Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/adf93d-98da-41cc-8a6d-9c2ad475a231/1/XbWMRb7iUfx1daY-W0kN7GEU5so.mft
File: XbWMRb7iUfx1daY-W0kN7GEU5so.mft (raw, json)
Hash identifier: 0+tJXNh1qbjmZl/uAncSC8Dt8Cc+EHlAutDucCWKGYo=
Subject key identifier: CA:39:24:69:EE:02:ED:B9:92:D8:A1:F6:CF:02:E0:26:28:3F:9C:E1
Authority key identifier: 5D:B5:8C:45:BE:E2:51:FC:75:75:A6:3E:5B:49:0D:EC:61:14:E6:CA
Certificate issuer: /CN=5db58c45bee251fc7575a63e5b490dec6114e6ca
Certificate serial: 019A73384A7D6BCD8ACF0476674164E5969B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XbWMRb7iUfx1daY-W0kN7GEU5so.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/adf93d-98da-41cc-8a6d-9c2ad475a231/1/XbWMRb7iUfx1daY-W0kN7GEU5so.mft
Manifest number: 14CB
Signing time: Tue 11 Nov 2025 14:01:00 +0000
Manifest this update: Tue 11 Nov 2025 14:01:00 +0000
Manifest next update: Wed 12 Nov 2025 14:01:00 +0000
Files and hashes: 1: XbWMRb7iUfx1daY-W0kN7GEU5so.crl (hash: JnxERah0ERwEUv3yUXpjcNzUhhPYoGTMlMyZ2YYLzMI=)
2: rIHO9BGM8FbqBMmG5rRph997QKc.roa (hash: 8yht5PsqRnylMZKjON2/XT2bc+vyA/zY0feaEVSh3nw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/adf93d-98da-41cc-8a6d-9c2ad475a231/1/XbWMRb7iUfx1daY-W0kN7GEU5so.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/adf93d-98da-41cc-8a6d-9c2ad475a231/1/XbWMRb7iUfx1daY-W0kN7GEU5so.mft
rsync://rpki.ripe.net/repository/DEFAULT/XbWMRb7iUfx1daY-W0kN7GEU5so.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:38:4a:7d:6b:cd:8a:cf:04:76:67:41:64:e5:96:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5db58c45bee251fc7575a63e5b490dec6114e6ca
Validity
Not Before: Nov 11 14:01:00 2025 GMT
Not After : Nov 12 14:01:00 2025 GMT
Subject: CN=ca392469ee02edb992d8a1f6cf02e026283f9ce1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f1:0f:34:70:f8:f4:38:0d:9a:23:62:dd:97:
88:73:87:dc:8f:15:e9:3a:4c:ca:4d:4c:4b:ad:3b:
7e:d9:f3:ab:b2:c8:18:8e:79:16:fe:f8:f6:b2:10:
23:20:96:b8:52:c3:2f:1c:27:4b:31:32:de:d0:b4:
d3:a1:e8:ad:ee:15:be:fa:36:0d:f5:71:de:8a:5c:
38:0f:77:c9:5f:a4:e3:e8:78:47:a4:ca:00:7c:40:
7d:4c:5c:ca:21:49:8b:06:68:cf:f7:53:d1:62:19:
85:54:cd:c7:10:45:00:26:bb:0a:bd:99:c4:f7:d3:
e8:5b:cf:f1:d2:ac:69:34:d4:33:4c:27:d3:38:70:
9d:4d:e9:25:b0:8c:ee:1a:dd:1d:1c:8a:c4:28:f1:
9a:a1:b7:2e:db:0d:e8:ff:f6:5b:aa:d5:70:9e:b3:
e5:16:df:91:cb:da:a9:cc:fe:d1:92:25:09:2b:6c:
0f:c7:ce:32:3e:44:62:2e:60:07:ff:74:6e:32:3f:
f8:cf:76:f3:a9:5b:a7:e7:cb:e4:5d:18:40:14:d7:
2f:86:77:00:68:e4:1a:75:f4:ec:b8:c0:d1:4d:9f:
a1:55:dc:da:57:c7:4f:06:55:fa:bf:a7:6c:68:e2:
11:9e:48:13:c5:1f:40:48:cd:6a:0a:6b:2f:32:e8:
c5:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:39:24:69:EE:02:ED:B9:92:D8:A1:F6:CF:02:E0:26:28:3F:9C:E1
X509v3 Authority Key Identifier:
keyid:5D:B5:8C:45:BE:E2:51:FC:75:75:A6:3E:5B:49:0D:EC:61:14:E6:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XbWMRb7iUfx1daY-W0kN7GEU5so.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/adf93d-98da-41cc-8a6d-9c2ad475a231/1/XbWMRb7iUfx1daY-W0kN7GEU5so.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/adf93d-98da-41cc-8a6d-9c2ad475a231/1/XbWMRb7iUfx1daY-W0kN7GEU5so.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a0:88:d5:47:a3:37:f4:6b:f9:01:ec:d7:ca:94:b8:71:99:e4:
3c:7d:0c:a8:2a:6d:0c:5b:a6:c3:4e:67:0b:28:4d:d6:57:a1:
e0:23:e8:44:b6:b0:64:ec:0a:6b:82:47:9b:9e:05:0e:1c:79:
d6:61:7a:fc:91:df:03:a6:ac:2a:ec:13:10:00:19:48:39:59:
64:85:75:72:06:c3:c7:04:18:d8:cb:93:12:88:91:7c:2e:57:
b1:24:08:8e:f9:e6:3c:25:42:e2:01:2a:9b:5d:96:de:2b:00:
69:7d:9a:36:c1:50:f8:9d:45:ff:dd:fc:92:09:89:f1:7d:9e:
0b:e2:2a:69:0f:dd:3f:88:de:8c:12:88:73:cb:53:7f:68:ec:
e0:ad:f4:1c:aa:80:98:79:d0:be:27:60:46:13:ed:03:b2:ff:
04:7a:a9:48:bc:dd:0e:6e:a8:b3:45:a4:b5:6b:59:e0:7c:ce:
b1:06:91:df:c7:1d:7a:74:d5:7c:1d:01:aa:95:9c:49:7c:79:
f0:f6:53:8f:8d:b7:89:31:24:21:ea:fd:66:d3:7e:61:74:c4:
ad:96:c7:61:57:a8:53:2d:13:9c:1e:64:60:90:68:5d:cf:8c:
4c:72:5a:f3:06:2c:61:03:8d:8e:e4:10:71:91:b6:8d:0f:a3:
87:5b:e0:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzOEp9a82KzwR2Z0Fk5ZabMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYjU4YzQ1YmVlMjUxZmM3NTc1YTYzZTViNDkwZGVjNjEx
NGU2Y2EwHhcNMjUxMTExMTQwMTAwWhcNMjUxMTEyMTQwMTAwWjAzMTEwLwYDVQQD
EyhjYTM5MjQ2OWVlMDJlZGI5OTJkOGExZjZjZjAyZTAyNjI4M2Y5Y2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPEPNHD49DgNmiNi3ZeIc4fcjxXp
OkzKTUxLrTt+2fOrssgYjnkW/vj2shAjIJa4UsMvHCdLMTLe0LTToeit7hW++jYN
9XHeilw4D3fJX6Tj6HhHpMoAfEB9TFzKIUmLBmjP91PRYhmFVM3HEEUAJrsKvZnE
99PoW8/x0qxpNNQzTCfTOHCdTeklsIzuGt0dHIrEKPGaobcu2w3o//ZbqtVwnrPl
Ft+Ry9qpzP7RkiUJK2wPx84yPkRiLmAH/3RuMj/4z3bzqVun58vkXRhAFNcvhncA
aOQadfTsuMDRTZ+hVdzaV8dPBlX6v6dsaOIRnkgTxR9ASM1qCmsvMujFbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMo5JGnuAu25ktih9s8C4CYoP5zhMB8GA1UdIwQY
MBaAFF21jEW+4lH8dXWmPltJDexhFObKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGJXTVJiN2lVZngxZGFZLVcwa043R0VVNXNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9hZGY5M2QtOThkYS00MWNjLThhNmQt
OWMyYWQ0NzVhMjMxLzEvWGJXTVJiN2lVZngxZGFZLVcwa043R0VVNXNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9hZGY5M2QtOThkYS00MWNjLThhNmQtOWMyYWQ0NzVhMjMx
LzEvWGJXTVJiN2lVZngxZGFZLVcwa043R0VVNXNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoIjVR6M3
9Gv5AezXypS4cZnkPH0MqCptDFumw05nCyhN1leh4CPoRLawZOwKa4JHm54FDhx5
1mF6/JHfA6asKuwTEAAZSDlZZIV1cgbDxwQY2MuTEoiRfC5XsSQIjvnmPCVC4gEq
m12W3isAaX2aNsFQ+J1F/938kgmJ8X2eC+IqaQ/dP4jejBKIc8tTf2js4K30HKqA
mHnQvidgRhPtA7L/BHqpSLzdDm6os0WktWtZ4HzOsQaR38cdenTVfB0BqpWcSXx5
8PZTj423iTEkIer9ZtN+YXTErZbHYVeoUy0TnB5kYJBoXc+MTHJa8wYsYQONjuQQ
cZG2jQ+jh1vgVg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:36:55 2025 by rpki-client