Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/32876b-a82b-4704-ba67-98477a8653c7/1/XpNr6hsMOiCKuifYsQsnXkdN3iw.mft
File: XpNr6hsMOiCKuifYsQsnXkdN3iw.mft (raw, json)
Hash identifier: H8zTBb/+PN0m7c5eNylfCyLjT9Z5w5pDwCohHOojr/Q=
Subject key identifier: F8:40:7F:81:9D:66:4C:8F:A2:D5:D2:3D:1A:84:52:E3:C2:B8:EF:7C
Authority key identifier: 5E:93:6B:EA:1B:0C:3A:20:8A:BA:27:D8:B1:0B:27:5E:47:4D:DE:2C
Certificate issuer: /CN=5e936bea1b0c3a208aba27d8b10b275e474dde2c
Certificate serial: 019A4F2B835DF5314F428C0870A4854BA5EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XpNr6hsMOiCKuifYsQsnXkdN3iw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/32876b-a82b-4704-ba67-98477a8653c7/1/XpNr6hsMOiCKuifYsQsnXkdN3iw.mft
Manifest number: 170E
Signing time: Tue 04 Nov 2025 14:00:42 +0000
Manifest this update: Tue 04 Nov 2025 14:00:42 +0000
Manifest next update: Wed 05 Nov 2025 14:00:42 +0000
Files and hashes: 1: Nw7X2LCFZpQsGc2GoXyrFKElkBk.roa (hash: y5oQHHhbifcLGWzUQAXcT2e3MvPfBEuWSolqQY+gsts=)
2: XpNr6hsMOiCKuifYsQsnXkdN3iw.crl (hash: BEOfknp/5ZO/lWR7I0HiEKh+E7zhbyL3GuLqEBTVSYc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/32876b-a82b-4704-ba67-98477a8653c7/1/XpNr6hsMOiCKuifYsQsnXkdN3iw.crl
rsync://rpki.ripe.net/repository/DEFAULT/de/32876b-a82b-4704-ba67-98477a8653c7/1/XpNr6hsMOiCKuifYsQsnXkdN3iw.mft
rsync://rpki.ripe.net/repository/DEFAULT/XpNr6hsMOiCKuifYsQsnXkdN3iw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:2b:83:5d:f5:31:4f:42:8c:08:70:a4:85:4b:a5:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e936bea1b0c3a208aba27d8b10b275e474dde2c
Validity
Not Before: Nov 4 14:00:42 2025 GMT
Not After : Nov 5 14:00:42 2025 GMT
Subject: CN=f8407f819d664c8fa2d5d23d1a8452e3c2b8ef7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:33:0a:10:44:13:65:c4:5f:05:ac:97:9a:50:
48:50:0e:da:24:2d:19:11:6a:af:ab:34:59:2d:aa:
53:3d:5b:4b:13:a8:26:64:d4:62:82:e5:d2:29:36:
44:0c:33:ca:f5:ad:85:c6:94:9c:47:c0:cd:51:a3:
31:62:06:0c:f1:63:91:a2:be:01:8c:f0:4a:9d:ce:
60:04:1d:77:c3:7a:85:0e:79:5a:4d:ba:1e:e4:16:
68:1e:4b:69:66:00:ca:fc:bd:29:a0:80:f3:0d:80:
33:bd:bc:39:c8:cf:e4:1f:74:ca:38:e0:c3:ff:fe:
6c:75:a2:eb:1a:1f:23:24:74:a5:00:17:e6:2b:7f:
e8:fe:7e:c3:e4:21:71:e4:b4:4f:24:bc:f5:8a:c1:
32:a6:ff:d2:52:0b:84:95:e5:af:c0:b0:c7:27:5b:
f0:70:a1:30:f4:8b:33:12:00:f6:a9:1c:78:52:7d:
03:86:ae:1e:ba:eb:5a:a1:7d:a7:a2:98:88:a6:0a:
d2:3e:c7:03:28:c4:90:ef:04:d6:01:33:4b:e0:e1:
a0:3c:ca:62:4b:cb:92:19:b3:46:67:2c:e7:f5:9a:
d5:3c:ea:cd:dd:4f:67:02:01:d4:c9:25:cc:4d:b3:
4f:89:a4:31:38:7f:8f:25:d1:4c:28:93:df:36:7f:
1a:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:40:7F:81:9D:66:4C:8F:A2:D5:D2:3D:1A:84:52:E3:C2:B8:EF:7C
X509v3 Authority Key Identifier:
keyid:5E:93:6B:EA:1B:0C:3A:20:8A:BA:27:D8:B1:0B:27:5E:47:4D:DE:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XpNr6hsMOiCKuifYsQsnXkdN3iw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/32876b-a82b-4704-ba67-98477a8653c7/1/XpNr6hsMOiCKuifYsQsnXkdN3iw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/32876b-a82b-4704-ba67-98477a8653c7/1/XpNr6hsMOiCKuifYsQsnXkdN3iw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
68:ba:93:13:bf:aa:90:03:99:ee:66:95:2e:08:50:99:ed:50:
a3:74:c8:ac:a6:6a:24:11:ba:6c:cc:50:a8:f3:af:83:d7:a6:
06:22:4b:04:cd:0a:b1:47:42:b4:a1:c1:06:dc:01:46:bd:de:
23:7b:d9:92:77:49:85:0f:ad:81:dd:34:64:f1:42:84:a1:89:
27:7d:7a:60:bc:d7:7d:4f:5f:73:92:51:a6:0c:b6:82:5c:0a:
0a:96:a3:b0:14:99:6f:92:f5:d1:9a:4a:69:21:7f:4b:65:9e:
df:33:65:27:de:5f:0b:df:b2:b6:64:b8:ee:26:d1:02:3b:18:
b1:a7:90:3f:b8:77:f9:50:0b:49:5e:13:a4:cf:12:7a:00:e4:
e3:8b:d0:23:af:ad:eb:bd:79:35:9c:2a:4e:c6:19:e1:7b:7a:
db:e5:92:be:15:2d:2a:fe:d0:5b:c1:d1:a5:99:95:a0:c6:89:
fe:d8:9e:d6:f5:23:ef:8b:af:f8:ca:f0:5b:c9:4f:b4:09:a4:
ad:4c:9b:36:96:e5:0f:93:e1:f9:97:39:d3:40:93:2b:3a:ec:
67:80:83:ba:e3:51:d7:9f:be:c5:f6:37:a3:88:09:71:3f:45:
e5:92:d1:33:f9:d1:7e:79:52:ab:3c:58:c1:bb:30:c4:bf:8c:
7e:37:6c:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPK4Nd9TFPQowIcKSFS6XuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlOTM2YmVhMWIwYzNhMjA4YWJhMjdkOGIxMGIyNzVlNDc0
ZGRlMmMwHhcNMjUxMTA0MTQwMDQyWhcNMjUxMTA1MTQwMDQyWjAzMTEwLwYDVQQD
EyhmODQwN2Y4MTlkNjY0YzhmYTJkNWQyM2QxYTg0NTJlM2MyYjhlZjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7jMKEEQTZcRfBayXmlBIUA7aJC0Z
EWqvqzRZLapTPVtLE6gmZNRiguXSKTZEDDPK9a2FxpScR8DNUaMxYgYM8WORor4B
jPBKnc5gBB13w3qFDnlaTboe5BZoHktpZgDK/L0poIDzDYAzvbw5yM/kH3TKOODD
//5sdaLrGh8jJHSlABfmK3/o/n7D5CFx5LRPJLz1isEypv/SUguEleWvwLDHJ1vw
cKEw9IszEgD2qRx4Un0Dhq4euutaoX2nopiIpgrSPscDKMSQ7wTWATNL4OGgPMpi
S8uSGbNGZyzn9ZrVPOrN3U9nAgHUySXMTbNPiaQxOH+PJdFMKJPfNn8a7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPhAf4GdZkyPotXSPRqEUuPCuO98MB8GA1UdIwQY
MBaAFF6Ta+obDDogiron2LELJ15HTd4sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHBOcjZoc01PaUNLdWlmWXNRc25Ya2ROM2l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS8zMjg3NmItYTgyYi00NzA0LWJhNjct
OTg0NzdhODY1M2M3LzEvWHBOcjZoc01PaUNLdWlmWXNRc25Ya2ROM2l3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS8zMjg3NmItYTgyYi00NzA0LWJhNjctOTg0NzdhODY1M2M3
LzEvWHBOcjZoc01PaUNLdWlmWXNRc25Ya2ROM2l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaLqTE7+q
kAOZ7maVLghQme1Qo3TIrKZqJBG6bMxQqPOvg9emBiJLBM0KsUdCtKHBBtwBRr3e
I3vZkndJhQ+tgd00ZPFChKGJJ316YLzXfU9fc5JRpgy2glwKCpajsBSZb5L10ZpK
aSF/S2We3zNlJ95fC9+ytmS47ibRAjsYsaeQP7h3+VALSV4TpM8SegDk44vQI6+t
6715NZwqTsYZ4Xt62+WSvhUtKv7QW8HRpZmVoMaJ/tie1vUj74uv+MrwW8lPtAmk
rUybNpblD5Ph+Zc500CTKzrsZ4CDuuNR15++xfY3o4gJcT9F5ZLRM/nRfnlSqzxY
wbswxL+MfjdsCA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:02:26 2025 by rpki-client