:7b:66:3b:f2:c5:43:b5:72:80:fe:c6:05:d3:a9:
12:98:45:f2:ba:76:c0:a2:f2:1a:83:15:4a:d0:13:a3:21:fc:
40:f5:8f:36:ce:ca:be:31:a4:77:de:99:d5:48:84:73:1e:c1:
4e:61:b1:4c:ae:ae:46:b7:78:df:02:74:f3:f3:cc:9a:ae:be:
e4:d4:5e:88:cf:f1:a2:5f:34:2f:44:60:b4:ab:9a:ac:73:c8:
63:4a:e3:68:de:3c:e7:0b:bb:39:21:47:90:3d:21:fe:99:c7:
a1:f1:70:15:a0:11:60:08:46:33:bc:96:f2:e4:ef:f2:fb:f0:
48:5e:13:70:90:0a:c6:9c:70:1d:d8:ff:01:c7:98:e3:99:ee:
93:82:23:9d:e3:f9:d2:e8:45:00:66:79:de:6c:57:f3:e2:1a:
f3:cd:ab:04:68:61:20:0a:fd:2c:f1:29:be:0b:03:9b:b0:3b:
5d:ff:13:27:5b:6b:0f:2a:80:e5:e7:5a:61:ae:75:ad:01:78:
99:5a:3e:32:34:8c:2b:c6:9c:f5:36:39:41:ab:0a:a6:32:d9:
51:b5:42:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxgKFi/wv3NvJ0CBdjvT8MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1OTJhMDYwOTBmMDE2OTQwZDMxZWIxYjA5YmFlMTJkOTRi
MTk1YjAwHhcNMjUxMTExMDYwMDQ2WhcNMjUxMTEyMDYwMDQ2WjAzMTEwLwYDVQQD
Eyg0OTk2NjI3M2UzZGIxYzM1OTNkZjk0YWQ2ZDQzMTNlOWQxMDA0ZTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUelqypOy2W04QFWgHX4mjX/GRh/
9MprD/rjqKWZqs8EDGEgal5p0eltfkuAnSdEA8XUfiPCLLELn8gZwDWLV3k8Drby
Q0tn8gOZFEqi47fFBxNKkBLTV3xUM0/HH6ciE+ngW+qRkvtN7JDAVsZ9UH5ZW7SH
VRaNY26wb+8ZDgAHNjeYBQ+D1lMzw0CLKpkvU+t3aNFEIojBeljJ0BQrBt95NBgN
h0zMeFj7/FSHdicROH9TE6WZyGLdp9O21mO4QeB5OWsTPg/JNghSTQhMXVQLnzLe
0jONe17dI1Vl6Is6OMt3uW4JrRsa3tmd06bC7M+yLFsj7x42NGWcN7ZT7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEmWYnPj2xw1k9+UrW1DE+nRAE4lMB8GA1UdIwQY
MBaAFMWSoGCQ8BaUDTHrGwm64S2UsZWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFpLZ1lKRHdGcFFOTWVzYkNicmhMWlN4bGJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS83MDM5MDItNzA2MS00ZWNiLTlkZjEt
YzQ1NjIwMzI2NDkxLzEveFpLZ1lKRHdGcFFOTWVzYkNicmhMWlN4bGJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS83MDM5MDItNzA2MS00ZWNiLTlkZjEtYzQ1NjIwMzI2NDkx
LzEveFpLZ1lKRHdGcFFOTWVzYkNicmhMWlN4bGJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi9o3y8tA
u0UY6eTTqgJAa0vKMz8WwKU4U8oIBLhqYNgX2TnqWcNyI3tmO/LFQ7VygP7GBdOp
EphF8rp2wKLyGoMVStAToyH8QPWPNs7KvjGkd96Z1UiEcx7BTmGxTK6uRrd43wJ0
8/PMmq6+5NReiM/xol80L0RgtKuarHPIY0rjaN485wu7OSFHkD0h/pnHofFwFaAR
YAhGM7yW8uTv8vvwSF4TcJAKxpxwHdj/AceY45nuk4IjneP50uhFAGZ53mxX8+Ia
882rBGhhIAr9LPEpvgsDm7A7Xf8TJ1trDyqA5edaYa51rQF4mVo+MjSMK8ac9TY5
QasKpjLZUbVCLQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:11:17 2025 by rpki-client