Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/9d342c-7ce7-4c69-aece-938506a9f2a7/1/XoA7ZrMGAI-xcsLf1SK1ZVBXNg0.mft
File: XoA7ZrMGAI-xcsLf1SK1ZVBXNg0.mft (raw, json)
Hash identifier: Uv2IyHob+Cm8fZpW49faPBE/9/QGSfZiFhbkgwPlfbs=
Subject key identifier: 05:71:2A:45:FE:83:D8:25:3B:57:58:71:A7:DB:64:3D:91:62:05:95
Authority key identifier: 5E:80:3B:66:B3:06:00:8F:B1:72:C2:DF:D5:22:B5:65:50:57:36:0D
Certificate issuer: /CN=5e803b66b306008fb172c2dfd522b5655057360d
Certificate serial: 019A5187A942F7C2DA7A3B14E0616AA278E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XoA7ZrMGAI-xcsLf1SK1ZVBXNg0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/9d342c-7ce7-4c69-aece-938506a9f2a7/1/XoA7ZrMGAI-xcsLf1SK1ZVBXNg0.mft
Manifest number: 132E
Signing time: Wed 05 Nov 2025 01:00:36 +0000
Manifest this update: Wed 05 Nov 2025 01:00:36 +0000
Manifest next update: Thu 06 Nov 2025 01:00:36 +0000
Files and hashes: 1: Bu2qohV5DT207In6bmDkzPkl22w.roa (hash: yQgjgxJo0jD6Zb5Cbl39m04H6+9TPpDsNpPjtFWzK98=)
2: XoA7ZrMGAI-xcsLf1SK1ZVBXNg0.crl (hash: +kSUIgwCY3gZSaA87leUL+yDC/Yr5NH0J/XzTGcRy5g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/9d342c-7ce7-4c69-aece-938506a9f2a7/1/XoA7ZrMGAI-xcsLf1SK1ZVBXNg0.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/9d342c-7ce7-4c69-aece-938506a9f2a7/1/XoA7ZrMGAI-xcsLf1SK1ZVBXNg0.mft
rsync://rpki.ripe.net/repository/DEFAULT/XoA7ZrMGAI-xcsLf1SK1ZVBXNg0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:51:87:a9:42:f7:c2:da:7a:3b:14:e0:61:6a:a2:78:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e803b66b306008fb172c2dfd522b5655057360d
Validity
Not Before: Nov 5 01:00:36 2025 GMT
Not After : Nov 6 01:00:36 2025 GMT
Subject: CN=05712a45fe83d8253b575871a7db643d91620595
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a5:d0:3a:5e:e9:ae:9f:fc:d3:73:33:5d:60:
5c:a8:d0:6b:dd:a2:82:43:3c:ca:f3:20:81:bc:af:
69:29:87:e1:b0:be:0b:03:bd:c7:c5:fd:b1:83:24:
7b:9a:24:c2:49:b8:0b:6c:57:06:a8:59:ac:39:c6:
05:35:7b:11:7c:c7:48:1c:1a:12:54:a9:57:61:18:
66:76:42:cd:cd:f9:dc:71:48:1d:df:1b:7d:c1:96:
0f:f5:fb:ff:3a:86:a0:19:b5:82:ac:be:36:46:11:
18:f8:1d:7d:98:19:05:6a:dc:90:f4:a2:70:75:f7:
15:dd:e9:48:e6:a6:30:6c:09:84:ab:65:5d:fd:24:
0a:88:30:c7:39:f4:84:aa:fc:fe:35:8b:a7:18:e7:
20:63:ad:9f:ae:9f:fe:c0:e9:77:4d:25:c5:d4:74:
99:2a:2f:04:40:b3:2c:a4:8d:8f:0b:5f:cd:50:d7:
3c:39:2e:09:e7:bc:79:65:14:e3:df:c0:56:1c:09:
f0:32:4b:51:0c:d8:bc:ef:2f:bf:7d:a0:2e:30:b7:
8e:86:b6:9e:28:32:2f:85:83:6a:e7:34:7d:73:9f:
de:d7:c4:c8:e9:ab:4e:72:65:a6:75:ae:15:e7:4c:
11:ab:97:a0:84:da:29:0b:9a:36:fc:cf:fe:cf:43:
7a:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:71:2A:45:FE:83:D8:25:3B:57:58:71:A7:DB:64:3D:91:62:05:95
X509v3 Authority Key Identifier:
keyid:5E:80:3B:66:B3:06:00:8F:B1:72:C2:DF:D5:22:B5:65:50:57:36:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XoA7ZrMGAI-xcsLf1SK1ZVBXNg0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/9d342c-7ce7-4c69-aece-938506a9f2a7/1/XoA7ZrMGAI-xcsLf1SK1ZVBXNg0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/9d342c-7ce7-4c69-aece-938506a9f2a7/1/XoA7ZrMGAI-xcsLf1SK1ZVBXNg0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
30:47:c7:7f:18:f6:d9:a3:23:80:b1:0e:3c:a2:28:b8:35:a3:
e4:fb:92:0a:ad:79:40:b3:96:ed:dc:0e:b4:49:31:2d:e3:16:
11:91:59:84:91:6b:b9:5f:99:2c:d8:65:5f:c1:eb:7d:25:56:
9c:82:9d:28:ba:56:cf:80:b2:b8:2d:bf:01:fa:4c:2d:f7:0e:
d0:83:da:4c:18:12:15:9e:47:6e:51:af:cb:46:bf:30:b1:f1:
cb:7f:10:3a:f3:50:82:2f:a8:dc:67:f3:3f:3c:0e:b6:e4:5a:
63:65:dc:46:25:22:55:7b:b3:1a:0b:59:68:a1:5b:f5:e9:25:
25:3f:8b:89:00:77:0e:6c:b1:cc:1b:c1:39:fc:84:5f:b8:7d:
9d:00:58:b4:4b:20:af:cf:17:c6:ca:1e:ee:70:8d:c8:96:35:
e4:01:de:f5:3c:22:45:3c:9d:44:7d:ff:ae:09:8f:64:8d:f6:
57:7a:14:0f:80:ee:58:4b:e0:f6:2e:93:de:cd:7b:62:7f:4f:
1e:b9:47:3b:0f:c7:33:de:54:e0:ce:db:6b:03:d5:fa:86:f8:
a5:18:58:a1:d2:14:3a:f7:07:13:fc:2f:31:7f:56:8e:58:81:
9f:f8:d7:38:d6:22:e2:79:26:3d:61:58:34:9c:d6:94:85:ad:
42:b5:98:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRh6lC98LaejsU4GFqonjmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlODAzYjY2YjMwNjAwOGZiMTcyYzJkZmQ1MjJiNTY1NTA1
NzM2MGQwHhcNMjUxMTA1MDEwMDM2WhcNMjUxMTA2MDEwMDM2WjAzMTEwLwYDVQQD
EygwNTcxMmE0NWZlODNkODI1M2I1NzU4NzFhN2RiNjQzZDkxNjIwNTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxqXQOl7prp/803MzXWBcqNBr3aKC
QzzK8yCBvK9pKYfhsL4LA73Hxf2xgyR7miTCSbgLbFcGqFmsOcYFNXsRfMdIHBoS
VKlXYRhmdkLNzfnccUgd3xt9wZYP9fv/OoagGbWCrL42RhEY+B19mBkFatyQ9KJw
dfcV3elI5qYwbAmEq2Vd/SQKiDDHOfSEqvz+NYunGOcgY62frp/+wOl3TSXF1HSZ
Ki8EQLMspI2PC1/NUNc8OS4J57x5ZRTj38BWHAnwMktRDNi87y+/faAuMLeOhrae
KDIvhYNq5zR9c5/e18TI6atOcmWmda4V50wRq5eghNopC5o2/M/+z0N6rQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAVxKkX+g9glO1dYcafbZD2RYgWVMB8GA1UdIwQY
MBaAFF6AO2azBgCPsXLC39UitWVQVzYNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWG9BN1pyTUdBSS14Y3NMZjFTSzFaVkJYTmcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy85ZDM0MmMtN2NlNy00YzY5LWFlY2Ut
OTM4NTA2YTlmMmE3LzEvWG9BN1pyTUdBSS14Y3NMZjFTSzFaVkJYTmcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy85ZDM0MmMtN2NlNy00YzY5LWFlY2UtOTM4NTA2YTlmMmE3
LzEvWG9BN1pyTUdBSS14Y3NMZjFTSzFaVkJYTmcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMEfHfxj2
2aMjgLEOPKIouDWj5PuSCq15QLOW7dwOtEkxLeMWEZFZhJFruV+ZLNhlX8HrfSVW
nIKdKLpWz4CyuC2/AfpMLfcO0IPaTBgSFZ5HblGvy0a/MLHxy38QOvNQgi+o3Gfz
PzwOtuRaY2XcRiUiVXuzGgtZaKFb9eklJT+LiQB3DmyxzBvBOfyEX7h9nQBYtEsg
r88Xxsoe7nCNyJY15AHe9TwiRTydRH3/rgmPZI32V3oUD4DuWEvg9i6T3s17Yn9P
HrlHOw/HM95U4M7bawPV+ob4pRhYodIUOvcHE/wvMX9WjliBn/jXONYi4nkmPWFY
NJzWlIWtQrWYOA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:20:04 2025 by rpki-client