Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft
File: XPMa_DbLaVUAf-l-1KXjGF0icbo.mft (raw, json)
Hash identifier: 6ptgItModXTrF9zU/RTsZBNYirBpQ0gUFsrsuRKldFE=
Subject key identifier: FA:56:2E:C0:22:50:2D:95:E2:39:05:93:B2:1C:EB:B9:F3:CA:36:F5
Authority key identifier: 5C:F3:1A:FC:36:CB:69:55:00:7F:E9:7E:D4:A5:E3:18:5D:22:71:BA
Certificate issuer: /CN=5cf31afc36cb6955007fe97ed4a5e3185d2271ba
Certificate serial: 019A725C70E2D276511AD12849449AC3F555
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft
Manifest number: 1732
Signing time: Tue 11 Nov 2025 10:00:52 +0000
Manifest this update: Tue 11 Nov 2025 10:00:52 +0000
Manifest next update: Wed 12 Nov 2025 10:00:52 +0000
Files and hashes: 1: 0LO0qT2-0L6mWDwJ3dVrGvaEEOA.roa (hash: m3gjbEV2ZPpf1SrIWWEpb/lM9m2SeM9EF+s0bK96n04=)
2: 3TSrnVPCjyw6LodRykSs6RR28tA.roa (hash: zGSnutgCi7aRhsrnKssjXI5Z238+gDkkfWPc6h8G0+I=)
3: CXLJsfdv2mQYEw_nRCBRyHgGrls.roa (hash: gIlLTUkZL/5+bXwsRESHghLIgWvhwbD5U5vB0n4lI0k=)
4: GZyq4JhiMN6IbDxHDi387ilVO3Q.roa (hash: RAmDxoFTdOQGRBWibMySEyO1+N/egEhlrBt73Hj0G1U=)
5: XPMa_DbLaVUAf-l-1KXjGF0icbo.crl (hash: 1xb9fXNapFP0tsjBfV9/y2nl2RJJ0uZncM9kJ51vSjo=)
6: XsnL58BowN54P94Hq8ZFELardLk.roa (hash: HNbFuOKPa1T82T8LpW7Qm3FZ0tR+dmMImgYgvtx3m4g=)
7: Zz42OKsTm8e7N4-UL7iAE7WQUo8.roa (hash: 5tp1DE1mgaUL43CN7zGdBuvgS2VFLrFuAK++O/dGYog=)
8: aCmXnOhdIWHZjR6YD1Rod6YvGNc.roa (hash: iW+Z/yl7UOD6yvlgUZgO+TZmSZwkPpW3YOaIuSe/RJg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft
rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:70:e2:d2:76:51:1a:d1:28:49:44:9a:c3:f5:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cf31afc36cb6955007fe97ed4a5e3185d2271ba
Validity
Not Before: Nov 11 10:00:52 2025 GMT
Not After : Nov 12 10:00:52 2025 GMT
Subject: CN=fa562ec022502d95e2390593b21cebb9f3ca36f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:fa:e7:68:c0:1e:fb:ad:69:0e:5f:c6:ba:e9:
06:68:f4:70:e1:2c:81:ef:0c:1d:00:32:5e:47:a7:
4b:01:cd:c1:60:23:2b:d5:41:1f:5d:04:cb:6f:b2:
32:3e:9d:0c:41:1d:cb:93:fa:d0:f0:0c:b9:d4:f4:
ec:e3:61:7e:73:b6:e7:45:af:33:d2:43:a6:5e:14:
1f:96:d8:1a:b8:4f:c4:b8:5f:68:a6:15:a8:4c:79:
9e:15:fd:a5:2f:8c:d2:50:77:92:b4:80:c9:1d:c3:
e3:a2:11:c0:ed:50:d8:ba:a1:b6:61:f8:f7:f1:8c:
69:3c:3c:ef:e3:b2:c9:0b:64:42:18:5b:f6:d5:aa:
65:2c:f0:0d:f8:c3:b1:69:95:09:75:85:cf:8f:85:
74:84:0c:58:b9:45:0d:ea:0c:b5:80:81:ed:2e:11:
e5:47:a1:45:a2:4f:3d:3d:a5:86:56:06:a4:ce:f1:
3b:ac:0e:9a:11:9c:de:ac:4c:c2:4b:a0:f0:42:80:
a0:7b:04:bc:3e:f8:29:03:ac:20:c0:d7:cd:2e:19:
56:22:3f:18:39:08:5f:c4:9c:5a:a6:8f:b5:9b:9d:
d9:a0:3a:dd:75:43:83:48:b8:93:99:68:9e:c9:f8:
c3:b1:ad:9b:84:50:f6:0b:ed:44:05:79:da:e0:4a:
65:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:56:2E:C0:22:50:2D:95:E2:39:05:93:B2:1C:EB:B9:F3:CA:36:F5
X509v3 Authority Key Identifier:
keyid:5C:F3:1A:FC:36:CB:69:55:00:7F:E9:7E:D4:A5:E3:18:5D:22:71:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
90:6e:c8:22:7a:21:9d:ac:35:e9:47:90:27:d4:8f:24:a1:c4:
89:2f:0b:35:3c:8d:6f:18:d5:b2:16:7d:7f:5a:79:43:8e:7c:
93:87:31:4b:88:0f:ea:07:40:77:b6:ba:82:64:f0:bf:e7:c3:
ab:ac:9f:d9:3a:28:29:b1:17:c8:10:e8:05:8d:84:7c:8d:b9:
df:26:4c:cc:6b:f0:fe:27:39:c5:9c:7e:d6:8e:7a:c3:b3:3d:
55:57:ce:4f:90:4c:d5:79:bb:4e:5c:ae:c5:ee:a9:2f:a2:62:
0d:3a:4b:63:f1:52:f7:a2:17:12:12:04:d6:ab:a6:a7:83:73:
25:c5:a9:23:1c:50:30:12:fa:a6:35:22:81:57:a9:23:81:83:
c7:a6:8b:82:a6:3d:97:d2:ec:92:60:e7:3d:08:1b:c6:04:cc:
99:e6:d5:90:1a:18:87:db:b5:01:a0:a6:29:8f:bc:e4:02:a3:
48:b4:78:7f:e8:ae:d7:98:cf:03:d2:49:a3:fb:78:18:0e:d2:
ba:ea:8c:8e:30:a3:a3:44:11:8b:ca:e0:37:7f:04:74:80:9b:
31:fb:ba:59:3b:43:ef:fb:fe:10:29:7c:80:0b:5d:78:7e:d4:
1c:2b:51:42:58:6e:5e:73:32:a0:0d:49:2a:0d:d2:0e:fa:a3:
01:d2:b2:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXHDi0nZRGtEoSUSaw/VVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZjMxYWZjMzZjYjY5NTUwMDdmZTk3ZWQ0YTVlMzE4NWQy
MjcxYmEwHhcNMjUxMTExMTAwMDUyWhcNMjUxMTEyMTAwMDUyWjAzMTEwLwYDVQQD
EyhmYTU2MmVjMDIyNTAyZDk1ZTIzOTA1OTNiMjFjZWJiOWYzY2EzNmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5PrnaMAe+61pDl/GuukGaPRw4SyB
7wwdADJeR6dLAc3BYCMr1UEfXQTLb7IyPp0MQR3Lk/rQ8Ay51PTs42F+c7bnRa8z
0kOmXhQfltgauE/EuF9ophWoTHmeFf2lL4zSUHeStIDJHcPjohHA7VDYuqG2Yfj3
8YxpPDzv47LJC2RCGFv21aplLPAN+MOxaZUJdYXPj4V0hAxYuUUN6gy1gIHtLhHl
R6FFok89PaWGVgakzvE7rA6aEZzerEzCS6DwQoCgewS8PvgpA6wgwNfNLhlWIj8Y
OQhfxJxapo+1m53ZoDrddUODSLiTmWieyfjDsa2bhFD2C+1EBXna4EplEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPpWLsAiUC2V4jkFk7Ic67nzyjb1MB8GA1UdIwQY
MBaAFFzzGvw2y2lVAH/pftSl4xhdInG6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFBNYV9EYkxhVlVBZi1sLTFLWGpHRjBpY2JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80NThlYzMtMDQ1MS00ZTQxLTlhMzQt
NzM2ZDEyODg4Y2E4LzEvWFBNYV9EYkxhVlVBZi1sLTFLWGpHRjBpY2JvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy80NThlYzMtMDQ1MS00ZTQxLTlhMzQtNzM2ZDEyODg4Y2E4
LzEvWFBNYV9EYkxhVlVBZi1sLTFLWGpHRjBpY2JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkG7IInoh
naw16UeQJ9SPJKHEiS8LNTyNbxjVshZ9f1p5Q458k4cxS4gP6gdAd7a6gmTwv+fD
q6yf2TooKbEXyBDoBY2EfI253yZMzGvw/ic5xZx+1o56w7M9VVfOT5BM1Xm7Tlyu
xe6pL6JiDTpLY/FS96IXEhIE1qump4NzJcWpIxxQMBL6pjUigVepI4GDx6aLgqY9
l9LskmDnPQgbxgTMmebVkBoYh9u1AaCmKY+85AKjSLR4f+iu15jPA9JJo/t4GA7S
uuqMjjCjo0QRi8rgN38EdICbMfu6WTtD7/v+ECl8gAtdeH7UHCtRQlhuXnMyoA1J
Kg3SDvqjAdKyKQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:22:45 2025 by rpki-client