Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/2aeb79-3582-4ebf-b19a-79348e8366bc/1/XVn0kNO2myLh4nwya69yMRBW3bg.mft
File: XVn0kNO2myLh4nwya69yMRBW3bg.mft (raw, json)
Hash identifier: 4P3u0KYJih/m6E4HLfBxgaL3m/6RD4F1Gaka2BQs4Bg=
Subject key identifier: D2:29:AA:CA:FB:24:E5:33:E3:F2:80:98:B1:5A:9C:51:34:00:83:55
Authority key identifier: 5D:59:F4:90:D3:B6:9B:22:E1:E2:7C:32:6B:AF:72:31:10:56:DD:B8
Certificate issuer: /CN=5d59f490d3b69b22e1e27c326baf72311056ddb8
Certificate serial: 019D39417734B1A7077FBDDAD9888A9927A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XVn0kNO2myLh4nwya69yMRBW3bg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/2aeb79-3582-4ebf-b19a-79348e8366bc/1/XVn0kNO2myLh4nwya69yMRBW3bg.mft
Manifest number: 0D1A
Signing time: Sun 29 Mar 2026 11:01:24 +0000
Manifest this update: Sun 29 Mar 2026 11:01:24 +0000
Manifest next update: Mon 30 Mar 2026 11:01:24 +0000
Files and hashes: 1: 6aoHpGpaWGGkl83xUFlNJm53NDk.roa (hash: /4TBotBrPhIQMbRC6QsWTde66kPhdMjvMCRoCWnf4ms=)
2: XVn0kNO2myLh4nwya69yMRBW3bg.crl (hash: /lsqWwjRIqwPD9c52hYDxyBShTI0tbl968bzzNbPStg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/2aeb79-3582-4ebf-b19a-79348e8366bc/1/XVn0kNO2myLh4nwya69yMRBW3bg.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/2aeb79-3582-4ebf-b19a-79348e8366bc/1/XVn0kNO2myLh4nwya69yMRBW3bg.mft
rsync://rpki.ripe.net/repository/DEFAULT/XVn0kNO2myLh4nwya69yMRBW3bg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 08:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:41:77:34:b1:a7:07:7f:bd:da:d9:88:8a:99:27:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d59f490d3b69b22e1e27c326baf72311056ddb8
Validity
Not Before: Mar 29 11:01:24 2026 GMT
Not After : Mar 30 11:01:24 2026 GMT
Subject: CN=d229aacafb24e533e3f28098b15a9c5134008355
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:e3:df:ae:4a:94:81:23:bf:29:94:50:f7:d9:
aa:97:43:09:ed:f7:94:cc:21:a1:cb:14:3a:6e:2c:
b1:05:33:98:f1:2b:7b:77:f6:b9:b1:86:59:00:64:
a2:92:f2:53:e9:cc:8e:82:1d:d8:a2:c4:3c:2c:af:
14:12:50:cb:0f:16:aa:47:2a:d2:01:fb:e1:5a:0e:
f9:89:02:41:f4:65:f7:b0:d8:70:79:1f:8e:d4:96:
77:ce:1d:1a:c8:9d:85:73:2f:c8:cc:cc:bf:7f:63:
65:c7:96:94:5a:79:10:0d:67:5e:67:fe:63:a9:8c:
60:c5:19:1d:a5:2d:75:c9:2a:ce:5a:d0:b8:80:0b:
c3:a6:19:f5:44:9e:1b:9e:cc:50:40:08:48:aa:d9:
a8:d3:35:d5:43:28:f3:7e:2c:54:7b:78:c5:b0:54:
bf:d8:cb:d5:41:55:cf:ea:7c:c6:ec:2c:2f:b3:0a:
33:ab:24:32:ba:26:15:5e:5a:21:35:f6:e9:b1:1f:
61:7d:13:7e:77:2f:92:c7:33:b2:d0:04:e3:1f:b8:
7f:6a:30:19:23:56:0a:11:cb:6f:67:0b:cb:bd:3e:
46:98:29:a6:61:b6:12:1f:7b:7f:4a:a7:63:96:e9:
ec:60:00:8c:ce:fc:29:cf:0d:59:8b:cb:71:d8:27:
c8:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:29:AA:CA:FB:24:E5:33:E3:F2:80:98:B1:5A:9C:51:34:00:83:55
X509v3 Authority Key Identifier:
keyid:5D:59:F4:90:D3:B6:9B:22:E1:E2:7C:32:6B:AF:72:31:10:56:DD:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XVn0kNO2myLh4nwya69yMRBW3bg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/2aeb79-3582-4ebf-b19a-79348e8366bc/1/XVn0kNO2myLh4nwya69yMRBW3bg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/2aeb79-3582-4ebf-b19a-79348e8366bc/1/XVn0kNO2myLh4nwya69yMRBW3bg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4f:69:86:e9:a8:e7:ef:29:86:20:d4:0f:88:0e:ef:43:11:37:
f5:28:88:a8:b8:e1:ff:f9:58:ae:45:59:05:1b:e1:e5:d8:1d:
87:22:b3:cb:f0:25:45:cd:3a:2c:fd:81:59:f0:5c:a3:fd:27:
83:f3:53:f4:07:3b:0e:46:82:d8:74:12:c2:10:a8:49:bb:4e:
39:83:6f:ab:09:2a:be:71:b3:32:72:07:13:c3:d1:33:2f:cd:
e7:a2:47:ff:71:14:cf:44:1a:36:7d:ab:d9:06:d7:64:d0:85:
cd:b2:88:94:ca:f1:ca:96:7c:e2:27:f0:fc:55:f3:cb:cd:a1:
85:ee:1d:fe:e6:7a:6a:ad:ba:c1:ac:ae:14:4e:b1:71:0e:45:
95:8f:ec:d5:12:f4:92:9c:2e:9f:64:c2:79:7c:37:89:43:55:
d0:e2:85:b1:e9:7d:1b:2a:ed:15:6b:f7:cf:b6:d9:43:00:83:
62:11:61:a1:b5:11:fa:6e:fa:32:ca:bb:76:43:4b:60:d8:50:
39:3b:2c:8f:52:83:89:a6:35:e1:b7:b7:dc:17:1c:5f:fa:a4:
e9:2b:00:68:88:f5:85:ec:2a:16:8f:bd:d8:11:35:df:b1:5b:
3e:b2:3e:30:42:28:f4:cc:9b:c4:58:9e:ba:d6:57:12:4d:ca:
3c:b6:7c:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QXc0sacHf73a2YiKmSehMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkNTlmNDkwZDNiNjliMjJlMWUyN2MzMjZiYWY3MjMxMTA1
NmRkYjgwHhcNMjYwMzI5MTEwMTI0WhcNMjYwMzMwMTEwMTI0WjAzMTEwLwYDVQQD
EyhkMjI5YWFjYWZiMjRlNTMzZTNmMjgwOThiMTVhOWM1MTM0MDA4MzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8ePfrkqUgSO/KZRQ99mql0MJ7feU
zCGhyxQ6biyxBTOY8St7d/a5sYZZAGSikvJT6cyOgh3YosQ8LK8UElDLDxaqRyrS
AfvhWg75iQJB9GX3sNhweR+O1JZ3zh0ayJ2Fcy/IzMy/f2Nlx5aUWnkQDWdeZ/5j
qYxgxRkdpS11ySrOWtC4gAvDphn1RJ4bnsxQQAhIqtmo0zXVQyjzfixUe3jFsFS/
2MvVQVXP6nzG7CwvswozqyQyuiYVXlohNfbpsR9hfRN+dy+SxzOy0ATjH7h/ajAZ
I1YKEctvZwvLvT5GmCmmYbYSH3t/SqdjlunsYACMzvwpzw1Zi8tx2CfI0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNIpqsr7JOUz4/KAmLFanFE0AINVMB8GA1UdIwQY
MBaAFF1Z9JDTtpsi4eJ8MmuvcjEQVt24MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFZuMGtOTzJteUxoNG53eWE2OXlNUkJXM2JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8yYWViNzktMzU4Mi00ZWJmLWIxOWEt
NzkzNDhlODM2NmJjLzEvWFZuMGtOTzJteUxoNG53eWE2OXlNUkJXM2JnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8yYWViNzktMzU4Mi00ZWJmLWIxOWEtNzkzNDhlODM2NmJj
LzEvWFZuMGtOTzJteUxoNG53eWE2OXlNUkJXM2JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT2mG6ajn
7ymGINQPiA7vQxE39SiIqLjh//lYrkVZBRvh5dgdhyKzy/AlRc06LP2BWfBco/0n
g/NT9Ac7DkaC2HQSwhCoSbtOOYNvqwkqvnGzMnIHE8PRMy/N56JH/3EUz0QaNn2r
2QbXZNCFzbKIlMrxypZ84ifw/FXzy82hhe4d/uZ6aq26wayuFE6xcQ5FlY/s1RL0
kpwun2TCeXw3iUNV0OKFsel9GyrtFWv3z7bZQwCDYhFhobUR+m76Msq7dkNLYNhQ
OTssj1KDiaY14be33BccX/qk6SsAaIj1hewqFo+92BE137FbPrI+MEIo9MybxFie
utZXEk3KPLZ8Eg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 18:36:22 2026 by rpki-client