Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/xb-nGlET_tgkZHdsFDcVFMkhjvU.mft
File: xb-nGlET_tgkZHdsFDcVFMkhjvU.mft (raw, json)
Hash identifier: XRsJLnIkgIETQuHSw4dWa36/P+seFFg6Ua4HL8FcoQY=
Subject key identifier: 64:B9:61:01:3F:1A:FD:16:08:6A:65:44:EB:A5:A5:72:D3:B4:FB:AD
Authority key identifier: C5:BF:A7:1A:51:13:FE:D8:24:64:77:6C:14:37:15:14:C9:21:8E:F5
Certificate issuer: /CN=c5bfa71a5113fed82464776c14371514c9218ef5
Certificate serial: 019A4BF312FC70CF04BD7472BDC9EBECD54F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xb-nGlET_tgkZHdsFDcVFMkhjvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/xb-nGlET_tgkZHdsFDcVFMkhjvU.mft
Manifest number: 0B43
Signing time: Mon 03 Nov 2025 23:00:12 +0000
Manifest this update: Mon 03 Nov 2025 23:00:12 +0000
Manifest next update: Tue 04 Nov 2025 23:00:12 +0000
Files and hashes: 1: IzmeYXYlO_xmlW74WeQyL7gffpE.roa (hash: Z5XX/V/bAHCE8fRhzNUzhUtEMOMQ14B1YoCinHSL1lM=)
2: xb-nGlET_tgkZHdsFDcVFMkhjvU.crl (hash: EARDcPzt8QXkKaUBU6u5uplmz3/Y4/d4JiQ0oZU7JsQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/xb-nGlET_tgkZHdsFDcVFMkhjvU.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/xb-nGlET_tgkZHdsFDcVFMkhjvU.mft
rsync://rpki.ripe.net/repository/DEFAULT/xb-nGlET_tgkZHdsFDcVFMkhjvU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Nov 2025 23:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4b:f3:12:fc:70:cf:04:bd:74:72:bd:c9:eb:ec:d5:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5bfa71a5113fed82464776c14371514c9218ef5
Validity
Not Before: Nov 3 23:00:12 2025 GMT
Not After : Nov 4 23:00:12 2025 GMT
Subject: CN=64b961013f1afd16086a6544eba5a572d3b4fbad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:01:8a:68:00:f3:c9:f7:a0:8c:5e:95:4c:a3:
e8:56:bb:f4:d4:b6:d6:23:3e:ba:53:2b:4c:e7:1e:
41:14:53:a5:c5:70:ef:62:37:57:4c:19:87:b9:9e:
e4:27:c8:45:95:a0:b9:2f:f5:34:f3:3c:70:72:4f:
94:eb:01:3f:29:36:4f:86:ef:9b:f8:d5:2d:33:18:
f4:c9:53:c7:f7:55:49:9d:82:7d:d6:e5:ad:84:32:
d1:42:71:4c:bd:ed:eb:a7:53:de:02:64:92:4f:36:
0f:5b:43:f7:3f:1a:14:90:72:4d:ed:5d:04:bf:3f:
38:ba:5d:a2:de:91:e6:36:e1:a0:c9:a2:4f:0a:fd:
ab:b4:1b:b6:ea:8d:1d:c9:b5:b5:d3:fe:30:45:0d:
d8:a8:d5:1e:1f:6b:4c:6a:de:fd:6d:19:33:35:98:
c8:5a:08:af:da:dd:42:ee:33:0d:16:d6:b7:54:d5:
d1:da:90:24:14:8b:01:f2:89:f4:ae:c4:78:64:88:
27:8b:37:ba:7e:84:91:58:48:e8:5e:84:5b:fa:04:
24:23:2b:09:c3:bd:e1:ff:37:b6:8f:89:6a:14:db:
4c:53:ce:12:b8:7a:92:9b:0a:2d:27:fe:8a:3d:96:
94:3e:f2:a7:02:70:54:fd:52:dd:d4:b3:bf:fe:2c:
6d:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:B9:61:01:3F:1A:FD:16:08:6A:65:44:EB:A5:A5:72:D3:B4:FB:AD
X509v3 Authority Key Identifier:
keyid:C5:BF:A7:1A:51:13:FE:D8:24:64:77:6C:14:37:15:14:C9:21:8E:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xb-nGlET_tgkZHdsFDcVFMkhjvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/xb-nGlET_tgkZHdsFDcVFMkhjvU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/xb-nGlET_tgkZHdsFDcVFMkhjvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a1:8c:15:dd:48:de:b0:c1:a9:a9:5e:17:d3:a1:6d:e1:51:32:
15:99:30:b7:71:89:fc:5f:f0:65:ae:c1:7e:d4:b3:ea:19:6f:
a9:31:78:26:39:7b:52:55:4c:e8:af:ec:8c:a6:53:57:22:a5:
e0:c2:e9:32:32:a1:e9:4b:95:bc:b0:4f:ae:2b:ee:b5:18:37:
b6:0b:73:d0:23:c2:dd:14:f6:39:b4:ae:19:06:14:7f:99:02:
5d:2f:d8:e5:2b:72:c2:b9:41:b3:02:cf:2a:de:3d:15:d0:36:
1a:2d:c1:87:f1:55:69:55:95:91:2e:39:f7:06:41:ce:30:20:
a4:ee:ab:5c:1e:a7:60:66:e6:07:59:1a:b9:70:56:64:d7:b2:
a1:ad:e9:5b:54:3e:91:28:64:2e:fc:30:cf:71:1b:ac:17:cc:
8b:03:dd:f3:89:f0:b5:12:0b:97:51:c8:90:d1:e4:cf:e2:a3:
f0:81:91:1b:c1:26:f4:8a:e6:37:cc:ab:ad:c1:18:a7:b1:73:
da:21:7b:23:cd:da:be:d0:30:de:d9:d5:99:d9:fd:4a:e8:d4:
0c:5f:cc:05:ed:e0:55:3d:36:9a:a3:3e:15:9c:da:5b:1c:90:
fc:38:12:2b:73:83:19:da:7d:82:5c:4a:51:6a:2e:c0:29:24:
95:99:5e:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpL8xL8cM8EvXRyvcnr7NVPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YmZhNzFhNTExM2ZlZDgyNDY0Nzc2YzE0MzcxNTE0Yzky
MThlZjUwHhcNMjUxMTAzMjMwMDEyWhcNMjUxMTA0MjMwMDEyWjAzMTEwLwYDVQQD
Eyg2NGI5NjEwMTNmMWFmZDE2MDg2YTY1NDRlYmE1YTU3MmQzYjRmYmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgGKaADzyfegjF6VTKPoVrv01LbW
Iz66UytM5x5BFFOlxXDvYjdXTBmHuZ7kJ8hFlaC5L/U08zxwck+U6wE/KTZPhu+b
+NUtMxj0yVPH91VJnYJ91uWthDLRQnFMve3rp1PeAmSSTzYPW0P3PxoUkHJN7V0E
vz84ul2i3pHmNuGgyaJPCv2rtBu26o0dybW10/4wRQ3YqNUeH2tMat79bRkzNZjI
Wgiv2t1C7jMNFta3VNXR2pAkFIsB8on0rsR4ZIgnize6foSRWEjoXoRb+gQkIysJ
w73h/ze2j4lqFNtMU84SuHqSmwotJ/6KPZaUPvKnAnBU/VLd1LO//ixtlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGS5YQE/Gv0WCGplROulpXLTtPutMB8GA1UdIwQY
MBaAFMW/pxpRE/7YJGR3bBQ3FRTJIY71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGItbkdsRVRfdGdrWkhkc0ZEY1ZGTWtoanZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC82N2M4ZmItMDI1Ny00ZDYwLWEwZGYt
NmZjZTAzMzI1YjNmLzEveGItbkdsRVRfdGdrWkhkc0ZEY1ZGTWtoanZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC82N2M4ZmItMDI1Ny00ZDYwLWEwZGYtNmZjZTAzMzI1YjNm
LzEveGItbkdsRVRfdGdrWkhkc0ZEY1ZGTWtoanZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoYwV3Uje
sMGpqV4X06Ft4VEyFZkwt3GJ/F/wZa7BftSz6hlvqTF4Jjl7UlVM6K/sjKZTVyKl
4MLpMjKh6UuVvLBPrivutRg3tgtz0CPC3RT2ObSuGQYUf5kCXS/Y5StywrlBswLP
Kt49FdA2Gi3Bh/FVaVWVkS459wZBzjAgpO6rXB6nYGbmB1kauXBWZNeyoa3pW1Q+
kShkLvwwz3EbrBfMiwPd84nwtRILl1HIkNHkz+Kj8IGRG8Em9IrmN8yrrcEYp7Fz
2iF7I83avtAw3tnVmdn9SujUDF/MBe3gVT02mqM+FZzaWxyQ/DgSK3ODGdp9glxK
UWouwCkklZle2A==
-----END CERTIFICATE-----
Generated at Tue Nov 4 08:25:04 2025 by rpki-client