Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/4e414f-0a76-4fe9-8b7b-135a93982931/1/XbomMhShFwVRmA7pFxn42Ixia14.mft
File: XbomMhShFwVRmA7pFxn42Ixia14.mft (raw, json)
Hash identifier: RMVfAvZ9hhGIPf0yckLeUTCtMsGKaCzTREh+9D9aqc4=
Subject key identifier: 8E:E7:57:17:6B:2F:AF:C4:5D:FE:B4:4A:BE:53:12:3A:00:D4:E5:F4
Authority key identifier: 5D:BA:26:32:14:A1:17:05:51:98:0E:E9:17:19:F8:D8:8C:62:6B:5E
Certificate issuer: /CN=5dba263214a1170551980ee91719f8d88c626b5e
Certificate serial: 019D3940AEED66508CA0F4ED8061F51D4B36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XbomMhShFwVRmA7pFxn42Ixia14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/4e414f-0a76-4fe9-8b7b-135a93982931/1/XbomMhShFwVRmA7pFxn42Ixia14.mft
Manifest number: 13FA
Signing time: Sun 29 Mar 2026 11:00:33 +0000
Manifest this update: Sun 29 Mar 2026 11:00:33 +0000
Manifest next update: Mon 30 Mar 2026 11:00:33 +0000
Files and hashes: 1: XbomMhShFwVRmA7pFxn42Ixia14.crl (hash: 8XoEy+NI6ccSpQ/FYZ6mFn2YPsLC1rL3kfMB+su5y3g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/4e414f-0a76-4fe9-8b7b-135a93982931/1/XbomMhShFwVRmA7pFxn42Ixia14.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/4e414f-0a76-4fe9-8b7b-135a93982931/1/XbomMhShFwVRmA7pFxn42Ixia14.mft
rsync://rpki.ripe.net/repository/DEFAULT/XbomMhShFwVRmA7pFxn42Ixia14.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:40:ae:ed:66:50:8c:a0:f4:ed:80:61:f5:1d:4b:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dba263214a1170551980ee91719f8d88c626b5e
Validity
Not Before: Mar 29 11:00:33 2026 GMT
Not After : Mar 30 11:00:33 2026 GMT
Subject: CN=8ee757176b2fafc45dfeb44abe53123a00d4e5f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5e:77:35:d5:0a:bd:85:99:aa:62:c4:a6:80:
a0:4b:79:86:f4:90:46:cf:f5:de:90:ee:dc:ed:40:
1a:38:24:0f:7b:9e:b8:f6:95:88:6d:d6:9f:9b:a6:
0b:12:fb:5a:dd:96:9d:94:38:56:73:bc:9e:fd:ec:
6b:5f:f0:2e:40:ac:8f:78:4d:55:3d:bb:84:fd:e3:
41:7e:93:d3:62:94:3a:b4:09:7f:a4:28:06:6c:cc:
10:a6:c4:7c:b0:4e:d6:18:d5:ab:d6:a7:6c:17:4c:
33:b8:71:96:da:0a:3b:59:0b:31:9c:35:f2:f5:36:
e7:2a:81:d2:6c:1a:81:0e:ba:03:26:77:09:e3:ea:
9d:e1:a6:db:fa:f8:79:70:fb:2d:ea:b6:61:cd:e1:
8b:66:a5:36:07:6e:79:66:bb:a1:c4:b7:15:c3:c4:
16:1d:8e:2a:49:13:1f:8f:47:82:91:49:f5:1e:41:
89:d0:00:85:63:d7:3d:a4:b2:d1:e1:79:70:a4:01:
5f:21:f2:40:89:b9:57:fd:8c:64:2d:26:6f:bb:ec:
63:fa:2a:ee:55:99:8e:72:37:c4:d0:2a:3a:36:80:
37:da:0d:72:6e:a7:00:75:4c:8f:69:1b:c8:2e:8f:
48:3f:c1:ca:db:6f:25:a8:03:88:89:7f:df:01:25:
bf:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:E7:57:17:6B:2F:AF:C4:5D:FE:B4:4A:BE:53:12:3A:00:D4:E5:F4
X509v3 Authority Key Identifier:
keyid:5D:BA:26:32:14:A1:17:05:51:98:0E:E9:17:19:F8:D8:8C:62:6B:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XbomMhShFwVRmA7pFxn42Ixia14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/4e414f-0a76-4fe9-8b7b-135a93982931/1/XbomMhShFwVRmA7pFxn42Ixia14.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/4e414f-0a76-4fe9-8b7b-135a93982931/1/XbomMhShFwVRmA7pFxn42Ixia14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
92:d8:1c:68:ce:f3:09:78:2d:64:db:7c:36:23:10:43:4d:2e:
d6:c3:76:e1:3c:a9:e7:68:e3:0b:6a:45:9e:7e:b9:a3:09:72:
7c:11:76:15:19:5d:80:71:0f:6e:44:f8:60:ce:af:89:6e:e9:
ae:5c:7f:d4:16:08:e4:41:a2:95:88:35:9a:33:fe:53:b0:b0:
c3:08:b0:7f:69:8a:84:e8:41:41:dc:10:1e:5d:d3:6d:b1:34:
a6:dc:d1:50:d3:18:6f:e1:34:a0:1a:4d:06:a4:91:22:b1:b9:
79:d7:4f:8e:c6:86:bb:3f:dd:8b:37:14:89:a6:16:f7:16:d2:
d2:d8:7a:20:f8:8c:ad:a8:f9:18:24:da:53:12:46:9a:75:65:
24:5a:73:75:af:d0:7b:c1:b4:bf:97:42:71:b1:ef:3b:89:e9:
86:fe:ce:dd:47:d2:36:95:cf:2d:10:0c:6c:44:67:0a:2e:71:
2c:68:e1:47:40:5b:56:ab:ed:af:d6:75:55:81:49:05:44:f5:
e8:e2:fd:e2:55:d8:d1:df:c4:b4:c2:55:d5:07:3f:44:83:85:
d2:22:bb:22:1a:07:9d:32:1c:67:23:0d:be:58:2d:d2:f7:01:
d7:c1:f3:91:36:ad:94:96:78:9f:ea:76:cc:eb:c9:68:3a:bd:
ef:ad:91:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QK7tZlCMoPTtgGH1HUs2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYmEyNjMyMTRhMTE3MDU1MTk4MGVlOTE3MTlmOGQ4OGM2
MjZiNWUwHhcNMjYwMzI5MTEwMDMzWhcNMjYwMzMwMTEwMDMzWjAzMTEwLwYDVQQD
Eyg4ZWU3NTcxNzZiMmZhZmM0NWRmZWI0NGFiZTUzMTIzYTAwZDRlNWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsF53NdUKvYWZqmLEpoCgS3mG9JBG
z/XekO7c7UAaOCQPe5649pWIbdafm6YLEvta3ZadlDhWc7ye/exrX/AuQKyPeE1V
PbuE/eNBfpPTYpQ6tAl/pCgGbMwQpsR8sE7WGNWr1qdsF0wzuHGW2go7WQsxnDXy
9TbnKoHSbBqBDroDJncJ4+qd4abb+vh5cPst6rZhzeGLZqU2B255ZruhxLcVw8QW
HY4qSRMfj0eCkUn1HkGJ0ACFY9c9pLLR4XlwpAFfIfJAiblX/YxkLSZvu+xj+iru
VZmOcjfE0Co6NoA32g1ybqcAdUyPaRvILo9IP8HK228lqAOIiX/fASW/AQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI7nVxdrL6/EXf60Sr5TEjoA1OX0MB8GA1UdIwQY
MBaAFF26JjIUoRcFUZgO6RcZ+NiMYmteMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGJvbU1oU2hGd1ZSbUE3cEZ4bjQySXhpYTE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi80ZTQxNGYtMGE3Ni00ZmU5LThiN2It
MTM1YTkzOTgyOTMxLzEvWGJvbU1oU2hGd1ZSbUE3cEZ4bjQySXhpYTE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi80ZTQxNGYtMGE3Ni00ZmU5LThiN2ItMTM1YTkzOTgyOTMx
LzEvWGJvbU1oU2hGd1ZSbUE3cEZ4bjQySXhpYTE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAktgcaM7z
CXgtZNt8NiMQQ00u1sN24Typ52jjC2pFnn65owlyfBF2FRldgHEPbkT4YM6viW7p
rlx/1BYI5EGilYg1mjP+U7Cwwwiwf2mKhOhBQdwQHl3TbbE0ptzRUNMYb+E0oBpN
BqSRIrG5eddPjsaGuz/dizcUiaYW9xbS0th6IPiMraj5GCTaUxJGmnVlJFpzda/Q
e8G0v5dCcbHvO4nphv7O3UfSNpXPLRAMbERnCi5xLGjhR0BbVqvtr9Z1VYFJBUT1
6OL94lXY0d/EtMJV1Qc/RIOF0iK7IhoHnTIcZyMNvlgt0vcB18HzkTatlJZ4n+p2
zOvJaDq9762Rzw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:46:33 2026 by rpki-client