Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft
File: XPMa_DbLaVUAf-l-1KXjGF0icbo.mft (raw, json)
Hash identifier: 5ZPWtSEWVvmuG7dKX0i68UJbtIXgCMqZgDn0EBxdESM=
Subject key identifier: AC:34:49:B8:63:D8:B0:6B:AF:C6:31:00:15:2B:8C:F9:CC:04:FA:24
Authority key identifier: 5C:F3:1A:FC:36:CB:69:55:00:7F:E9:7E:D4:A5:E3:18:5D:22:71:BA
Certificate issuer: /CN=5cf31afc36cb6955007fe97ed4a5e3185d2271ba
Certificate serial: 019A4DAA8C351F7CBCF5C709556E637BC969
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft
Manifest number: 171F
Signing time: Tue 04 Nov 2025 07:00:13 +0000
Manifest this update: Tue 04 Nov 2025 07:00:13 +0000
Manifest next update: Wed 05 Nov 2025 07:00:13 +0000
Files and hashes: 1: 0LO0qT2-0L6mWDwJ3dVrGvaEEOA.roa (hash: m3gjbEV2ZPpf1SrIWWEpb/lM9m2SeM9EF+s0bK96n04=)
2: 3TSrnVPCjyw6LodRykSs6RR28tA.roa (hash: zGSnutgCi7aRhsrnKssjXI5Z238+gDkkfWPc6h8G0+I=)
3: CXLJsfdv2mQYEw_nRCBRyHgGrls.roa (hash: gIlLTUkZL/5+bXwsRESHghLIgWvhwbD5U5vB0n4lI0k=)
4: GZyq4JhiMN6IbDxHDi387ilVO3Q.roa (hash: RAmDxoFTdOQGRBWibMySEyO1+N/egEhlrBt73Hj0G1U=)
5: XPMa_DbLaVUAf-l-1KXjGF0icbo.crl (hash: 6phuwFgVnQHJaMBb7roxPbmGpeCnnalSahWhhsVqlO4=)
6: XsnL58BowN54P94Hq8ZFELardLk.roa (hash: HNbFuOKPa1T82T8LpW7Qm3FZ0tR+dmMImgYgvtx3m4g=)
7: Zz42OKsTm8e7N4-UL7iAE7WQUo8.roa (hash: 5tp1DE1mgaUL43CN7zGdBuvgS2VFLrFuAK++O/dGYog=)
8: aCmXnOhdIWHZjR6YD1Rod6YvGNc.roa (hash: iW+Z/yl7UOD6yvlgUZgO+TZmSZwkPpW3YOaIuSe/RJg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft
rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 07:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:aa:8c:35:1f:7c:bc:f5:c7:09:55:6e:63:7b:c9:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cf31afc36cb6955007fe97ed4a5e3185d2271ba
Validity
Not Before: Nov 4 07:00:13 2025 GMT
Not After : Nov 5 07:00:13 2025 GMT
Subject: CN=ac3449b863d8b06bafc63100152b8cf9cc04fa24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:57:93:a6:b3:1d:72:c2:07:56:da:6e:51:07:
fd:66:cb:ce:ac:86:1a:38:17:29:89:21:1a:8e:39:
a8:7e:e5:0e:db:42:ea:2e:90:35:b0:d4:71:f0:93:
9d:ac:54:38:d9:02:fd:ea:60:ba:ea:78:2c:6c:c8:
33:df:72:50:bc:76:b3:4c:31:05:a6:aa:2a:ce:28:
17:19:f9:96:59:a7:97:c3:c5:41:e5:88:21:08:e5:
65:14:b6:60:0a:43:92:ea:1b:e4:e2:de:f7:2a:e9:
a6:71:fb:95:5d:d8:a1:65:78:de:c0:80:f5:b7:da:
bd:47:24:56:51:d3:72:12:2a:10:9a:03:b0:1e:d3:
45:90:8d:e1:cc:7c:1a:7b:fa:a5:67:ab:65:0e:04:
bb:cb:f5:b0:1f:31:43:e7:54:0a:bc:f5:3f:7a:59:
3d:37:7d:53:c1:b1:be:ee:88:aa:2c:e5:9c:73:b2:
b2:e8:08:44:31:0b:41:64:4c:94:18:56:01:cf:77:
23:9b:05:16:89:22:50:f0:0a:36:85:22:2b:1e:27:
60:6d:e1:95:65:aa:bf:c5:11:dd:74:b8:98:e8:9e:
56:00:13:9c:05:2e:23:ca:3e:a9:6c:16:52:b6:4e:
41:47:69:5e:0e:f8:85:df:02:42:29:99:f2:70:af:
ad:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:34:49:B8:63:D8:B0:6B:AF:C6:31:00:15:2B:8C:F9:CC:04:FA:24
X509v3 Authority Key Identifier:
keyid:5C:F3:1A:FC:36:CB:69:55:00:7F:E9:7E:D4:A5:E3:18:5D:22:71:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ab:95:6e:47:49:df:b7:c7:df:48:35:05:ab:ed:38:c7:67:28:
d2:ce:e7:43:27:54:8a:e9:e3:11:1f:b4:1b:72:d9:44:25:54:
44:7b:ec:ac:51:6a:8f:15:d7:3d:38:4c:d7:d3:ef:2a:92:54:
ab:c9:b0:4b:9f:96:02:1e:7d:e2:76:32:75:b1:6c:ef:dc:2a:
73:b0:b5:27:58:b0:3b:aa:81:45:7f:2d:bc:dc:a9:ed:28:e0:
51:c2:55:44:b1:40:88:41:e2:d0:9e:09:85:c6:a2:24:fb:77:
e2:01:56:58:90:87:7c:cd:fe:95:8f:96:79:07:5f:88:0b:94:
f8:4c:b8:45:d2:67:7e:78:52:10:0c:ee:d1:d7:68:bc:9f:8b:
65:1c:73:ab:c3:39:8c:da:cf:6a:07:4d:7e:20:01:e4:b7:f0:
96:19:86:20:f5:f9:7c:f4:27:9f:30:c4:b1:eb:c8:ea:8c:ec:
2f:55:a5:25:20:aa:09:2e:bd:13:ab:84:a0:d2:72:16:58:14:
1e:b5:c0:4a:04:41:c4:b0:c1:06:68:33:07:ca:0a:ea:de:52:
90:37:a2:52:1e:9c:16:dc:8d:d6:36:fd:2b:d7:0d:55:99:6b:
7f:16:35:52:13:59:60:29:3b:80:4d:e5:0d:03:39:0a:ab:1d:
eb:8e:b3:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNqow1H3y89ccJVW5je8lpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZjMxYWZjMzZjYjY5NTUwMDdmZTk3ZWQ0YTVlMzE4NWQy
MjcxYmEwHhcNMjUxMTA0MDcwMDEzWhcNMjUxMTA1MDcwMDEzWjAzMTEwLwYDVQQD
EyhhYzM0NDliODYzZDhiMDZiYWZjNjMxMDAxNTJiOGNmOWNjMDRmYTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtleTprMdcsIHVtpuUQf9ZsvOrIYa
OBcpiSEajjmofuUO20LqLpA1sNRx8JOdrFQ42QL96mC66ngsbMgz33JQvHazTDEF
pqoqzigXGfmWWaeXw8VB5YghCOVlFLZgCkOS6hvk4t73KummcfuVXdihZXjewID1
t9q9RyRWUdNyEioQmgOwHtNFkI3hzHwae/qlZ6tlDgS7y/WwHzFD51QKvPU/elk9
N31TwbG+7oiqLOWcc7Ky6AhEMQtBZEyUGFYBz3cjmwUWiSJQ8Ao2hSIrHidgbeGV
Zaq/xRHddLiY6J5WABOcBS4jyj6pbBZStk5BR2leDviF3wJCKZnycK+tvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKw0Sbhj2LBrr8YxABUrjPnMBPokMB8GA1UdIwQY
MBaAFFzzGvw2y2lVAH/pftSl4xhdInG6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFBNYV9EYkxhVlVBZi1sLTFLWGpHRjBpY2JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80NThlYzMtMDQ1MS00ZTQxLTlhMzQt
NzM2ZDEyODg4Y2E4LzEvWFBNYV9EYkxhVlVBZi1sLTFLWGpHRjBpY2JvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy80NThlYzMtMDQ1MS00ZTQxLTlhMzQtNzM2ZDEyODg4Y2E4
LzEvWFBNYV9EYkxhVlVBZi1sLTFLWGpHRjBpY2JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq5VuR0nf
t8ffSDUFq+04x2co0s7nQydUiunjER+0G3LZRCVURHvsrFFqjxXXPThM19PvKpJU
q8mwS5+WAh594nYydbFs79wqc7C1J1iwO6qBRX8tvNyp7SjgUcJVRLFAiEHi0J4J
hcaiJPt34gFWWJCHfM3+lY+WeQdfiAuU+Ey4RdJnfnhSEAzu0ddovJ+LZRxzq8M5
jNrPagdNfiAB5LfwlhmGIPX5fPQnnzDEsevI6ozsL1WlJSCqCS69E6uEoNJyFlgU
HrXASgRBxLDBBmgzB8oK6t5SkDeiUh6cFtyN1jb9K9cNVZlrfxY1UhNZYCk7gE3l
DQM5Cqsd646zHg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 10:45:14 2025 by rpki-client