Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.mft
File: xdGOGh3GVYxNunMe-jJ2nEX1S6A.mft (raw, json)
Hash identifier: u0zIEMI9r06PAJYjxPgn/d/7eNZikRh1bPw/CyHCCMI=
Subject key identifier: 1F:30:E5:A3:7E:69:14:49:89:EE:6D:11:ED:5B:4D:28:93:4C:39:8E
Authority key identifier: C5:D1:8E:1A:1D:C6:55:8C:4D:BA:73:1E:FA:32:76:9C:45:F5:4B:A0
Certificate issuer: /CN=c5d18e1a1dc6558c4dba731efa32769c45f54ba0
Certificate serial: 019A4EF4E98B87D60B5CBF50C16B69457B9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xdGOGh3GVYxNunMe-jJ2nEX1S6A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.mft
Manifest number: 170A
Signing time: Tue 04 Nov 2025 13:01:04 +0000
Manifest this update: Tue 04 Nov 2025 13:01:04 +0000
Manifest next update: Wed 05 Nov 2025 13:01:04 +0000
Files and hashes: 1: xdGOGh3GVYxNunMe-jJ2nEX1S6A.crl (hash: K7X7JeoFr0BGkmgiDilYOMUXklJb0aiCk1ADUr4Fn7s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.mft
rsync://rpki.ripe.net/repository/DEFAULT/xdGOGh3GVYxNunMe-jJ2nEX1S6A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f4:e9:8b:87:d6:0b:5c:bf:50:c1:6b:69:45:7b:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5d18e1a1dc6558c4dba731efa32769c45f54ba0
Validity
Not Before: Nov 4 13:01:04 2025 GMT
Not After : Nov 5 13:01:04 2025 GMT
Subject: CN=1f30e5a37e69144989ee6d11ed5b4d28934c398e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b0:3f:08:3a:74:79:6d:78:cc:d3:4c:b8:47:
25:91:40:bb:87:da:ac:37:d5:fa:70:b6:ec:6b:2c:
f3:a6:f6:61:d0:ba:e7:67:7e:50:51:96:9d:35:57:
06:a3:27:54:4e:b8:6b:27:e9:a9:e8:69:ee:cb:a6:
0d:d6:8e:bc:69:e7:1c:62:76:76:b0:ed:bc:fd:aa:
0a:72:17:3e:2c:f6:0c:77:35:22:ff:95:03:5b:a4:
55:49:0d:17:2e:c6:db:39:92:f2:5c:ee:60:9c:db:
44:ed:38:a4:d2:23:51:86:69:3e:15:ba:66:4d:94:
a8:6e:f3:35:f3:43:d7:c2:29:07:7c:3a:e5:9a:bf:
48:f7:12:fe:fb:95:35:cd:a4:1c:15:be:db:ac:5d:
95:dd:42:36:54:75:66:be:f4:04:b8:46:43:ca:a7:
b2:af:0f:ab:a3:37:0f:3a:1c:a1:05:8c:cb:96:82:
e3:22:b1:8a:b1:39:bf:5f:e9:11:ba:44:88:6d:20:
75:27:db:f8:9c:34:eb:a7:3d:96:87:45:c6:67:c4:
b0:eb:6c:9e:ac:fe:7b:18:46:86:f9:f4:f7:56:46:
16:09:cc:af:de:b3:3d:f0:a3:38:c1:4f:74:92:64:
66:11:2d:e2:86:e2:1a:06:53:9f:33:55:21:6b:ae:
cc:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:30:E5:A3:7E:69:14:49:89:EE:6D:11:ED:5B:4D:28:93:4C:39:8E
X509v3 Authority Key Identifier:
keyid:C5:D1:8E:1A:1D:C6:55:8C:4D:BA:73:1E:FA:32:76:9C:45:F5:4B:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xdGOGh3GVYxNunMe-jJ2nEX1S6A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
96:b9:8a:43:f9:93:a8:e0:75:2f:71:54:bb:13:08:ec:c5:dc:
54:b5:e1:ea:f3:8f:95:4a:d4:50:2a:c2:b3:aa:02:4c:be:f2:
06:93:5a:7d:06:aa:28:43:41:76:09:0f:ea:ff:84:40:3e:7d:
c9:0d:65:e9:d9:03:41:00:0d:bc:a9:45:a9:b8:fd:cd:e8:04:
f6:59:50:91:52:c0:59:e1:ad:75:50:1a:44:e2:88:b1:26:41:
b4:7c:6d:64:29:0e:7d:55:f0:93:66:fa:06:3a:ca:17:c5:6a:
55:6a:09:fe:c7:e9:15:00:25:3c:58:5a:9f:8d:50:24:ec:8b:
71:ea:e8:42:7f:a0:37:7f:8b:d8:03:06:15:4b:2d:ac:9a:fc:
05:0b:7f:90:08:99:9c:4f:fa:c7:ff:34:08:08:94:c1:f7:fe:
fe:ab:02:80:2f:97:fa:0f:1e:af:d8:78:12:ed:ec:57:c4:4d:
c8:25:36:88:9a:e7:11:5b:94:be:b5:32:4f:e6:d8:c0:f1:39:
39:c5:b0:5f:ec:b3:73:e9:e0:11:d6:58:94:73:e2:93:ed:db:
e1:df:ad:0f:f8:9f:03:9e:54:41:a2:28:15:70:95:fa:8b:c1:
cf:b4:35:73:af:96:c0:17:15:42:13:ae:c3:85:15:3c:39:d9:
8f:7b:32:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9OmLh9YLXL9QwWtpRXubMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1ZDE4ZTFhMWRjNjU1OGM0ZGJhNzMxZWZhMzI3NjljNDVm
NTRiYTAwHhcNMjUxMTA0MTMwMTA0WhcNMjUxMTA1MTMwMTA0WjAzMTEwLwYDVQQD
EygxZjMwZTVhMzdlNjkxNDQ5ODllZTZkMTFlZDViNGQyODkzNGMzOThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7A/CDp0eW14zNNMuEclkUC7h9qs
N9X6cLbsayzzpvZh0LrnZ35QUZadNVcGoydUTrhrJ+mp6Gnuy6YN1o68aeccYnZ2
sO28/aoKchc+LPYMdzUi/5UDW6RVSQ0XLsbbOZLyXO5gnNtE7Tik0iNRhmk+Fbpm
TZSobvM180PXwikHfDrlmr9I9xL++5U1zaQcFb7brF2V3UI2VHVmvvQEuEZDyqey
rw+rozcPOhyhBYzLloLjIrGKsTm/X+kRukSIbSB1J9v4nDTrpz2Wh0XGZ8Sw62ye
rP57GEaG+fT3VkYWCcyv3rM98KM4wU90kmRmES3ihuIaBlOfM1Uha67MQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB8w5aN+aRRJie5tEe1bTSiTTDmOMB8GA1UdIwQY
MBaAFMXRjhodxlWMTbpzHvoydpxF9UugMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGRHT0doM0dWWXhOdW5NZS1qSjJuRVgxUzZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC82ZjZiMDctMmU0NS00MTBmLTkzMTgt
MWNiZTY2MWE2M2ZmLzEveGRHT0doM0dWWXhOdW5NZS1qSjJuRVgxUzZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC82ZjZiMDctMmU0NS00MTBmLTkzMTgtMWNiZTY2MWE2M2Zm
LzEveGRHT0doM0dWWXhOdW5NZS1qSjJuRVgxUzZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlrmKQ/mT
qOB1L3FUuxMI7MXcVLXh6vOPlUrUUCrCs6oCTL7yBpNafQaqKENBdgkP6v+EQD59
yQ1l6dkDQQANvKlFqbj9zegE9llQkVLAWeGtdVAaROKIsSZBtHxtZCkOfVXwk2b6
BjrKF8VqVWoJ/sfpFQAlPFhan41QJOyLceroQn+gN3+L2AMGFUstrJr8BQt/kAiZ
nE/6x/80CAiUwff+/qsCgC+X+g8er9h4Eu3sV8RNyCU2iJrnEVuUvrUyT+bYwPE5
OcWwX+yzc+ngEdZYlHPik+3b4d+tD/ifA55UQaIoFXCV+ovBz7Q1c6+WwBcVQhOu
w4UVPDnZj3syOQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:18:09 2025 by rpki-client