Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/129532-5c88-468e-b41d-fde6fb9af230/1/xddsGvj60uvGNOouIzcPEMXFnQs.mft
File: xddsGvj60uvGNOouIzcPEMXFnQs.mft (raw, json)
Hash identifier: fMcs22cVq0D7PMMe8xm0YC1Aogaq0AqeyjCRDm9YJfg=
Subject key identifier: 8E:BF:D2:BA:53:35:B9:0B:6F:BF:8B:7A:B1:FA:E8:D8:EF:DB:B5:D2
Authority key identifier: C5:D7:6C:1A:F8:FA:D2:EB:C6:34:EA:2E:23:37:0F:10:C5:C5:9D:0B
Certificate issuer: /CN=c5d76c1af8fad2ebc634ea2e23370f10c5c59d0b
Certificate serial: 019A4F6263B2CD760C218A3315AC27479C58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xddsGvj60uvGNOouIzcPEMXFnQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/129532-5c88-468e-b41d-fde6fb9af230/1/xddsGvj60uvGNOouIzcPEMXFnQs.mft
Manifest number: 0643
Signing time: Tue 04 Nov 2025 15:00:39 +0000
Manifest this update: Tue 04 Nov 2025 15:00:39 +0000
Manifest next update: Wed 05 Nov 2025 15:00:39 +0000
Files and hashes: 1: Acbly_fCXeuRyFDFzZjmCcQPl8U.roa (hash: 97l8f98tI95Opzr22XniXOh4lBsa/Ac1EBZZQOTU4Lo=)
2: xddsGvj60uvGNOouIzcPEMXFnQs.crl (hash: ePpubCQCNozdPx4fUrxDP3BkiHM6V0Pdb02tPgQXVXw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/129532-5c88-468e-b41d-fde6fb9af230/1/xddsGvj60uvGNOouIzcPEMXFnQs.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/129532-5c88-468e-b41d-fde6fb9af230/1/xddsGvj60uvGNOouIzcPEMXFnQs.mft
rsync://rpki.ripe.net/repository/DEFAULT/xddsGvj60uvGNOouIzcPEMXFnQs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 15:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:62:63:b2:cd:76:0c:21:8a:33:15:ac:27:47:9c:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5d76c1af8fad2ebc634ea2e23370f10c5c59d0b
Validity
Not Before: Nov 4 15:00:39 2025 GMT
Not After : Nov 5 15:00:39 2025 GMT
Subject: CN=8ebfd2ba5335b90b6fbf8b7ab1fae8d8efdbb5d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:42:99:eb:43:dd:4a:5e:0e:59:52:14:22:32:
93:6a:8a:08:94:18:93:9f:d5:eb:29:9c:06:f5:4c:
c6:c2:49:c2:42:cc:72:25:77:d2:a4:2b:db:18:d0:
76:6a:3c:9a:92:28:59:8d:ac:b5:17:77:c9:49:8d:
88:7d:75:f5:2d:7f:af:5c:8e:3e:d4:f0:e0:7b:47:
38:59:53:a9:fd:79:72:42:90:87:7f:3f:56:28:99:
6f:ca:72:f0:57:9a:b1:0a:fc:a2:b1:fc:0c:de:b2:
48:83:6e:35:e2:71:28:23:55:29:df:17:a8:b4:39:
09:2d:62:7a:8f:5a:a9:78:0f:24:96:05:aa:1a:8e:
3b:87:06:5a:bb:1b:a2:bd:c5:97:d3:25:39:fc:a5:
58:b2:a0:b2:b8:19:d0:0d:c4:26:f4:55:ea:8a:f2:
39:80:ec:c5:cb:82:21:32:9a:f3:35:96:c2:b6:2f:
ee:b8:65:af:a2:8b:20:86:db:7c:4d:93:b4:95:a6:
20:f7:de:1c:03:62:b9:fc:7b:21:29:bc:75:a6:1c:
c5:23:0e:d0:95:e9:b2:9f:bc:70:68:32:42:c8:ee:
73:0e:7a:9c:ec:62:a6:82:6c:ea:11:13:ba:05:9f:
5b:92:3f:5b:7b:70:89:08:ce:40:91:d5:84:d7:6b:
57:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:BF:D2:BA:53:35:B9:0B:6F:BF:8B:7A:B1:FA:E8:D8:EF:DB:B5:D2
X509v3 Authority Key Identifier:
keyid:C5:D7:6C:1A:F8:FA:D2:EB:C6:34:EA:2E:23:37:0F:10:C5:C5:9D:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xddsGvj60uvGNOouIzcPEMXFnQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/129532-5c88-468e-b41d-fde6fb9af230/1/xddsGvj60uvGNOouIzcPEMXFnQs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/129532-5c88-468e-b41d-fde6fb9af230/1/xddsGvj60uvGNOouIzcPEMXFnQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a7:db:2f:4e:0f:47:b5:d1:34:cd:e5:bb:ee:82:3b:63:8e:f9:
f2:7f:cd:d2:a3:9c:55:55:d6:ab:5c:84:4a:b7:79:e8:73:b7:
df:34:40:52:23:e9:d4:1c:e0:ce:c7:07:42:de:ae:8a:c2:5b:
6e:40:39:e8:fe:eb:0e:46:ea:8d:26:ab:00:2a:51:f7:a8:95:
25:f4:05:e6:4c:e3:db:f9:05:60:35:84:b6:c2:1b:a6:11:b1:
f8:97:91:85:35:08:49:de:81:07:a3:e6:a6:24:4a:1e:7e:dd:
40:ef:a2:bf:a0:25:d9:56:cf:26:f2:af:b9:54:b6:82:48:06:
59:9b:13:8e:43:54:4b:57:22:99:f2:32:e9:61:cf:6a:ec:59:
9f:cc:4e:fe:f5:1a:4c:c1:77:89:98:94:3a:9e:b9:b0:53:b4:
71:e2:18:38:6d:f8:28:fc:61:a1:aa:4b:71:f1:a7:0f:0a:db:
14:96:8e:a1:fc:04:ca:6c:8f:0d:ea:bf:6d:83:cd:11:8e:01:
8a:f5:bb:ee:25:4b:77:3f:90:88:41:5f:fe:69:a4:ff:ce:84:
f6:9e:0e:bb:e9:aa:01:5a:36:3e:fb:5f:5c:c5:f0:dc:27:b3:
ff:91:6d:da:69:a2:1b:40:73:44:93:7b:27:ff:0b:75:f4:e4:
06:61:22:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYmOyzXYMIYozFawnR5xYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1ZDc2YzFhZjhmYWQyZWJjNjM0ZWEyZTIzMzcwZjEwYzVj
NTlkMGIwHhcNMjUxMTA0MTUwMDM5WhcNMjUxMTA1MTUwMDM5WjAzMTEwLwYDVQQD
Eyg4ZWJmZDJiYTUzMzViOTBiNmZiZjhiN2FiMWZhZThkOGVmZGJiNWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1EKZ60PdSl4OWVIUIjKTaooIlBiT
n9XrKZwG9UzGwknCQsxyJXfSpCvbGNB2ajyakihZjay1F3fJSY2IfXX1LX+vXI4+
1PDge0c4WVOp/XlyQpCHfz9WKJlvynLwV5qxCvyisfwM3rJIg2414nEoI1Up3xeo
tDkJLWJ6j1qpeA8klgWqGo47hwZauxuivcWX0yU5/KVYsqCyuBnQDcQm9FXqivI5
gOzFy4IhMprzNZbCti/uuGWvoosghtt8TZO0laYg994cA2K5/HshKbx1phzFIw7Q
lemyn7xwaDJCyO5zDnqc7GKmgmzqERO6BZ9bkj9be3CJCM5AkdWE12tXpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI6/0rpTNbkLb7+LerH66Njv27XSMB8GA1UdIwQY
MBaAFMXXbBr4+tLrxjTqLiM3DxDFxZ0LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGRkc0d2ajYwdXZHTk9vdUl6Y1BFTVhGblFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8xMjk1MzItNWM4OC00NjhlLWI0MWQt
ZmRlNmZiOWFmMjMwLzEveGRkc0d2ajYwdXZHTk9vdUl6Y1BFTVhGblFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8xMjk1MzItNWM4OC00NjhlLWI0MWQtZmRlNmZiOWFmMjMw
LzEveGRkc0d2ajYwdXZHTk9vdUl6Y1BFTVhGblFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp9svTg9H
tdE0zeW77oI7Y4758n/N0qOcVVXWq1yESrd56HO33zRAUiPp1BzgzscHQt6uisJb
bkA56P7rDkbqjSarACpR96iVJfQF5kzj2/kFYDWEtsIbphGx+JeRhTUISd6BB6Pm
piRKHn7dQO+iv6Al2VbPJvKvuVS2gkgGWZsTjkNUS1cimfIy6WHPauxZn8xO/vUa
TMF3iZiUOp65sFO0ceIYOG34KPxhoapLcfGnDwrbFJaOofwEymyPDeq/bYPNEY4B
ivW77iVLdz+QiEFf/mmk/86E9p4Ou+mqAVo2PvtfXMXw3Cez/5Ft2mmiG0BzRJN7
J/8LdfTkBmEidw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:24:17 2025 by rpki-client