Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/b3d76f-6ef9-4c4a-812c-befe4b34c6f0/1/XfXtBA7-LlgXVN61w82C2Z3-6Nk.mft
File: XfXtBA7-LlgXVN61w82C2Z3-6Nk.mft (raw, json)
Hash identifier: eUTrIa/GHOnWbJ5dUiIw5Mip5VoGEqlijqzKJlnJDbk=
Subject key identifier: 11:7C:7A:BC:2F:73:95:D6:5B:42:6A:B1:33:99:2A:47:AE:F9:A3:A4
Authority key identifier: 5D:F5:ED:04:0E:FE:2E:58:17:54:DE:B5:C3:CD:82:D9:9D:FE:E8:D9
Certificate issuer: /CN=5df5ed040efe2e581754deb5c3cd82d99dfee8d9
Certificate serial: 019A4C610FE16610D357A34EB6F9D5314895
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XfXtBA7-LlgXVN61w82C2Z3-6Nk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/b3d76f-6ef9-4c4a-812c-befe4b34c6f0/1/XfXtBA7-LlgXVN61w82C2Z3-6Nk.mft
Manifest number: 170E
Signing time: Tue 04 Nov 2025 01:00:20 +0000
Manifest this update: Tue 04 Nov 2025 01:00:20 +0000
Manifest next update: Wed 05 Nov 2025 01:00:20 +0000
Files and hashes: 1: R0Y_8680398wT7CzR2ae2QTPR2w.roa (hash: T+VBi4m8dsst25C1j7+k5KuFCU7EfyAt7PpnICFW3s0=)
2: XfXtBA7-LlgXVN61w82C2Z3-6Nk.crl (hash: PEWO3kigm/JJLdJI6967WrLWkclkyHXc8297zHoY6wI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/b3d76f-6ef9-4c4a-812c-befe4b34c6f0/1/XfXtBA7-LlgXVN61w82C2Z3-6Nk.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/b3d76f-6ef9-4c4a-812c-befe4b34c6f0/1/XfXtBA7-LlgXVN61w82C2Z3-6Nk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XfXtBA7-LlgXVN61w82C2Z3-6Nk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 01:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4c:61:0f:e1:66:10:d3:57:a3:4e:b6:f9:d5:31:48:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5df5ed040efe2e581754deb5c3cd82d99dfee8d9
Validity
Not Before: Nov 4 01:00:20 2025 GMT
Not After : Nov 5 01:00:20 2025 GMT
Subject: CN=117c7abc2f7395d65b426ab133992a47aef9a3a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:38:47:78:d6:5f:ee:bc:c9:1b:ae:9b:33:7a:
dc:09:10:8e:ff:d4:89:01:2e:22:40:05:78:6c:95:
6a:75:89:c0:25:87:74:f0:2e:a8:47:3f:d4:97:5c:
b3:42:52:cd:96:e6:99:79:fc:f1:9e:95:58:0f:f4:
fe:03:ae:3b:9e:76:36:d6:63:fc:40:86:f0:55:21:
e3:41:58:22:a9:24:5d:9a:ad:22:69:7e:ce:46:b4:
9e:bd:4a:18:59:51:38:87:93:25:ae:29:5c:6a:3a:
a4:4b:de:2e:29:f7:ee:96:50:bc:f6:8d:4a:3e:d0:
d6:40:21:0d:60:6c:f5:b5:ab:30:73:3b:5d:cb:44:
96:d8:d3:66:19:03:61:c4:59:01:da:9c:06:49:df:
27:07:df:9b:bb:07:52:c6:2f:6e:ba:e8:d6:f1:05:
bc:f8:8a:fc:f6:de:0d:41:52:90:1f:cd:15:9b:ac:
2b:35:c5:f9:09:5f:f9:5d:5c:01:f3:f0:b3:75:1b:
8c:08:bd:ae:c1:e4:92:db:44:03:bc:80:0f:9c:d9:
fd:1f:6d:0f:e3:28:e4:22:f9:60:d8:e1:1c:14:df:
e2:1c:c8:8d:65:67:ab:e2:af:e2:fc:4d:c8:fc:a9:
c1:56:ad:e2:ca:2c:d3:ea:50:b0:d3:c5:d0:09:40:
25:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:7C:7A:BC:2F:73:95:D6:5B:42:6A:B1:33:99:2A:47:AE:F9:A3:A4
X509v3 Authority Key Identifier:
keyid:5D:F5:ED:04:0E:FE:2E:58:17:54:DE:B5:C3:CD:82:D9:9D:FE:E8:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XfXtBA7-LlgXVN61w82C2Z3-6Nk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/b3d76f-6ef9-4c4a-812c-befe4b34c6f0/1/XfXtBA7-LlgXVN61w82C2Z3-6Nk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/b3d76f-6ef9-4c4a-812c-befe4b34c6f0/1/XfXtBA7-LlgXVN61w82C2Z3-6Nk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
73:ff:1e:45:ec:72:85:b3:5a:40:15:25:1f:ac:60:f2:4d:6a:
e9:26:40:36:95:b4:da:07:16:64:f3:85:a7:7e:26:fb:a9:83:
67:ef:64:ff:cf:67:60:16:61:3f:f9:6f:13:36:b6:a8:d8:ea:
6f:90:c5:b0:c2:b0:39:21:d8:6c:0f:d2:58:ab:f0:86:bc:2b:
60:7d:aa:1f:fe:a7:a4:78:0b:8c:8a:4c:76:54:9e:8b:93:74:
ef:18:c6:e1:ce:68:0a:5c:71:05:9a:87:aa:c9:36:df:6e:8a:
cb:e0:03:44:ce:e0:2e:c4:8e:d8:07:0e:85:b1:e5:12:b4:39:
5d:db:ca:ba:73:2c:1d:64:90:15:ea:9f:41:59:82:92:47:93:
66:45:db:87:ef:8e:36:5b:9a:e7:06:cc:16:72:e3:15:80:96:
69:2c:2d:b1:5f:e6:aa:e4:bd:bc:2b:54:45:e1:57:f3:17:51:
e1:4b:d5:3d:c6:9c:ad:d7:ee:8b:95:84:fa:13:24:21:6f:7f:
1e:65:82:0b:07:2d:11:84:1e:28:27:56:32:81:1c:5a:e7:fd:
d2:ac:5d:b8:01:ac:79:54:4c:e8:1d:2b:d4:bf:c2:d5:0d:28:
35:c2:ae:06:a2:0a:62:78:22:9d:5a:33:e4:3c:75:96:04:4e:
ef:28:9a:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpMYQ/hZhDTV6NOtvnVMUiVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZjVlZDA0MGVmZTJlNTgxNzU0ZGViNWMzY2Q4MmQ5OWRm
ZWU4ZDkwHhcNMjUxMTA0MDEwMDIwWhcNMjUxMTA1MDEwMDIwWjAzMTEwLwYDVQQD
EygxMTdjN2FiYzJmNzM5NWQ2NWI0MjZhYjEzMzk5MmE0N2FlZjlhM2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDhHeNZf7rzJG66bM3rcCRCO/9SJ
AS4iQAV4bJVqdYnAJYd08C6oRz/Ul1yzQlLNluaZefzxnpVYD/T+A647nnY21mP8
QIbwVSHjQVgiqSRdmq0iaX7ORrSevUoYWVE4h5MlrilcajqkS94uKffullC89o1K
PtDWQCENYGz1taswcztdy0SW2NNmGQNhxFkB2pwGSd8nB9+buwdSxi9uuujW8QW8
+Ir89t4NQVKQH80Vm6wrNcX5CV/5XVwB8/CzdRuMCL2uweSS20QDvIAPnNn9H20P
4yjkIvlg2OEcFN/iHMiNZWer4q/i/E3I/KnBVq3iyizT6lCw08XQCUAlNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBF8erwvc5XWW0JqsTOZKkeu+aOkMB8GA1UdIwQY
MBaAFF317QQO/i5YF1TetcPNgtmd/ujZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGZYdEJBNy1MbGdYVk42MXc4MkMyWjMtNk5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9iM2Q3NmYtNmVmOS00YzRhLTgxMmMt
YmVmZTRiMzRjNmYwLzEvWGZYdEJBNy1MbGdYVk42MXc4MkMyWjMtNk5rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9iM2Q3NmYtNmVmOS00YzRhLTgxMmMtYmVmZTRiMzRjNmYw
LzEvWGZYdEJBNy1MbGdYVk42MXc4MkMyWjMtNk5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc/8eRexy
hbNaQBUlH6xg8k1q6SZANpW02gcWZPOFp34m+6mDZ+9k/89nYBZhP/lvEza2qNjq
b5DFsMKwOSHYbA/SWKvwhrwrYH2qH/6npHgLjIpMdlSei5N07xjG4c5oClxxBZqH
qsk2326Ky+ADRM7gLsSO2AcOhbHlErQ5XdvKunMsHWSQFeqfQVmCkkeTZkXbh++O
Nlua5wbMFnLjFYCWaSwtsV/mquS9vCtUReFX8xdR4UvVPcacrdfui5WE+hMkIW9/
HmWCCwctEYQeKCdWMoEcWuf90qxduAGseVRM6B0r1L/C1Q0oNcKuBqIKYnginVoz
5Dx1lgRO7yiaUA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 10:47:55 2025 by rpki-client