Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.mft
File: XTTdv33KsQy_aCKXkh61gS2QUHE.mft (raw, json)
Hash identifier: UzmUaDT3ZBH5xIHtY3vUOouQzl35dj5aAcMhk4JMOG0=
Subject key identifier: B9:4C:56:AC:0D:87:AB:6D:FF:95:CE:C3:33:49:D6:B6:1D:04:A1:50
Authority key identifier: 5D:34:DD:BF:7D:CA:B1:0C:BF:68:22:97:92:1E:B5:81:2D:90:50:71
Certificate issuer: /CN=5d34ddbf7dcab10cbf682297921eb5812d905071
Certificate serial: 019A4EF5D0F3D9B319DDB3B7E5815542965E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTTdv33KsQy_aCKXkh61gS2QUHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.mft
Manifest number: 060B
Signing time: Tue 04 Nov 2025 13:02:03 +0000
Manifest this update: Tue 04 Nov 2025 13:02:03 +0000
Manifest next update: Wed 05 Nov 2025 13:02:03 +0000
Files and hashes: 1: S6aYdrXE8VeCcP5w8D7hhhcOGoc.roa (hash: csN/l/mC6C7LyFwDFQUEKU3wX0HgZWqjImlEztzBO3Q=)
2: XTTdv33KsQy_aCKXkh61gS2QUHE.crl (hash: pYZEDOu+aeUJ4VbIMMKVhGwArahkJrP16rV+2XdjCmY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/XTTdv33KsQy_aCKXkh61gS2QUHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 13:02:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f5:d0:f3:d9:b3:19:dd:b3:b7:e5:81:55:42:96:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d34ddbf7dcab10cbf682297921eb5812d905071
Validity
Not Before: Nov 4 13:02:03 2025 GMT
Not After : Nov 5 13:02:03 2025 GMT
Subject: CN=b94c56ac0d87ab6dff95cec33349d6b61d04a150
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:8d:38:57:7c:77:87:f1:60:cb:3a:2a:53:ca:
88:76:e2:e9:46:9b:a1:9b:7a:3b:b0:a4:f2:46:4a:
87:68:51:e4:e6:60:f2:84:c9:b1:ba:da:94:c6:c1:
10:d4:3d:84:08:a4:f6:04:37:f9:69:8b:b2:4f:6b:
aa:6e:66:a8:cc:b2:6a:e4:07:fd:31:e9:b7:cc:cb:
b7:33:20:4b:13:e5:93:45:dc:fa:bb:e2:9f:82:fc:
48:06:e1:4c:a8:04:a9:e7:8a:d4:12:5f:8e:b1:43:
5f:13:1b:da:12:30:82:d7:13:a0:16:4b:59:81:bf:
7d:c0:8d:23:e9:ef:23:4a:f6:d0:c7:33:3d:21:9b:
b6:e0:a2:f2:90:79:03:0b:d5:97:6b:8d:ea:81:10:
5d:77:a6:1f:b1:b5:5b:ad:7f:be:84:c7:b8:51:e9:
87:a2:47:88:9d:45:e3:b0:bf:ee:1d:28:27:bd:77:
c4:fe:23:07:51:20:c5:a3:8d:3a:34:d3:b9:55:4a:
d0:39:f7:b8:6d:0c:2b:2c:f3:19:4f:76:3b:ca:4e:
66:b6:82:1d:b5:fb:01:45:5a:fa:d0:c8:55:7f:5a:
6c:bc:10:91:77:ed:be:9f:5e:4a:1e:bf:fd:21:49:
98:95:6a:e1:55:d2:4e:8c:39:28:16:c2:68:4b:07:
df:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:4C:56:AC:0D:87:AB:6D:FF:95:CE:C3:33:49:D6:B6:1D:04:A1:50
X509v3 Authority Key Identifier:
keyid:5D:34:DD:BF:7D:CA:B1:0C:BF:68:22:97:92:1E:B5:81:2D:90:50:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTTdv33KsQy_aCKXkh61gS2QUHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
14:1a:67:91:76:6b:eb:a2:e9:1a:1d:74:d4:17:45:bf:2f:17:
c9:21:4b:77:61:58:76:c5:6d:5f:8c:42:7c:43:76:42:3e:56:
e8:ab:fe:55:e4:b5:f3:e5:a7:da:4b:38:9b:47:64:ae:03:f5:
9b:aa:0f:21:71:d0:da:60:84:9e:af:52:f0:38:b2:fb:00:17:
14:bc:24:04:92:77:70:28:60:03:96:fd:e5:27:dc:c8:1b:36:
23:21:0a:6d:af:be:4c:a7:aa:bb:37:06:f2:67:c5:75:fc:18:
01:e0:ba:04:38:0e:6c:0f:d3:f5:37:86:44:34:3b:f1:26:89:
f3:ea:0a:05:fa:e5:e8:e6:41:5a:10:00:b7:ee:c7:81:cc:10:
96:8d:c2:66:9b:32:37:8d:30:25:6f:05:a7:ff:41:b9:87:b5:
36:e6:78:b1:e4:09:4e:68:51:e4:f8:29:e3:e4:05:0a:a9:ae:
16:90:28:b9:6d:57:09:d5:18:9e:5a:12:0a:bf:f1:03:ac:8e:
ee:b3:47:22:3c:b0:dd:f6:36:ee:dc:cb:ed:70:fd:65:49:6d:
00:66:3f:b6:c1:cb:0a:f6:39:66:01:55:dc:2c:4f:43:3f:9f:
7f:47:01:92:c2:b8:cb:5c:4d:98:c1:55:f4:19:00:1c:3f:96:
b4:bf:1a:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9dDz2bMZ3bO35YFVQpZeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMzRkZGJmN2RjYWIxMGNiZjY4MjI5NzkyMWViNTgxMmQ5
MDUwNzEwHhcNMjUxMTA0MTMwMjAzWhcNMjUxMTA1MTMwMjAzWjAzMTEwLwYDVQQD
EyhiOTRjNTZhYzBkODdhYjZkZmY5NWNlYzMzMzQ5ZDZiNjFkMDRhMTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw404V3x3h/FgyzoqU8qIduLpRpuh
m3o7sKTyRkqHaFHk5mDyhMmxutqUxsEQ1D2ECKT2BDf5aYuyT2uqbmaozLJq5Af9
Mem3zMu3MyBLE+WTRdz6u+KfgvxIBuFMqASp54rUEl+OsUNfExvaEjCC1xOgFktZ
gb99wI0j6e8jSvbQxzM9IZu24KLykHkDC9WXa43qgRBdd6YfsbVbrX++hMe4UemH
okeInUXjsL/uHSgnvXfE/iMHUSDFo406NNO5VUrQOfe4bQwrLPMZT3Y7yk5mtoId
tfsBRVr60MhVf1psvBCRd+2+n15KHr/9IUmYlWrhVdJOjDkoFsJoSwffLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLlMVqwNh6tt/5XOwzNJ1rYdBKFQMB8GA1UdIwQY
MBaAFF003b99yrEMv2gil5IetYEtkFBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRUZHYzM0tzUXlfYUNLWGtoNjFnUzJRVUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMTk3MGQtOWY3ZS00YzRhLThiMDQt
NWNlZTZkNWYxYTEyLzEvWFRUZHYzM0tzUXlfYUNLWGtoNjFnUzJRVUhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMTk3MGQtOWY3ZS00YzRhLThiMDQtNWNlZTZkNWYxYTEy
LzEvWFRUZHYzM0tzUXlfYUNLWGtoNjFnUzJRVUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFBpnkXZr
66LpGh101BdFvy8XySFLd2FYdsVtX4xCfEN2Qj5W6Kv+VeS18+Wn2ks4m0dkrgP1
m6oPIXHQ2mCEnq9S8Diy+wAXFLwkBJJ3cChgA5b95SfcyBs2IyEKba++TKequzcG
8mfFdfwYAeC6BDgObA/T9TeGRDQ78SaJ8+oKBfrl6OZBWhAAt+7HgcwQlo3CZpsy
N40wJW8Fp/9BuYe1NuZ4seQJTmhR5Pgp4+QFCqmuFpAouW1XCdUYnloSCr/xA6yO
7rNHIjyw3fY27tzL7XD9ZUltAGY/tsHLCvY5ZgFV3CxPQz+ff0cBksK4y1xNmMFV
9BkAHD+WtL8ahw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 20:58:36 2025 by rpki-client