Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft
File: XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft (raw, json)
Hash identifier: tnr7jtOHaYgsj9dyxMFSjVUcbVDsYc6Wxa7I14jRiog=
Subject key identifier: F9:07:A4:71:2C:25:CD:2F:EA:DB:F5:87:39:40:99:5A:3B:84:84:0D
Authority key identifier: 5E:77:44:67:E2:18:49:52:49:43:D2:BD:45:90:10:72:0F:3E:20:E4
Certificate issuer: /CN=5e774467e21849524943d2bd459010720f3e20e4
Certificate serial: 019A56AEA664FD44305966CE4F13D43DA8AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft
Manifest number: 1220
Signing time: Thu 06 Nov 2025 01:01:17 +0000
Manifest this update: Thu 06 Nov 2025 01:01:17 +0000
Manifest next update: Fri 07 Nov 2025 01:01:17 +0000
Files and hashes: 1: QGKSiFavp9LMElSoLZBhqzLqFMM.roa (hash: ip/2uYmlI+BKnaF8k1mqNHwsPmNtHEQrk8aTeSCdMUA=)
2: XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.crl (hash: ikivDXZUJ4IlqECn37trK81O+aKk/HrBBlezXnytouQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 21:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:56:ae:a6:64:fd:44:30:59:66:ce:4f:13:d4:3d:a8:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e774467e21849524943d2bd459010720f3e20e4
Validity
Not Before: Nov 6 01:01:17 2025 GMT
Not After : Nov 7 01:01:17 2025 GMT
Subject: CN=f907a4712c25cd2feadbf5873940995a3b84840d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:6b:2f:01:c8:1a:b8:4f:1c:ca:1d:64:6a:71:
12:5a:96:ba:f4:58:ac:fd:ec:c3:d7:a0:19:d5:4f:
2f:51:ea:88:c4:c3:9d:3a:b7:1c:c9:65:a3:f9:1d:
04:21:b7:75:e8:f5:3d:4c:47:c7:4c:c9:f0:e9:9c:
d1:ab:76:bb:80:0e:81:b8:28:17:7f:08:9c:c8:b5:
a6:5e:17:ef:20:e5:f9:a5:b4:b3:da:9c:88:ce:df:
11:7a:93:45:19:59:dc:35:7f:2b:98:b5:a2:9e:a9:
77:22:6d:29:9c:58:e6:52:a2:e4:3d:1d:6d:a8:ce:
1d:f6:d8:61:05:fc:0d:db:63:38:82:a8:57:90:1a:
fb:10:6f:ea:9e:f8:0a:c6:c8:05:78:8c:26:dc:68:
9b:2e:f0:3c:ec:c1:5e:19:8c:c4:38:50:f0:80:73:
11:fa:96:e4:b5:fd:eb:5c:da:00:e8:a5:9a:3f:ec:
91:93:85:40:3c:7a:c0:21:9c:29:f4:c7:9f:86:f5:
3d:d6:01:d0:4e:da:21:70:cb:f9:98:de:3d:fd:ed:
bf:8a:7f:81:e7:b3:09:ff:54:a6:4e:28:1a:f1:53:
81:f6:3c:40:c6:c5:c2:5f:ef:50:a8:4a:81:7a:c3:
fc:78:0f:37:ff:02:7a:34:e4:74:b4:7f:ab:d0:b7:
eb:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:07:A4:71:2C:25:CD:2F:EA:DB:F5:87:39:40:99:5A:3B:84:84:0D
X509v3 Authority Key Identifier:
keyid:5E:77:44:67:E2:18:49:52:49:43:D2:BD:45:90:10:72:0F:3E:20:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5b:e0:9e:09:3d:1c:9c:8f:b3:d6:1d:a4:75:c5:0f:a1:c6:a5:
da:45:9c:49:8f:a7:9f:88:ab:cd:89:1f:1e:5c:fd:78:4d:b3:
7c:0a:75:4b:f1:7b:59:bf:7b:29:ef:0d:8c:d8:25:2f:84:b3:
8b:5d:7c:6a:cc:8b:e6:e1:a0:10:d5:98:b0:21:fc:54:71:94:
4c:f4:3f:4d:57:34:80:9a:b4:aa:e5:43:07:5d:55:31:31:51:
fa:21:63:94:9f:48:56:d4:3d:94:10:35:35:c8:22:cc:a8:83:
88:b4:23:48:f5:d3:d1:ec:02:ac:f1:fd:c7:10:56:dc:ef:be:
46:17:95:e4:75:9a:89:77:c0:31:47:05:17:81:d8:9f:cd:47:
88:9b:2e:3a:c9:77:42:24:5b:25:4f:94:c4:89:76:41:45:09:
1e:98:10:60:46:38:59:14:d9:ba:04:a0:5e:90:b3:6e:cb:4a:
fb:27:65:41:53:31:08:ed:c5:20:55:04:99:1f:9b:4e:6f:e5:
62:5b:30:2f:af:24:1c:27:14:7c:c0:2a:9e:c4:ed:b0:42:f3:
10:90:47:1f:d3:65:2b:d4:3b:ae:ae:92:67:7c:b5:ef:b1:f8:
b5:62:c6:1f:49:ef:00:4b:a9:28:6f:60:2a:bb:19:f9:e9:2c:
e3:aa:67:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpWrqZk/UQwWWbOTxPUPaitMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNzc0NDY3ZTIxODQ5NTI0OTQzZDJiZDQ1OTAxMDcyMGYz
ZTIwZTQwHhcNMjUxMTA2MDEwMTE3WhcNMjUxMTA3MDEwMTE3WjAzMTEwLwYDVQQD
EyhmOTA3YTQ3MTJjMjVjZDJmZWFkYmY1ODczOTQwOTk1YTNiODQ4NDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmsvAcgauE8cyh1kanESWpa69Fis
/ezD16AZ1U8vUeqIxMOdOrccyWWj+R0EIbd16PU9TEfHTMnw6ZzRq3a7gA6BuCgX
fwicyLWmXhfvIOX5pbSz2pyIzt8RepNFGVncNX8rmLWinql3Im0pnFjmUqLkPR1t
qM4d9thhBfwN22M4gqhXkBr7EG/qnvgKxsgFeIwm3GibLvA87MFeGYzEOFDwgHMR
+pbktf3rXNoA6KWaP+yRk4VAPHrAIZwp9MefhvU91gHQTtohcMv5mN49/e2/in+B
57MJ/1SmTiga8VOB9jxAxsXCX+9QqEqBesP8eA83/wJ6NOR0tH+r0LfrQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPkHpHEsJc0v6tv1hzlAmVo7hIQNMB8GA1UdIwQY
MBaAFF53RGfiGElSSUPSvUWQEHIPPiDkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWG5kRVotSVlTVkpKUTlLOVJaQVFjZzgtSU9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8yMGEyMmYtMjBmYS00ZDk4LThiMDMt
YWE0MDA1MzJkYWViLzEvWG5kRVotSVlTVkpKUTlLOVJaQVFjZzgtSU9RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8yMGEyMmYtMjBmYS00ZDk4LThiMDMtYWE0MDA1MzJkYWVi
LzEvWG5kRVotSVlTVkpKUTlLOVJaQVFjZzgtSU9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW+CeCT0c
nI+z1h2kdcUPocal2kWcSY+nn4irzYkfHlz9eE2zfAp1S/F7Wb97Ke8NjNglL4Sz
i118asyL5uGgENWYsCH8VHGUTPQ/TVc0gJq0quVDB11VMTFR+iFjlJ9IVtQ9lBA1
NcgizKiDiLQjSPXT0ewCrPH9xxBW3O++RheV5HWaiXfAMUcFF4HYn81HiJsuOsl3
QiRbJU+UxIl2QUUJHpgQYEY4WRTZugSgXpCzbstK+ydlQVMxCO3FIFUEmR+bTm/l
YlswL68kHCcUfMAqnsTtsELzEJBHH9NlK9Q7rq6SZ3y177H4tWLGH0nvAEupKG9g
KrsZ+eks46pnUg==
-----END CERTIFICATE-----
Generated at Thu Nov 6 04:42:38 2025 by rpki-client