Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/0d615e-24db-47ef-9aa3-60e6b148d28b/1/1XfOFDQjLYCBldDKcKs5HfsHry0.mft
File: 1XfOFDQjLYCBldDKcKs5HfsHry0.mft (raw, json)
Hash identifier: 73cvRiW8Rf0NhwQt7Pa8Spk7HNvbLK1AgjmLvTdnoHQ=
Subject key identifier: FD:54:48:8D:BA:1B:EC:23:4E:56:F9:DF:32:78:EC:F4:F1:7B:D4:DC
Authority key identifier: D5:77:CE:14:34:23:2D:80:81:95:D0:CA:70:AB:39:1D:FB:07:AF:2D
Certificate issuer: /CN=d577ce1434232d808195d0ca70ab391dfb07af2d
Certificate serial: 019A706E5AD97D33A4AF792DD18AA0D80171
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1XfOFDQjLYCBldDKcKs5HfsHry0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/0d615e-24db-47ef-9aa3-60e6b148d28b/1/1XfOFDQjLYCBldDKcKs5HfsHry0.mft
Manifest number: 171F
Signing time: Tue 11 Nov 2025 01:01:11 +0000
Manifest this update: Tue 11 Nov 2025 01:01:11 +0000
Manifest next update: Wed 12 Nov 2025 01:01:11 +0000
Files and hashes: 1: 1XfOFDQjLYCBldDKcKs5HfsHry0.crl (hash: /e45Yh5HpS3ki7YLbPiH7iadQ3wG22vw3eLhcRzn2dE=)
2: HcDxgF3nqk8cgEWN2FjSYTqgWIU.roa (hash: zRQPtKl4Mi8+zyT9yY1R1Qmmn1wM9W5eQbvQLliU+lY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/0d615e-24db-47ef-9aa3-60e6b148d28b/1/1XfOFDQjLYCBldDKcKs5HfsHry0.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/0d615e-24db-47ef-9aa3-60e6b148d28b/1/1XfOFDQjLYCBldDKcKs5HfsHry0.mft
rsync://rpki.ripe.net/repository/DEFAULT/1XfOFDQjLYCBldDKcKs5HfsHry0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 01:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:6e:5a:d9:7d:33:a4:af:79:2d:d1:8a:a0:d8:01:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d577ce1434232d808195d0ca70ab391dfb07af2d
Validity
Not Before: Nov 11 01:01:11 2025 GMT
Not After : Nov 12 01:01:11 2025 GMT
Subject: CN=fd54488dba1bec234e56f9df3278ecf4f17bd4dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:79:c5:fd:f7:c1:ff:69:d0:57:49:37:89:27:
d7:9f:e8:6d:0a:0c:4b:23:b6:87:44:ed:2a:6f:65:
9a:93:da:61:69:32:50:8d:02:3c:e3:73:4b:67:37:
4f:9c:68:97:35:35:13:83:28:1c:e0:bc:15:e2:2e:
23:72:9d:b1:8f:37:0a:a4:c9:fd:cb:4b:17:d8:68:
01:2b:67:73:89:89:f8:cf:aa:c3:3a:d6:47:94:a1:
4d:13:3d:0d:a5:f5:77:9b:8f:03:73:2d:4f:89:0e:
31:5b:2a:4d:cd:12:67:b5:28:fe:16:0f:59:be:ab:
62:14:95:ae:f1:a5:a7:24:c0:f5:14:c0:0f:fa:cc:
03:26:52:c3:61:00:26:f2:88:6e:5c:27:c4:1c:14:
94:5a:56:3a:c4:9f:12:62:c7:8b:90:35:d8:0d:0d:
d9:8c:a9:0d:ca:af:d0:9b:69:5c:7c:a0:00:d7:2a:
93:ae:c5:ff:2c:7d:fd:a9:45:fa:68:69:1e:55:5f:
8d:ac:ad:25:f0:3c:f0:d6:6e:50:b1:d1:4a:78:aa:
f8:5c:7a:5a:63:64:c1:7b:d7:f6:2c:66:df:79:76:
e6:8f:61:67:26:43:30:fa:58:2e:03:7f:75:2e:ba:
4e:ad:a8:02:06:51:65:58:90:5c:d6:e0:a4:fd:2f:
c6:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:54:48:8D:BA:1B:EC:23:4E:56:F9:DF:32:78:EC:F4:F1:7B:D4:DC
X509v3 Authority Key Identifier:
keyid:D5:77:CE:14:34:23:2D:80:81:95:D0:CA:70:AB:39:1D:FB:07:AF:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1XfOFDQjLYCBldDKcKs5HfsHry0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/0d615e-24db-47ef-9aa3-60e6b148d28b/1/1XfOFDQjLYCBldDKcKs5HfsHry0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/0d615e-24db-47ef-9aa3-60e6b148d28b/1/1XfOFDQjLYCBldDKcKs5HfsHry0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
38:61:a5:6f:c1:41:f1:05:2c:92:a9:9b:c0:e8:0f:d5:f2:a1:
ed:5a:c6:54:b7:7b:14:b6:8d:91:9b:c5:0c:5f:eb:c2:e2:f8:
a8:80:a7:d9:fe:14:d5:5c:87:fd:ba:fc:34:84:43:b0:fa:78:
f7:c1:ac:2a:82:a7:24:da:53:87:8b:24:da:10:31:16:99:bb:
a8:28:25:3a:52:9d:5a:cc:19:53:99:b6:71:69:dd:7a:df:ac:
0b:b0:8a:15:33:23:88:93:b6:50:dd:ec:f0:79:d0:23:33:85:
9b:a7:79:00:8f:91:7c:f3:0e:4c:ba:90:aa:ff:a5:9e:59:48:
97:3d:18:ed:71:61:ab:0b:d3:16:ff:6d:b5:e5:ec:e0:97:a8:
a7:cb:94:42:f0:65:ee:b8:0d:01:11:02:5d:d8:f9:4e:85:8e:
7c:ed:a9:c4:10:4f:2d:6d:9e:af:df:d3:b6:f6:82:0f:26:db:
21:45:c0:52:c2:a0:dd:d8:91:a8:05:6c:28:8b:fd:3a:0f:b9:
85:9a:c2:8b:06:f6:a6:b7:c7:5f:4b:07:4a:31:eb:fe:7f:10:
7b:94:94:50:6a:55:35:52:88:60:c4:24:17:e4:0d:dd:34:cf:
35:2e:2d:7b:99:56:13:e9:7f:37:a9:44:6a:f0:01:35:eb:87:
86:17:58:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwblrZfTOkr3kt0Yqg2AFxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NzdjZTE0MzQyMzJkODA4MTk1ZDBjYTcwYWIzOTFkZmIw
N2FmMmQwHhcNMjUxMTExMDEwMTExWhcNMjUxMTEyMDEwMTExWjAzMTEwLwYDVQQD
EyhmZDU0NDg4ZGJhMWJlYzIzNGU1NmY5ZGYzMjc4ZWNmNGYxN2JkNGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6HnF/ffB/2nQV0k3iSfXn+htCgxL
I7aHRO0qb2Wak9phaTJQjQI843NLZzdPnGiXNTUTgygc4LwV4i4jcp2xjzcKpMn9
y0sX2GgBK2dziYn4z6rDOtZHlKFNEz0NpfV3m48Dcy1PiQ4xWypNzRJntSj+Fg9Z
vqtiFJWu8aWnJMD1FMAP+swDJlLDYQAm8ohuXCfEHBSUWlY6xJ8SYseLkDXYDQ3Z
jKkNyq/Qm2lcfKAA1yqTrsX/LH39qUX6aGkeVV+NrK0l8Dzw1m5QsdFKeKr4XHpa
Y2TBe9f2LGbfeXbmj2FnJkMw+lguA391LrpOragCBlFlWJBc1uCk/S/GkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP1USI26G+wjTlb53zJ47PTxe9TcMB8GA1UdIwQY
MBaAFNV3zhQ0Iy2AgZXQynCrOR37B68tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVhmT0ZEUWpMWUNCbGRES2NLczVIZnNIcnkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8wZDYxNWUtMjRkYi00N2VmLTlhYTMt
NjBlNmIxNDhkMjhiLzEvMVhmT0ZEUWpMWUNCbGRES2NLczVIZnNIcnkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8wZDYxNWUtMjRkYi00N2VmLTlhYTMtNjBlNmIxNDhkMjhi
LzEvMVhmT0ZEUWpMWUNCbGRES2NLczVIZnNIcnkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOGGlb8FB
8QUskqmbwOgP1fKh7VrGVLd7FLaNkZvFDF/rwuL4qICn2f4U1VyH/br8NIRDsPp4
98GsKoKnJNpTh4sk2hAxFpm7qCglOlKdWswZU5m2cWndet+sC7CKFTMjiJO2UN3s
8HnQIzOFm6d5AI+RfPMOTLqQqv+lnllIlz0Y7XFhqwvTFv9tteXs4Jeop8uUQvBl
7rgNARECXdj5ToWOfO2pxBBPLW2er9/TtvaCDybbIUXAUsKg3diRqAVsKIv9Og+5
hZrCiwb2prfHX0sHSjHr/n8Qe5SUUGpVNVKIYMQkF+QN3TTPNS4te5lWE+l/N6lE
avABNeuHhhdYyQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:38:20 2025 by rpki-client