Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.mft
File: xafD9LFGk1EiAllaik-VsNa3oQE.mft (raw, json)
Hash identifier: mMWTVjMErTEtsyEHzJ4MIxvS3KY+29NH/HnPKPynxgA=
Subject key identifier: 04:25:10:83:B3:6B:7F:CE:52:62:54:C5:9B:AD:33:8F:E5:4F:09:BE
Authority key identifier: C5:A7:C3:F4:B1:46:93:51:22:02:59:5A:8A:4F:95:B0:D6:B7:A1:01
Certificate issuer: /CN=c5a7c3f4b14693512202595a8a4f95b0d6b7a101
Certificate serial: 019A4E8696105AC49A608FAA6D162EB8A998
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xafD9LFGk1EiAllaik-VsNa3oQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.mft
Manifest number: 16A0
Signing time: Tue 04 Nov 2025 11:00:34 +0000
Manifest this update: Tue 04 Nov 2025 11:00:34 +0000
Manifest next update: Wed 05 Nov 2025 11:00:34 +0000
Files and hashes: 1: Bbxo5GOkMtBPV4eyDiJBtgGCAvs.roa (hash: gPTOZ/QwaGNzYqcGskaYm0Q9CUgsB/kmTCxE6lNVoV8=)
2: GkWtiMh4Kekgq83feCXLfv_pub8.roa (hash: UboiG7GPy5Vm4OyfuuuEVh7hhcZoHsmQQgbXPLJ/4ug=)
3: ScP8kW7fVZKKIlJqtoPhrGG1uQo.roa (hash: kBK8cN2i6ByxK8RJnTQxES9FzgvOd8FoOcnJVY/e4Bc=)
4: xafD9LFGk1EiAllaik-VsNa3oQE.crl (hash: kaa22kfP6x5ZgZVb5b7HxqCYTb3o6yioW4KiDT2ZnZY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.mft
rsync://rpki.ripe.net/repository/DEFAULT/xafD9LFGk1EiAllaik-VsNa3oQE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:86:96:10:5a:c4:9a:60:8f:aa:6d:16:2e:b8:a9:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5a7c3f4b14693512202595a8a4f95b0d6b7a101
Validity
Not Before: Nov 4 11:00:34 2025 GMT
Not After : Nov 5 11:00:34 2025 GMT
Subject: CN=04251083b36b7fce526254c59bad338fe54f09be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:d7:27:35:05:5a:cd:7f:8b:30:7a:b1:f3:f9:
0a:26:e2:0c:c2:2d:0f:04:0e:8d:33:5b:de:30:60:
6a:7e:da:15:bf:1b:9f:14:ac:40:b6:55:85:4e:28:
57:de:64:f4:09:5b:21:a6:8d:e0:0c:85:aa:52:aa:
a8:7a:9c:1a:f7:fc:15:7f:87:07:59:c4:90:bb:de:
c5:2a:2b:21:c9:d9:5e:ac:a1:d2:a3:d2:00:9d:2c:
ae:df:76:53:ee:2e:73:53:63:f6:66:dd:53:72:c9:
69:26:9e:3e:73:6f:f8:a6:f4:b7:12:72:bf:6e:ac:
76:e6:2b:03:46:86:9e:ca:ca:89:1e:d3:9c:a0:6e:
57:91:5e:ef:5b:c6:0b:c0:8e:9e:6d:54:66:e0:a3:
10:7f:7b:6c:da:34:b3:ef:42:cb:f4:4e:e3:f4:f0:
df:1f:9d:9e:93:84:67:9f:3a:44:b0:d2:d3:cd:2b:
0f:d7:47:a2:05:14:41:ab:46:ee:c8:b2:78:53:68:
26:1b:5c:d0:7a:68:ab:bc:60:fb:42:8e:36:70:a6:
2b:4e:da:37:ec:9b:b3:bb:08:dc:fa:54:d9:b4:3c:
5f:d8:42:bb:9d:f4:89:d1:6b:59:06:59:42:8d:2b:
05:c0:45:e0:9d:4f:1d:63:87:b5:08:80:30:2a:fa:
4c:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:25:10:83:B3:6B:7F:CE:52:62:54:C5:9B:AD:33:8F:E5:4F:09:BE
X509v3 Authority Key Identifier:
keyid:C5:A7:C3:F4:B1:46:93:51:22:02:59:5A:8A:4F:95:B0:D6:B7:A1:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xafD9LFGk1EiAllaik-VsNa3oQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1e:94:66:ef:d0:42:f2:c2:52:57:4e:c9:c9:d4:d6:be:85:f3:
4c:fb:af:5e:f1:22:7c:8d:90:72:9c:be:49:06:85:6c:8f:63:
69:00:b1:6f:c2:db:95:0b:a5:c8:7d:46:3a:84:11:f2:c0:38:
a6:a7:2e:45:19:3a:40:e5:3a:9b:ad:74:ed:4d:63:7e:a2:e8:
7b:ca:11:6a:d9:77:cd:dc:b1:78:0a:9b:f2:88:ac:cf:87:f7:
0b:d9:2b:d0:df:88:dc:4f:30:bc:f8:8d:70:28:10:87:1a:8e:
48:7f:a1:7e:07:8b:48:f9:16:8c:63:41:5f:56:51:97:84:6d:
93:fc:ea:b2:bc:7a:ed:e9:d4:38:a8:9c:61:26:36:6c:05:5f:
b7:22:7d:81:6a:c4:7f:50:39:da:1a:44:68:8c:04:7b:cd:79:
d3:e4:98:1a:c2:c3:49:c8:87:8f:0a:94:f3:3a:c5:18:30:22:
a4:78:6b:fb:f5:6e:75:27:d3:ed:09:a5:a6:49:85:37:2b:21:
14:39:83:15:02:0f:55:af:f0:ad:32:56:16:a5:4d:2c:b7:6b:
94:36:a1:7e:b6:7e:01:ff:e8:20:e0:f2:e3:63:0e:c4:d0:b9:
5f:0d:62:23:15:20:9e:2a:5d:5a:26:e3:2a:82:58:79:46:f4:
98:57:7d:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOhpYQWsSaYI+qbRYuuKmYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YTdjM2Y0YjE0NjkzNTEyMjAyNTk1YThhNGY5NWIwZDZi
N2ExMDEwHhcNMjUxMTA0MTEwMDM0WhcNMjUxMTA1MTEwMDM0WjAzMTEwLwYDVQQD
EygwNDI1MTA4M2IzNmI3ZmNlNTI2MjU0YzU5YmFkMzM4ZmU1NGYwOWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3dcnNQVazX+LMHqx8/kKJuIMwi0P
BA6NM1veMGBqftoVvxufFKxAtlWFTihX3mT0CVshpo3gDIWqUqqoepwa9/wVf4cH
WcSQu97FKishydlerKHSo9IAnSyu33ZT7i5zU2P2Zt1TcslpJp4+c2/4pvS3EnK/
bqx25isDRoaeysqJHtOcoG5XkV7vW8YLwI6ebVRm4KMQf3ts2jSz70LL9E7j9PDf
H52ek4RnnzpEsNLTzSsP10eiBRRBq0buyLJ4U2gmG1zQemirvGD7Qo42cKYrTto3
7Juzuwjc+lTZtDxf2EK7nfSJ0WtZBllCjSsFwEXgnU8dY4e1CIAwKvpMowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAQlEIOza3/OUmJUxZutM4/lTwm+MB8GA1UdIwQY
MBaAFMWnw/SxRpNRIgJZWopPlbDWt6EBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGFmRDlMRkdrMUVpQWxsYWlrLVZzTmEzb1FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8zYTNiMmMtNzZiOS00OWI0LTgyMTgt
ZDEyZjFlMjQ1NmJhLzEveGFmRDlMRkdrMUVpQWxsYWlrLVZzTmEzb1FFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8zYTNiMmMtNzZiOS00OWI0LTgyMTgtZDEyZjFlMjQ1NmJh
LzEveGFmRDlMRkdrMUVpQWxsYWlrLVZzTmEzb1FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHpRm79BC
8sJSV07JydTWvoXzTPuvXvEifI2Qcpy+SQaFbI9jaQCxb8LblQulyH1GOoQR8sA4
pqcuRRk6QOU6m6107U1jfqLoe8oRatl3zdyxeAqb8oisz4f3C9kr0N+I3E8wvPiN
cCgQhxqOSH+hfgeLSPkWjGNBX1ZRl4Rtk/zqsrx67enUOKicYSY2bAVftyJ9gWrE
f1A52hpEaIwEe8150+SYGsLDSciHjwqU8zrFGDAipHhr+/VudSfT7QmlpkmFNysh
FDmDFQIPVa/wrTJWFqVNLLdrlDahfrZ+Af/oIODy42MOxNC5Xw1iIxUgnipdWibj
KoJYeUb0mFd9cw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:21:02 2025 by rpki-client