Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/a6c5f6-604f-4399-9443-d12a90bf502e/1/xKDzEQmEzPv1KZgLbUFt3U4aiCU.mft
File: xKDzEQmEzPv1KZgLbUFt3U4aiCU.mft (raw, json)
Hash identifier: 3kESu6Heydbw6f9fKqDyufpGz6AUx7qxCCZa9G3/4mk=
Subject key identifier: 7F:2F:45:75:91:33:CD:9B:75:01:E7:A0:27:10:D5:F9:41:41:F1:EC
Authority key identifier: C4:A0:F3:11:09:84:CC:FB:F5:29:98:0B:6D:41:6D:DD:4E:1A:88:25
Certificate issuer: /CN=c4a0f3110984ccfbf529980b6d416ddd4e1a8825
Certificate serial: 019D3909A23AFD669A33BC58BAD2A50E1A84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xKDzEQmEzPv1KZgLbUFt3U4aiCU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/a6c5f6-604f-4399-9443-d12a90bf502e/1/xKDzEQmEzPv1KZgLbUFt3U4aiCU.mft
Manifest number: 0678
Signing time: Sun 29 Mar 2026 10:00:25 +0000
Manifest this update: Sun 29 Mar 2026 10:00:25 +0000
Manifest next update: Mon 30 Mar 2026 10:00:25 +0000
Files and hashes: 1: 1-ujLZVA2eD9Q0LVsUuabSgXoS8I.roa (hash: eGVzw06cOI2ubQS+bEsoP6kSWSoInZkg8QfLxOIOYxE=)
2: xKDzEQmEzPv1KZgLbUFt3U4aiCU.crl (hash: YGGpgX+BKhNY6QBx1ZYavtxE0hWyvH+Ihag1DlAKfDM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/a6c5f6-604f-4399-9443-d12a90bf502e/1/xKDzEQmEzPv1KZgLbUFt3U4aiCU.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/a6c5f6-604f-4399-9443-d12a90bf502e/1/xKDzEQmEzPv1KZgLbUFt3U4aiCU.mft
rsync://rpki.ripe.net/repository/DEFAULT/xKDzEQmEzPv1KZgLbUFt3U4aiCU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:09:a2:3a:fd:66:9a:33:bc:58:ba:d2:a5:0e:1a:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4a0f3110984ccfbf529980b6d416ddd4e1a8825
Validity
Not Before: Mar 29 10:00:25 2026 GMT
Not After : Mar 30 10:00:25 2026 GMT
Subject: CN=7f2f45759133cd9b7501e7a02710d5f94141f1ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e4:9a:9d:8f:2d:0d:94:3f:6a:fa:0d:7c:31:
a7:87:8b:05:ac:84:6b:21:a9:e3:49:0e:51:3a:e0:
80:a4:d4:49:5d:00:d4:cf:4c:eb:75:72:7f:f8:6b:
81:e9:b4:26:2f:a4:35:4c:7c:47:7a:d3:60:31:e6:
1e:7d:84:17:a5:70:ca:58:28:03:e5:73:8a:c2:94:
9f:43:bd:c8:8c:ae:d4:aa:87:60:67:37:ea:74:fd:
9d:0d:04:44:44:08:a6:66:de:e6:48:56:34:9c:68:
1e:a2:e2:29:ce:af:1c:8f:96:5b:9b:3c:c7:60:d0:
8a:92:ab:45:59:6a:5c:7f:76:bf:76:f4:50:27:da:
bd:4f:99:d9:52:a5:88:95:c7:3f:d3:ae:84:92:f2:
5d:8f:8c:9f:f7:a7:22:3c:d7:c8:b0:b4:2e:a4:e0:
7e:f8:70:7b:fc:6a:3a:01:38:db:e6:5c:ed:93:24:
37:7f:d5:ab:3f:9f:a1:0b:0d:d2:15:84:5a:3b:b6:
8f:aa:2c:ee:4a:24:67:dd:f6:fd:4d:01:bc:de:24:
45:bc:f3:57:c2:b9:a5:ba:3f:66:f9:e8:eb:35:22:
76:e4:9f:c9:13:23:b1:09:50:13:c4:5a:d1:6f:38:
9a:14:31:fd:7a:bf:16:d0:c4:1c:3e:c8:7b:69:44:
29:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:2F:45:75:91:33:CD:9B:75:01:E7:A0:27:10:D5:F9:41:41:F1:EC
X509v3 Authority Key Identifier:
keyid:C4:A0:F3:11:09:84:CC:FB:F5:29:98:0B:6D:41:6D:DD:4E:1A:88:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xKDzEQmEzPv1KZgLbUFt3U4aiCU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a6c5f6-604f-4399-9443-d12a90bf502e/1/xKDzEQmEzPv1KZgLbUFt3U4aiCU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a6c5f6-604f-4399-9443-d12a90bf502e/1/xKDzEQmEzPv1KZgLbUFt3U4aiCU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1b:3d:63:55:44:87:43:d0:50:d3:6d:69:1a:10:83:0c:1d:d0:
ab:3c:88:e6:0a:19:7e:0a:44:50:2a:8e:97:16:30:6d:c2:40:
c6:ed:02:7d:11:ee:da:e4:93:96:d1:76:b6:0f:59:2d:34:95:
c9:bd:09:c9:9d:9b:8b:88:32:4d:e0:35:3c:ce:8f:42:79:c3:
e9:d2:36:e4:bf:a0:c9:b4:11:d2:52:2c:24:ba:d3:11:ef:07:
9e:49:c0:9e:85:61:f7:90:d2:e8:1b:54:3d:3e:d1:5a:e2:0a:
f7:24:2b:df:e3:16:e2:e5:eb:98:85:04:c3:80:22:f0:81:a9:
66:64:bb:6b:e3:ae:d8:bc:ac:a7:85:32:29:20:e6:7f:a0:99:
12:5a:a5:1a:f3:5d:3a:f5:4b:d6:2c:67:c8:d0:95:8f:6d:9e:
57:12:e6:6a:af:a3:ca:45:50:19:29:59:84:5e:b7:fb:39:e4:
4f:25:fb:04:34:4d:d2:e9:47:80:08:73:9d:54:37:ff:a6:38:
cc:d6:05:f4:80:3b:04:04:76:f3:91:30:eb:40:db:92:c3:cf:
ce:8b:80:aa:fe:47:35:77:d9:9a:f0:a7:f0:13:c0:00:69:3c:
1e:69:b8:fd:8e:33:06:9c:d7:da:21:99:e9:38:7b:18:0e:7e:
44:25:d3:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CaI6/WaaM7xYutKlDhqEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0YTBmMzExMDk4NGNjZmJmNTI5OTgwYjZkNDE2ZGRkNGUx
YTg4MjUwHhcNMjYwMzI5MTAwMDI1WhcNMjYwMzMwMTAwMDI1WjAzMTEwLwYDVQQD
Eyg3ZjJmNDU3NTkxMzNjZDliNzUwMWU3YTAyNzEwZDVmOTQxNDFmMWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+SanY8tDZQ/avoNfDGnh4sFrIRr
IanjSQ5ROuCApNRJXQDUz0zrdXJ/+GuB6bQmL6Q1THxHetNgMeYefYQXpXDKWCgD
5XOKwpSfQ73IjK7UqodgZzfqdP2dDQRERAimZt7mSFY0nGgeouIpzq8cj5ZbmzzH
YNCKkqtFWWpcf3a/dvRQJ9q9T5nZUqWIlcc/066EkvJdj4yf96ciPNfIsLQupOB+
+HB7/Go6ATjb5lztkyQ3f9WrP5+hCw3SFYRaO7aPqizuSiRn3fb9TQG83iRFvPNX
wrmluj9m+ejrNSJ25J/JEyOxCVATxFrRbziaFDH9er8W0MQcPsh7aUQp7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH8vRXWRM82bdQHnoCcQ1flBQfHsMB8GA1UdIwQY
MBaAFMSg8xEJhMz79SmYC21Bbd1OGoglMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEtEekVRbUV6UHYxS1pnTGJVRnQzVTRhaUNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hNmM1ZjYtNjA0Zi00Mzk5LTk0NDMt
ZDEyYTkwYmY1MDJlLzEveEtEekVRbUV6UHYxS1pnTGJVRnQzVTRhaUNVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9hNmM1ZjYtNjA0Zi00Mzk5LTk0NDMtZDEyYTkwYmY1MDJl
LzEveEtEekVRbUV6UHYxS1pnTGJVRnQzVTRhaUNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGz1jVUSH
Q9BQ021pGhCDDB3QqzyI5goZfgpEUCqOlxYwbcJAxu0CfRHu2uSTltF2tg9ZLTSV
yb0JyZ2bi4gyTeA1PM6PQnnD6dI25L+gybQR0lIsJLrTEe8HnknAnoVh95DS6BtU
PT7RWuIK9yQr3+MW4uXrmIUEw4Ai8IGpZmS7a+Ou2Lysp4UyKSDmf6CZElqlGvNd
OvVL1ixnyNCVj22eVxLmaq+jykVQGSlZhF63+znkTyX7BDRN0ulHgAhznVQ3/6Y4
zNYF9IA7BAR285Ew60DbksPPzouAqv5HNXfZmvCn8BPAAGk8Hmm4/Y4zBpzX2iGZ
6Th7GA5+RCXT6w==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:51:11 2026 by rpki-client