Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/2b3387-3b34-457e-ab1c-3ab52b3bcc3b/1/XbdXv1dG8moHySCHAbDVS2m8M2Q.mft
File: XbdXv1dG8moHySCHAbDVS2m8M2Q.mft (raw, json)
Hash identifier: T7QgiOTQqR4kx3dkWrW0ZWXbpNTvol9h7APmG3Kydgo=
Subject key identifier: A0:F4:EE:F7:8E:D8:38:8B:2B:57:80:B2:08:0F:CE:6C:51:3D:03:4C
Authority key identifier: 5D:B7:57:BF:57:46:F2:6A:07:C9:20:87:01:B0:D5:4B:69:BC:33:64
Certificate issuer: /CN=5db757bf5746f26a07c9208701b0d54b69bc3364
Certificate serial: 019A552D17D41344C96D38507DF91A14F2B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XbdXv1dG8moHySCHAbDVS2m8M2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/2b3387-3b34-457e-ab1c-3ab52b3bcc3b/1/XbdXv1dG8moHySCHAbDVS2m8M2Q.mft
Manifest number: 05DC
Signing time: Wed 05 Nov 2025 18:00:09 +0000
Manifest this update: Wed 05 Nov 2025 18:00:09 +0000
Manifest next update: Thu 06 Nov 2025 18:00:09 +0000
Files and hashes: 1: XbdXv1dG8moHySCHAbDVS2m8M2Q.crl (hash: A8lOPo1wweEqsfFvOWDVOoPnPmgblihlgxNEQ9mNF/o=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/2b3387-3b34-457e-ab1c-3ab52b3bcc3b/1/XbdXv1dG8moHySCHAbDVS2m8M2Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/2b3387-3b34-457e-ab1c-3ab52b3bcc3b/1/XbdXv1dG8moHySCHAbDVS2m8M2Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/XbdXv1dG8moHySCHAbDVS2m8M2Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:55:2d:17:d4:13:44:c9:6d:38:50:7d:f9:1a:14:f2:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5db757bf5746f26a07c9208701b0d54b69bc3364
Validity
Not Before: Nov 5 18:00:09 2025 GMT
Not After : Nov 6 18:00:09 2025 GMT
Subject: CN=a0f4eef78ed8388b2b5780b2080fce6c513d034c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:5f:1e:e1:85:c0:7b:c3:0b:cd:75:9a:eb:b5:
22:5b:f5:12:bb:e1:bb:7f:d2:9b:69:4a:b6:a3:ba:
0c:ef:ed:83:ca:d8:a7:e7:8c:c4:93:cc:af:c7:7c:
1b:f4:38:4d:0d:36:2a:21:9f:e5:09:b7:9d:fd:f5:
7e:78:75:4a:59:61:1d:80:ab:6a:22:67:9a:7c:56:
cf:87:92:21:96:3b:27:ab:4c:38:3f:93:97:ac:45:
7b:71:ae:6b:8a:16:8a:fe:8d:98:c9:ed:fa:6f:5c:
47:9f:bd:da:66:ba:8b:4d:d4:b2:58:4d:e3:9d:46:
47:37:8c:30:31:c4:90:81:16:7d:cb:4f:fc:b0:33:
0f:07:0e:17:74:3f:cd:6f:4d:c7:6c:cb:6a:90:a3:
4a:32:ae:c1:19:04:03:2b:b1:d5:00:56:5d:a9:f6:
68:70:b9:2a:04:12:40:c6:b2:18:36:46:02:1a:5d:
0f:83:84:73:5c:a8:09:22:a1:78:74:bd:2d:21:75:
f9:ba:bd:7c:f3:56:0a:86:79:f2:28:5b:50:f1:94:
c4:ac:41:9b:ac:ef:3a:f4:e6:d3:82:7b:f0:aa:83:
74:2d:8f:d6:46:ea:25:af:d2:91:14:dc:9a:7f:ca:
f2:46:4b:d2:92:e8:4f:a0:d5:25:32:5d:e3:47:19:
91:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:F4:EE:F7:8E:D8:38:8B:2B:57:80:B2:08:0F:CE:6C:51:3D:03:4C
X509v3 Authority Key Identifier:
keyid:5D:B7:57:BF:57:46:F2:6A:07:C9:20:87:01:B0:D5:4B:69:BC:33:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XbdXv1dG8moHySCHAbDVS2m8M2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/2b3387-3b34-457e-ab1c-3ab52b3bcc3b/1/XbdXv1dG8moHySCHAbDVS2m8M2Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/2b3387-3b34-457e-ab1c-3ab52b3bcc3b/1/XbdXv1dG8moHySCHAbDVS2m8M2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
64:78:e8:a8:86:80:0c:f0:66:07:43:20:3e:d6:a3:2c:f1:0f:
5c:f8:c2:7e:93:58:f5:0d:27:7b:7b:34:9d:f5:85:e8:26:f2:
0f:81:d3:f2:69:41:e4:d0:c4:a5:7d:f5:6b:71:bd:c3:46:78:
04:60:ab:e8:25:f3:aa:02:9f:e1:68:79:9f:39:96:50:d7:1f:
14:39:dc:21:7b:21:de:df:bb:b8:7f:9c:49:d0:00:01:58:ee:
de:09:9a:71:1b:51:e9:24:22:90:7e:e0:7c:b3:3c:94:3b:27:
09:e8:2b:c5:a6:27:46:23:8b:35:bc:b2:96:40:a4:37:6b:ed:
32:c1:2d:07:45:28:7e:d9:19:56:58:a2:87:57:0a:e3:0c:70:
15:7f:5f:00:b0:66:42:39:6c:50:bf:e6:4c:1b:dc:b3:23:de:
5a:1b:0e:ca:8a:bb:74:c8:df:32:bc:8c:94:8e:90:60:13:25:
c6:ac:92:43:56:6f:bb:55:5a:22:01:9e:00:96:5f:f2:16:df:
22:f3:23:c1:50:28:dd:17:13:8e:d1:39:12:40:ea:44:40:ff:
42:4f:66:fc:75:18:bf:9e:44:ff:0e:de:e9:55:4e:ed:e1:71:
f3:61:d0:63:3a:b1:0e:00:5b:30:47:1b:f9:0f:9e:0e:fd:5f:
fd:bb:17:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpVLRfUE0TJbThQffkaFPK0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYjc1N2JmNTc0NmYyNmEwN2M5MjA4NzAxYjBkNTRiNjli
YzMzNjQwHhcNMjUxMTA1MTgwMDA5WhcNMjUxMTA2MTgwMDA5WjAzMTEwLwYDVQQD
EyhhMGY0ZWVmNzhlZDgzODhiMmI1NzgwYjIwODBmY2U2YzUxM2QwMzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr18e4YXAe8MLzXWa67UiW/USu+G7
f9KbaUq2o7oM7+2Dytin54zEk8yvx3wb9DhNDTYqIZ/lCbed/fV+eHVKWWEdgKtq
ImeafFbPh5Ihljsnq0w4P5OXrEV7ca5rihaK/o2Yye36b1xHn73aZrqLTdSyWE3j
nUZHN4wwMcSQgRZ9y0/8sDMPBw4XdD/Nb03HbMtqkKNKMq7BGQQDK7HVAFZdqfZo
cLkqBBJAxrIYNkYCGl0Pg4RzXKgJIqF4dL0tIXX5ur1881YKhnnyKFtQ8ZTErEGb
rO869ObTgnvwqoN0LY/WRuolr9KRFNyaf8ryRkvSkuhPoNUlMl3jRxmRnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKD07veO2DiLK1eAsggPzmxRPQNMMB8GA1UdIwQY
MBaAFF23V79XRvJqB8kghwGw1UtpvDNkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGJkWHYxZEc4bW9IeVNDSEFiRFZTMm04TTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8yYjMzODctM2IzNC00NTdlLWFiMWMt
M2FiNTJiM2JjYzNiLzEvWGJkWHYxZEc4bW9IeVNDSEFiRFZTMm04TTJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8yYjMzODctM2IzNC00NTdlLWFiMWMtM2FiNTJiM2JjYzNi
LzEvWGJkWHYxZEc4bW9IeVNDSEFiRFZTMm04TTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZHjoqIaA
DPBmB0MgPtajLPEPXPjCfpNY9Q0ne3s0nfWF6CbyD4HT8mlB5NDEpX31a3G9w0Z4
BGCr6CXzqgKf4Wh5nzmWUNcfFDncIXsh3t+7uH+cSdAAAVju3gmacRtR6SQikH7g
fLM8lDsnCegrxaYnRiOLNbyylkCkN2vtMsEtB0UoftkZVliih1cK4wxwFX9fALBm
QjlsUL/mTBvcsyPeWhsOyoq7dMjfMryMlI6QYBMlxqySQ1Zvu1VaIgGeAJZf8hbf
IvMjwVAo3RcTjtE5EkDqRED/Qk9m/HUYv55E/w7e6VVO7eFx82HQYzqxDgBbMEcb
+Q+eDv1f/bsXnQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 20:32:39 2025 by rpki-client