Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/9c7ce4-2cd4-4854-8840-b0fe9221efb7/1/xJkOwgER9C-2LzmoHHOSqSGVW_I.mft
File: xJkOwgER9C-2LzmoHHOSqSGVW_I.mft (raw, json)
Hash identifier: QZDbZIB+1/DQypVU1uGvAne0j7HuWt0i8/n1nZOCt4k=
Subject key identifier: DC:1C:CA:47:D9:76:E9:BA:F5:F3:04:E3:58:71:D2:78:6D:CA:B4:77
Authority key identifier: C4:99:0E:C2:01:11:F4:2F:B6:2F:39:A8:1C:73:92:A9:21:95:5B:F2
Certificate issuer: /CN=c4990ec20111f42fb62f39a81c7392a921955bf2
Certificate serial: 019A7226576084872E644F86236F8715EB54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xJkOwgER9C-2LzmoHHOSqSGVW_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/9c7ce4-2cd4-4854-8840-b0fe9221efb7/1/xJkOwgER9C-2LzmoHHOSqSGVW_I.mft
Manifest number: 0380
Signing time: Tue 11 Nov 2025 09:01:46 +0000
Manifest this update: Tue 11 Nov 2025 09:01:46 +0000
Manifest next update: Wed 12 Nov 2025 09:01:46 +0000
Files and hashes: 1: S6SgkEKXXupg9NGyg85ew2MKuNo.roa (hash: Ccy6wkPiSmvGfzLUcrIC/arlCjWDtB/tLTVQ150opBk=)
2: xJkOwgER9C-2LzmoHHOSqSGVW_I.crl (hash: jBkad3yBJ/QSvUWrnp8TdQ97ajJk/XCxxPSIXT30Hnk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/9c7ce4-2cd4-4854-8840-b0fe9221efb7/1/xJkOwgER9C-2LzmoHHOSqSGVW_I.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/9c7ce4-2cd4-4854-8840-b0fe9221efb7/1/xJkOwgER9C-2LzmoHHOSqSGVW_I.mft
rsync://rpki.ripe.net/repository/DEFAULT/xJkOwgER9C-2LzmoHHOSqSGVW_I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:57:60:84:87:2e:64:4f:86:23:6f:87:15:eb:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4990ec20111f42fb62f39a81c7392a921955bf2
Validity
Not Before: Nov 11 09:01:46 2025 GMT
Not After : Nov 12 09:01:46 2025 GMT
Subject: CN=dc1cca47d976e9baf5f304e35871d2786dcab477
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:4b:05:05:c5:5d:77:de:e4:ca:fd:42:ea:fc:
3e:8c:38:e2:ed:b0:dd:c2:00:26:70:63:04:b2:20:
c3:39:3a:c9:7b:38:ba:b1:90:19:e1:54:cb:25:3f:
8a:9d:dd:3b:ff:22:e2:3b:97:39:fa:60:ab:59:d5:
ca:38:87:10:8f:cc:36:cf:3b:be:3a:c9:52:47:6c:
0c:10:ab:c3:80:1d:32:19:a1:0b:c2:5f:56:f2:f7:
d5:6c:e8:1e:93:18:cf:f6:02:78:cc:f3:ff:95:84:
7e:f3:9c:75:d6:66:ca:80:f0:58:93:25:a3:97:ff:
b4:78:c1:c7:91:a0:43:2f:87:ac:57:21:e6:42:6c:
7d:61:88:e8:1e:df:1f:86:78:fe:3d:84:9b:82:35:
64:59:91:45:3c:f5:a9:62:78:eb:42:96:23:ac:6f:
f0:5c:3b:7f:96:e5:f9:45:39:bf:e6:e3:08:02:88:
b8:76:57:13:e2:11:47:c8:6c:0a:fe:a5:3a:7a:99:
c6:bd:98:98:55:4b:9c:b4:52:39:c7:97:92:ba:85:
1b:be:8e:f9:3a:31:e1:0a:d3:f0:fa:0e:2a:e0:1d:
aa:7a:ba:29:56:73:08:11:98:40:ff:b3:78:32:11:
34:48:b6:e3:75:12:98:f6:31:97:55:09:11:34:db:
3a:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:1C:CA:47:D9:76:E9:BA:F5:F3:04:E3:58:71:D2:78:6D:CA:B4:77
X509v3 Authority Key Identifier:
keyid:C4:99:0E:C2:01:11:F4:2F:B6:2F:39:A8:1C:73:92:A9:21:95:5B:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xJkOwgER9C-2LzmoHHOSqSGVW_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/9c7ce4-2cd4-4854-8840-b0fe9221efb7/1/xJkOwgER9C-2LzmoHHOSqSGVW_I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/9c7ce4-2cd4-4854-8840-b0fe9221efb7/1/xJkOwgER9C-2LzmoHHOSqSGVW_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1e:a6:2f:14:78:f1:9b:d9:71:55:bb:9e:26:8b:90:4b:e9:0c:
ee:f9:4f:2f:20:b5:72:10:a4:5e:9e:f7:3b:10:38:90:e6:bb:
2e:38:bc:b3:9b:62:5f:df:7d:0c:5e:72:47:fb:1f:95:6d:78:
8f:7e:a0:fd:62:a5:b6:fb:7a:63:26:35:ff:6b:d2:a8:25:b2:
e0:1f:77:b1:f3:3a:45:3e:d3:c5:32:8e:67:f1:e3:1e:c5:ee:
2e:19:20:03:f3:bf:af:28:d6:3c:4a:b8:4e:d2:8c:ef:b7:85:
eb:a4:aa:70:56:46:8d:6b:c3:30:05:bc:68:72:61:26:b4:c1:
31:3b:52:92:6a:1c:72:f4:34:82:35:01:54:58:17:b4:85:ee:
33:8d:c0:28:dd:cb:02:e2:6d:36:9f:6a:2c:35:88:25:43:79:
00:88:bc:da:eb:82:cc:dc:98:c6:90:4b:5c:75:c6:98:6d:92:
27:13:ab:cc:fb:f5:88:b8:5a:6d:aa:e6:48:0a:67:8e:9d:69:
4a:d3:16:3d:d3:d1:35:d0:81:f1:d3:fc:fa:42:e8:09:59:0f:
ec:e5:6d:28:68:99:61:15:1a:13:68:13:a0:8f:77:bc:f7:12:
cc:34:5b:d1:d3:f6:93:bf:18:38:64:e1:52:43:57:69:fe:f8:
0f:2e:8e:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJldghIcuZE+GI2+HFetUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0OTkwZWMyMDExMWY0MmZiNjJmMzlhODFjNzM5MmE5MjE5
NTViZjIwHhcNMjUxMTExMDkwMTQ2WhcNMjUxMTEyMDkwMTQ2WjAzMTEwLwYDVQQD
EyhkYzFjY2E0N2Q5NzZlOWJhZjVmMzA0ZTM1ODcxZDI3ODZkY2FiNDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEsFBcVdd97kyv1C6vw+jDji7bDd
wgAmcGMEsiDDOTrJezi6sZAZ4VTLJT+Knd07/yLiO5c5+mCrWdXKOIcQj8w2zzu+
OslSR2wMEKvDgB0yGaELwl9W8vfVbOgekxjP9gJ4zPP/lYR+85x11mbKgPBYkyWj
l/+0eMHHkaBDL4esVyHmQmx9YYjoHt8fhnj+PYSbgjVkWZFFPPWpYnjrQpYjrG/w
XDt/luX5RTm/5uMIAoi4dlcT4hFHyGwK/qU6epnGvZiYVUuctFI5x5eSuoUbvo75
OjHhCtPw+g4q4B2qeropVnMIEZhA/7N4MhE0SLbjdRKY9jGXVQkRNNs6HQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNwcykfZdum69fME41hx0nhtyrR3MB8GA1UdIwQY
MBaAFMSZDsIBEfQvti85qBxzkqkhlVvyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEprT3dnRVI5Qy0yTHptb0hIT1NxU0dWV19JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS85YzdjZTQtMmNkNC00ODU0LTg4NDAt
YjBmZTkyMjFlZmI3LzEveEprT3dnRVI5Qy0yTHptb0hIT1NxU0dWV19JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS85YzdjZTQtMmNkNC00ODU0LTg4NDAtYjBmZTkyMjFlZmI3
LzEveEprT3dnRVI5Qy0yTHptb0hIT1NxU0dWV19JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHqYvFHjx
m9lxVbueJouQS+kM7vlPLyC1chCkXp73OxA4kOa7Lji8s5tiX999DF5yR/sflW14
j36g/WKltvt6YyY1/2vSqCWy4B93sfM6RT7TxTKOZ/HjHsXuLhkgA/O/ryjWPEq4
TtKM77eF66SqcFZGjWvDMAW8aHJhJrTBMTtSkmoccvQ0gjUBVFgXtIXuM43AKN3L
AuJtNp9qLDWIJUN5AIi82uuCzNyYxpBLXHXGmG2SJxOrzPv1iLhabarmSApnjp1p
StMWPdPRNdCB8dP8+kLoCVkP7OVtKGiZYRUaE2gToI93vPcSzDRb0dP2k78YOGTh
UkNXaf74Dy6OXw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:27:01 2025 by rpki-client