Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.mft
File: xTG2PRGmzC0c5p4TEch6waanBzM.mft (raw, json)
Hash identifier: 1iE4rYLDQBZFxOI3sUR2n9NNGaIXdfgFksbBwXXvz8M=
Subject key identifier: C6:B3:AF:A5:22:9F:93:0D:C8:C4:56:AA:CA:DD:FB:C1:90:56:1C:CA
Authority key identifier: C5:31:B6:3D:11:A6:CC:2D:1C:E6:9E:13:11:C8:7A:C1:A6:A7:07:33
Certificate issuer: /CN=c531b63d11a6cc2d1ce69e1311c87ac1a6a70733
Certificate serial: 019A4B85A1C29E811F1AA7E4AEB7D2678CB8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xTG2PRGmzC0c5p4TEch6waanBzM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.mft
Manifest number: 0F8F
Signing time: Mon 03 Nov 2025 21:00:40 +0000
Manifest this update: Mon 03 Nov 2025 21:00:40 +0000
Manifest next update: Tue 04 Nov 2025 21:00:40 +0000
Files and hashes: 1: 3cKiOm3cqL9AuF9PS6f53tN4Gdg.roa (hash: HiF4cbbVkgMNvvCZGg36cGuMWinu6Z8X1/cmYfYlH0w=)
2: 7dlaDlkKgi4dAirWDUWBZGBGqcU.roa (hash: p1fbv33BP/4U3m5pS2Ws4rI2vfUa3r6QuSWQWQR+Iw4=)
3: xTG2PRGmzC0c5p4TEch6waanBzM.crl (hash: LHs8L8Hd9v91Chcvp4l5N7YPRB8YkjhMqVlJqK3/e58=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.mft
rsync://rpki.ripe.net/repository/DEFAULT/xTG2PRGmzC0c5p4TEch6waanBzM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Nov 2025 20:30:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4b:85:a1:c2:9e:81:1f:1a:a7:e4:ae:b7:d2:67:8c:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c531b63d11a6cc2d1ce69e1311c87ac1a6a70733
Validity
Not Before: Nov 3 21:00:40 2025 GMT
Not After : Nov 4 21:00:40 2025 GMT
Subject: CN=c6b3afa5229f930dc8c456aacaddfbc190561cca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:09:1f:f6:ee:42:47:d6:a8:6b:f1:a0:47:67:
48:08:e7:98:a5:c2:f6:7e:0f:40:1d:30:81:12:78:
bf:38:72:b0:36:59:2d:6b:c3:be:9e:15:8c:46:9c:
d0:41:22:10:7e:1e:b8:ea:f0:03:fa:82:03:0c:20:
4d:54:19:82:ac:1b:d4:04:86:ab:93:28:90:79:73:
db:ed:1c:c1:17:ed:b7:32:2b:e6:77:49:c0:14:76:
ca:14:3f:93:3c:ce:85:03:0a:a2:d3:19:05:2b:ca:
ac:19:a4:6d:54:53:9f:0e:2a:df:32:18:7c:7d:de:
a5:de:24:27:e4:77:84:6b:16:83:88:bb:48:3e:46:
ca:c8:a5:3e:ca:07:f3:54:96:c7:75:48:31:7b:f0:
11:9b:50:d0:92:8e:81:db:ce:3f:14:32:b1:f5:a8:
df:fd:af:62:12:c0:89:2c:6d:d6:58:da:6e:07:67:
ed:53:d9:96:41:3c:f4:2c:3f:40:05:e0:67:9c:9f:
12:10:e6:7b:ba:7b:1d:d4:0f:47:06:3f:8a:52:3b:
c3:7a:e7:37:95:9b:54:7f:50:cc:69:a8:7a:50:17:
a1:37:9b:bd:9c:f2:51:1f:a3:e6:0e:2a:ee:87:ee:
8b:81:6a:e6:f6:36:df:a1:83:56:73:6b:f6:43:dd:
76:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:B3:AF:A5:22:9F:93:0D:C8:C4:56:AA:CA:DD:FB:C1:90:56:1C:CA
X509v3 Authority Key Identifier:
keyid:C5:31:B6:3D:11:A6:CC:2D:1C:E6:9E:13:11:C8:7A:C1:A6:A7:07:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xTG2PRGmzC0c5p4TEch6waanBzM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
59:d0:e1:f3:e9:c3:81:f1:29:35:de:82:53:f0:3b:f2:f2:c4:
51:99:f3:02:9e:9f:46:27:09:b6:60:5c:e7:ff:6c:9e:97:6f:
b5:a1:f9:43:b8:1f:ff:a7:df:df:1c:c1:59:3c:a5:05:32:39:
fa:ec:5c:52:a6:fc:c4:0e:7c:f0:ea:05:85:52:da:a7:22:d2:
45:7a:1f:71:3c:8a:07:de:a1:49:99:cf:96:28:24:48:3d:eb:
57:91:f8:27:ef:a0:c0:84:e8:6a:58:07:91:ef:7f:5c:f0:cb:
dd:60:47:f5:9f:a9:2c:b7:93:60:43:a2:00:35:65:25:fa:05:
04:b4:33:c3:22:59:e7:92:3e:e3:82:e5:c5:54:65:ea:a8:08:
7f:59:72:8c:a0:27:a1:ee:e5:65:6e:2f:bd:a7:f1:25:9f:1e:
3d:8f:51:35:e8:48:32:a2:ca:6c:94:e3:bd:1a:d6:80:87:e9:
7d:31:24:d8:5b:82:a1:d6:63:d4:98:bc:ce:96:55:6a:f0:86:
4a:26:ae:b3:9f:63:df:cc:97:31:14:10:e2:90:a3:9e:c0:fe:
5b:27:30:14:75:c6:83:6b:92:06:bd:e4:21:4f:55:64:a5:f9:
96:c1:44:6d:fd:51:16:95:a5:5d:76:42:0e:63:2e:a4:29:af:
8b:e4:09:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpLhaHCnoEfGqfkrrfSZ4y4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1MzFiNjNkMTFhNmNjMmQxY2U2OWUxMzExYzg3YWMxYTZh
NzA3MzMwHhcNMjUxMTAzMjEwMDQwWhcNMjUxMTA0MjEwMDQwWjAzMTEwLwYDVQQD
EyhjNmIzYWZhNTIyOWY5MzBkYzhjNDU2YWFjYWRkZmJjMTkwNTYxY2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAkf9u5CR9aoa/GgR2dICOeYpcL2
fg9AHTCBEni/OHKwNlkta8O+nhWMRpzQQSIQfh646vAD+oIDDCBNVBmCrBvUBIar
kyiQeXPb7RzBF+23Mivmd0nAFHbKFD+TPM6FAwqi0xkFK8qsGaRtVFOfDirfMhh8
fd6l3iQn5HeEaxaDiLtIPkbKyKU+ygfzVJbHdUgxe/ARm1DQko6B284/FDKx9ajf
/a9iEsCJLG3WWNpuB2ftU9mWQTz0LD9ABeBnnJ8SEOZ7unsd1A9HBj+KUjvDeuc3
lZtUf1DMaah6UBehN5u9nPJRH6PmDiruh+6LgWrm9jbfoYNWc2v2Q912BQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMazr6Uin5MNyMRWqsrd+8GQVhzKMB8GA1UdIwQY
MBaAFMUxtj0RpswtHOaeExHIesGmpwczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFRHMlBSR216QzBjNXA0VEVjaDZ3YWFuQnpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC84Njg5OGUtZTZlNi00Yjg4LTg4MTEt
ZGI4Y2FiY2VlMjFlLzEveFRHMlBSR216QzBjNXA0VEVjaDZ3YWFuQnpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC84Njg5OGUtZTZlNi00Yjg4LTg4MTEtZGI4Y2FiY2VlMjFl
LzEveFRHMlBSR216QzBjNXA0VEVjaDZ3YWFuQnpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWdDh8+nD
gfEpNd6CU/A78vLEUZnzAp6fRicJtmBc5/9snpdvtaH5Q7gf/6ff3xzBWTylBTI5
+uxcUqb8xA588OoFhVLapyLSRXofcTyKB96hSZnPligkSD3rV5H4J++gwIToalgH
ke9/XPDL3WBH9Z+pLLeTYEOiADVlJfoFBLQzwyJZ55I+44LlxVRl6qgIf1lyjKAn
oe7lZW4vvafxJZ8ePY9RNehIMqLKbJTjvRrWgIfpfTEk2FuCodZj1Ji8zpZVavCG
Siaus59j38yXMRQQ4pCjnsD+WycwFHXGg2uSBr3kIU9VZKX5lsFEbf1RFpWlXXZC
DmMupCmvi+QJww==
-----END CERTIFICATE-----
Generated at Tue Nov 4 06:07:51 2025 by rpki-client