Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/ed5d3a-b869-4cda-9d32-250e55b9d4a9/1/xDx0Aiy78LPP_2Ax1tLeA2nJnk4.mft
File: xDx0Aiy78LPP_2Ax1tLeA2nJnk4.mft (raw, json)
Hash identifier: A3Tfym+GwUbLhK5ackZng4R7l0DwrmIlypDgqxo+gPk=
Subject key identifier: 5A:BF:66:80:1E:B6:F3:E3:C1:E8:AE:58:99:DA:6A:59:21:F4:77:92
Authority key identifier: C4:3C:74:02:2C:BB:F0:B3:CF:FF:60:31:D6:D2:DE:03:69:C9:9E:4E
Certificate issuer: /CN=c43c74022cbbf0b3cfff6031d6d2de0369c99e4e
Certificate serial: 019A71B93639093C5D78DDAB7C44FF0C5780
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xDx0Aiy78LPP_2Ax1tLeA2nJnk4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/ed5d3a-b869-4cda-9d32-250e55b9d4a9/1/xDx0Aiy78LPP_2Ax1tLeA2nJnk4.mft
Manifest number: 08BD
Signing time: Tue 11 Nov 2025 07:02:34 +0000
Manifest this update: Tue 11 Nov 2025 07:02:34 +0000
Manifest next update: Wed 12 Nov 2025 07:02:34 +0000
Files and hashes: 1: ZYhttRWwRR-QF8jloAZFKuhooqE.roa (hash: eO0V42mhSgtEZOqn/NTkR+4pbvAmlZ4nSZ0JyynFqN4=)
2: xDx0Aiy78LPP_2Ax1tLeA2nJnk4.crl (hash: Hpu2lSeFw6YJrOWvsfEesxjZ+a5EzR11ubdMUvOYVro=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/ed5d3a-b869-4cda-9d32-250e55b9d4a9/1/xDx0Aiy78LPP_2Ax1tLeA2nJnk4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/ed5d3a-b869-4cda-9d32-250e55b9d4a9/1/xDx0Aiy78LPP_2Ax1tLeA2nJnk4.mft
rsync://rpki.ripe.net/repository/DEFAULT/xDx0Aiy78LPP_2Ax1tLeA2nJnk4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b9:36:39:09:3c:5d:78:dd:ab:7c:44:ff:0c:57:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c43c74022cbbf0b3cfff6031d6d2de0369c99e4e
Validity
Not Before: Nov 11 07:02:34 2025 GMT
Not After : Nov 12 07:02:34 2025 GMT
Subject: CN=5abf66801eb6f3e3c1e8ae5899da6a5921f47792
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:d2:9b:fd:8f:6c:12:c1:fb:c9:19:e2:2c:b4:
f5:13:10:93:06:cc:85:8d:d6:e9:22:78:f4:36:bb:
a8:b9:5e:55:54:5b:bd:2b:3b:f5:37:c2:1f:53:70:
e2:63:1d:e8:88:e8:7a:3a:b5:95:e5:11:03:93:e7:
74:dc:9a:4a:a0:56:02:0b:05:63:a2:bb:bc:cc:b2:
b8:95:8b:20:44:b5:f2:21:57:ad:fa:20:c7:07:a8:
9a:ee:80:44:2f:4a:c6:7c:66:0e:b8:1f:11:db:ce:
e4:ae:ca:73:3d:cc:7f:c4:6d:ca:6a:0b:f7:bb:2a:
cd:48:c9:34:37:0b:ae:1b:b7:24:d1:be:29:e5:d7:
cf:2d:cf:af:17:05:7f:b3:83:aa:82:66:fe:f4:19:
f3:b0:6f:a3:dc:ba:5b:a5:5c:a9:09:ad:68:fd:73:
2b:8e:68:8e:ce:fb:33:24:1c:b9:de:da:aa:6b:5b:
52:fa:12:bf:76:f4:45:b7:1a:44:97:0a:b2:77:dd:
ff:dc:70:1e:22:40:3c:88:25:d7:1c:85:96:d9:2b:
95:24:1b:60:51:e9:ef:5a:6b:ba:ed:e4:46:d4:6d:
9f:b1:36:3b:ca:ba:13:56:0c:52:31:1d:08:d4:9e:
56:17:79:05:70:b7:0e:c5:05:9a:6d:a8:05:bb:6e:
a4:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:BF:66:80:1E:B6:F3:E3:C1:E8:AE:58:99:DA:6A:59:21:F4:77:92
X509v3 Authority Key Identifier:
keyid:C4:3C:74:02:2C:BB:F0:B3:CF:FF:60:31:D6:D2:DE:03:69:C9:9E:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xDx0Aiy78LPP_2Ax1tLeA2nJnk4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/ed5d3a-b869-4cda-9d32-250e55b9d4a9/1/xDx0Aiy78LPP_2Ax1tLeA2nJnk4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/ed5d3a-b869-4cda-9d32-250e55b9d4a9/1/xDx0Aiy78LPP_2Ax1tLeA2nJnk4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a6:f6:a1:ec:70:6b:ce:ed:ba:c3:e9:59:85:ec:e3:63:6d:af:
81:e7:04:ac:ce:ad:46:5b:8b:6d:fa:e5:39:5b:a3:49:d8:c7:
ba:82:60:80:74:b3:65:65:52:f3:89:66:f3:6a:9f:ba:71:f1:
56:3a:1a:4b:0b:8f:1b:94:a1:05:36:69:45:14:b8:77:54:90:
bf:1d:41:14:af:88:68:fd:c9:30:51:92:e6:02:77:f2:44:b6:
39:cb:a5:01:37:16:63:05:15:2a:3c:35:27:37:37:f6:42:3b:
7c:80:42:b8:c0:ca:22:38:a6:8d:50:b3:63:1d:05:18:11:18:
65:96:b0:99:76:42:58:8a:20:e4:cb:d5:a2:37:17:24:ed:8d:
54:5a:82:ca:55:3f:26:cc:7b:36:c3:ce:b9:37:41:75:eb:71:
3e:2c:b9:96:9d:bb:42:fc:a0:53:62:ff:62:c0:f6:51:65:d9:
47:99:5d:55:c9:b1:d6:2e:80:df:d5:9c:6d:3f:db:7b:26:4c:
7d:af:f9:aa:09:81:40:d1:b5:2f:06:d4:85:49:f3:95:11:88:
eb:37:99:95:1a:0d:fd:a6:d7:72:da:28:e1:31:c7:52:64:cb:
0e:a0:19:2c:6b:0d:f8:6d:ef:a6:63:56:2a:d4:f4:c3:ea:2f:
d4:7c:bf:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuTY5CTxdeN2rfET/DFeAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0M2M3NDAyMmNiYmYwYjNjZmZmNjAzMWQ2ZDJkZTAzNjlj
OTllNGUwHhcNMjUxMTExMDcwMjM0WhcNMjUxMTEyMDcwMjM0WjAzMTEwLwYDVQQD
Eyg1YWJmNjY4MDFlYjZmM2UzYzFlOGFlNTg5OWRhNmE1OTIxZjQ3NzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNKb/Y9sEsH7yRniLLT1ExCTBsyF
jdbpInj0NruouV5VVFu9Kzv1N8IfU3DiYx3oiOh6OrWV5REDk+d03JpKoFYCCwVj
oru8zLK4lYsgRLXyIVet+iDHB6ia7oBEL0rGfGYOuB8R287krspzPcx/xG3Kagv3
uyrNSMk0NwuuG7ck0b4p5dfPLc+vFwV/s4Oqgmb+9BnzsG+j3LpbpVypCa1o/XMr
jmiOzvszJBy53tqqa1tS+hK/dvRFtxpElwqyd93/3HAeIkA8iCXXHIWW2SuVJBtg
UenvWmu67eRG1G2fsTY7yroTVgxSMR0I1J5WF3kFcLcOxQWabagFu26kHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFq/ZoAetvPjweiuWJnaalkh9HeSMB8GA1UdIwQY
MBaAFMQ8dAIsu/Czz/9gMdbS3gNpyZ5OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveER4MEFpeTc4TFBQXzJBeDF0TGVBMm5Kbms0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9lZDVkM2EtYjg2OS00Y2RhLTlkMzIt
MjUwZTU1YjlkNGE5LzEveER4MEFpeTc4TFBQXzJBeDF0TGVBMm5Kbms0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9lZDVkM2EtYjg2OS00Y2RhLTlkMzItMjUwZTU1YjlkNGE5
LzEveER4MEFpeTc4TFBQXzJBeDF0TGVBMm5Kbms0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApvah7HBr
zu26w+lZhezjY22vgecErM6tRluLbfrlOVujSdjHuoJggHSzZWVS84lm82qfunHx
VjoaSwuPG5ShBTZpRRS4d1SQvx1BFK+IaP3JMFGS5gJ38kS2OculATcWYwUVKjw1
Jzc39kI7fIBCuMDKIjimjVCzYx0FGBEYZZawmXZCWIog5MvVojcXJO2NVFqCylU/
Jsx7NsPOuTdBdetxPiy5lp27QvygU2L/YsD2UWXZR5ldVcmx1i6A39WcbT/beyZM
fa/5qgmBQNG1LwbUhUnzlRGI6zeZlRoN/abXctoo4THHUmTLDqAZLGsN+G3vpmNW
KtT0w+ov1Hy/cg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:32:26 2025 by rpki-client