Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/c7871c-51d9-463d-acb8-9b932ecd2ecc/1/xBK7PaZcqrUkhR74bOm6piB04e0.mft
File: xBK7PaZcqrUkhR74bOm6piB04e0.mft (raw, json)
Hash identifier: tUFpT/U5DdfnIGHD20l/hmktfWYVOht2mJG7gopCdRw=
Subject key identifier: F3:50:EE:43:2B:01:87:E6:63:64:36:97:0A:5E:3E:0E:40:BF:E4:AA
Authority key identifier: C4:12:BB:3D:A6:5C:AA:B5:24:85:1E:F8:6C:E9:BA:A6:20:74:E1:ED
Certificate issuer: /CN=c412bb3da65caab524851ef86ce9baa62074e1ed
Certificate serial: 019A4E18B4C04511DF783272D7AE67FBDAA4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xBK7PaZcqrUkhR74bOm6piB04e0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/c7871c-51d9-463d-acb8-9b932ecd2ecc/1/xBK7PaZcqrUkhR74bOm6piB04e0.mft
Manifest number: 1708
Signing time: Tue 04 Nov 2025 09:00:33 +0000
Manifest this update: Tue 04 Nov 2025 09:00:33 +0000
Manifest next update: Wed 05 Nov 2025 09:00:33 +0000
Files and hashes: 1: kMIoPYj99g2K5sWXNcD0fsxHkHM.roa (hash: FopABAV6PSptIp6OTBNiTRgtYU723NWq9ChEZhzR3FM=)
2: xBK7PaZcqrUkhR74bOm6piB04e0.crl (hash: 7NfrA/2MQa/iPYxvIIu3+K0y2lGdXOs5ISNquxnmcJ8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/c7871c-51d9-463d-acb8-9b932ecd2ecc/1/xBK7PaZcqrUkhR74bOm6piB04e0.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/c7871c-51d9-463d-acb8-9b932ecd2ecc/1/xBK7PaZcqrUkhR74bOm6piB04e0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xBK7PaZcqrUkhR74bOm6piB04e0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:18:b4:c0:45:11:df:78:32:72:d7:ae:67:fb:da:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c412bb3da65caab524851ef86ce9baa62074e1ed
Validity
Not Before: Nov 4 09:00:33 2025 GMT
Not After : Nov 5 09:00:33 2025 GMT
Subject: CN=f350ee432b0187e6636436970a5e3e0e40bfe4aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:68:c7:1b:a4:03:f6:de:ab:c9:cb:8e:19:a8:
53:bb:44:29:4f:28:75:3b:fa:fc:09:08:81:30:ba:
3f:ed:63:42:35:86:0a:31:2e:c4:36:fd:3a:13:c6:
20:51:45:86:3a:0f:af:67:f8:70:4d:1f:ab:4b:44:
9b:06:5b:16:95:65:09:9b:27:cb:52:1a:c7:8e:6b:
aa:25:72:1c:e6:18:ab:88:8f:ef:ef:85:6f:dd:03:
a4:51:87:fa:43:f9:aa:f5:60:68:b9:c1:0b:2e:8f:
d8:25:4b:20:74:71:d7:4b:3a:f0:d0:e5:ce:1c:17:
e8:c1:92:ac:84:42:24:3d:2c:9e:b8:c5:0c:1f:77:
9e:e9:86:b4:1a:ab:30:dd:03:0c:41:02:09:cc:1b:
dc:fa:d2:9e:5a:57:7d:f4:32:ea:64:d5:0d:38:2f:
4e:3e:e6:94:12:ae:88:bc:b6:8c:5f:f2:8c:74:f0:
c9:60:6b:e0:c4:1a:2e:bd:ad:18:db:f7:05:fb:40:
90:f9:2a:b7:6a:16:1f:d7:7e:12:dc:09:f0:12:9e:
03:2d:c7:ef:2d:a3:fe:ca:9e:0b:f5:e4:fd:fc:05:
64:eb:2a:7e:a9:47:1c:5a:4c:81:53:06:cc:7d:9a:
bd:78:76:08:e0:f1:30:5c:b2:87:99:a3:b6:e4:de:
80:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:50:EE:43:2B:01:87:E6:63:64:36:97:0A:5E:3E:0E:40:BF:E4:AA
X509v3 Authority Key Identifier:
keyid:C4:12:BB:3D:A6:5C:AA:B5:24:85:1E:F8:6C:E9:BA:A6:20:74:E1:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBK7PaZcqrUkhR74bOm6piB04e0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c7871c-51d9-463d-acb8-9b932ecd2ecc/1/xBK7PaZcqrUkhR74bOm6piB04e0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c7871c-51d9-463d-acb8-9b932ecd2ecc/1/xBK7PaZcqrUkhR74bOm6piB04e0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
91:10:71:3e:f5:07:5d:e3:8e:ae:43:76:e5:b0:96:94:b9:e0:
e1:b9:e0:bd:f3:b8:b7:64:1e:4f:e2:1f:29:58:7c:bd:93:95:
87:18:80:47:91:8b:c5:46:42:85:45:66:08:94:33:66:08:2e:
24:28:48:38:cc:7c:22:ab:b7:8e:0c:5a:e1:be:41:ee:c1:07:
55:d6:e8:24:fc:d6:87:24:48:05:d1:83:07:72:37:88:14:9f:
f0:0a:23:d1:31:e5:f0:c0:98:68:66:26:10:35:c1:67:a0:51:
70:ce:82:c0:29:42:5e:28:38:ef:36:4b:39:b2:b3:ba:c5:79:
ad:1c:e6:a6:13:e2:9d:8f:e7:9e:87:07:4b:18:71:56:54:e1:
22:cd:08:d8:dd:ed:be:bc:15:00:45:c4:d6:c9:48:19:69:e1:
72:fb:7a:38:22:8f:d7:57:9a:af:81:30:d0:17:bd:92:07:4e:
58:48:88:17:de:ce:b1:cb:ef:b8:7b:87:80:18:e4:02:6c:87:
e4:2a:44:20:92:5a:3d:84:6d:1c:a8:b7:f8:76:20:1b:11:92:
74:99:14:f0:4f:ea:07:50:c7:bf:e2:57:0c:f3:fe:c4:c1:eb:
8c:b7:57:47:03:1f:5c:71:37:0f:0d:77:be:a4:68:54:fc:ed:
fb:4d:db:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOGLTARRHfeDJy165n+9qkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MTJiYjNkYTY1Y2FhYjUyNDg1MWVmODZjZTliYWE2MjA3
NGUxZWQwHhcNMjUxMTA0MDkwMDMzWhcNMjUxMTA1MDkwMDMzWjAzMTEwLwYDVQQD
EyhmMzUwZWU0MzJiMDE4N2U2NjM2NDM2OTcwYTVlM2UwZTQwYmZlNGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGjHG6QD9t6rycuOGahTu0QpTyh1
O/r8CQiBMLo/7WNCNYYKMS7ENv06E8YgUUWGOg+vZ/hwTR+rS0SbBlsWlWUJmyfL
UhrHjmuqJXIc5hiriI/v74Vv3QOkUYf6Q/mq9WBoucELLo/YJUsgdHHXSzrw0OXO
HBfowZKshEIkPSyeuMUMH3ee6Ya0Gqsw3QMMQQIJzBvc+tKeWld99DLqZNUNOC9O
PuaUEq6IvLaMX/KMdPDJYGvgxBouva0Y2/cF+0CQ+Sq3ahYf134S3AnwEp4DLcfv
LaP+yp4L9eT9/AVk6yp+qUccWkyBUwbMfZq9eHYI4PEwXLKHmaO25N6APwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPNQ7kMrAYfmY2Q2lwpePg5Av+SqMB8GA1UdIwQY
MBaAFMQSuz2mXKq1JIUe+GzpuqYgdOHtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEJLN1BhWmNxclVraFI3NGJPbTZwaUIwNGUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9jNzg3MWMtNTFkOS00NjNkLWFjYjgt
OWI5MzJlY2QyZWNjLzEveEJLN1BhWmNxclVraFI3NGJPbTZwaUIwNGUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9jNzg3MWMtNTFkOS00NjNkLWFjYjgtOWI5MzJlY2QyZWNj
LzEveEJLN1BhWmNxclVraFI3NGJPbTZwaUIwNGUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkRBxPvUH
XeOOrkN25bCWlLng4bngvfO4t2QeT+IfKVh8vZOVhxiAR5GLxUZChUVmCJQzZggu
JChIOMx8Iqu3jgxa4b5B7sEHVdboJPzWhyRIBdGDB3I3iBSf8Aoj0THl8MCYaGYm
EDXBZ6BRcM6CwClCXig47zZLObKzusV5rRzmphPinY/nnocHSxhxVlThIs0I2N3t
vrwVAEXE1slIGWnhcvt6OCKP11ear4Ew0Be9kgdOWEiIF97OscvvuHuHgBjkAmyH
5CpEIJJaPYRtHKi3+HYgGxGSdJkU8E/qB1DHv+JXDPP+xMHrjLdXRwMfXHE3Dw13
vqRoVPzt+03bHg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:09:23 2025 by rpki-client