Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft
File: XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft (raw, json)
Hash identifier: gKN3wds65w6AkvrIiKhze7I1l/WKUVmGCdSwmKLd30w=
Subject key identifier: CE:0D:91:EC:39:A0:66:D9:05:03:0B:CD:17:E4:5A:3E:EA:B1:31:E9
Authority key identifier: 5D:21:96:8E:91:C2:F4:7F:1B:07:C1:F3:5F:E7:D2:63:C5:6D:04:95
Certificate issuer: /CN=5d21968e91c2f47f1b07c1f35fe7d263c56d0495
Certificate serial: 019A4F620E9B7C4A59EF624B9F390BCAE03F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XSGWjpHC9H8bB8HzX-fSY8VtBJU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft
Manifest number: 071F
Signing time: Tue 04 Nov 2025 15:00:17 +0000
Manifest this update: Tue 04 Nov 2025 15:00:17 +0000
Manifest next update: Wed 05 Nov 2025 15:00:17 +0000
Files and hashes: 1: XSGWjpHC9H8bB8HzX-fSY8VtBJU.crl (hash: 1/1t/GY2UL5eQtDhWakEWYg8ebJKp/M//LX4zyn34Tk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft
rsync://rpki.ripe.net/repository/DEFAULT/XSGWjpHC9H8bB8HzX-fSY8VtBJU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 15:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:62:0e:9b:7c:4a:59:ef:62:4b:9f:39:0b:ca:e0:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d21968e91c2f47f1b07c1f35fe7d263c56d0495
Validity
Not Before: Nov 4 15:00:17 2025 GMT
Not After : Nov 5 15:00:17 2025 GMT
Subject: CN=ce0d91ec39a066d905030bcd17e45a3eeab131e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:e9:ec:85:44:1b:31:b0:00:2f:48:b4:70:d4:
dc:ac:d1:66:4f:8e:b4:53:19:0f:4c:dd:fa:01:1a:
c0:ce:10:e8:5c:ff:9d:9f:28:c6:d5:6c:ad:80:0d:
07:29:7a:17:bc:18:25:d7:76:27:96:0f:74:13:1a:
22:93:bc:65:5f:f1:4c:c3:e9:e1:a9:13:14:cc:a8:
41:96:94:b5:c6:9f:04:83:b8:4f:f8:6b:41:ff:1b:
9f:b9:e4:5f:1a:ac:de:ff:30:de:de:d8:17:9e:43:
39:ec:65:57:a1:71:79:b1:d9:d5:7b:ae:ad:d3:2d:
64:2c:69:6f:f3:33:de:2b:f3:77:56:1c:91:b2:98:
fe:e3:31:e6:37:a2:28:d3:09:31:df:29:69:87:77:
89:69:b7:7b:aa:8a:72:e3:83:3e:6d:0e:e0:9f:fa:
33:3d:0c:74:8d:85:de:a0:2f:b4:11:e0:37:59:32:
9d:06:4c:20:5d:ed:01:4d:36:10:ed:77:a2:60:e3:
d2:3b:7e:58:62:79:1b:5a:64:8e:6b:cf:d7:f9:44:
d7:17:29:f3:c8:f8:a4:24:a5:37:3d:4e:28:4f:26:
80:d9:0b:b2:a0:e9:e4:fb:45:16:66:a8:6b:1e:65:
5e:43:24:61:49:53:44:85:44:fb:78:df:ba:22:22:
c1:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:0D:91:EC:39:A0:66:D9:05:03:0B:CD:17:E4:5A:3E:EA:B1:31:E9
X509v3 Authority Key Identifier:
keyid:5D:21:96:8E:91:C2:F4:7F:1B:07:C1:F3:5F:E7:D2:63:C5:6D:04:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XSGWjpHC9H8bB8HzX-fSY8VtBJU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1d:fc:36:71:55:10:e8:a5:ce:07:8c:35:11:bc:20:87:a4:72:
6c:4e:42:ad:3f:c5:aa:16:56:1d:51:74:d3:5a:b1:dd:c1:3b:
3b:ca:6f:2a:6c:2f:45:99:51:18:fa:39:fa:e8:a9:e6:71:61:
73:a6:b4:44:f0:db:7e:a4:68:3a:e9:9b:36:54:3f:bd:1a:51:
fd:77:3b:c7:02:3b:cc:b9:27:0a:ef:93:a4:6e:e9:e0:41:b6:
9d:42:a3:18:a9:82:27:fc:80:af:e3:e4:76:78:f3:76:ae:4a:
b6:11:65:b8:6e:67:90:dd:b0:81:31:b3:2c:47:7a:5a:14:9b:
67:88:e4:aa:47:bd:aa:68:09:a6:72:50:60:b9:24:68:25:a7:
b6:a1:0a:d1:91:f6:0d:a6:39:76:c2:19:87:0c:44:d7:40:cf:
e8:2f:3e:eb:0d:65:35:96:dc:63:49:c2:eb:94:32:0c:bf:06:
dc:22:34:92:86:7b:9d:9d:70:9b:b7:ac:2d:c8:30:9a:2b:36:
5d:69:0a:48:39:c1:79:c8:14:fb:87:ef:38:a6:5b:d1:01:dc:
46:7d:7e:69:5c:1f:07:79:04:33:d4:78:18:e5:55:04:a1:da:
9e:57:10:86:76:d7:ad:aa:3c:a7:c7:a1:9a:95:77:d5:11:0c:
1b:af:c9:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYg6bfEpZ72JLnzkLyuA/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMjE5NjhlOTFjMmY0N2YxYjA3YzFmMzVmZTdkMjYzYzU2
ZDA0OTUwHhcNMjUxMTA0MTUwMDE3WhcNMjUxMTA1MTUwMDE3WjAzMTEwLwYDVQQD
EyhjZTBkOTFlYzM5YTA2NmQ5MDUwMzBiY2QxN2U0NWEzZWVhYjEzMWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+nshUQbMbAAL0i0cNTcrNFmT460
UxkPTN36ARrAzhDoXP+dnyjG1WytgA0HKXoXvBgl13Ynlg90Exoik7xlX/FMw+nh
qRMUzKhBlpS1xp8Eg7hP+GtB/xufueRfGqze/zDe3tgXnkM57GVXoXF5sdnVe66t
0y1kLGlv8zPeK/N3VhyRspj+4zHmN6Io0wkx3ylph3eJabd7qopy44M+bQ7gn/oz
PQx0jYXeoC+0EeA3WTKdBkwgXe0BTTYQ7XeiYOPSO35YYnkbWmSOa8/X+UTXFynz
yPikJKU3PU4oTyaA2QuyoOnk+0UWZqhrHmVeQyRhSVNEhUT7eN+6IiLBjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM4Nkew5oGbZBQMLzRfkWj7qsTHpMB8GA1UdIwQY
MBaAFF0hlo6RwvR/GwfB81/n0mPFbQSVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFNHV2pwSEM5SDhiQjhIelgtZlNZOFZ0QkpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS84ZjAxNWQtYTdlNC00OGQ4LTg3MDUt
MWVjMzc0NjVkM2FmLzEvWFNHV2pwSEM5SDhiQjhIelgtZlNZOFZ0QkpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS84ZjAxNWQtYTdlNC00OGQ4LTg3MDUtMWVjMzc0NjVkM2Fm
LzEvWFNHV2pwSEM5SDhiQjhIelgtZlNZOFZ0QkpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHfw2cVUQ
6KXOB4w1Ebwgh6RybE5CrT/FqhZWHVF001qx3cE7O8pvKmwvRZlRGPo5+uip5nFh
c6a0RPDbfqRoOumbNlQ/vRpR/Xc7xwI7zLknCu+TpG7p4EG2nUKjGKmCJ/yAr+Pk
dnjzdq5KthFluG5nkN2wgTGzLEd6WhSbZ4jkqke9qmgJpnJQYLkkaCWntqEK0ZH2
DaY5dsIZhwxE10DP6C8+6w1lNZbcY0nC65QyDL8G3CI0koZ7nZ1wm7esLcgwmis2
XWkKSDnBecgU+4fvOKZb0QHcRn1+aVwfB3kEM9R4GOVVBKHanlcQhnbXrao8p8eh
mpV31REMG6/JqQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 20:58:00 2025 by rpki-client