Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/xaL0JAfyHJ12kPsw_YzbK_320DA.mft
File: xaL0JAfyHJ12kPsw_YzbK_320DA.mft (raw, json)
Hash identifier: Uxr1rEpL9ufA23ZeCj9Q46dXEx+qQxTAPuG0uF5ujjA=
Subject key identifier: 75:A2:B9:FD:70:8A:85:31:A5:7E:DE:43:4D:27:37:BF:04:A5:E6:A5
Authority key identifier: C5:A2:F4:24:07:F2:1C:9D:76:90:FB:30:FD:8C:DB:2B:FD:F6:D0:30
Certificate issuer: /CN=c5a2f42407f21c9d7690fb30fd8cdb2bfdf6d030
Certificate serial: 019A4D066D9F0A16AEDE29BC65AACC90E2A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xaL0JAfyHJ12kPsw_YzbK_320DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/xaL0JAfyHJ12kPsw_YzbK_320DA.mft
Manifest number: 1723
Signing time: Tue 04 Nov 2025 04:00:58 +0000
Manifest this update: Tue 04 Nov 2025 04:00:58 +0000
Manifest next update: Wed 05 Nov 2025 04:00:58 +0000
Files and hashes: 1: FVhHxIVfuNm-pwvjTgX_cs_Hfcs.roa (hash: mY8drD0B5z14cvplqrvZqDtdowa1l5LQ8YBe8N40mz4=)
2: xaL0JAfyHJ12kPsw_YzbK_320DA.crl (hash: j5dY6P3Qk0rDVhfGf1exaeCWDXNNRqn/VLG+YX0n0Ok=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/xaL0JAfyHJ12kPsw_YzbK_320DA.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/xaL0JAfyHJ12kPsw_YzbK_320DA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xaL0JAfyHJ12kPsw_YzbK_320DA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 04:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:06:6d:9f:0a:16:ae:de:29:bc:65:aa:cc:90:e2:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5a2f42407f21c9d7690fb30fd8cdb2bfdf6d030
Validity
Not Before: Nov 4 04:00:58 2025 GMT
Not After : Nov 5 04:00:58 2025 GMT
Subject: CN=75a2b9fd708a8531a57ede434d2737bf04a5e6a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:08:d3:30:fa:43:3b:45:51:6c:70:96:1f:61:
67:2e:f0:24:c8:94:9f:e5:0b:94:f6:a8:5b:65:6c:
d9:f4:c8:3c:1f:a4:5f:78:64:36:90:c9:31:96:07:
05:e2:ce:68:37:6b:e5:ea:91:68:88:18:f3:de:05:
02:13:88:bc:66:07:cf:d5:b2:a8:5f:ba:8e:fc:68:
26:4d:d9:11:55:8f:63:37:66:3a:d3:34:63:d8:f5:
4d:6c:87:1c:f3:68:9f:f5:70:9f:13:e0:53:05:55:
71:d0:35:d9:65:4c:dd:04:92:8b:7a:97:d0:c1:cc:
8a:ef:61:02:bb:5f:62:79:1a:83:6b:17:11:71:90:
01:d4:36:f6:ca:d0:36:ac:97:c7:c7:1d:bf:22:79:
a0:6e:fc:b9:78:25:0b:a6:d6:f2:80:ce:0f:b5:bd:
9d:34:28:89:35:e5:c4:48:de:31:da:3a:81:59:91:
41:c4:f9:7c:86:ff:f7:73:9a:49:13:60:24:c8:36:
2f:ca:41:29:03:58:7a:b2:c4:9a:39:90:65:44:1e:
d3:c9:ef:52:e6:c2:1d:fa:07:6c:6b:09:18:ea:45:
4a:d5:a7:e1:a3:be:71:fb:56:d3:ad:5c:c6:4d:dd:
ee:02:b3:01:d1:13:d6:5e:e9:58:b9:1f:f4:85:aa:
e1:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:A2:B9:FD:70:8A:85:31:A5:7E:DE:43:4D:27:37:BF:04:A5:E6:A5
X509v3 Authority Key Identifier:
keyid:C5:A2:F4:24:07:F2:1C:9D:76:90:FB:30:FD:8C:DB:2B:FD:F6:D0:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xaL0JAfyHJ12kPsw_YzbK_320DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/xaL0JAfyHJ12kPsw_YzbK_320DA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/xaL0JAfyHJ12kPsw_YzbK_320DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0d:38:eb:53:7a:8d:74:eb:5e:1a:99:6b:84:0f:45:ef:ae:3c:
e6:ae:65:e1:d9:16:7b:99:d4:d8:53:d0:49:d9:7c:94:48:cc:
88:76:a9:30:03:1d:52:d8:76:e1:d1:02:23:c7:5d:4b:b4:0d:
e0:fa:54:d1:ae:48:a9:90:76:16:23:67:5b:10:d8:24:7c:53:
9b:85:e4:ad:1c:51:1f:71:36:1f:c1:70:34:bf:3a:46:e2:a7:
f0:99:cb:ca:b9:04:46:66:ef:b8:0a:d9:70:0a:3c:07:d6:7a:
cd:0f:d8:3e:0a:95:f2:79:59:38:4a:f1:88:78:1c:b4:08:99:
df:9c:a3:f0:03:06:da:4a:41:34:5b:77:50:3c:86:41:4f:0f:
0c:20:0a:40:8f:1d:2f:95:05:e5:e1:c1:ea:ab:9c:dc:83:f1:
f7:ad:5d:b4:c9:71:31:cc:4b:32:5d:ad:f5:5b:d6:cd:10:51:
a2:8d:55:46:49:c4:75:e9:15:60:21:95:47:28:83:c2:13:86:
1f:c0:fd:35:6c:12:28:f0:af:a5:ca:fd:81:5d:98:0f:cc:97:
d7:7e:02:b2:52:3c:55:b3:c9:d0:aa:0e:91:33:f2:5b:16:94:
55:4e:23:f9:81:be:96:d5:79:75:9e:d9:7e:64:18:06:3c:fc:
86:ad:58:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNBm2fChau3im8ZarMkOKiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YTJmNDI0MDdmMjFjOWQ3NjkwZmIzMGZkOGNkYjJiZmRm
NmQwMzAwHhcNMjUxMTA0MDQwMDU4WhcNMjUxMTA1MDQwMDU4WjAzMTEwLwYDVQQD
Eyg3NWEyYjlmZDcwOGE4NTMxYTU3ZWRlNDM0ZDI3MzdiZjA0YTVlNmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzAjTMPpDO0VRbHCWH2FnLvAkyJSf
5QuU9qhbZWzZ9Mg8H6RfeGQ2kMkxlgcF4s5oN2vl6pFoiBjz3gUCE4i8ZgfP1bKo
X7qO/GgmTdkRVY9jN2Y60zRj2PVNbIcc82if9XCfE+BTBVVx0DXZZUzdBJKLepfQ
wcyK72ECu19ieRqDaxcRcZAB1Db2ytA2rJfHxx2/Inmgbvy5eCULptbygM4Ptb2d
NCiJNeXESN4x2jqBWZFBxPl8hv/3c5pJE2AkyDYvykEpA1h6ssSaOZBlRB7Tye9S
5sId+gdsawkY6kVK1afho75x+1bTrVzGTd3uArMB0RPWXulYuR/0harhEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHWiuf1wioUxpX7eQ00nN78EpealMB8GA1UdIwQY
MBaAFMWi9CQH8hyddpD7MP2M2yv99tAwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGFMMEpBZnlISjEya1Bzd19ZemJLXzMyMERBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8xYTE4ZTEtNjdjOC00OTJlLThmYmEt
ZmI1YzYyZTQyZjZiLzEveGFMMEpBZnlISjEya1Bzd19ZemJLXzMyMERBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8xYTE4ZTEtNjdjOC00OTJlLThmYmEtZmI1YzYyZTQyZjZi
LzEveGFMMEpBZnlISjEya1Bzd19ZemJLXzMyMERBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADTjrU3qN
dOteGplrhA9F76485q5l4dkWe5nU2FPQSdl8lEjMiHapMAMdUth24dECI8ddS7QN
4PpU0a5IqZB2FiNnWxDYJHxTm4XkrRxRH3E2H8FwNL86RuKn8JnLyrkERmbvuArZ
cAo8B9Z6zQ/YPgqV8nlZOErxiHgctAiZ35yj8AMG2kpBNFt3UDyGQU8PDCAKQI8d
L5UF5eHB6quc3IPx961dtMlxMcxLMl2t9VvWzRBRoo1VRknEdekVYCGVRyiDwhOG
H8D9NWwSKPCvpcr9gV2YD8yX134CslI8VbPJ0KoOkTPyWxaUVU4j+YG+ltV5dZ7Z
fmQYBjz8hq1Ybw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 10:56:15 2025 by rpki-client