Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/307c33-38a7-4fda-9a08-9abdca39d4f7/1/xFyYQwiFYolxMHxZtc8kFoIQI3g.mft
File: xFyYQwiFYolxMHxZtc8kFoIQI3g.mft (raw, json)
Hash identifier: nwyJJCFAY5vUgcST1TZSOG1fCD7C+9dUblMJKcddgi0=
Subject key identifier: 1B:E3:52:9C:16:E4:B5:F2:CD:A8:4A:0C:36:71:20:30:DB:F7:54:12
Authority key identifier: C4:5C:98:43:08:85:62:89:71:30:7C:59:B5:CF:24:16:82:10:23:78
Certificate issuer: /CN=c45c98430885628971307c59b5cf241682102378
Certificate serial: 019A722592DF4C22AD4DF69ABC3542E8B2B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xFyYQwiFYolxMHxZtc8kFoIQI3g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/307c33-38a7-4fda-9a08-9abdca39d4f7/1/xFyYQwiFYolxMHxZtc8kFoIQI3g.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 09:00:56 +0000
Manifest this update: Tue 11 Nov 2025 09:00:56 +0000
Manifest next update: Wed 12 Nov 2025 09:00:56 +0000
Files and hashes: 1: jvr-TtmshyO-21Athyko7-oCA0g.roa (hash: YbFNgrbQ4nYeYFpzPZPmunVsALPP8JY0whWvWBRLdqk=)
2: xFyYQwiFYolxMHxZtc8kFoIQI3g.crl (hash: WSLOTbn2g3bUwU2pPR92lhZdino1wthyFNsYjTmGBJY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/307c33-38a7-4fda-9a08-9abdca39d4f7/1/xFyYQwiFYolxMHxZtc8kFoIQI3g.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/307c33-38a7-4fda-9a08-9abdca39d4f7/1/xFyYQwiFYolxMHxZtc8kFoIQI3g.mft
rsync://rpki.ripe.net/repository/DEFAULT/xFyYQwiFYolxMHxZtc8kFoIQI3g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:92:df:4c:22:ad:4d:f6:9a:bc:35:42:e8:b2:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c45c98430885628971307c59b5cf241682102378
Validity
Not Before: Nov 11 09:00:56 2025 GMT
Not After : Nov 12 09:00:56 2025 GMT
Subject: CN=1be3529c16e4b5f2cda84a0c36712030dbf75412
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:b6:e3:0b:5e:9c:88:fc:b4:cd:da:4a:6d:aa:
09:8d:7a:75:07:7b:48:85:cf:9f:a4:58:b5:ad:5c:
f6:d9:8c:d1:66:44:51:8f:d8:a9:01:9f:00:40:6d:
38:75:72:c6:df:21:5b:4e:58:fa:52:0d:f4:40:e9:
cb:bc:3b:db:27:96:92:e1:43:3d:92:91:99:fc:f4:
8b:ac:58:2e:43:e1:d0:26:2c:90:bf:98:54:5d:c8:
cd:97:1b:d1:cb:79:fe:53:f8:01:4f:a0:04:0d:6f:
88:bf:11:36:b9:4a:b6:7a:c8:a6:c8:d5:c8:48:99:
cd:d7:59:98:46:b8:8a:28:5d:b4:ba:7f:93:34:9e:
0d:41:4e:c3:9e:b1:f6:57:03:d2:04:76:f6:a6:14:
bd:d2:ec:8e:a5:5a:c5:5b:7f:78:ab:81:76:96:c6:
e3:1e:de:dd:45:0d:be:60:75:ae:da:b0:df:3b:a8:
23:d6:14:08:5a:5e:27:f5:33:ff:1a:54:ff:8c:08:
af:1c:54:53:e2:59:5d:58:50:e0:32:14:a2:32:14:
3f:7c:46:56:61:d2:3d:8c:45:af:b9:b6:6c:2b:89:
e9:bd:d2:3e:9d:2f:df:aa:82:90:e0:31:ae:a8:3e:
a9:e0:80:57:07:36:81:8e:cb:16:f7:2b:f2:ff:be:
16:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:E3:52:9C:16:E4:B5:F2:CD:A8:4A:0C:36:71:20:30:DB:F7:54:12
X509v3 Authority Key Identifier:
keyid:C4:5C:98:43:08:85:62:89:71:30:7C:59:B5:CF:24:16:82:10:23:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xFyYQwiFYolxMHxZtc8kFoIQI3g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/307c33-38a7-4fda-9a08-9abdca39d4f7/1/xFyYQwiFYolxMHxZtc8kFoIQI3g.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/307c33-38a7-4fda-9a08-9abdca39d4f7/1/xFyYQwiFYolxMHxZtc8kFoIQI3g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9d:83:ff:92:5f:b0:e1:c9:37:61:ce:bd:a7:56:8a:41:a1:14:
31:99:cb:79:95:5a:6c:be:8a:ed:dd:a3:a2:c2:a5:36:9f:4e:
af:b2:5f:83:a0:d3:d1:9d:57:ed:8d:a7:64:64:45:2b:69:35:
d7:74:7f:2a:d7:ba:58:9b:a4:a3:d2:78:6e:8b:cf:ea:1f:ec:
cf:1a:89:11:14:2c:da:24:b0:94:f7:fc:03:f1:ca:1f:37:a5:
b3:4e:98:92:2f:ff:d4:cf:fe:bf:c9:58:c5:0e:59:9c:dd:06:
61:17:46:7d:99:af:50:a5:13:6a:5b:e6:77:8b:7d:13:81:92:
74:22:02:c5:cb:4a:66:85:05:e4:e4:7a:6a:19:3d:7e:76:27:
8d:69:de:7f:50:b1:1a:61:9e:62:16:4d:35:11:c5:e1:18:30:
a7:36:17:d3:18:90:a2:22:d6:7c:5a:52:6e:cc:67:62:c0:0c:
f1:6a:8b:90:d0:fc:b6:b2:28:0c:99:c5:0b:7d:e7:3f:31:80:
0c:7a:a5:56:81:ff:a6:79:00:f1:37:40:93:6d:37:54:ab:a2:
56:3e:b1:04:6c:07:e6:e3:bd:89:f9:da:69:74:82:a9:aa:2f:
2f:f1:c9:60:03:63:7a:e5:33:fc:07:7f:41:ed:5d:ad:88:ce:
87:df:9f:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJZLfTCKtTfaavDVC6LK0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NWM5ODQzMDg4NTYyODk3MTMwN2M1OWI1Y2YyNDE2ODIx
MDIzNzgwHhcNMjUxMTExMDkwMDU2WhcNMjUxMTEyMDkwMDU2WjAzMTEwLwYDVQQD
EygxYmUzNTI5YzE2ZTRiNWYyY2RhODRhMGMzNjcxMjAzMGRiZjc1NDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3rbjC16ciPy0zdpKbaoJjXp1B3tI
hc+fpFi1rVz22YzRZkRRj9ipAZ8AQG04dXLG3yFbTlj6Ug30QOnLvDvbJ5aS4UM9
kpGZ/PSLrFguQ+HQJiyQv5hUXcjNlxvRy3n+U/gBT6AEDW+IvxE2uUq2esimyNXI
SJnN11mYRriKKF20un+TNJ4NQU7DnrH2VwPSBHb2phS90uyOpVrFW394q4F2lsbj
Ht7dRQ2+YHWu2rDfO6gj1hQIWl4n9TP/GlT/jAivHFRT4lldWFDgMhSiMhQ/fEZW
YdI9jEWvubZsK4npvdI+nS/fqoKQ4DGuqD6p4IBXBzaBjssW9yvy/74WhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBvjUpwW5LXyzahKDDZxIDDb91QSMB8GA1UdIwQY
MBaAFMRcmEMIhWKJcTB8WbXPJBaCECN4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEZ5WVF3aUZZb2x4TUh4WnRjOGtGb0lRSTNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8zMDdjMzMtMzhhNy00ZmRhLTlhMDgt
OWFiZGNhMzlkNGY3LzEveEZ5WVF3aUZZb2x4TUh4WnRjOGtGb0lRSTNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8zMDdjMzMtMzhhNy00ZmRhLTlhMDgtOWFiZGNhMzlkNGY3
LzEveEZ5WVF3aUZZb2x4TUh4WnRjOGtGb0lRSTNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnYP/kl+w
4ck3Yc69p1aKQaEUMZnLeZVabL6K7d2josKlNp9Or7Jfg6DT0Z1X7Y2nZGRFK2k1
13R/Kte6WJuko9J4bovP6h/szxqJERQs2iSwlPf8A/HKHzels06Yki//1M/+v8lY
xQ5ZnN0GYRdGfZmvUKUTalvmd4t9E4GSdCICxctKZoUF5OR6ahk9fnYnjWnef1Cx
GmGeYhZNNRHF4RgwpzYX0xiQoiLWfFpSbsxnYsAM8WqLkND8trIoDJnFC33nPzGA
DHqlVoH/pnkA8TdAk203VKuiVj6xBGwH5uO9ifnaaXSCqaovL/HJYANjeuUz/Ad/
Qe1drYjOh9+fCg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:15:35 2025 by rpki-client