Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft
File: XNhYOyEXQQSea7GalG2DGqvxGtM.mft (raw, json)
Hash identifier: n+edQ5KN4QF7yv1C/T3s5VTC4wtXYaVILK93/f5HiUI=
Subject key identifier: 1C:75:42:16:3D:3E:87:46:E8:8F:2F:D7:D0:09:4C:A2:41:85:6B:CD
Authority key identifier: 5C:D8:58:3B:21:17:41:04:9E:6B:B1:9A:94:6D:83:1A:AB:F1:1A:D3
Certificate issuer: /CN=5cd8583b211741049e6bb19a946d831aabf11ad3
Certificate serial: 019A4DE193CE84740A5EF8B15BD316C96001
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft
Manifest number: 164E
Signing time: Tue 04 Nov 2025 08:00:20 +0000
Manifest this update: Tue 04 Nov 2025 08:00:20 +0000
Manifest next update: Wed 05 Nov 2025 08:00:20 +0000
Files and hashes: 1: XNhYOyEXQQSea7GalG2DGqvxGtM.crl (hash: ASaQsYC1MLwohp40Uo25Neb3i7z2MMyz+J96+Q8mToQ=)
2: ir_nzSQYAsgPoPu8kRGYQzALm7U.roa (hash: TCpfNyg//XzFyrfc8SAsUbs4iWswcCSro2mnromAmQo=)
3: m3SzGaHBe-liV9k_hjkTUrNHXMg.roa (hash: 1IYirY3YGGwbakrzW31PvEOIIPUhpCQb3MNxcEFgdzs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft
rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 08:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:e1:93:ce:84:74:0a:5e:f8:b1:5b:d3:16:c9:60:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cd8583b211741049e6bb19a946d831aabf11ad3
Validity
Not Before: Nov 4 08:00:20 2025 GMT
Not After : Nov 5 08:00:20 2025 GMT
Subject: CN=1c7542163d3e8746e88f2fd7d0094ca241856bcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:69:18:a6:06:9e:e5:4a:90:47:b4:27:8e:7b:
b0:43:70:c5:72:1a:69:a7:2a:78:b8:ae:47:67:d6:
d7:de:5a:19:8d:77:44:8f:d1:5d:41:c9:5e:11:c8:
1f:e2:00:4a:c9:24:f3:a1:75:7f:cc:b0:3a:5f:7f:
1d:46:c6:0b:88:82:55:0a:af:b7:8f:3b:40:72:f0:
13:11:6b:14:42:fb:66:2c:a9:a3:d1:06:26:92:fe:
22:28:ff:df:6b:6f:a2:c9:88:f7:a5:50:c5:4e:8f:
d5:36:50:04:76:a6:88:90:f4:e1:59:b9:24:e4:72:
7a:ad:38:3f:ce:6b:6c:2c:f3:7e:f1:3b:08:24:3b:
7f:6c:0e:df:c4:af:27:a5:89:a1:c7:b0:f4:56:5d:
1f:89:a7:62:e8:6a:bb:7e:48:8c:b8:52:95:4a:e4:
3a:70:6d:a1:06:56:17:03:9a:e7:b4:9a:1f:24:f4:
c0:ff:00:45:10:cc:ce:d0:21:83:35:39:8c:4a:ab:
15:19:78:63:16:c9:59:ff:a8:fb:03:bf:5d:ba:2d:
99:2a:95:fe:46:26:d7:fd:5c:49:78:22:ac:f9:64:
4b:26:39:f8:3a:22:05:1d:7c:ad:a9:8f:86:de:fb:
07:6e:7a:2f:e5:81:48:88:4a:33:57:04:5e:5c:c6:
50:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:75:42:16:3D:3E:87:46:E8:8F:2F:D7:D0:09:4C:A2:41:85:6B:CD
X509v3 Authority Key Identifier:
keyid:5C:D8:58:3B:21:17:41:04:9E:6B:B1:9A:94:6D:83:1A:AB:F1:1A:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
66:94:6d:06:bd:6b:88:68:21:0f:15:71:b8:93:f5:bf:af:ec:
ed:87:e3:71:7d:ff:01:10:c2:10:7f:25:54:8a:71:50:d9:84:
e0:39:25:2c:4b:e7:06:5e:12:38:b9:75:6b:2e:9c:f2:70:d7:
02:3b:eb:0a:c4:5c:35:29:6f:a3:f6:f7:a5:0c:a1:d2:c9:2d:
28:b1:ed:da:3d:e4:49:af:3d:eb:c5:be:2f:40:4d:c3:5a:71:
17:2c:36:07:b6:53:9d:e7:70:3b:29:43:26:8b:43:70:94:00:
f7:1b:56:e0:d3:22:a9:5a:70:4c:de:df:1b:29:b4:d8:98:1a:
e5:71:09:14:d4:f9:68:1a:c6:e1:a5:f6:49:d2:e0:a6:41:a2:
ce:02:6c:07:3c:1d:70:72:35:85:e9:12:ae:e8:ec:45:a7:82:
77:e7:e3:bc:47:5a:ae:27:da:85:27:dc:58:f3:d5:02:95:a0:
d9:b8:d5:de:6a:9e:d9:d8:ed:48:79:46:ca:2f:46:47:a1:8a:
e5:38:a0:87:d8:65:58:26:91:32:d6:06:3e:39:18:80:38:93:
a1:4b:db:b6:c0:ff:a4:42:f4:d2:e5:b2:f5:ef:60:18:ec:28:
fc:a0:5b:ea:89:c4:5c:d6:37:3b:30:2a:b9:25:ed:cf:fb:f6:
fe:6e:58:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4ZPOhHQKXvixW9MWyWABMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZDg1ODNiMjExNzQxMDQ5ZTZiYjE5YTk0NmQ4MzFhYWJm
MTFhZDMwHhcNMjUxMTA0MDgwMDIwWhcNMjUxMTA1MDgwMDIwWjAzMTEwLwYDVQQD
EygxYzc1NDIxNjNkM2U4NzQ2ZTg4ZjJmZDdkMDA5NGNhMjQxODU2YmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGkYpgae5UqQR7QnjnuwQ3DFchpp
pyp4uK5HZ9bX3loZjXdEj9FdQcleEcgf4gBKySTzoXV/zLA6X38dRsYLiIJVCq+3
jztAcvATEWsUQvtmLKmj0QYmkv4iKP/fa2+iyYj3pVDFTo/VNlAEdqaIkPThWbkk
5HJ6rTg/zmtsLPN+8TsIJDt/bA7fxK8npYmhx7D0Vl0fiadi6Gq7fkiMuFKVSuQ6
cG2hBlYXA5rntJofJPTA/wBFEMzO0CGDNTmMSqsVGXhjFslZ/6j7A79dui2ZKpX+
RibX/VxJeCKs+WRLJjn4OiIFHXytqY+G3vsHbnov5YFIiEozVwReXMZQmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBx1QhY9PodG6I8v19AJTKJBhWvNMB8GA1UdIwQY
MBaAFFzYWDshF0EEnmuxmpRtgxqr8RrTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC83Mjk4YWItN2I5Yy00N2FkLTkwODUt
NTA5NzRiY2RjMjQ4LzEvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC83Mjk4YWItN2I5Yy00N2FkLTkwODUtNTA5NzRiY2RjMjQ4
LzEvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZpRtBr1r
iGghDxVxuJP1v6/s7YfjcX3/ARDCEH8lVIpxUNmE4DklLEvnBl4SOLl1ay6c8nDX
AjvrCsRcNSlvo/b3pQyh0sktKLHt2j3kSa8968W+L0BNw1pxFyw2B7ZTnedwOylD
JotDcJQA9xtW4NMiqVpwTN7fGym02Jga5XEJFNT5aBrG4aX2SdLgpkGizgJsBzwd
cHI1hekSrujsRaeCd+fjvEdarifahSfcWPPVApWg2bjV3mqe2djtSHlGyi9GR6GK
5Tigh9hlWCaRMtYGPjkYgDiToUvbtsD/pEL00uWy9e9gGOwo/KBb6onEXNY3OzAq
uSXtz/v2/m5Ygg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:42:17 2025 by rpki-client