Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft
File: XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft (raw, json)
Hash identifier: ThjrzikgsIMUd3fQDpR/6a6RgdToTbCLK8MgM7v2s/g=
Subject key identifier: F2:D1:FB:42:17:B5:49:5A:7F:48:88:8B:E5:90:20:28:C9:25:4D:30
Authority key identifier: 5D:A3:8F:7C:3E:CA:D2:9E:C5:06:44:B7:00:68:B9:2A:1B:E4:70:74
Certificate issuer: /CN=5da38f7c3ecad29ec50644b70068b92a1be47074
Certificate serial: 019A4D73F821032848CB677DCCE87514B3BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft
Manifest number: 0641
Signing time: Tue 04 Nov 2025 06:00:36 +0000
Manifest this update: Tue 04 Nov 2025 06:00:36 +0000
Manifest next update: Wed 05 Nov 2025 06:00:36 +0000
Files and hashes: 1: SzmhUfWJuFhyT5TGLouRAgBLoIM.roa (hash: Qov0MeRXvHn6kZBTJQaoc48+Yw0xT2B5xVOV+b6Nifs=)
2: XaOPfD7K0p7FBkS3AGi5KhvkcHQ.crl (hash: zn4v1Ixpxl7VXiEEXy3sWVILwhDecUPgdn7NooVqInI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 06:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:73:f8:21:03:28:48:cb:67:7d:cc:e8:75:14:b3:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da38f7c3ecad29ec50644b70068b92a1be47074
Validity
Not Before: Nov 4 06:00:36 2025 GMT
Not After : Nov 5 06:00:36 2025 GMT
Subject: CN=f2d1fb4217b5495a7f48888be5902028c9254d30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:24:4a:60:c6:d5:b4:86:22:c9:36:64:54:bd:
81:4a:bf:57:3c:06:c3:1b:23:5c:f2:44:3f:fd:7f:
8d:0f:76:54:e6:43:33:56:aa:ff:86:53:10:3f:1c:
fd:03:d5:a9:53:2c:23:af:37:49:7f:ff:35:27:0f:
f4:c8:f9:92:be:68:87:72:13:21:59:e1:cc:ea:97:
10:a2:9d:47:1a:d2:bb:50:68:fe:d2:ee:56:c0:6b:
9c:fd:4a:30:f4:9e:a3:7c:63:fc:4f:5e:b5:0a:dc:
b6:f9:69:8d:3d:f5:47:32:0d:40:0a:c5:e6:00:8c:
52:5b:a7:b4:c9:80:c2:37:3f:c8:55:7b:c0:62:b7:
12:e9:6f:c4:25:ac:26:35:ca:55:e6:f3:b3:32:fe:
c2:5e:58:20:6d:c9:00:19:a5:fa:3a:33:d5:1e:c1:
0d:f9:7b:fe:78:a9:91:cd:cd:43:c5:4b:18:b4:ae:
0a:c9:2b:19:55:f2:18:81:d5:b1:88:f0:82:c7:86:
de:01:a2:c6:c4:48:c2:86:bd:44:1d:7d:1c:81:c4:
64:7a:8a:9e:d0:5b:75:39:35:04:fa:36:ad:ad:2f:
0e:98:02:ce:37:1a:3e:8b:34:ff:5e:dd:39:8b:04:
be:63:cc:0c:db:8a:52:6c:9c:98:6f:dd:38:1e:79:
ab:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:D1:FB:42:17:B5:49:5A:7F:48:88:8B:E5:90:20:28:C9:25:4D:30
X509v3 Authority Key Identifier:
keyid:5D:A3:8F:7C:3E:CA:D2:9E:C5:06:44:B7:00:68:B9:2A:1B:E4:70:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
57:4f:fd:96:20:49:b7:e6:f7:92:89:f5:ad:b5:51:25:d9:87:
8d:0d:58:b7:66:47:f2:80:94:8c:85:b3:14:06:8e:7b:d5:8f:
0d:fb:23:51:0c:bd:ba:6d:81:f0:6a:4c:3c:e1:ae:8b:11:ae:
17:4f:d0:31:bc:b5:62:98:b7:cb:94:6d:4d:6e:34:ff:02:13:
3f:37:74:da:5f:41:6f:d3:40:d0:d9:1d:9a:c2:dd:67:f1:d0:
e4:f4:e7:41:02:81:df:85:e6:31:a6:7a:44:8d:c8:64:1e:f7:
2a:3a:64:a6:46:b0:b0:e3:8b:9e:df:16:44:2f:76:2e:e5:7a:
da:50:0b:8d:b5:f2:ee:98:bc:c4:e1:2b:21:67:a4:35:ef:c9:
6a:36:b7:df:97:15:26:3c:aa:fd:82:8c:f5:1f:df:50:77:0f:
c6:cf:e2:a2:bf:46:03:4b:85:d4:e3:c0:44:82:2a:71:14:a5:
7d:90:c1:50:42:8d:0d:c0:3c:95:34:af:44:29:81:1d:8e:4a:
ee:b2:17:c3:54:03:6f:88:c2:23:2c:a3:e3:16:e3:a6:67:65:
4d:b8:69:ed:2a:f0:64:5b:40:bd:fe:50:4b:f6:f3:12:fd:02:
98:f8:86:3d:42:b5:5c:81:1f:de:60:2c:35:06:74:d9:6a:03:
9e:ef:1c:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNc/ghAyhIy2d9zOh1FLO8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM4ZjdjM2VjYWQyOWVjNTA2NDRiNzAwNjhiOTJhMWJl
NDcwNzQwHhcNMjUxMTA0MDYwMDM2WhcNMjUxMTA1MDYwMDM2WjAzMTEwLwYDVQQD
EyhmMmQxZmI0MjE3YjU0OTVhN2Y0ODg4OGJlNTkwMjAyOGM5MjU0ZDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyRKYMbVtIYiyTZkVL2BSr9XPAbD
GyNc8kQ//X+ND3ZU5kMzVqr/hlMQPxz9A9WpUywjrzdJf/81Jw/0yPmSvmiHchMh
WeHM6pcQop1HGtK7UGj+0u5WwGuc/Uow9J6jfGP8T161Cty2+WmNPfVHMg1ACsXm
AIxSW6e0yYDCNz/IVXvAYrcS6W/EJawmNcpV5vOzMv7CXlggbckAGaX6OjPVHsEN
+Xv+eKmRzc1DxUsYtK4KySsZVfIYgdWxiPCCx4beAaLGxEjChr1EHX0cgcRkeoqe
0Ft1OTUE+jatrS8OmALONxo+izT/Xt05iwS+Y8wM24pSbJyYb904HnmrPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPLR+0IXtUlaf0iIi+WQICjJJU0wMB8GA1UdIwQY
MBaAFF2jj3w+ytKexQZEtwBouSob5HB0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPUGZEN0swcDdGQmtTM0FHaTVLaHZrY0hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9iYmE4ZTctYjlkMi00ZDliLTg4Yjkt
OTQwOGYxYmMwZDEyLzEvWGFPUGZEN0swcDdGQmtTM0FHaTVLaHZrY0hRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9iYmE4ZTctYjlkMi00ZDliLTg4YjktOTQwOGYxYmMwZDEy
LzEvWGFPUGZEN0swcDdGQmtTM0FHaTVLaHZrY0hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV0/9liBJ
t+b3kon1rbVRJdmHjQ1Yt2ZH8oCUjIWzFAaOe9WPDfsjUQy9um2B8GpMPOGuixGu
F0/QMby1Ypi3y5RtTW40/wITPzd02l9Bb9NA0NkdmsLdZ/HQ5PTnQQKB34XmMaZ6
RI3IZB73KjpkpkawsOOLnt8WRC92LuV62lALjbXy7pi8xOErIWekNe/Jaja335cV
Jjyq/YKM9R/fUHcPxs/ior9GA0uF1OPARIIqcRSlfZDBUEKNDcA8lTSvRCmBHY5K
7rIXw1QDb4jCIyyj4xbjpmdlTbhp7SrwZFtAvf5QS/bzEv0CmPiGPUK1XIEf3mAs
NQZ02WoDnu8cYQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:17:43 2025 by rpki-client