Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.mft
File: XiZI8SkNRHG821C4K-TtkyADCU0.mft (raw, json)
Hash identifier: CB4/YFTN+BaCeS+IEXIdmYQM+cyO97MUlyJ1W2Yj4OQ=
Subject key identifier: 0F:B5:9B:3D:70:70:78:76:FE:6A:4E:F9:7A:84:A0:7E:3A:5E:7E:4C
Authority key identifier: 5E:26:48:F1:29:0D:44:71:BC:DB:50:B8:2B:E4:ED:93:20:03:09:4D
Certificate issuer: /CN=5e2648f1290d4471bcdb50b82be4ed932003094d
Certificate serial: 019A4DE1C39B285D8698ECE9490995DF1601
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XiZI8SkNRHG821C4K-TtkyADCU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.mft
Manifest number: 169E
Signing time: Tue 04 Nov 2025 08:00:32 +0000
Manifest this update: Tue 04 Nov 2025 08:00:32 +0000
Manifest next update: Wed 05 Nov 2025 08:00:32 +0000
Files and hashes: 1: BECHjRO1sNTrECspSOXRaHeMWRM.roa (hash: CUP2bSCGR2R7pQJIeBFSspVhJwtI4r06AoqaZ9LnrhQ=)
2: XiZI8SkNRHG821C4K-TtkyADCU0.crl (hash: qYKeqm+/2Zwe0qxV09s2KA8BgrKISilJryZyBc+KkO8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.mft
rsync://rpki.ripe.net/repository/DEFAULT/XiZI8SkNRHG821C4K-TtkyADCU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 08:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:e1:c3:9b:28:5d:86:98:ec:e9:49:09:95:df:16:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e2648f1290d4471bcdb50b82be4ed932003094d
Validity
Not Before: Nov 4 08:00:32 2025 GMT
Not After : Nov 5 08:00:32 2025 GMT
Subject: CN=0fb59b3d70707876fe6a4ef97a84a07e3a5e7e4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:30:14:27:7a:59:75:79:52:41:49:1a:f5:52:
54:a0:79:d0:c5:75:e1:f4:e8:ac:21:c4:a7:a0:f5:
af:0e:51:36:8d:48:80:83:70:62:6a:53:ff:13:d4:
7b:9c:5d:47:b3:a0:c4:53:4c:13:fc:f0:7a:33:f1:
3f:14:67:08:8e:95:e5:75:1f:63:63:ff:f3:04:e2:
b2:7b:bd:86:f9:c5:f8:21:68:2b:34:20:d1:3c:16:
27:13:43:26:f9:20:63:6c:cd:5f:fc:39:35:93:bd:
57:ad:52:aa:ee:cc:99:42:43:46:e1:aa:57:90:a4:
51:a9:f3:fd:74:c1:3c:5f:11:aa:b2:4b:0b:58:da:
3d:ee:b8:74:88:24:08:a3:5e:5c:00:8b:e6:24:99:
cf:c4:ad:5c:28:20:5c:8d:54:5a:60:dc:6a:bb:bd:
5a:21:e1:42:67:53:3b:71:e6:b4:18:4e:c9:c4:ee:
2f:bc:d0:9f:04:fa:25:6e:8d:4b:d6:5f:ac:4d:14:
af:17:22:4c:db:4c:0b:02:a0:56:32:76:1c:3f:f4:
2d:87:5f:f9:0d:59:58:6e:f6:a0:f8:ef:99:6e:49:
15:27:e6:e1:9c:12:96:0c:1f:26:8d:d1:99:be:60:
07:1c:4f:d0:33:f8:03:7c:23:31:1f:a1:5f:6c:24:
c3:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:B5:9B:3D:70:70:78:76:FE:6A:4E:F9:7A:84:A0:7E:3A:5E:7E:4C
X509v3 Authority Key Identifier:
keyid:5E:26:48:F1:29:0D:44:71:BC:DB:50:B8:2B:E4:ED:93:20:03:09:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XiZI8SkNRHG821C4K-TtkyADCU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
25:be:68:01:fd:4d:77:f5:1f:5a:fe:71:40:c6:3e:fa:e0:6c:
c5:f4:55:25:13:95:b5:b2:b9:bd:57:19:97:bb:d3:13:a3:4b:
eb:66:bc:97:7f:4b:ae:41:0b:78:e5:cb:e2:4f:cc:91:36:1d:
58:92:36:78:9b:96:ba:85:e9:d4:ac:ce:60:c3:56:fc:76:1b:
b3:f0:dd:da:cb:d9:88:f6:53:fb:44:16:7c:fa:6a:15:c1:fc:
94:7e:d5:3d:a2:8e:55:00:9b:69:41:4e:bc:e3:31:ea:f4:e1:
6d:4f:ce:2f:cf:b2:05:96:e6:4a:61:c2:8c:3b:c1:6d:b3:65:
7a:0e:b4:89:db:ad:89:99:89:ec:eb:f6:9b:2d:00:da:90:e5:
ef:4d:09:c6:ad:01:df:9f:e7:4b:00:21:51:b9:32:3b:ef:f8:
e8:65:d4:f1:43:84:13:c3:0a:35:e9:f4:de:d2:81:9e:8f:47:
6e:f5:7a:83:37:ff:6f:24:93:09:b9:fd:37:9b:6d:d0:48:85:
c0:82:b7:ee:66:62:fa:42:ae:12:20:a6:a9:f9:87:7a:62:40:
6d:43:30:41:9c:68:23:84:ce:7d:e3:f9:5c:a5:69:fe:40:b7:
74:90:59:68:ed:72:f8:ab:57:dd:bc:dc:ee:5f:69:08:b8:4b:
77:dc:8d:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4cObKF2GmOzpSQmV3xYBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMjY0OGYxMjkwZDQ0NzFiY2RiNTBiODJiZTRlZDkzMjAw
MzA5NGQwHhcNMjUxMTA0MDgwMDMyWhcNMjUxMTA1MDgwMDMyWjAzMTEwLwYDVQQD
EygwZmI1OWIzZDcwNzA3ODc2ZmU2YTRlZjk3YTg0YTA3ZTNhNWU3ZTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7DAUJ3pZdXlSQUka9VJUoHnQxXXh
9OisIcSnoPWvDlE2jUiAg3BialP/E9R7nF1Hs6DEU0wT/PB6M/E/FGcIjpXldR9j
Y//zBOKye72G+cX4IWgrNCDRPBYnE0Mm+SBjbM1f/Dk1k71XrVKq7syZQkNG4apX
kKRRqfP9dME8XxGqsksLWNo97rh0iCQIo15cAIvmJJnPxK1cKCBcjVRaYNxqu71a
IeFCZ1M7cea0GE7JxO4vvNCfBPolbo1L1l+sTRSvFyJM20wLAqBWMnYcP/Qth1/5
DVlYbvag+O+ZbkkVJ+bhnBKWDB8mjdGZvmAHHE/QM/gDfCMxH6FfbCTDuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA+1mz1wcHh2/mpO+XqEoH46Xn5MMB8GA1UdIwQY
MBaAFF4mSPEpDURxvNtQuCvk7ZMgAwlNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGlaSThTa05SSEc4MjFDNEstVHRreUFEQ1UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iYzRjNTMtMGRiNS00ZjExLTg0ZjYt
ZjU1ZmNkZjk3ODQ2LzEvWGlaSThTa05SSEc4MjFDNEstVHRreUFEQ1UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iYzRjNTMtMGRiNS00ZjExLTg0ZjYtZjU1ZmNkZjk3ODQ2
LzEvWGlaSThTa05SSEc4MjFDNEstVHRreUFEQ1UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJb5oAf1N
d/UfWv5xQMY++uBsxfRVJROVtbK5vVcZl7vTE6NL62a8l39LrkELeOXL4k/MkTYd
WJI2eJuWuoXp1KzOYMNW/HYbs/Dd2svZiPZT+0QWfPpqFcH8lH7VPaKOVQCbaUFO
vOMx6vThbU/OL8+yBZbmSmHCjDvBbbNleg60idutiZmJ7Ov2my0A2pDl700Jxq0B
35/nSwAhUbkyO+/46GXU8UOEE8MKNen03tKBno9HbvV6gzf/bySTCbn9N5tt0EiF
wIK37mZi+kKuEiCmqfmHemJAbUMwQZxoI4TOfeP5XKVp/kC3dJBZaO1y+KtX3bzc
7l9pCLhLd9yNmA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:27:38 2025 by rpki-client