Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/97c414-3afa-49ee-ab70-a4407a5d321a/1/XlgQVXywZwvJwJM-An6b2CqxVt8.mft
File: XlgQVXywZwvJwJM-An6b2CqxVt8.mft (raw, json)
Hash identifier: 4y2vq9qc5ZiNgQNXp/339K+FJeAm+CvGEWS1+Qn8DEw=
Subject key identifier: 19:FD:B1:FD:7B:93:22:D0:79:E7:89:35:B7:B4:7A:F5:0E:90:E1:2C
Authority key identifier: 5E:58:10:55:7C:B0:67:0B:C9:C0:93:3E:02:7E:9B:D8:2A:B1:56:DF
Certificate issuer: /CN=5e5810557cb0670bc9c0933e027e9bd82ab156df
Certificate serial: 019A70DC0F69AF1230BCE37C37DFE3F09A3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XlgQVXywZwvJwJM-An6b2CqxVt8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/97c414-3afa-49ee-ab70-a4407a5d321a/1/XlgQVXywZwvJwJM-An6b2CqxVt8.mft
Manifest number: 16AF
Signing time: Tue 11 Nov 2025 03:01:01 +0000
Manifest this update: Tue 11 Nov 2025 03:01:01 +0000
Manifest next update: Wed 12 Nov 2025 03:01:01 +0000
Files and hashes: 1: X3STT9uNWvgpUT8B2LTGrxoI9k0.roa (hash: LPxXWYECEhYhqhJFZtgmdAjXs7SoH+TOKVHj7gJZDp0=)
2: XlgQVXywZwvJwJM-An6b2CqxVt8.crl (hash: pdx7ERjo0kvYkHSieutztb54Ii6EkVKEQNets2QqLq0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/97c414-3afa-49ee-ab70-a4407a5d321a/1/XlgQVXywZwvJwJM-An6b2CqxVt8.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/97c414-3afa-49ee-ab70-a4407a5d321a/1/XlgQVXywZwvJwJM-An6b2CqxVt8.mft
rsync://rpki.ripe.net/repository/DEFAULT/XlgQVXywZwvJwJM-An6b2CqxVt8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:dc:0f:69:af:12:30:bc:e3:7c:37:df:e3:f0:9a:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e5810557cb0670bc9c0933e027e9bd82ab156df
Validity
Not Before: Nov 11 03:01:01 2025 GMT
Not After : Nov 12 03:01:01 2025 GMT
Subject: CN=19fdb1fd7b9322d079e78935b7b47af50e90e12c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8a:15:e8:16:cc:59:6e:53:f3:93:42:d2:c8:
38:89:98:42:f6:ec:14:76:5b:0e:10:6c:f6:8f:ef:
3a:91:01:ca:f2:09:c0:3d:f3:99:dd:1f:d3:62:b4:
ab:e8:b2:20:2f:f3:d4:2d:49:e6:87:12:5c:40:18:
d2:2a:76:cf:d4:2a:02:13:10:1a:d8:e9:77:3a:86:
02:7a:ae:20:17:ca:ee:e1:76:37:95:ff:16:d4:2c:
ae:8f:be:4f:bd:24:e4:3f:aa:6c:f4:61:41:42:97:
18:35:f7:c2:97:da:65:f7:61:26:db:46:cd:39:55:
d0:c7:81:28:b1:ae:9f:db:08:be:18:e4:b5:de:4b:
f9:f9:28:d4:94:d5:eb:18:9d:52:b0:74:fe:47:96:
84:08:03:76:a9:87:25:05:00:7a:f8:19:f2:f8:f8:
72:69:f9:45:11:8b:14:35:ce:d8:c5:a3:31:5d:54:
04:55:41:ac:f4:fb:8d:86:f6:b4:6d:e4:cb:c1:4e:
23:50:cb:b3:fc:c3:9d:ea:26:a9:96:53:37:ec:d4:
be:a5:30:00:46:60:06:37:57:7e:5c:85:87:d0:fd:
01:be:ec:f3:ec:1b:7d:20:60:a7:8e:e1:dd:27:a4:
8b:b7:66:f0:cf:f9:16:d3:1c:a0:59:f6:e0:db:80:
68:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:FD:B1:FD:7B:93:22:D0:79:E7:89:35:B7:B4:7A:F5:0E:90:E1:2C
X509v3 Authority Key Identifier:
keyid:5E:58:10:55:7C:B0:67:0B:C9:C0:93:3E:02:7E:9B:D8:2A:B1:56:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XlgQVXywZwvJwJM-An6b2CqxVt8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/97c414-3afa-49ee-ab70-a4407a5d321a/1/XlgQVXywZwvJwJM-An6b2CqxVt8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/97c414-3afa-49ee-ab70-a4407a5d321a/1/XlgQVXywZwvJwJM-An6b2CqxVt8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
83:82:f5:2b:7d:dc:6a:ea:1b:2d:b3:51:56:4f:30:56:df:05:
d7:fb:2f:67:cf:64:bb:ce:76:64:44:d0:c6:f3:f8:a9:7f:2e:
7c:ff:e0:f5:8a:42:9e:b7:3a:84:ec:0d:1e:29:79:b9:e8:d2:
3a:21:c1:d3:f1:f7:e8:35:11:2a:a9:86:51:24:08:01:31:ee:
97:a4:12:09:7f:8c:d9:82:8f:cd:9b:b2:e5:18:b2:5d:c5:43:
c5:58:8c:cb:03:1e:7a:f5:66:b6:27:b1:aa:9c:93:e5:27:8a:
d6:d4:f2:97:51:b2:0b:50:5b:fa:4d:c7:35:a0:33:13:71:53:
97:00:3d:72:10:a7:26:b5:45:40:4d:21:97:34:2c:21:48:fb:
03:8f:c4:ff:1d:bf:6b:ec:9d:e5:cd:38:ac:48:86:e7:ed:68:
27:a8:4c:f9:5a:b8:0d:55:57:89:61:36:3e:59:c9:ff:8c:57:
fd:09:34:9e:8c:1f:27:7d:46:7f:2d:82:6d:0a:ca:36:02:31:
31:90:cd:4a:46:ca:58:ad:73:46:a1:88:64:54:b0:0a:0b:b2:
ff:2f:35:92:3a:47:1d:4c:83:98:56:3c:2d:28:ec:8f:d9:2e:
6c:3f:81:21:a9:51:28:6d:54:5f:97:4e:86:0d:08:2a:46:00:
e9:a1:2a:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3A9prxIwvON8N9/j8Jo/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNTgxMDU1N2NiMDY3MGJjOWMwOTMzZTAyN2U5YmQ4MmFi
MTU2ZGYwHhcNMjUxMTExMDMwMTAxWhcNMjUxMTEyMDMwMTAxWjAzMTEwLwYDVQQD
EygxOWZkYjFmZDdiOTMyMmQwNzllNzg5MzViN2I0N2FmNTBlOTBlMTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4oV6BbMWW5T85NC0sg4iZhC9uwU
dlsOEGz2j+86kQHK8gnAPfOZ3R/TYrSr6LIgL/PULUnmhxJcQBjSKnbP1CoCExAa
2Ol3OoYCeq4gF8ru4XY3lf8W1Cyuj75PvSTkP6ps9GFBQpcYNffCl9pl92Em20bN
OVXQx4Eosa6f2wi+GOS13kv5+SjUlNXrGJ1SsHT+R5aECAN2qYclBQB6+Bny+Phy
aflFEYsUNc7YxaMxXVQEVUGs9PuNhva0beTLwU4jUMuz/MOd6iapllM37NS+pTAA
RmAGN1d+XIWH0P0Bvuzz7Bt9IGCnjuHdJ6SLt2bwz/kW0xygWfbg24Bo+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBn9sf17kyLQeeeJNbe0evUOkOEsMB8GA1UdIwQY
MBaAFF5YEFV8sGcLycCTPgJ+m9gqsVbfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGxnUVZYeXdad3ZKd0pNLUFuNmIyQ3F4VnQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS85N2M0MTQtM2FmYS00OWVlLWFiNzAt
YTQ0MDdhNWQzMjFhLzEvWGxnUVZYeXdad3ZKd0pNLUFuNmIyQ3F4VnQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS85N2M0MTQtM2FmYS00OWVlLWFiNzAtYTQ0MDdhNWQzMjFh
LzEvWGxnUVZYeXdad3ZKd0pNLUFuNmIyQ3F4VnQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg4L1K33c
auobLbNRVk8wVt8F1/svZ89ku852ZETQxvP4qX8ufP/g9YpCnrc6hOwNHil5uejS
OiHB0/H36DURKqmGUSQIATHul6QSCX+M2YKPzZuy5RiyXcVDxViMywMeevVmtiex
qpyT5SeK1tTyl1GyC1Bb+k3HNaAzE3FTlwA9chCnJrVFQE0hlzQsIUj7A4/E/x2/
a+yd5c04rEiG5+1oJ6hM+Vq4DVVXiWE2PlnJ/4xX/Qk0nowfJ31Gfy2CbQrKNgIx
MZDNSkbKWK1zRqGIZFSwCguy/y81kjpHHUyDmFY8LSjsj9kubD+BIalRKG1UX5dO
hg0IKkYA6aEqAw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:00:28 2025 by rpki-client