Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.mft
File: XTcKSLWfuBFJXxHElzRILyKxo5I.mft (raw, json)
Hash identifier: AF+OtBB17Yg4O36iB6TR7/36wD8dl0KqXlFK0t+mx98=
Subject key identifier: F7:39:61:EF:6F:1C:65:E3:7A:58:38:69:71:21:01:DE:40:CF:75:64
Authority key identifier: 5D:37:0A:48:B5:9F:B8:11:49:5F:11:C4:97:34:48:2F:22:B1:A3:92
Certificate issuer: /CN=5d370a48b59fb811495f11c49734482f22b1a392
Certificate serial: 0199FD34027598199F8BDA9917F0C8D5ED7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTcKSLWfuBFJXxHElzRILyKxo5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.mft
Manifest number: 13EB
Signing time: Sun 19 Oct 2025 16:01:08 +0000
Manifest this update: Sun 19 Oct 2025 16:01:08 +0000
Manifest next update: Mon 20 Oct 2025 16:01:08 +0000
Files and hashes: 1: NKYWlz4gwZY4JXbw2fZ-33Yiq7Q.roa (hash: 78EN8i32FjxMTLLdcIXwd9Vb1kdj7OWCE2WX2/B4rLA=)
2: VUj2jDG1P5mpu3G51mRFUhrIbU4.roa (hash: twr8z4nqYemreBGHT9Kr4AfrcVcZYqpeai7rZry08Us=)
3: XTcKSLWfuBFJXxHElzRILyKxo5I.crl (hash: 7MEsV8FByPfbPlmiwyrLxgaMKpu+diHCsJvnr3YWQw8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.mft
rsync://rpki.ripe.net/repository/DEFAULT/XTcKSLWfuBFJXxHElzRILyKxo5I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fd:34:02:75:98:19:9f:8b:da:99:17:f0:c8:d5:ed:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d370a48b59fb811495f11c49734482f22b1a392
Validity
Not Before: Oct 19 16:01:08 2025 GMT
Not After : Oct 20 16:01:08 2025 GMT
Subject: CN=f73961ef6f1c65e37a583869712101de40cf7564
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:73:96:c4:54:8d:ca:ee:0c:62:8b:ba:a3:a1:
ab:46:ed:93:10:65:69:09:99:fd:d9:09:c2:90:60:
aa:16:fe:c2:29:f8:3b:9e:f4:0a:9b:77:ee:d6:61:
c2:f1:1d:0c:2e:3e:80:f1:b6:f3:0f:16:52:c9:b8:
bc:7d:31:49:41:b3:2f:d3:98:60:48:05:dc:d3:10:
b3:98:11:4c:97:bd:36:e4:e0:94:a6:3a:d9:a3:aa:
d9:25:62:36:4c:4a:f9:7e:30:f0:f6:09:c9:0d:87:
c3:40:df:dd:98:2d:d3:3a:4b:86:c2:24:73:a0:21:
5d:82:40:96:d0:f0:64:51:ca:ba:b5:cd:c6:f4:5e:
77:fa:c8:78:3e:3c:1b:25:9a:b5:3c:a8:fa:fc:c0:
a1:f0:ec:06:f3:be:12:05:28:de:7f:3c:6a:95:57:
7d:f4:c4:03:96:37:b2:65:ea:5b:0e:4d:71:d5:24:
56:0b:50:3c:85:e2:4d:e7:b3:56:fd:38:77:2b:92:
fb:5e:3d:31:9d:37:03:bf:89:e2:b9:c5:a4:04:05:
b6:56:25:2d:3e:06:78:46:92:55:d0:49:79:42:6c:
12:59:9d:5c:02:82:0b:c5:c2:10:67:ae:ab:b3:af:
82:57:55:5d:5a:6f:5d:68:48:9d:74:78:48:03:9b:
81:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:39:61:EF:6F:1C:65:E3:7A:58:38:69:71:21:01:DE:40:CF:75:64
X509v3 Authority Key Identifier:
keyid:5D:37:0A:48:B5:9F:B8:11:49:5F:11:C4:97:34:48:2F:22:B1:A3:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTcKSLWfuBFJXxHElzRILyKxo5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7e:51:ed:fe:ea:31:de:c5:82:f9:6a:44:69:22:95:09:e4:fe:
9f:9b:1b:53:6e:30:ea:40:60:a6:a9:33:ff:c1:60:02:d7:63:
7f:6b:6d:30:3e:d3:5d:6a:82:f3:64:ff:2e:4a:d4:96:10:4a:
57:39:4b:d4:63:f0:b0:db:d5:36:ef:e3:b7:06:95:84:11:2d:
eb:7e:78:68:2b:0b:b5:84:4a:38:2f:ae:36:f0:5c:8c:d8:01:
85:56:b9:98:48:cc:3f:4c:ef:32:17:a1:40:54:e4:65:d0:89:
8f:9a:46:a3:e2:65:fd:5e:8a:1e:b8:7c:20:10:a8:f4:17:50:
8d:35:8b:1e:fe:68:aa:cb:86:49:98:a7:19:4b:85:93:8a:32:
4a:fb:47:60:4d:7e:95:78:31:98:4e:f9:6c:dc:27:61:8d:7a:
12:7f:7f:47:a3:8a:97:37:69:3d:c7:69:a7:45:ab:33:df:92:
3e:f6:d2:93:99:16:43:8a:bc:33:ec:1f:f3:fe:de:ec:36:de:
31:5d:2f:8d:b8:b8:00:ce:d3:ab:4f:84:d1:0b:3e:2a:37:77:
73:9f:a0:64:b3:7c:31:3b:7a:4e:51:f4:d2:c7:aa:7e:5a:e4:
59:6c:55:24:38:96:0b:67:a2:5a:dc:5c:d1:1d:d4:1e:02:2f:
6e:0f:ac:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9NAJ1mBmfi9qZF/DI1e17MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMzcwYTQ4YjU5ZmI4MTE0OTVmMTFjNDk3MzQ0ODJmMjJi
MWEzOTIwHhcNMjUxMDE5MTYwMTA4WhcNMjUxMDIwMTYwMTA4WjAzMTEwLwYDVQQD
EyhmNzM5NjFlZjZmMWM2NWUzN2E1ODM4Njk3MTIxMDFkZTQwY2Y3NTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnOWxFSNyu4MYou6o6GrRu2TEGVp
CZn92QnCkGCqFv7CKfg7nvQKm3fu1mHC8R0MLj6A8bbzDxZSybi8fTFJQbMv05hg
SAXc0xCzmBFMl7025OCUpjrZo6rZJWI2TEr5fjDw9gnJDYfDQN/dmC3TOkuGwiRz
oCFdgkCW0PBkUcq6tc3G9F53+sh4PjwbJZq1PKj6/MCh8OwG874SBSjefzxqlVd9
9MQDljeyZepbDk1x1SRWC1A8heJN57NW/Th3K5L7Xj0xnTcDv4niucWkBAW2ViUt
PgZ4RpJV0El5QmwSWZ1cAoILxcIQZ66rs6+CV1VdWm9daEiddHhIA5uBJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPc5Ye9vHGXjelg4aXEhAd5Az3VkMB8GA1UdIwQY
MBaAFF03Cki1n7gRSV8RxJc0SC8isaOSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRjS1NMV2Z1QkZKWHhIRWx6UklMeUt4bzVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83MDg1OGEtNjM5NS00MDJkLTlhY2Ut
ZTI3MjAxMzAyNmI0LzEvWFRjS1NMV2Z1QkZKWHhIRWx6UklMeUt4bzVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS83MDg1OGEtNjM5NS00MDJkLTlhY2UtZTI3MjAxMzAyNmI0
LzEvWFRjS1NMV2Z1QkZKWHhIRWx6UklMeUt4bzVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAflHt/uox
3sWC+WpEaSKVCeT+n5sbU24w6kBgpqkz/8FgAtdjf2ttMD7TXWqC82T/LkrUlhBK
VzlL1GPwsNvVNu/jtwaVhBEt6354aCsLtYRKOC+uNvBcjNgBhVa5mEjMP0zvMheh
QFTkZdCJj5pGo+Jl/V6KHrh8IBCo9BdQjTWLHv5oqsuGSZinGUuFk4oySvtHYE1+
lXgxmE75bNwnYY16En9/R6OKlzdpPcdpp0WrM9+SPvbSk5kWQ4q8M+wf8/7e7Dbe
MV0vjbi4AM7Tq0+E0Qs+Kjd3c5+gZLN8MTt6TlH00seqflrkWWxVJDiWC2eiWtxc
0R3UHgIvbg+sfg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:36:18 2025 by rpki-client