Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/a4ba8f-5e61-4dcc-ba0b-f624ed5f46fe/1/xHC41L-HFAS8pTx3gVME7y6k4co.mft
File: xHC41L-HFAS8pTx3gVME7y6k4co.mft (raw, json)
Hash identifier: dsv50zKbRjusXKvoIKjhZUMXdsFjlIHQ+yFMS6HQafw=
Subject key identifier: 42:A6:F9:3D:95:56:B6:3B:C6:64:D1:0A:65:4E:8A:1D:A2:3F:F3:3A
Authority key identifier: C4:70:B8:D4:BF:87:14:04:BC:A5:3C:77:81:53:04:EF:2E:A4:E1:CA
Certificate issuer: /CN=c470b8d4bf871404bca53c77815304ef2ea4e1ca
Certificate serial: 019A25F88BE0CDA391D19AF0FA20FF3DA7F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xHC41L-HFAS8pTx3gVME7y6k4co.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/a4ba8f-5e61-4dcc-ba0b-f624ed5f46fe/1/xHC41L-HFAS8pTx3gVME7y6k4co.mft
Manifest number: DD
Signing time: Mon 27 Oct 2025 14:00:36 +0000
Manifest this update: Mon 27 Oct 2025 14:00:36 +0000
Manifest next update: Tue 28 Oct 2025 14:00:36 +0000
Files and hashes: 1: N1QJr3d4xPAL0pWw7bMpfGQLYDw.roa (hash: bdncW/PZlPA4ydR5a6GdEoycfKMOIvrr26MW7cKXUvM=)
2: xHC41L-HFAS8pTx3gVME7y6k4co.crl (hash: 9lkXT7pTLdn0j03t3FujQOJRuAV2ov/lFTcz32EMO5o=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/a4ba8f-5e61-4dcc-ba0b-f624ed5f46fe/1/xHC41L-HFAS8pTx3gVME7y6k4co.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/a4ba8f-5e61-4dcc-ba0b-f624ed5f46fe/1/xHC41L-HFAS8pTx3gVME7y6k4co.mft
rsync://rpki.ripe.net/repository/DEFAULT/xHC41L-HFAS8pTx3gVME7y6k4co.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 14:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:25:f8:8b:e0:cd:a3:91:d1:9a:f0:fa:20:ff:3d:a7:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c470b8d4bf871404bca53c77815304ef2ea4e1ca
Validity
Not Before: Oct 27 14:00:36 2025 GMT
Not After : Oct 28 14:00:36 2025 GMT
Subject: CN=42a6f93d9556b63bc664d10a654e8a1da23ff33a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:43:64:8e:6c:7c:c8:9b:32:b0:fd:d4:71:34:
de:df:6f:5e:c7:3e:67:da:a7:15:0f:7b:55:10:21:
82:1d:15:4c:cd:d9:b9:bf:8e:6c:73:be:7f:36:c1:
6e:a4:63:a2:15:b2:02:85:5d:5e:3d:c3:77:ae:c2:
06:94:e7:98:fb:fd:1b:44:68:cb:cd:96:c9:c3:f5:
94:9a:aa:f1:37:c3:cb:17:6b:03:b0:01:bf:cc:7d:
07:a9:24:fa:94:2f:0e:13:d9:34:ae:a7:34:c7:14:
61:49:78:34:35:19:fa:3f:64:38:98:67:01:f9:4c:
12:1d:8c:f4:cd:57:55:9a:1f:e1:50:04:1a:72:6f:
df:1d:7b:53:c2:db:23:a0:ba:75:55:be:9d:85:1e:
f3:96:80:47:a7:07:ee:21:22:30:8b:6d:86:c2:55:
90:05:e3:4c:44:bc:fc:c9:0d:5f:5c:d9:a5:80:33:
b4:c6:9b:e0:ae:2d:74:d7:82:06:50:a3:ab:93:ad:
f7:9a:81:3a:d7:1e:23:63:1f:13:fb:68:71:dd:69:
ef:05:9e:82:b1:40:89:1f:5e:2d:51:99:f6:96:c0:
b0:8b:8b:0d:7b:c0:34:91:13:b9:29:0e:2a:8c:56:
0f:16:30:df:c2:83:a7:37:ef:19:10:06:ca:f6:c0:
95:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:A6:F9:3D:95:56:B6:3B:C6:64:D1:0A:65:4E:8A:1D:A2:3F:F3:3A
X509v3 Authority Key Identifier:
keyid:C4:70:B8:D4:BF:87:14:04:BC:A5:3C:77:81:53:04:EF:2E:A4:E1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xHC41L-HFAS8pTx3gVME7y6k4co.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/a4ba8f-5e61-4dcc-ba0b-f624ed5f46fe/1/xHC41L-HFAS8pTx3gVME7y6k4co.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/a4ba8f-5e61-4dcc-ba0b-f624ed5f46fe/1/xHC41L-HFAS8pTx3gVME7y6k4co.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3b:3b:ce:c6:83:1a:26:99:5b:fc:de:56:06:88:71:3f:aa:2b:
29:96:39:00:4e:4c:d1:0d:69:00:9a:0d:c0:a4:ae:54:90:2b:
f9:62:3c:e1:74:86:c2:cb:e6:b9:32:e5:c7:02:fa:88:53:55:
b9:e3:20:b4:b9:f7:ae:13:5a:1a:62:d0:a9:92:f0:d0:65:73:
87:9d:86:64:04:06:39:65:8a:ad:31:8e:fd:35:5a:ca:f0:ea:
48:e8:85:26:b9:4a:18:6b:5b:cd:46:74:42:73:57:79:87:a6:
b3:f9:a4:b5:c2:24:d8:ae:07:c9:69:b1:58:b8:f6:aa:ab:5c:
c2:13:46:49:b8:40:fb:5e:f9:60:a6:10:71:43:60:0e:75:ad:
74:4b:92:d4:9e:d8:89:81:1b:78:4b:68:ba:62:f9:67:be:26:
bc:89:cb:31:70:26:55:94:60:0e:d9:44:53:ff:47:a6:59:95:
bc:0f:08:f4:9a:fe:9e:fa:60:8e:58:e7:c1:5e:a1:07:f5:97:
da:c2:13:91:ab:92:d5:d3:f5:f1:63:d9:6b:dd:ba:6e:5a:75:
1d:51:89:af:99:9d:84:3c:9f:c9:30:ce:27:19:6d:6f:73:d3:
77:c2:00:1e:d4:4c:86:81:7f:b3:ec:0c:2d:00:17:f1:b5:e4:
fb:5c:97:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZol+IvgzaOR0Zrw+iD/PafwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NzBiOGQ0YmY4NzE0MDRiY2E1M2M3NzgxNTMwNGVmMmVh
NGUxY2EwHhcNMjUxMDI3MTQwMDM2WhcNMjUxMDI4MTQwMDM2WjAzMTEwLwYDVQQD
Eyg0MmE2ZjkzZDk1NTZiNjNiYzY2NGQxMGE2NTRlOGExZGEyM2ZmMzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkNkjmx8yJsysP3UcTTe329exz5n
2qcVD3tVECGCHRVMzdm5v45sc75/NsFupGOiFbIChV1ePcN3rsIGlOeY+/0bRGjL
zZbJw/WUmqrxN8PLF2sDsAG/zH0HqST6lC8OE9k0rqc0xxRhSXg0NRn6P2Q4mGcB
+UwSHYz0zVdVmh/hUAQacm/fHXtTwtsjoLp1Vb6dhR7zloBHpwfuISIwi22GwlWQ
BeNMRLz8yQ1fXNmlgDO0xpvgri1014IGUKOrk633moE61x4jYx8T+2hx3WnvBZ6C
sUCJH14tUZn2lsCwi4sNe8A0kRO5KQ4qjFYPFjDfwoOnN+8ZEAbK9sCVpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEKm+T2VVrY7xmTRCmVOih2iP/M6MB8GA1UdIwQY
MBaAFMRwuNS/hxQEvKU8d4FTBO8upOHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEhDNDFMLUhGQVM4cFR4M2dWTUU3eTZrNGNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9hNGJhOGYtNWU2MS00ZGNjLWJhMGIt
ZjYyNGVkNWY0NmZlLzEveEhDNDFMLUhGQVM4cFR4M2dWTUU3eTZrNGNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9hNGJhOGYtNWU2MS00ZGNjLWJhMGItZjYyNGVkNWY0NmZl
LzEveEhDNDFMLUhGQVM4cFR4M2dWTUU3eTZrNGNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOzvOxoMa
Jplb/N5WBohxP6orKZY5AE5M0Q1pAJoNwKSuVJAr+WI84XSGwsvmuTLlxwL6iFNV
ueMgtLn3rhNaGmLQqZLw0GVzh52GZAQGOWWKrTGO/TVayvDqSOiFJrlKGGtbzUZ0
QnNXeYems/mktcIk2K4HyWmxWLj2qqtcwhNGSbhA+175YKYQcUNgDnWtdEuS1J7Y
iYEbeEtoumL5Z74mvInLMXAmVZRgDtlEU/9HplmVvA8I9Jr+nvpgjljnwV6hB/WX
2sITkauS1dP18WPZa926blp1HVGJr5mdhDyfyTDOJxltb3PTd8IAHtRMhoF/s+wM
LQAX8bXk+1yXeg==
-----END CERTIFICATE-----
Generated at Mon Oct 27 20:05:01 2025 by rpki-client