Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/5ccbaf-c51d-4e76-a3ee-35ab420173db/1/mXwn0VtG2xhLwCswPIa0fEScG1Q.mft
File: mXwn0VtG2xhLwCswPIa0fEScG1Q.mft (raw, json)
Hash identifier: k696WHRyQS6Nvw1fqZABbf4x35i9vvIXfW+HwkeXezY=
Subject key identifier: DC:B7:86:A8:43:6E:5E:2E:25:92:2E:49:08:75:A3:9A:46:FF:57:FF
Authority key identifier: 99:7C:27:D1:5B:46:DB:18:4B:C0:2B:30:3C:86:B4:7C:44:9C:1B:54
Certificate issuer: /CN=997c27d15b46db184bc02b303c86b47c449c1b54
Certificate serial: 019A7225951DF71EC48CA0457080E1DB4636
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mXwn0VtG2xhLwCswPIa0fEScG1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/5ccbaf-c51d-4e76-a3ee-35ab420173db/1/mXwn0VtG2xhLwCswPIa0fEScG1Q.mft
Manifest number: 0FE4
Signing time: Tue 11 Nov 2025 09:00:56 +0000
Manifest this update: Tue 11 Nov 2025 09:00:56 +0000
Manifest next update: Wed 12 Nov 2025 09:00:56 +0000
Files and hashes: 1: JpZlGPUSnNPcPAQ7HrfbEiiCY90.roa (hash: sj/ySyRWLvZHGTxRHODxTY1XK4NRx1uXT8wwjiiWvG0=)
2: mXwn0VtG2xhLwCswPIa0fEScG1Q.crl (hash: BwEhIw5zlXYiQGAugkXZRJTN/B6o4AwsxukXkC7O4YQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/5ccbaf-c51d-4e76-a3ee-35ab420173db/1/mXwn0VtG2xhLwCswPIa0fEScG1Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/5ccbaf-c51d-4e76-a3ee-35ab420173db/1/mXwn0VtG2xhLwCswPIa0fEScG1Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/mXwn0VtG2xhLwCswPIa0fEScG1Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:95:1d:f7:1e:c4:8c:a0:45:70:80:e1:db:46:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=997c27d15b46db184bc02b303c86b47c449c1b54
Validity
Not Before: Nov 11 09:00:56 2025 GMT
Not After : Nov 12 09:00:56 2025 GMT
Subject: CN=dcb786a8436e5e2e25922e490875a39a46ff57ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:bb:58:b4:10:cb:bc:c7:03:cd:4e:a1:76:b5:
c1:07:83:20:85:ea:0d:93:01:37:38:6d:8a:4f:66:
74:e4:78:a5:2e:d3:d6:6e:57:21:e9:89:da:8e:3a:
11:92:f7:12:de:fa:cd:ad:da:ef:6f:90:19:38:82:
67:6f:e1:92:9c:d1:91:59:a9:8f:70:0a:64:33:a6:
77:84:c9:b0:bb:80:ef:38:d4:4b:c8:37:d6:76:29:
32:e3:d7:1a:81:6f:e2:3d:74:7e:5f:ba:0b:19:43:
39:7f:a8:9c:0c:05:1b:a5:b9:e9:fe:86:8f:58:56:
8f:8c:f2:8f:e4:e3:17:f6:1c:2a:2f:72:fc:c4:ba:
30:c3:6f:17:5e:62:96:8e:fe:12:15:46:b3:a1:22:
17:5b:de:cf:d0:a7:bd:08:6a:d9:74:4f:d1:26:cd:
15:21:26:c7:10:85:13:85:b3:c1:53:bb:1d:cd:62:
4d:99:ac:ff:be:77:02:87:1e:0b:85:0f:bf:47:6a:
61:7f:1f:36:11:21:27:73:2f:f9:8c:ec:32:95:9b:
99:0d:a6:e1:4f:da:f2:a0:5a:a3:c3:18:39:d4:89:
8b:ea:06:fa:ab:f8:20:69:6c:1c:fa:12:33:54:7f:
1e:0c:ba:35:d4:77:a5:2c:7c:ce:51:e8:9a:7c:60:
90:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:B7:86:A8:43:6E:5E:2E:25:92:2E:49:08:75:A3:9A:46:FF:57:FF
X509v3 Authority Key Identifier:
keyid:99:7C:27:D1:5B:46:DB:18:4B:C0:2B:30:3C:86:B4:7C:44:9C:1B:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mXwn0VtG2xhLwCswPIa0fEScG1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/5ccbaf-c51d-4e76-a3ee-35ab420173db/1/mXwn0VtG2xhLwCswPIa0fEScG1Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/5ccbaf-c51d-4e76-a3ee-35ab420173db/1/mXwn0VtG2xhLwCswPIa0fEScG1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5b:60:ad:30:5d:21:5e:e6:b0:fc:6a:93:9e:de:b1:da:67:59:
91:88:5f:4a:c0:17:e1:9d:ba:53:35:fb:61:32:41:ff:ac:e7:
51:da:30:3b:28:d1:d3:ba:af:9d:82:d1:83:a8:ab:e8:18:1c:
8d:c1:87:80:3a:f4:3f:58:8a:3b:ed:81:5a:3f:f1:56:1e:b7:
7b:8c:8f:4c:01:8b:ec:5f:b9:d8:94:c0:a8:b6:f3:c5:56:0e:
5e:3e:57:e5:37:5f:4d:2f:ed:4b:f4:6b:e2:57:d9:b6:c3:38:
2e:43:ba:18:be:0a:23:6c:ab:b1:b9:23:f4:fa:67:5f:08:b6:
f1:71:bd:51:9a:f7:a7:dd:99:f9:15:cf:3f:2d:f1:ef:6f:28:
52:13:63:3c:8e:a0:a3:24:3a:1c:d9:23:85:88:89:f1:5e:66:
af:72:d2:d8:5b:48:d0:ab:be:db:1d:1f:e8:b3:ed:70:31:9e:
b5:7a:3b:bd:55:16:00:b7:d5:d7:1b:9d:09:54:ad:ad:3a:7b:
56:cb:06:b1:36:c3:d0:c4:9f:f4:01:90:09:a3:d0:50:c3:c7:
49:23:3b:e2:8f:d9:dc:8c:92:f2:d1:66:5b:4e:29:19:4c:6b:
86:d8:74:f7:38:52:83:28:f9:49:41:c9:84:e5:d8:0d:94:f4:
fa:bd:65:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJZUd9x7EjKBFcIDh20Y2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5N2MyN2QxNWI0NmRiMTg0YmMwMmIzMDNjODZiNDdjNDQ5
YzFiNTQwHhcNMjUxMTExMDkwMDU2WhcNMjUxMTEyMDkwMDU2WjAzMTEwLwYDVQQD
EyhkY2I3ODZhODQzNmU1ZTJlMjU5MjJlNDkwODc1YTM5YTQ2ZmY1N2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3btYtBDLvMcDzU6hdrXBB4MgheoN
kwE3OG2KT2Z05HilLtPWblch6YnajjoRkvcS3vrNrdrvb5AZOIJnb+GSnNGRWamP
cApkM6Z3hMmwu4DvONRLyDfWdiky49cagW/iPXR+X7oLGUM5f6icDAUbpbnp/oaP
WFaPjPKP5OMX9hwqL3L8xLoww28XXmKWjv4SFUazoSIXW97P0Ke9CGrZdE/RJs0V
ISbHEIUThbPBU7sdzWJNmaz/vncChx4LhQ+/R2phfx82ESEncy/5jOwylZuZDabh
T9ryoFqjwxg51ImL6gb6q/ggaWwc+hIzVH8eDLo11HelLHzOUeiafGCQUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNy3hqhDbl4uJZIuSQh1o5pG/1f/MB8GA1UdIwQY
MBaAFJl8J9FbRtsYS8ArMDyGtHxEnBtUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVh3bjBWdEcyeGhMd0Nzd1BJYTBmRVNjRzFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi81Y2NiYWYtYzUxZC00ZTc2LWEzZWUt
MzVhYjQyMDE3M2RiLzEvbVh3bjBWdEcyeGhMd0Nzd1BJYTBmRVNjRzFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi81Y2NiYWYtYzUxZC00ZTc2LWEzZWUtMzVhYjQyMDE3M2Ri
LzEvbVh3bjBWdEcyeGhMd0Nzd1BJYTBmRVNjRzFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW2CtMF0h
Xuaw/GqTnt6x2mdZkYhfSsAX4Z26UzX7YTJB/6znUdowOyjR07qvnYLRg6ir6Bgc
jcGHgDr0P1iKO+2BWj/xVh63e4yPTAGL7F+52JTAqLbzxVYOXj5X5TdfTS/tS/Rr
4lfZtsM4LkO6GL4KI2yrsbkj9PpnXwi28XG9UZr3p92Z+RXPPy3x728oUhNjPI6g
oyQ6HNkjhYiJ8V5mr3LS2FtI0Ku+2x0f6LPtcDGetXo7vVUWALfV1xudCVStrTp7
VssGsTbD0MSf9AGQCaPQUMPHSSM74o/Z3IyS8tFmW04pGUxrhth09zhSgyj5SUHJ
hOXYDZT0+r1lIA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:15:52 2025 by rpki-client