Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/10fea8-4f9c-42e2-b041-bd65fed67dc6/1/XY9AsSSN49pfXWCX-BBoKTxL7vc.mft
File: XY9AsSSN49pfXWCX-BBoKTxL7vc.mft (raw, json)
Hash identifier: DwfeM2g3KTjO2fPV89xUsKZiuYzRil9hTD2lEbu/NgQ=
Subject key identifier: 7A:82:D4:25:72:39:28:07:9B:FD:06:80:91:D8:3D:05:FE:76:DB:27
Authority key identifier: 5D:8F:40:B1:24:8D:E3:DA:5F:5D:60:97:F8:10:68:29:3C:4B:EE:F7
Certificate issuer: /CN=5d8f40b1248de3da5f5d6097f81068293c4beef7
Certificate serial: 019A533EDD1A26182AB4DD61F65753599113
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XY9AsSSN49pfXWCX-BBoKTxL7vc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/10fea8-4f9c-42e2-b041-bd65fed67dc6/1/XY9AsSSN49pfXWCX-BBoKTxL7vc.mft
Manifest number: 3A
Signing time: Wed 05 Nov 2025 09:00:19 +0000
Manifest this update: Wed 05 Nov 2025 09:00:19 +0000
Manifest next update: Thu 06 Nov 2025 09:00:19 +0000
Files and hashes: 1: XY9AsSSN49pfXWCX-BBoKTxL7vc.crl (hash: dev1X+oqrpiFCpj7xeqdiNxld2Q4ypGO4tedUDjS7Zw=)
2: b771fZdz_MNhiObaQsIwRdjf7Gs.roa (hash: o+D5q+mMR9tPd7YAvMxT+oCI4+Bj3WK3M/NrPMAIyl4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/10fea8-4f9c-42e2-b041-bd65fed67dc6/1/XY9AsSSN49pfXWCX-BBoKTxL7vc.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/10fea8-4f9c-42e2-b041-bd65fed67dc6/1/XY9AsSSN49pfXWCX-BBoKTxL7vc.mft
rsync://rpki.ripe.net/repository/DEFAULT/XY9AsSSN49pfXWCX-BBoKTxL7vc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 09:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:53:3e:dd:1a:26:18:2a:b4:dd:61:f6:57:53:59:91:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d8f40b1248de3da5f5d6097f81068293c4beef7
Validity
Not Before: Nov 5 09:00:19 2025 GMT
Not After : Nov 6 09:00:19 2025 GMT
Subject: CN=7a82d425723928079bfd068091d83d05fe76db27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:95:98:5a:a2:c4:dd:1a:f3:43:46:5f:6f:c9:
7e:a9:69:1c:10:e5:c1:65:89:cc:a8:96:7d:87:3a:
48:c4:b9:99:37:62:1d:ea:f6:11:60:33:aa:0a:d0:
a2:a4:53:4d:77:1a:b5:b9:23:2c:d5:7e:26:65:ed:
13:2d:0f:2c:6d:78:08:f7:e3:0f:d1:6a:67:ef:e8:
fe:d1:22:8b:a1:4d:75:8d:63:d9:dc:b1:c1:c4:7c:
ee:1f:fa:b5:46:3a:0a:0e:73:04:59:e3:0a:cf:66:
0e:88:c3:f6:ec:c3:76:1e:d1:62:38:ac:51:2b:c6:
9b:38:d9:a6:0c:90:a5:d5:2d:63:80:11:8a:f4:4d:
f5:e8:8a:c1:83:41:cf:73:b4:f9:f9:01:42:64:5c:
f5:22:39:e3:b3:9b:69:13:df:a4:d5:f9:6d:6d:37:
2a:7e:d6:db:9e:f5:55:c4:6b:04:4a:cc:41:37:7e:
e3:bb:28:7c:51:dc:4f:ff:3a:6f:aa:f3:49:4f:06:
c1:46:d8:b8:4a:a3:a0:df:63:e4:58:65:de:11:ba:
91:c9:5b:b2:7d:ba:f7:37:17:22:72:5d:0c:66:77:
11:44:a0:48:73:01:5a:8c:ca:f2:61:b9:22:73:f8:
a0:c1:cf:a1:49:c7:1d:ab:4a:8b:6a:1a:96:85:fe:
86:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:82:D4:25:72:39:28:07:9B:FD:06:80:91:D8:3D:05:FE:76:DB:27
X509v3 Authority Key Identifier:
keyid:5D:8F:40:B1:24:8D:E3:DA:5F:5D:60:97:F8:10:68:29:3C:4B:EE:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XY9AsSSN49pfXWCX-BBoKTxL7vc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/10fea8-4f9c-42e2-b041-bd65fed67dc6/1/XY9AsSSN49pfXWCX-BBoKTxL7vc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/10fea8-4f9c-42e2-b041-bd65fed67dc6/1/XY9AsSSN49pfXWCX-BBoKTxL7vc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9c:50:30:ba:2d:f3:f9:2d:20:15:0b:a4:46:d2:dd:3d:01:fa:
1b:9c:73:45:96:df:86:2c:8d:35:cf:5a:5b:57:a8:bb:b8:6e:
17:c4:fe:38:9e:19:62:51:d6:23:d5:4d:d8:3e:85:52:c2:57:
51:2b:c5:eb:46:2c:23:51:04:f6:5f:57:d0:b7:17:86:96:f1:
52:f0:4c:23:fc:c2:58:9b:f5:6e:2e:bb:1a:d6:42:6d:c8:b5:
18:a6:b1:ae:1f:a6:47:f0:94:42:52:92:83:a2:19:5e:45:8d:
65:af:70:aa:9c:e7:ed:36:13:7c:ec:cf:03:39:50:b4:90:6c:
96:e9:9c:61:ef:f1:11:7b:6c:33:e6:4b:cf:4e:b7:37:c1:8f:
40:e5:5e:6b:8c:5b:02:f4:ec:27:47:1f:13:35:c6:7d:53:57:
0a:e4:02:8f:67:ed:87:c0:0a:c1:98:8e:f4:d5:45:54:99:c7:
a0:ae:fc:6b:83:38:be:c7:e1:be:d0:04:bb:e0:a1:ed:57:72:
18:1d:d1:39:2f:f2:a1:65:f0:a8:f0:fa:e4:46:60:c4:6e:18:
c6:e1:21:ff:9c:4a:28:37:26:92:1d:68:dc:c6:b2:77:3f:f0:
25:d2:82:17:ce:cf:5b:e7:c1:44:dc:63:54:57:11:a9:ce:89:
22:67:bb:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpTPt0aJhgqtN1h9ldTWZETMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkOGY0MGIxMjQ4ZGUzZGE1ZjVkNjA5N2Y4MTA2ODI5M2M0
YmVlZjcwHhcNMjUxMTA1MDkwMDE5WhcNMjUxMTA2MDkwMDE5WjAzMTEwLwYDVQQD
Eyg3YTgyZDQyNTcyMzkyODA3OWJmZDA2ODA5MWQ4M2QwNWZlNzZkYjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJWYWqLE3RrzQ0Zfb8l+qWkcEOXB
ZYnMqJZ9hzpIxLmZN2Id6vYRYDOqCtCipFNNdxq1uSMs1X4mZe0TLQ8sbXgI9+MP
0Wpn7+j+0SKLoU11jWPZ3LHBxHzuH/q1RjoKDnMEWeMKz2YOiMP27MN2HtFiOKxR
K8abONmmDJCl1S1jgBGK9E316IrBg0HPc7T5+QFCZFz1Ijnjs5tpE9+k1fltbTcq
ftbbnvVVxGsESsxBN37juyh8UdxP/zpvqvNJTwbBRti4SqOg32PkWGXeEbqRyVuy
fbr3Nxcicl0MZncRRKBIcwFajMryYbkic/igwc+hSccdq0qLahqWhf6GawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHqC1CVyOSgHm/0GgJHYPQX+dtsnMB8GA1UdIwQY
MBaAFF2PQLEkjePaX11gl/gQaCk8S+73MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFk5QXNTU040OXBmWFdDWC1CQm9LVHhMN3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8xMGZlYTgtNGY5Yy00MmUyLWIwNDEt
YmQ2NWZlZDY3ZGM2LzEvWFk5QXNTU040OXBmWFdDWC1CQm9LVHhMN3ZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8xMGZlYTgtNGY5Yy00MmUyLWIwNDEtYmQ2NWZlZDY3ZGM2
LzEvWFk5QXNTU040OXBmWFdDWC1CQm9LVHhMN3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnFAwui3z
+S0gFQukRtLdPQH6G5xzRZbfhiyNNc9aW1eou7huF8T+OJ4ZYlHWI9VN2D6FUsJX
USvF60YsI1EE9l9X0LcXhpbxUvBMI/zCWJv1bi67GtZCbci1GKaxrh+mR/CUQlKS
g6IZXkWNZa9wqpzn7TYTfOzPAzlQtJBslumcYe/xEXtsM+ZLz063N8GPQOVea4xb
AvTsJ0cfEzXGfVNXCuQCj2fth8AKwZiO9NVFVJnHoK78a4M4vsfhvtAEu+Ch7Vdy
GB3ROS/yoWXwqPD65EZgxG4YxuEh/5xKKDcmkh1o3Maydz/wJdKCF87PW+fBRNxj
VFcRqc6JIme7zg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 16:01:11 2025 by rpki-client