Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/57b891-a912-4c6a-8e3b-d41fcdf57598/1/XYO1pn2S_6hHbJMhqnv21KINPas.mft
File: XYO1pn2S_6hHbJMhqnv21KINPas.mft (raw, json)
Hash identifier: l8zvIXNClXysWsWbzvBN9Xtu+wavYpQXh6Ngj1M696c=
Subject key identifier: 9D:AC:53:FA:67:AF:70:84:62:9E:EC:C2:CF:22:35:86:C5:E5:4A:1D
Authority key identifier: 5D:83:B5:A6:7D:92:FF:A8:47:6C:93:21:AA:7B:F6:D4:A2:0D:3D:AB
Certificate issuer: /CN=5d83b5a67d92ffa8476c9321aa7bf6d4a20d3dab
Certificate serial: 019D3909952291612069E7C23E320AD3A101
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XYO1pn2S_6hHbJMhqnv21KINPas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/57b891-a912-4c6a-8e3b-d41fcdf57598/1/XYO1pn2S_6hHbJMhqnv21KINPas.mft
Manifest number: 128A
Signing time: Sun 29 Mar 2026 10:00:22 +0000
Manifest this update: Sun 29 Mar 2026 10:00:22 +0000
Manifest next update: Mon 30 Mar 2026 10:00:22 +0000
Files and hashes: 1: XYO1pn2S_6hHbJMhqnv21KINPas.crl (hash: 19cF2t5xFeqMLl2eAlqmrgSOktMtEVAYyviboKNVoTw=)
2: yqeabqkOB5fG5PtO7nwnhSFJt98.roa (hash: qildy36/K9jS6v0WoAJhzWi2T0378O5DKM8NUUD22gI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/57b891-a912-4c6a-8e3b-d41fcdf57598/1/XYO1pn2S_6hHbJMhqnv21KINPas.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/57b891-a912-4c6a-8e3b-d41fcdf57598/1/XYO1pn2S_6hHbJMhqnv21KINPas.mft
rsync://rpki.ripe.net/repository/DEFAULT/XYO1pn2S_6hHbJMhqnv21KINPas.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:09:95:22:91:61:20:69:e7:c2:3e:32:0a:d3:a1:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d83b5a67d92ffa8476c9321aa7bf6d4a20d3dab
Validity
Not Before: Mar 29 10:00:22 2026 GMT
Not After : Mar 30 10:00:22 2026 GMT
Subject: CN=9dac53fa67af7084629eecc2cf223586c5e54a1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0c:a3:d6:99:7d:ff:9b:5d:30:7e:14:a5:f5:
7e:13:8f:7f:60:34:3d:2c:2c:23:12:db:60:43:18:
fc:37:67:36:26:0f:4f:ff:fb:ae:bf:a3:1d:02:0e:
56:fd:1c:a7:db:5f:f0:98:79:26:9e:39:a0:e2:5f:
f0:51:6e:11:f1:f8:7f:80:9b:96:59:d6:5a:e6:c1:
5d:a2:d5:cc:f2:53:a0:d7:87:72:5f:9a:a1:ee:1e:
82:52:36:2e:2e:2e:cd:d7:dc:6e:4b:47:6d:5c:ee:
2e:39:ff:4e:f9:43:df:44:de:b4:5e:74:3d:99:bd:
3a:79:48:31:f6:c6:fd:ea:4c:a1:2b:93:52:63:03:
54:0a:86:92:36:20:6d:04:da:e7:2c:3f:a3:7b:5b:
70:ab:71:60:74:d8:f1:e2:ee:e1:89:1c:0f:a5:9a:
bb:0b:e8:b0:8b:bc:ab:af:f5:96:27:6f:53:2e:2c:
3b:95:a9:03:f8:a5:06:dd:d4:f3:0b:3b:13:dc:41:
04:51:42:de:19:d6:4f:be:a5:a6:6a:97:87:19:e8:
f6:ec:d0:d2:ca:d2:4c:fd:15:bb:82:5a:8d:74:46:
b4:d7:2d:ad:6b:0d:2c:3d:10:8e:5a:72:85:d7:e6:
41:ab:28:bc:3d:19:1f:39:5f:d0:3c:de:9f:8d:50:
b9:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:AC:53:FA:67:AF:70:84:62:9E:EC:C2:CF:22:35:86:C5:E5:4A:1D
X509v3 Authority Key Identifier:
keyid:5D:83:B5:A6:7D:92:FF:A8:47:6C:93:21:AA:7B:F6:D4:A2:0D:3D:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYO1pn2S_6hHbJMhqnv21KINPas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/57b891-a912-4c6a-8e3b-d41fcdf57598/1/XYO1pn2S_6hHbJMhqnv21KINPas.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/57b891-a912-4c6a-8e3b-d41fcdf57598/1/XYO1pn2S_6hHbJMhqnv21KINPas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
09:33:9f:d8:32:2c:d6:01:33:a9:b0:c9:08:c3:76:b8:1d:f7:
a4:66:ff:c9:92:b9:c5:f1:83:15:49:c2:39:34:e5:5d:4a:a4:
9c:fb:b6:07:72:da:66:41:ed:46:19:54:9c:61:d4:45:97:f0:
9c:49:11:f9:7f:e5:07:b7:6a:74:d3:c4:28:24:7f:05:32:72:
e1:f7:ea:48:ec:32:23:0c:5a:9e:5b:c6:9b:18:eb:2f:70:80:
ec:f4:07:02:84:41:1d:36:90:ea:cf:c0:d5:c1:af:8b:18:18:
0f:ea:ef:92:be:f3:36:0d:27:b5:a1:51:84:0d:d5:41:b4:fe:
54:f9:10:83:81:a2:1d:b0:ca:57:8d:20:87:e6:e2:58:21:9e:
59:02:9c:bd:ca:06:bd:1d:41:5d:8d:fe:db:90:ae:b0:45:5a:
a6:0b:d3:d8:6b:e9:32:03:1e:4d:e4:a3:d0:1d:f7:cf:26:38:
12:a3:54:26:55:14:7b:ff:53:67:5e:0a:6f:31:c5:f3:a7:bf:
09:b6:52:17:20:ee:9c:f4:e4:25:05:59:6a:ba:1d:88:a4:30:
85:ca:f7:3a:c8:9f:3e:38:11:87:ed:a6:03:4e:3d:4f:69:5c:
6d:51:09:f4:f2:a4:f4:2d:56:ca:74:6e:f9:3f:7f:bd:2f:d9:
d5:71:1c:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CZUikWEgaefCPjIK06EBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkODNiNWE2N2Q5MmZmYTg0NzZjOTMyMWFhN2JmNmQ0YTIw
ZDNkYWIwHhcNMjYwMzI5MTAwMDIyWhcNMjYwMzMwMTAwMDIyWjAzMTEwLwYDVQQD
Eyg5ZGFjNTNmYTY3YWY3MDg0NjI5ZWVjYzJjZjIyMzU4NmM1ZTU0YTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwyj1pl9/5tdMH4UpfV+E49/YDQ9
LCwjEttgQxj8N2c2Jg9P//uuv6MdAg5W/Ryn21/wmHkmnjmg4l/wUW4R8fh/gJuW
WdZa5sFdotXM8lOg14dyX5qh7h6CUjYuLi7N19xuS0dtXO4uOf9O+UPfRN60XnQ9
mb06eUgx9sb96kyhK5NSYwNUCoaSNiBtBNrnLD+je1twq3FgdNjx4u7hiRwPpZq7
C+iwi7yrr/WWJ29TLiw7lakD+KUG3dTzCzsT3EEEUULeGdZPvqWmapeHGej27NDS
ytJM/RW7glqNdEa01y2taw0sPRCOWnKF1+ZBqyi8PRkfOV/QPN6fjVC5TQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ2sU/pnr3CEYp7sws8iNYbF5UodMB8GA1UdIwQY
MBaAFF2DtaZ9kv+oR2yTIap79tSiDT2rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFlPMXBuMlNfNmhIYkpNaHFudjIxS0lOUGFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi81N2I4OTEtYTkxMi00YzZhLThlM2It
ZDQxZmNkZjU3NTk4LzEvWFlPMXBuMlNfNmhIYkpNaHFudjIxS0lOUGFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi81N2I4OTEtYTkxMi00YzZhLThlM2ItZDQxZmNkZjU3NTk4
LzEvWFlPMXBuMlNfNmhIYkpNaHFudjIxS0lOUGFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACTOf2DIs
1gEzqbDJCMN2uB33pGb/yZK5xfGDFUnCOTTlXUqknPu2B3LaZkHtRhlUnGHURZfw
nEkR+X/lB7dqdNPEKCR/BTJy4ffqSOwyIwxanlvGmxjrL3CA7PQHAoRBHTaQ6s/A
1cGvixgYD+rvkr7zNg0ntaFRhA3VQbT+VPkQg4GiHbDKV40gh+biWCGeWQKcvcoG
vR1BXY3+25CusEVapgvT2GvpMgMeTeSj0B33zyY4EqNUJlUUe/9TZ14KbzHF86e/
CbZSFyDunPTkJQVZarodiKQwhcr3OsifPjgRh+2mA049T2lcbVEJ9PKk9C1WynRu
+T9/vS/Z1XEctQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:56:55 2026 by rpki-client