Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.mft
File: xTG2PRGmzC0c5p4TEch6waanBzM.mft (raw, json)
Hash identifier: fxHZOuDMOVcSP4oXrxbXMuVWePpq9j/vITgH2DMjw/4=
Subject key identifier: E6:0D:BB:A7:84:ED:CA:3F:E6:D6:D9:9B:D1:CE:3D:B0:F6:93:E6:36
Authority key identifier: C5:31:B6:3D:11:A6:CC:2D:1C:E6:9E:13:11:C8:7A:C1:A6:A7:07:33
Certificate issuer: /CN=c531b63d11a6cc2d1ce69e1311c87ac1a6a70733
Certificate serial: 019A4D7458B194D699905A5FC258719E3943
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xTG2PRGmzC0c5p4TEch6waanBzM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.mft
Manifest number: 0F90
Signing time: Tue 04 Nov 2025 06:01:01 +0000
Manifest this update: Tue 04 Nov 2025 06:01:01 +0000
Manifest next update: Wed 05 Nov 2025 06:01:01 +0000
Files and hashes: 1: 3cKiOm3cqL9AuF9PS6f53tN4Gdg.roa (hash: HiF4cbbVkgMNvvCZGg36cGuMWinu6Z8X1/cmYfYlH0w=)
2: 7dlaDlkKgi4dAirWDUWBZGBGqcU.roa (hash: p1fbv33BP/4U3m5pS2Ws4rI2vfUa3r6QuSWQWQR+Iw4=)
3: xTG2PRGmzC0c5p4TEch6waanBzM.crl (hash: /RBfkIatEwD+mAclJhdCb40YnrBIPtrs4NFogBpzGJE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.mft
rsync://rpki.ripe.net/repository/DEFAULT/xTG2PRGmzC0c5p4TEch6waanBzM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 06:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:74:58:b1:94:d6:99:90:5a:5f:c2:58:71:9e:39:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c531b63d11a6cc2d1ce69e1311c87ac1a6a70733
Validity
Not Before: Nov 4 06:01:01 2025 GMT
Not After : Nov 5 06:01:01 2025 GMT
Subject: CN=e60dbba784edca3fe6d6d99bd1ce3db0f693e636
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:bd:0e:3d:87:c0:08:a7:f7:9f:f9:a4:34:21:
de:93:3f:eb:65:22:72:13:94:7a:df:9f:15:8c:51:
c7:99:4c:9e:e8:85:64:53:fa:82:6d:7b:86:bb:f9:
c3:ae:85:b0:a0:2c:3f:a7:c7:31:cd:ac:e0:b0:91:
dd:e0:93:51:9f:0d:b2:83:2c:8a:a9:af:e8:c7:71:
7b:d4:18:b3:07:e4:3f:33:5d:f4:57:1a:d1:31:3e:
68:48:ab:43:f3:bf:01:06:5c:75:c9:c9:53:50:6b:
c5:c8:f6:a4:48:e7:b7:0a:57:b7:4d:1c:43:20:93:
82:be:b8:b8:68:45:f0:94:b0:05:3d:f4:db:37:aa:
3b:cf:a0:0e:2a:8d:69:ea:ec:87:b5:e2:e5:d6:e3:
3f:90:02:59:9b:92:41:fa:88:5c:2e:7a:03:6b:92:
46:18:a8:50:04:92:34:8e:a2:37:f7:b1:28:ce:1c:
2f:ca:d7:cb:6d:f2:ab:1c:88:3f:44:42:0d:e5:c6:
48:b6:1a:ae:27:f4:99:fa:0a:dc:98:bf:8f:dc:bb:
d9:41:5c:22:88:5f:49:2e:af:4d:7f:03:ea:17:e5:
48:7c:a3:5d:a7:e1:a1:f9:94:fe:56:78:29:51:57:
dc:e1:a2:e0:53:8b:fe:27:fe:db:4d:31:2e:55:7d:
14:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:0D:BB:A7:84:ED:CA:3F:E6:D6:D9:9B:D1:CE:3D:B0:F6:93:E6:36
X509v3 Authority Key Identifier:
keyid:C5:31:B6:3D:11:A6:CC:2D:1C:E6:9E:13:11:C8:7A:C1:A6:A7:07:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xTG2PRGmzC0c5p4TEch6waanBzM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
32:e6:f4:c4:99:12:44:68:cd:c1:c7:c0:aa:38:ac:2b:25:4d:
cc:13:d7:31:0a:52:10:dd:3c:cd:8d:3a:6c:2b:36:2f:41:98:
00:23:c9:1f:6b:20:9a:7b:b1:70:89:9b:6e:06:9a:8e:71:5f:
89:0a:fb:a8:12:c9:55:e8:9d:07:df:22:22:5b:e2:0b:99:b1:
ee:1a:a4:c5:fe:25:f5:18:45:0e:39:67:04:1e:c9:d8:9f:b5:
bb:a6:3c:55:ab:2d:11:3f:55:8d:dd:7c:c2:82:3e:8e:ad:03:
eb:d4:74:9b:71:35:e3:e0:6b:f7:31:aa:84:05:81:7b:23:ff:
91:e5:aa:09:80:c9:41:f5:c4:27:65:9c:6f:cb:96:fb:b9:1f:
cb:7f:83:dc:d8:91:94:ab:2f:ea:3f:20:f6:41:e7:0f:b6:4a:
da:dd:c0:7f:f9:49:75:fe:75:b7:5c:4f:e2:3e:6d:69:61:f2:
4a:e6:81:db:91:15:dd:aa:bf:61:4e:26:37:d7:d1:fb:2c:b4:
f5:50:b0:7c:d8:a9:22:93:01:e8:e1:ba:54:bd:d1:1e:31:d4:
91:1d:a6:ea:01:d6:8d:9c:bc:1a:51:98:d8:dd:46:7e:77:9c:
72:16:aa:da:a7:9f:a5:7a:98:03:f3:e7:34:13:02:cf:a7:6a:
b4:4b:c0:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNdFixlNaZkFpfwlhxnjlDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1MzFiNjNkMTFhNmNjMmQxY2U2OWUxMzExYzg3YWMxYTZh
NzA3MzMwHhcNMjUxMTA0MDYwMTAxWhcNMjUxMTA1MDYwMTAxWjAzMTEwLwYDVQQD
EyhlNjBkYmJhNzg0ZWRjYTNmZTZkNmQ5OWJkMWNlM2RiMGY2OTNlNjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnr0OPYfACKf3n/mkNCHekz/rZSJy
E5R6358VjFHHmUye6IVkU/qCbXuGu/nDroWwoCw/p8cxzazgsJHd4JNRnw2ygyyK
qa/ox3F71BizB+Q/M130VxrRMT5oSKtD878BBlx1yclTUGvFyPakSOe3Cle3TRxD
IJOCvri4aEXwlLAFPfTbN6o7z6AOKo1p6uyHteLl1uM/kAJZm5JB+ohcLnoDa5JG
GKhQBJI0jqI397EozhwvytfLbfKrHIg/REIN5cZIthquJ/SZ+grcmL+P3LvZQVwi
iF9JLq9NfwPqF+VIfKNdp+Gh+ZT+VngpUVfc4aLgU4v+J/7bTTEuVX0U5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOYNu6eE7co/5tbZm9HOPbD2k+Y2MB8GA1UdIwQY
MBaAFMUxtj0RpswtHOaeExHIesGmpwczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFRHMlBSR216QzBjNXA0VEVjaDZ3YWFuQnpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC84Njg5OGUtZTZlNi00Yjg4LTg4MTEt
ZGI4Y2FiY2VlMjFlLzEveFRHMlBSR216QzBjNXA0VEVjaDZ3YWFuQnpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC84Njg5OGUtZTZlNi00Yjg4LTg4MTEtZGI4Y2FiY2VlMjFl
LzEveFRHMlBSR216QzBjNXA0VEVjaDZ3YWFuQnpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMub0xJkS
RGjNwcfAqjisKyVNzBPXMQpSEN08zY06bCs2L0GYACPJH2sgmnuxcImbbgaajnFf
iQr7qBLJVeidB98iIlviC5mx7hqkxf4l9RhFDjlnBB7J2J+1u6Y8VastET9Vjd18
woI+jq0D69R0m3E14+Br9zGqhAWBeyP/keWqCYDJQfXEJ2Wcb8uW+7kfy3+D3NiR
lKsv6j8g9kHnD7ZK2t3Af/lJdf51t1xP4j5taWHySuaB25EV3aq/YU4mN9fR+yy0
9VCwfNipIpMB6OG6VL3RHjHUkR2m6gHWjZy8GlGY2N1Gfnecchaq2qefpXqYA/Pn
NBMCz6dqtEvATg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 10:43:36 2025 by rpki-client