Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft
File: XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft (raw, json)
Hash identifier: n9/Mp9ntGptp7md5im9mnodkzZbM0VJsf+RAPQwLJZ8=
Subject key identifier: 6B:F3:65:2B:F4:0D:BC:C9:CD:0E:02:D2:02:5C:69:76:5E:3D:43:C9
Authority key identifier: 5E:77:44:67:E2:18:49:52:49:43:D2:BD:45:90:10:72:0F:3E:20:E4
Certificate issuer: /CN=5e774467e21849524943d2bd459010720f3e20e4
Certificate serial: 019D80B58B6970D2D561D6C44D1BB4C2E7FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft
Manifest number: 13C4
Signing time: Sun 12 Apr 2026 08:01:14 +0000
Manifest this update: Sun 12 Apr 2026 08:01:14 +0000
Manifest next update: Mon 13 Apr 2026 08:01:14 +0000
Files and hashes: 1: 46eH9Cj2ZoAvvZOdO1gLEixXty0.roa (hash: nutrSegvu5QxeGV6g/QuVOtrzFyb4Km/JeoI/dWaXRo=)
2: XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.crl (hash: bAMWtjT9cqfyrB0XRUnjuU/nyAboBTvR3tDFmRKXClA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 13 Apr 2026 02:28:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:80:b5:8b:69:70:d2:d5:61:d6:c4:4d:1b:b4:c2:e7:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e774467e21849524943d2bd459010720f3e20e4
Validity
Not Before: Apr 12 08:01:14 2026 GMT
Not After : Apr 13 08:01:14 2026 GMT
Subject: CN=6bf3652bf40dbcc9cd0e02d2025c69765e3d43c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:36:a4:aa:ef:2a:f4:f1:a3:a0:72:dd:6d:c1:
1a:4b:a6:cf:2d:a9:2c:66:b6:12:5f:54:b3:97:e5:
52:35:72:af:58:f5:5d:01:ce:c0:47:f3:fd:4c:38:
54:cc:02:47:cc:fa:af:17:31:78:e2:11:31:4e:db:
a7:f5:7a:0f:15:c5:20:9c:01:11:48:86:7e:fe:82:
02:51:87:d9:58:48:be:22:e3:ea:f9:d6:a9:1b:ba:
db:77:c5:17:29:93:7e:52:0a:74:76:d8:5d:1f:2b:
d9:03:a9:71:82:9d:93:02:f6:eb:b2:9d:c0:03:b6:
cf:5a:dc:ae:ca:4c:e1:8b:82:27:7e:2c:7d:35:9b:
1a:81:86:c8:6b:dd:13:00:57:5e:f1:52:9d:27:d8:
52:a7:2a:c3:20:36:18:5d:52:ab:e7:b2:32:2f:18:
4e:09:62:0c:34:31:1f:0d:c8:95:aa:82:a4:26:9c:
7e:ac:ae:44:c2:9a:37:e7:a4:9e:c1:36:c4:84:b0:
f3:31:65:7a:1e:15:35:a1:76:b2:9e:d8:f9:78:64:
ce:49:e5:74:b7:b6:0f:38:8a:4e:d2:d1:23:e0:6a:
bb:41:ba:58:20:f9:04:ad:f0:01:7d:07:e2:6e:57:
82:72:0d:72:84:be:fe:92:5b:5f:e2:0e:9d:d9:b0:
a0:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:F3:65:2B:F4:0D:BC:C9:CD:0E:02:D2:02:5C:69:76:5E:3D:43:C9
X509v3 Authority Key Identifier:
keyid:5E:77:44:67:E2:18:49:52:49:43:D2:BD:45:90:10:72:0F:3E:20:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5d:ab:0b:db:34:3c:d2:4e:f9:fc:2c:75:b4:a1:c5:54:fd:23:
67:78:b9:4a:3a:f3:09:3d:0e:e4:e6:c2:64:bc:23:11:71:04:
3a:3a:5c:ce:b4:06:03:e6:20:ea:c4:b3:ce:2b:47:4b:16:a3:
e8:93:3e:21:49:05:ac:20:e9:a0:d7:e2:96:bc:5b:68:a3:d9:
d8:da:0d:36:a2:ad:86:c9:42:cd:cf:c9:42:01:d2:26:0e:f0:
a9:ba:59:91:6f:41:02:94:67:c0:ac:68:e6:de:79:ff:f3:a3:
ef:65:01:9a:cc:ee:21:3f:83:12:d4:d4:be:87:49:c6:73:51:
f3:29:da:95:53:79:14:5b:4d:36:6a:68:3d:1a:28:cb:c4:8e:
7b:b8:a4:ad:7d:e4:8d:9e:a9:6e:79:7c:dc:87:01:46:8d:8c:
48:85:7a:4b:c6:bb:c2:7b:94:17:64:a2:33:0d:be:cc:ed:7b:
98:f5:cb:a1:4d:85:25:03:0e:dc:e9:0c:a9:79:f6:2e:82:af:
17:10:06:c1:5c:f9:35:4f:9e:6c:93:42:17:85:a6:22:7b:48:
c6:48:e9:24:fd:d1:7b:4d:22:f1:11:8d:7c:84:f7:67:46:61:
d5:ba:a0:1b:93:67:2a:3a:19:2a:81:39:23:57:36:0b:b8:b0:
5f:29:60:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2AtYtpcNLVYdbETRu0wuf/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNzc0NDY3ZTIxODQ5NTI0OTQzZDJiZDQ1OTAxMDcyMGYz
ZTIwZTQwHhcNMjYwNDEyMDgwMTE0WhcNMjYwNDEzMDgwMTE0WjAzMTEwLwYDVQQD
Eyg2YmYzNjUyYmY0MGRiY2M5Y2QwZTAyZDIwMjVjNjk3NjVlM2Q0M2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjakqu8q9PGjoHLdbcEaS6bPLaks
ZrYSX1Szl+VSNXKvWPVdAc7AR/P9TDhUzAJHzPqvFzF44hExTtun9XoPFcUgnAER
SIZ+/oICUYfZWEi+IuPq+dapG7rbd8UXKZN+Ugp0dthdHyvZA6lxgp2TAvbrsp3A
A7bPWtyuykzhi4Infix9NZsagYbIa90TAFde8VKdJ9hSpyrDIDYYXVKr57IyLxhO
CWIMNDEfDciVqoKkJpx+rK5Ewpo356SewTbEhLDzMWV6HhU1oXayntj5eGTOSeV0
t7YPOIpO0tEj4Gq7QbpYIPkErfABfQfibleCcg1yhL7+kltf4g6d2bCgaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGvzZSv0DbzJzQ4C0gJcaXZePUPJMB8GA1UdIwQY
MBaAFF53RGfiGElSSUPSvUWQEHIPPiDkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWG5kRVotSVlTVkpKUTlLOVJaQVFjZzgtSU9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8yMGEyMmYtMjBmYS00ZDk4LThiMDMt
YWE0MDA1MzJkYWViLzEvWG5kRVotSVlTVkpKUTlLOVJaQVFjZzgtSU9RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8yMGEyMmYtMjBmYS00ZDk4LThiMDMtYWE0MDA1MzJkYWVi
LzEvWG5kRVotSVlTVkpKUTlLOVJaQVFjZzgtSU9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXasL2zQ8
0k75/Cx1tKHFVP0jZ3i5SjrzCT0O5ObCZLwjEXEEOjpczrQGA+Yg6sSzzitHSxaj
6JM+IUkFrCDpoNfilrxbaKPZ2NoNNqKthslCzc/JQgHSJg7wqbpZkW9BApRnwKxo
5t55//Oj72UBmszuIT+DEtTUvodJxnNR8ynalVN5FFtNNmpoPRooy8SOe7ikrX3k
jZ6pbnl83IcBRo2MSIV6S8a7wnuUF2SiMw2+zO17mPXLoU2FJQMO3OkMqXn2LoKv
FxAGwVz5NU+ebJNCF4WmIntIxkjpJP3Re00i8RGNfIT3Z0Zh1bqgG5NnKjoZKoE5
I1c2C7iwXylggg==
-----END CERTIFICATE-----
Generated at Sun Apr 12 10:07:46 2026 by rpki-client