Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft
File: XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft (raw, json)
Hash identifier: NL7vnWWqONUyiFkzB8HLR5KK7RcxH/Di+6gxjYSasrY=
Subject key identifier: 27:A2:1C:4C:19:31:90:96:FD:A5:6E:4A:99:C8:C9:AF:29:4A:4B:44
Authority key identifier: 5C:DF:30:1A:C0:15:26:D0:8C:DE:C2:42:CC:5A:14:01:41:FB:15:3D
Certificate issuer: /CN=5cdf301ac01526d08cdec242cc5a140141fb153d
Certificate serial: 019A733819295E023FFFA086B9BC9AAB7ACC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft
Manifest number: 0344
Signing time: Tue 11 Nov 2025 14:00:47 +0000
Manifest this update: Tue 11 Nov 2025 14:00:47 +0000
Manifest next update: Wed 12 Nov 2025 14:00:47 +0000
Files and hashes: 1: XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl (hash: Whofpjz2rJqh79loeMjsAejgCNb+55QnuvewZzJ7x2U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft
rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:38:19:29:5e:02:3f:ff:a0:86:b9:bc:9a:ab:7a:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cdf301ac01526d08cdec242cc5a140141fb153d
Validity
Not Before: Nov 11 14:00:47 2025 GMT
Not After : Nov 12 14:00:47 2025 GMT
Subject: CN=27a21c4c19319096fda56e4a99c8c9af294a4b44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:6e:13:5e:d7:55:2f:2d:d8:ec:14:6a:a0:ce:
65:26:af:12:2f:e6:c0:41:8a:4a:bc:7d:32:6a:b3:
a2:92:22:d7:ce:29:ad:9d:5c:96:fa:84:aa:53:fe:
b7:98:60:b8:5d:0b:ce:f0:95:ff:8c:88:57:76:d1:
b3:da:22:a9:d4:52:0f:a9:6c:52:fa:c2:73:a1:8b:
a1:77:ce:fe:2b:67:3d:12:ec:6f:cf:6c:e5:22:d0:
58:81:49:50:17:60:8f:c5:50:c3:67:2b:70:93:32:
32:c7:ef:02:41:a7:52:4d:90:b3:32:3a:8e:e3:85:
12:ec:19:17:d0:c8:60:25:e9:74:da:53:8b:d1:c7:
56:ec:ff:7e:30:e0:8f:2a:8c:b9:5f:9b:3f:14:c6:
76:1d:af:84:64:e9:db:68:1b:ec:b4:41:2c:20:bd:
82:88:63:69:b8:1f:be:e5:c7:5e:2d:d9:39:ce:fb:
fd:8c:3a:c4:58:bb:24:64:7a:81:6c:24:75:d7:c1:
65:2f:4c:f7:54:29:0a:86:17:3f:ce:b9:71:2e:3f:
dc:50:e3:65:9d:96:f9:15:4a:ce:a2:5a:af:f5:34:
fc:f9:b8:80:92:8d:f5:aa:2b:20:8c:1c:e9:3a:6e:
85:b6:a2:0b:43:e2:52:5d:d4:d1:89:81:a9:a8:bb:
e6:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:A2:1C:4C:19:31:90:96:FD:A5:6E:4A:99:C8:C9:AF:29:4A:4B:44
X509v3 Authority Key Identifier:
keyid:5C:DF:30:1A:C0:15:26:D0:8C:DE:C2:42:CC:5A:14:01:41:FB:15:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b4:23:2d:f7:f1:a1:95:1b:22:dd:25:c3:03:dc:38:94:a7:74:
05:b2:7d:7e:79:0d:c2:1d:68:48:c3:d0:e3:6c:be:e9:27:2a:
e3:5c:2b:ae:dd:98:5c:69:ef:57:de:b8:85:e7:c0:49:3e:e2:
ca:fe:19:4f:ff:4c:09:55:50:34:e7:45:5b:f5:d4:ca:2d:02:
a1:65:c7:26:17:2c:46:38:14:8a:9e:c8:3b:13:71:15:ed:c2:
6e:5f:5e:63:2e:02:ad:13:85:6a:59:41:ff:7f:3e:c3:65:aa:
17:3c:43:2a:c9:b8:33:d3:25:7a:82:69:e9:75:5a:cc:1d:f3:
96:4d:9e:4a:d1:83:41:ca:fa:4b:f2:73:5e:d8:05:15:64:e5:
be:0a:cf:7d:5f:2e:bc:61:2b:68:b2:49:3f:91:63:a3:46:9c:
2d:03:c9:09:00:5c:bc:e4:da:eb:60:76:e9:12:3e:3a:64:6c:
ca:fc:0f:44:20:84:12:8d:63:bc:5c:24:08:0d:1e:47:36:09:
43:6f:5d:ef:75:f2:55:14:30:58:b8:20:e8:65:7a:eb:7b:3c:
d3:c3:7c:1e:9c:63:04:fe:36:2e:5d:8c:fa:a8:b1:0f:8c:ba:
15:68:fc:da:85:fe:68:08:2f:bf:46:68:a4:8c:25:85:cd:b9:
04:0c:40:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzOBkpXgI//6CGubyaq3rMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZGYzMDFhYzAxNTI2ZDA4Y2RlYzI0MmNjNWExNDAxNDFm
YjE1M2QwHhcNMjUxMTExMTQwMDQ3WhcNMjUxMTEyMTQwMDQ3WjAzMTEwLwYDVQQD
EygyN2EyMWM0YzE5MzE5MDk2ZmRhNTZlNGE5OWM4YzlhZjI5NGE0YjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuG4TXtdVLy3Y7BRqoM5lJq8SL+bA
QYpKvH0yarOikiLXzimtnVyW+oSqU/63mGC4XQvO8JX/jIhXdtGz2iKp1FIPqWxS
+sJzoYuhd87+K2c9Euxvz2zlItBYgUlQF2CPxVDDZytwkzIyx+8CQadSTZCzMjqO
44US7BkX0MhgJel02lOL0cdW7P9+MOCPKoy5X5s/FMZ2Ha+EZOnbaBvstEEsIL2C
iGNpuB++5cdeLdk5zvv9jDrEWLskZHqBbCR118FlL0z3VCkKhhc/zrlxLj/cUONl
nZb5FUrOolqv9TT8+biAko31qisgjBzpOm6FtqILQ+JSXdTRiYGpqLvm0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCeiHEwZMZCW/aVuSpnIya8pSktEMB8GA1UdIwQY
MBaAFFzfMBrAFSbQjN7CQsxaFAFB+xU9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9jMjRjYmUtMzM3NS00NGMzLWJhNjMt
Yzk2NDIyMGJhZTgwLzEvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9jMjRjYmUtMzM3NS00NGMzLWJhNjMtYzk2NDIyMGJhZTgw
LzEvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtCMt9/Gh
lRsi3SXDA9w4lKd0BbJ9fnkNwh1oSMPQ42y+6Scq41wrrt2YXGnvV964hefAST7i
yv4ZT/9MCVVQNOdFW/XUyi0CoWXHJhcsRjgUip7IOxNxFe3Cbl9eYy4CrROFallB
/38+w2WqFzxDKsm4M9MleoJp6XVazB3zlk2eStGDQcr6S/JzXtgFFWTlvgrPfV8u
vGEraLJJP5Fjo0acLQPJCQBcvOTa62B26RI+OmRsyvwPRCCEEo1jvFwkCA0eRzYJ
Q29d73XyVRQwWLgg6GV663s808N8HpxjBP42Ll2M+qixD4y6FWj82oX+aAgvv0Zo
pIwlhc25BAxAag==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:51:26 2025 by rpki-client