Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/xb-nGlET_tgkZHdsFDcVFMkhjvU.mft
File: xb-nGlET_tgkZHdsFDcVFMkhjvU.mft (raw, json)
Hash identifier: A2Hsx8d0acBIQTuYoOlJWybxpqdHbhSNzK8WTpKx2jk=
Subject key identifier: 34:60:5D:40:42:DD:E5:89:20:3E:94:7B:58:8E:37:65:70:CA:2E:54
Authority key identifier: C5:BF:A7:1A:51:13:FE:D8:24:64:77:6C:14:37:15:14:C9:21:8E:F5
Certificate issuer: /CN=c5bfa71a5113fed82464776c14371514c9218ef5
Certificate serial: 019A4DE16FA32D859113855269F9CC146BA1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xb-nGlET_tgkZHdsFDcVFMkhjvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/xb-nGlET_tgkZHdsFDcVFMkhjvU.mft
Manifest number: 0B44
Signing time: Tue 04 Nov 2025 08:00:10 +0000
Manifest this update: Tue 04 Nov 2025 08:00:10 +0000
Manifest next update: Wed 05 Nov 2025 08:00:10 +0000
Files and hashes: 1: IzmeYXYlO_xmlW74WeQyL7gffpE.roa (hash: Z5XX/V/bAHCE8fRhzNUzhUtEMOMQ14B1YoCinHSL1lM=)
2: xb-nGlET_tgkZHdsFDcVFMkhjvU.crl (hash: sHigUxLKKLgv+xwzE8TewfmgvhZbUkQ2KqUXTMN6PUQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/xb-nGlET_tgkZHdsFDcVFMkhjvU.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/xb-nGlET_tgkZHdsFDcVFMkhjvU.mft
rsync://rpki.ripe.net/repository/DEFAULT/xb-nGlET_tgkZHdsFDcVFMkhjvU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 08:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:e1:6f:a3:2d:85:91:13:85:52:69:f9:cc:14:6b:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5bfa71a5113fed82464776c14371514c9218ef5
Validity
Not Before: Nov 4 08:00:10 2025 GMT
Not After : Nov 5 08:00:10 2025 GMT
Subject: CN=34605d4042dde589203e947b588e376570ca2e54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:05:94:96:d3:0a:69:ef:1d:6e:b8:21:71:ef:
fb:c5:37:99:19:d5:d2:c8:98:ec:43:e1:f1:ee:ad:
21:b7:b9:81:c4:22:a2:98:61:94:38:e9:0e:51:15:
a6:e2:4b:71:de:82:b4:f9:76:c5:94:b0:28:af:85:
60:10:17:05:44:e6:2c:bb:9c:28:d8:eb:1a:4f:c7:
7e:d5:be:65:d4:49:42:75:87:7a:b2:87:26:ae:17:
76:0c:c0:af:f0:54:bf:da:d6:bb:b0:f1:41:26:07:
bc:d5:7a:dc:e7:1d:da:59:00:77:70:93:33:9e:7e:
a0:88:29:22:25:b1:b0:ad:63:b1:97:78:74:26:d6:
c6:a3:0e:29:82:2a:f7:c7:e6:47:17:02:39:b2:91:
d4:cd:f8:50:b3:ce:dd:c4:46:b6:16:bc:6a:70:fb:
19:ee:0c:3d:f9:14:fc:62:bf:fe:48:b9:ce:7c:00:
b8:b1:bf:a8:57:5f:d9:d3:b6:07:99:7e:cf:ac:bc:
79:e5:d6:b3:5d:73:4c:e5:00:b1:5d:a3:af:e6:cb:
f9:eb:d1:43:ce:e8:56:b6:bc:8e:25:38:15:cd:db:
36:6b:91:67:7c:b6:07:55:26:bb:4a:a6:7b:f4:37:
e9:9d:98:ae:39:38:f9:2a:9d:5a:79:98:1f:57:ee:
2d:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:60:5D:40:42:DD:E5:89:20:3E:94:7B:58:8E:37:65:70:CA:2E:54
X509v3 Authority Key Identifier:
keyid:C5:BF:A7:1A:51:13:FE:D8:24:64:77:6C:14:37:15:14:C9:21:8E:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xb-nGlET_tgkZHdsFDcVFMkhjvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/xb-nGlET_tgkZHdsFDcVFMkhjvU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/xb-nGlET_tgkZHdsFDcVFMkhjvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1a:0b:da:b8:82:0e:a5:b3:12:98:a6:26:1f:f9:a3:ab:33:0a:
0d:b2:3c:d9:5a:56:3f:80:ea:8a:b5:05:6f:bb:b2:d1:50:d8:
a2:45:a2:14:f8:89:97:f1:ce:c0:87:fa:d0:96:22:9c:4d:9f:
da:b6:0c:fe:97:9e:c0:73:da:f2:07:e1:6b:a1:d3:8e:b4:c0:
87:5d:c8:44:33:5c:23:d0:64:7b:3e:ab:c8:1d:d5:43:c5:26:
a6:7e:b2:f2:2c:b5:e1:84:1c:d1:4c:19:6b:4d:23:e6:7e:5f:
a3:59:20:a3:22:ed:d4:56:9b:6d:c3:66:d4:28:47:92:05:95:
fb:98:f3:be:17:cd:10:64:18:f2:33:b8:c4:f9:4f:b8:bf:41:
46:d8:8e:0b:21:26:94:11:9e:d9:a8:9b:b0:db:f6:14:be:77:
23:8b:a7:ba:76:56:58:c2:39:7d:28:3d:13:8a:d6:b1:53:50:
01:45:fa:41:27:72:25:df:04:57:35:c3:07:6e:19:a7:fa:0b:
f6:fb:d7:a1:c0:ea:80:9c:a1:38:4f:7f:78:bd:57:69:18:1e:
49:d7:e7:e2:94:e0:41:9d:96:28:51:53:6a:7d:a5:2a:1d:f4:
a6:ca:8b:47:c0:df:15:7b:0a:52:01:9b:df:3f:1b:63:b5:ec:
08:52:ee:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4W+jLYWRE4VSafnMFGuhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YmZhNzFhNTExM2ZlZDgyNDY0Nzc2YzE0MzcxNTE0Yzky
MThlZjUwHhcNMjUxMTA0MDgwMDEwWhcNMjUxMTA1MDgwMDEwWjAzMTEwLwYDVQQD
EygzNDYwNWQ0MDQyZGRlNTg5MjAzZTk0N2I1ODhlMzc2NTcwY2EyZTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwWUltMKae8dbrghce/7xTeZGdXS
yJjsQ+Hx7q0ht7mBxCKimGGUOOkOURWm4ktx3oK0+XbFlLAor4VgEBcFROYsu5wo
2OsaT8d+1b5l1ElCdYd6socmrhd2DMCv8FS/2ta7sPFBJge81Xrc5x3aWQB3cJMz
nn6giCkiJbGwrWOxl3h0JtbGow4pgir3x+ZHFwI5spHUzfhQs87dxEa2FrxqcPsZ
7gw9+RT8Yr/+SLnOfAC4sb+oV1/Z07YHmX7PrLx55dazXXNM5QCxXaOv5sv569FD
zuhWtryOJTgVzds2a5FnfLYHVSa7SqZ79DfpnZiuOTj5Kp1aeZgfV+4t8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDRgXUBC3eWJID6Ue1iON2Vwyi5UMB8GA1UdIwQY
MBaAFMW/pxpRE/7YJGR3bBQ3FRTJIY71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGItbkdsRVRfdGdrWkhkc0ZEY1ZGTWtoanZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC82N2M4ZmItMDI1Ny00ZDYwLWEwZGYt
NmZjZTAzMzI1YjNmLzEveGItbkdsRVRfdGdrWkhkc0ZEY1ZGTWtoanZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC82N2M4ZmItMDI1Ny00ZDYwLWEwZGYtNmZjZTAzMzI1YjNm
LzEveGItbkdsRVRfdGdrWkhkc0ZEY1ZGTWtoanZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGgvauIIO
pbMSmKYmH/mjqzMKDbI82VpWP4DqirUFb7uy0VDYokWiFPiJl/HOwIf60JYinE2f
2rYM/peewHPa8gfha6HTjrTAh13IRDNcI9Bkez6ryB3VQ8Umpn6y8iy14YQc0UwZ
a00j5n5fo1kgoyLt1FabbcNm1ChHkgWV+5jzvhfNEGQY8jO4xPlPuL9BRtiOCyEm
lBGe2aibsNv2FL53I4ununZWWMI5fSg9E4rWsVNQAUX6QSdyJd8EVzXDB24Zp/oL
9vvXocDqgJyhOE9/eL1XaRgeSdfn4pTgQZ2WKFFTan2lKh30psqLR8DfFXsKUgGb
3z8bY7XsCFLuAg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 11:00:58 2025 by rpki-client