Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/7de28d-3749-4d02-be9c-41c66458dd73/1/XzHZebcQ7eIGiCOIGqYRrROvVFk.mft
File: XzHZebcQ7eIGiCOIGqYRrROvVFk.mft (raw, json)
Hash identifier: hCqaLYvCla5SZwts5/sPDjrqUphaw8o9FKaE0BtV86o=
Subject key identifier: DC:FA:8B:1E:5E:C6:89:BE:92:4C:CD:83:6A:57:F7:A1:60:5B:AD:4E
Authority key identifier: 5F:31:D9:79:B7:10:ED:E2:06:88:23:88:1A:A6:11:AD:13:AF:54:59
Certificate issuer: /CN=5f31d979b710ede2068823881aa611ad13af5459
Certificate serial: 019A71B877FFEA7F959B0B064D7BB9E62F4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XzHZebcQ7eIGiCOIGqYRrROvVFk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/7de28d-3749-4d02-be9c-41c66458dd73/1/XzHZebcQ7eIGiCOIGqYRrROvVFk.mft
Manifest number: 0CD4
Signing time: Tue 11 Nov 2025 07:01:46 +0000
Manifest this update: Tue 11 Nov 2025 07:01:46 +0000
Manifest next update: Wed 12 Nov 2025 07:01:46 +0000
Files and hashes: 1: 7VePb56Lb2mDp_DoHqAJOVOs_T8.roa (hash: V7IpcMoqQADg7SX3r725vYH2jPknDmi+ikdfBjQyP5c=)
2: XzHZebcQ7eIGiCOIGqYRrROvVFk.crl (hash: q6qZ4Su66itqTH1Ryzkn56pCmMo+l8RxzYrn2dEIECw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/7de28d-3749-4d02-be9c-41c66458dd73/1/XzHZebcQ7eIGiCOIGqYRrROvVFk.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/7de28d-3749-4d02-be9c-41c66458dd73/1/XzHZebcQ7eIGiCOIGqYRrROvVFk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XzHZebcQ7eIGiCOIGqYRrROvVFk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:77:ff:ea:7f:95:9b:0b:06:4d:7b:b9:e6:2f:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f31d979b710ede2068823881aa611ad13af5459
Validity
Not Before: Nov 11 07:01:46 2025 GMT
Not After : Nov 12 07:01:46 2025 GMT
Subject: CN=dcfa8b1e5ec689be924ccd836a57f7a1605bad4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:77:b0:7a:80:57:65:29:1f:76:35:6d:3f:b1:
04:4e:ee:94:09:0a:ac:0a:a2:c0:65:37:24:e1:bc:
68:f9:63:df:d8:a3:17:fd:f2:60:9d:0e:49:49:03:
67:6f:7f:8f:d0:14:b8:4f:51:cc:69:19:9e:98:b8:
54:31:c1:7f:70:f6:51:a4:71:87:6f:c7:2e:ab:5f:
3b:bb:43:63:f2:5d:6f:b0:f1:02:45:11:5b:4c:95:
30:cc:a7:93:87:96:9f:8c:32:aa:ac:7c:b1:40:f9:
4b:58:45:c4:e8:cf:dd:29:fe:19:e9:f5:37:87:27:
73:c1:eb:f0:6d:a1:8c:91:62:44:bf:55:17:58:1f:
2d:c2:31:67:6a:a8:11:98:fc:9e:fd:61:50:a3:14:
29:b3:f4:58:38:67:61:36:84:39:3d:7b:ca:cc:ee:
d4:5c:51:5d:f6:03:30:40:00:33:87:c0:f9:ee:f3:
f9:7c:0b:39:b7:af:ac:fa:b3:21:e8:18:17:93:2f:
75:0b:59:5b:ea:9e:38:cf:1d:b0:cc:a7:19:58:12:
7e:7c:24:81:c5:00:bd:d8:a2:3e:d2:35:8a:27:c3:
24:6c:33:1b:49:3a:f6:98:90:40:aa:bf:06:29:38:
b6:c3:cf:a2:7a:98:ca:9b:ac:31:f4:14:50:ee:e9:
43:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:FA:8B:1E:5E:C6:89:BE:92:4C:CD:83:6A:57:F7:A1:60:5B:AD:4E
X509v3 Authority Key Identifier:
keyid:5F:31:D9:79:B7:10:ED:E2:06:88:23:88:1A:A6:11:AD:13:AF:54:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XzHZebcQ7eIGiCOIGqYRrROvVFk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/7de28d-3749-4d02-be9c-41c66458dd73/1/XzHZebcQ7eIGiCOIGqYRrROvVFk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/7de28d-3749-4d02-be9c-41c66458dd73/1/XzHZebcQ7eIGiCOIGqYRrROvVFk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
57:db:55:88:2d:86:b5:f3:73:e4:9a:6d:68:47:04:e0:67:a1:
58:03:9f:c0:71:a5:21:9c:80:a1:95:45:ad:8a:a5:ae:9c:82:
f6:2a:47:a6:8f:04:bc:92:c7:fa:69:2d:59:c6:1e:24:06:fe:
71:dd:ab:6c:90:de:e6:5b:68:63:cf:7b:09:7f:42:56:0e:b0:
bb:9c:a6:c2:6e:c1:ca:e3:a0:14:bd:37:53:24:0e:cd:ce:a6:
d1:71:df:36:2d:07:09:2c:de:c9:d6:11:76:51:d9:7c:d0:9d:
44:f0:d1:91:be:08:0d:b6:9f:29:77:ac:6b:4d:00:cc:70:3d:
d0:93:7a:2d:6a:12:d0:76:8b:50:0e:3f:de:07:7d:77:cd:15:
c4:3e:f4:23:24:30:38:3b:0f:fe:d4:f5:5c:4c:e6:9e:4a:07:
5e:ff:e7:cb:e4:f8:e7:54:2c:f1:b5:5a:84:43:56:d7:13:a3:
18:40:7a:f8:17:a9:b4:f5:c2:ae:b4:9a:ec:19:94:7e:7c:69:
c0:09:34:cd:aa:99:7e:95:53:6d:0e:59:79:3e:4c:f6:40:b0:
82:2e:c0:8b:f5:9d:a1:ec:b5:29:5e:c1:69:2f:2c:8a:d1:d4:
ac:7d:da:84:94:41:19:4a:1a:e3:c0:33:1d:8e:6d:27:91:1e:
7b:f0:5c:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuHf/6n+VmwsGTXu55i9MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMzFkOTc5YjcxMGVkZTIwNjg4MjM4ODFhYTYxMWFkMTNh
ZjU0NTkwHhcNMjUxMTExMDcwMTQ2WhcNMjUxMTEyMDcwMTQ2WjAzMTEwLwYDVQQD
EyhkY2ZhOGIxZTVlYzY4OWJlOTI0Y2NkODM2YTU3ZjdhMTYwNWJhZDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXeweoBXZSkfdjVtP7EETu6UCQqs
CqLAZTck4bxo+WPf2KMX/fJgnQ5JSQNnb3+P0BS4T1HMaRmemLhUMcF/cPZRpHGH
b8cuq187u0Nj8l1vsPECRRFbTJUwzKeTh5afjDKqrHyxQPlLWEXE6M/dKf4Z6fU3
hydzwevwbaGMkWJEv1UXWB8twjFnaqgRmPye/WFQoxQps/RYOGdhNoQ5PXvKzO7U
XFFd9gMwQAAzh8D57vP5fAs5t6+s+rMh6BgXky91C1lb6p44zx2wzKcZWBJ+fCSB
xQC92KI+0jWKJ8MkbDMbSTr2mJBAqr8GKTi2w8+iepjKm6wx9BRQ7ulD1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNz6ix5exom+kkzNg2pX96FgW61OMB8GA1UdIwQY
MBaAFF8x2Xm3EO3iBogjiBqmEa0Tr1RZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHpIWmViY1E3ZUlHaUNPSUdxWVJyUk92VkZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi83ZGUyOGQtMzc0OS00ZDAyLWJlOWMt
NDFjNjY0NThkZDczLzEvWHpIWmViY1E3ZUlHaUNPSUdxWVJyUk92VkZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi83ZGUyOGQtMzc0OS00ZDAyLWJlOWMtNDFjNjY0NThkZDcz
LzEvWHpIWmViY1E3ZUlHaUNPSUdxWVJyUk92VkZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV9tViC2G
tfNz5JptaEcE4GehWAOfwHGlIZyAoZVFrYqlrpyC9ipHpo8EvJLH+mktWcYeJAb+
cd2rbJDe5ltoY897CX9CVg6wu5ymwm7ByuOgFL03UyQOzc6m0XHfNi0HCSzeydYR
dlHZfNCdRPDRkb4IDbafKXesa00AzHA90JN6LWoS0HaLUA4/3gd9d80VxD70IyQw
ODsP/tT1XEzmnkoHXv/ny+T451Qs8bVahENW1xOjGEB6+BeptPXCrrSa7BmUfnxp
wAk0zaqZfpVTbQ5ZeT5M9kCwgi7Ai/Wdoey1KV7BaS8sitHUrH3ahJRBGUoa48Az
HY5tJ5Eee/BcsQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:32:36 2025 by rpki-client