Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/32e3d3-9a8d-4653-94fa-a2019988330f/1/_XBhwg1PCXYTrAMTI3pt8rsstdw.mft
File: _XBhwg1PCXYTrAMTI3pt8rsstdw.mft (raw, json)
Hash identifier: eavxyDNgYEHpTKhUL4xFOAWxU/DlsFpU8DJIE4ytbBI=
Subject key identifier: 4F:E4:2A:59:85:AF:48:2F:7C:8E:5A:E9:0E:2D:03:6A:8B:7E:1C:C0
Authority key identifier: FD:70:61:C2:0D:4F:09:76:13:AC:03:13:23:7A:6D:F2:BB:2C:B5:DC
Certificate issuer: /CN=fd7061c20d4f097613ac0313237a6df2bb2cb5dc
Certificate serial: 019A725C45B42F629C97530A815864193700
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_XBhwg1PCXYTrAMTI3pt8rsstdw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/32e3d3-9a8d-4653-94fa-a2019988330f/1/_XBhwg1PCXYTrAMTI3pt8rsstdw.mft
Manifest number: 02B5
Signing time: Tue 11 Nov 2025 10:00:40 +0000
Manifest this update: Tue 11 Nov 2025 10:00:40 +0000
Manifest next update: Wed 12 Nov 2025 10:00:40 +0000
Files and hashes: 1: _XBhwg1PCXYTrAMTI3pt8rsstdw.crl (hash: YK14VDLH2T726gtCxYBW23SX2v2s4cbfLEiIBhi1AXE=)
2: bIh6rb6KgAadfuO3R9Ubbeh6oaY.roa (hash: u3cvjQO/JSlrsYEw7MORRhOpl1pZlSv4+pYCjFsW1wU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/32e3d3-9a8d-4653-94fa-a2019988330f/1/_XBhwg1PCXYTrAMTI3pt8rsstdw.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/32e3d3-9a8d-4653-94fa-a2019988330f/1/_XBhwg1PCXYTrAMTI3pt8rsstdw.mft
rsync://rpki.ripe.net/repository/DEFAULT/_XBhwg1PCXYTrAMTI3pt8rsstdw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:45:b4:2f:62:9c:97:53:0a:81:58:64:19:37:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd7061c20d4f097613ac0313237a6df2bb2cb5dc
Validity
Not Before: Nov 11 10:00:40 2025 GMT
Not After : Nov 12 10:00:40 2025 GMT
Subject: CN=4fe42a5985af482f7c8e5ae90e2d036a8b7e1cc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ed:e3:64:05:5f:15:30:c0:11:2c:2f:da:46:
7c:7c:23:ea:72:53:20:66:7f:6b:20:74:d7:1d:6a:
15:24:3a:19:ce:70:0d:ec:47:d2:66:9c:32:20:e6:
b3:64:be:da:58:b4:f8:94:4d:ec:75:06:c7:3b:a7:
ec:d1:86:fd:97:92:ca:40:98:cf:d5:26:a9:c8:b0:
5a:a8:20:c5:7b:0d:6c:4c:85:b4:02:26:4f:63:99:
78:e3:4e:c2:af:a6:90:36:39:81:c2:f0:07:b5:e9:
46:2b:85:6c:5b:16:0b:1b:e2:8b:e4:f3:b9:7c:a4:
d8:66:88:c9:39:70:f3:11:8b:43:a0:13:ab:1d:9c:
74:a4:f9:d9:02:22:34:7d:e6:20:17:85:3a:f3:7c:
0a:c6:80:ba:54:7d:74:b9:85:23:a6:7a:ab:61:8a:
0e:95:59:f4:21:72:ef:3e:5b:8f:38:fc:17:fa:62:
21:b8:36:25:62:86:ce:11:c5:21:b3:e6:0c:8d:ea:
37:bc:6f:83:ae:38:2d:fc:40:a9:d1:3d:26:23:b7:
3a:b8:24:18:7d:25:48:a1:31:e3:2d:28:3b:c6:16:
e3:ba:0c:92:e2:e7:4a:f6:f4:f4:3d:db:b8:94:1f:
a0:eb:9c:7a:fa:df:b6:9c:52:fe:e2:f6:03:b1:5f:
80:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:E4:2A:59:85:AF:48:2F:7C:8E:5A:E9:0E:2D:03:6A:8B:7E:1C:C0
X509v3 Authority Key Identifier:
keyid:FD:70:61:C2:0D:4F:09:76:13:AC:03:13:23:7A:6D:F2:BB:2C:B5:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_XBhwg1PCXYTrAMTI3pt8rsstdw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/32e3d3-9a8d-4653-94fa-a2019988330f/1/_XBhwg1PCXYTrAMTI3pt8rsstdw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/32e3d3-9a8d-4653-94fa-a2019988330f/1/_XBhwg1PCXYTrAMTI3pt8rsstdw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b2:fb:08:c9:c2:89:5c:ad:11:b8:e5:e4:5a:40:4f:a0:b6:ef:
2d:d7:fe:b1:9f:52:3c:21:0e:15:13:da:d1:61:3a:80:57:bb:
2d:d7:46:0a:57:67:08:2b:91:8c:15:15:b5:35:1b:3d:24:81:
1e:74:f8:c7:9c:48:60:92:23:de:0b:94:b1:b8:db:ec:48:48:
ca:27:6e:6c:ce:ba:4e:2f:01:8e:ae:06:d4:90:22:65:25:2e:
ab:b1:46:50:3f:03:e7:bd:fc:08:cb:0e:68:34:77:36:e3:7c:
df:09:b8:c1:c4:0d:e0:54:21:04:8f:0e:2e:e1:78:ae:d3:40:
d8:55:f4:00:a7:5b:c5:50:35:d9:a5:6d:08:8c:76:7e:35:18:
f5:d9:85:4e:d3:00:f1:aa:40:1d:2c:0b:4e:38:17:75:35:13:
5d:e7:65:18:13:84:1f:f5:ab:a0:bf:6d:1a:ad:03:ef:d9:44:
73:67:c8:1b:b0:f2:4f:79:2c:aa:cf:03:9f:a5:10:00:36:82:
c9:5e:8c:29:f6:4e:ee:2d:4b:f2:2b:c4:4f:ac:fe:23:a8:c2:
8b:c7:51:cf:13:97:59:58:63:04:a2:24:72:6e:65:a7:2d:b1:
83:1a:cc:b0:8b:9b:29:ff:b7:0d:fe:13:4b:c5:0b:ed:cb:ab:
f2:17:ed:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXEW0L2Kcl1MKgVhkGTcAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkNzA2MWMyMGQ0ZjA5NzYxM2FjMDMxMzIzN2E2ZGYyYmIy
Y2I1ZGMwHhcNMjUxMTExMTAwMDQwWhcNMjUxMTEyMTAwMDQwWjAzMTEwLwYDVQQD
Eyg0ZmU0MmE1OTg1YWY0ODJmN2M4ZTVhZTkwZTJkMDM2YThiN2UxY2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwO3jZAVfFTDAESwv2kZ8fCPqclMg
Zn9rIHTXHWoVJDoZznAN7EfSZpwyIOazZL7aWLT4lE3sdQbHO6fs0Yb9l5LKQJjP
1SapyLBaqCDFew1sTIW0AiZPY5l4407Cr6aQNjmBwvAHtelGK4VsWxYLG+KL5PO5
fKTYZojJOXDzEYtDoBOrHZx0pPnZAiI0feYgF4U683wKxoC6VH10uYUjpnqrYYoO
lVn0IXLvPluPOPwX+mIhuDYlYobOEcUhs+YMjeo3vG+Drjgt/ECp0T0mI7c6uCQY
fSVIoTHjLSg7xhbjugyS4udK9vT0Pdu4lB+g65x6+t+2nFL+4vYDsV+A3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE/kKlmFr0gvfI5a6Q4tA2qLfhzAMB8GA1UdIwQY
MBaAFP1wYcINTwl2E6wDEyN6bfK7LLXcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1hCaHdnMVBDWFlUckFNVEkzcHQ4cnNzdGR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8zMmUzZDMtOWE4ZC00NjUzLTk0ZmEt
YTIwMTk5ODgzMzBmLzEvX1hCaHdnMVBDWFlUckFNVEkzcHQ4cnNzdGR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8zMmUzZDMtOWE4ZC00NjUzLTk0ZmEtYTIwMTk5ODgzMzBm
LzEvX1hCaHdnMVBDWFlUckFNVEkzcHQ4cnNzdGR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsvsIycKJ
XK0RuOXkWkBPoLbvLdf+sZ9SPCEOFRPa0WE6gFe7LddGCldnCCuRjBUVtTUbPSSB
HnT4x5xIYJIj3guUsbjb7EhIyidubM66Ti8Bjq4G1JAiZSUuq7FGUD8D5738CMsO
aDR3NuN83wm4wcQN4FQhBI8OLuF4rtNA2FX0AKdbxVA12aVtCIx2fjUY9dmFTtMA
8apAHSwLTjgXdTUTXedlGBOEH/WroL9tGq0D79lEc2fIG7DyT3ksqs8Dn6UQADaC
yV6MKfZO7i1L8ivET6z+I6jCi8dRzxOXWVhjBKIkcm5lpy2xgxrMsIubKf+3Df4T
S8UL7cur8hft7g==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:38:54 2025 by rpki-client