Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/75ad91-fcfc-4cf4-ab22-d0f9804a9f1e/1/xa0QdigFcZJWQLKu2jnMCXTAbOI.mft
File: xa0QdigFcZJWQLKu2jnMCXTAbOI.mft (raw, json)
Hash identifier: 3dZ6S09rhbwOClBC3KXwMiqgo1VIQQxOkHWDXpTn8Ls=
Subject key identifier: EB:B5:68:3E:59:93:E6:36:D1:15:16:90:91:D1:51:D9:BF:A6:9B:93
Authority key identifier: C5:AD:10:76:28:05:71:92:56:40:B2:AE:DA:39:CC:09:74:C0:6C:E2
Certificate issuer: /CN=c5ad1076280571925640b2aeda39cc0974c06ce2
Certificate serial: 019D3865BE25C7C7251DEBA8522BB637D860
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xa0QdigFcZJWQLKu2jnMCXTAbOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/75ad91-fcfc-4cf4-ab22-d0f9804a9f1e/1/xa0QdigFcZJWQLKu2jnMCXTAbOI.mft
Manifest number: 0229
Signing time: Sun 29 Mar 2026 07:01:25 +0000
Manifest this update: Sun 29 Mar 2026 07:01:25 +0000
Manifest next update: Mon 30 Mar 2026 07:01:25 +0000
Files and hashes: 1: P5Ui-kpK1vPEVB2STEDpzBGxxlw.roa (hash: Vs4q2Ik9ZC5mr3F9AYR74hlHqbCCUasP+9HpkK/Vnao=)
2: xa0QdigFcZJWQLKu2jnMCXTAbOI.crl (hash: PmoLsZxm4rZvt/jBK8LxaB0FFvVF+JGfjiUpXQuv2dk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/75ad91-fcfc-4cf4-ab22-d0f9804a9f1e/1/xa0QdigFcZJWQLKu2jnMCXTAbOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/75ad91-fcfc-4cf4-ab22-d0f9804a9f1e/1/xa0QdigFcZJWQLKu2jnMCXTAbOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/xa0QdigFcZJWQLKu2jnMCXTAbOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:65:be:25:c7:c7:25:1d:eb:a8:52:2b:b6:37:d8:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5ad1076280571925640b2aeda39cc0974c06ce2
Validity
Not Before: Mar 29 07:01:25 2026 GMT
Not After : Mar 30 07:01:25 2026 GMT
Subject: CN=ebb5683e5993e636d115169091d151d9bfa69b93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:0f:6a:5d:0b:fd:c4:22:91:01:27:eb:71:6e:
e6:3c:39:de:42:34:d5:e1:b1:8b:28:bd:ac:3a:d5:
46:89:19:a2:58:4e:ac:2d:b7:64:3a:01:69:73:46:
37:b5:19:74:58:69:4e:38:ef:76:60:04:01:20:64:
d3:66:c6:ac:47:37:fa:80:a2:ba:99:38:88:84:89:
67:69:64:1c:ad:3f:ef:29:3e:c7:df:54:8f:fe:3f:
d6:db:5f:18:b7:2f:71:a6:1d:67:70:7b:b9:12:0b:
5b:40:a9:39:61:9d:47:11:2b:ab:86:8f:60:1c:72:
12:83:49:e3:2f:c7:64:75:e9:a3:a1:38:c7:d0:96:
f1:6c:e4:54:3c:06:9c:2e:27:8b:31:83:2d:0b:e6:
55:f5:e2:44:d2:df:95:a1:c7:0c:29:f2:70:8c:5e:
9f:c1:41:7c:53:fa:e8:c4:36:1e:88:99:b1:9c:ee:
0e:aa:b5:b6:34:a6:f2:fd:15:d7:c3:6d:ba:6b:32:
83:55:b3:a7:1b:07:69:c7:a4:50:32:fc:68:6c:1d:
bf:4a:3d:68:4e:92:ad:57:db:f2:f4:8e:5b:de:e2:
9f:62:bb:22:20:48:3a:8a:83:e5:ff:cf:ea:9f:57:
71:fe:f5:91:9e:0a:2a:e4:ba:88:dd:33:cc:bc:2c:
92:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:B5:68:3E:59:93:E6:36:D1:15:16:90:91:D1:51:D9:BF:A6:9B:93
X509v3 Authority Key Identifier:
keyid:C5:AD:10:76:28:05:71:92:56:40:B2:AE:DA:39:CC:09:74:C0:6C:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xa0QdigFcZJWQLKu2jnMCXTAbOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/75ad91-fcfc-4cf4-ab22-d0f9804a9f1e/1/xa0QdigFcZJWQLKu2jnMCXTAbOI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/75ad91-fcfc-4cf4-ab22-d0f9804a9f1e/1/xa0QdigFcZJWQLKu2jnMCXTAbOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1d:e6:26:fb:9a:b5:b4:19:39:13:a5:8c:73:f2:e0:02:f6:8d:
6e:71:4e:9c:59:34:11:54:5c:0e:f1:65:cf:60:36:5c:7a:29:
05:d7:49:4c:d0:01:2e:c9:63:96:ac:4f:7b:70:6d:9a:ff:9b:
1c:2d:30:6f:cb:3c:e4:09:bd:3e:2f:55:5a:a9:a8:1e:20:d0:
e5:bc:8c:84:10:db:d7:74:bf:6f:ac:50:d8:32:e6:9d:e2:f8:
94:8c:38:88:2a:ca:0c:f8:b0:9e:e6:2e:05:fa:8f:ac:ac:bf:
3d:bd:f8:e3:37:35:2d:b0:e4:43:84:8e:6a:da:5e:3c:c8:ae:
71:20:67:72:99:4b:ec:7b:0d:10:98:d9:9b:93:42:42:94:4b:
7a:0c:d8:a3:5c:2f:14:d9:b5:76:8b:65:ef:b4:ec:9a:d7:47:
68:39:eb:ec:ae:fc:f0:b8:38:e0:34:02:4b:64:e6:99:29:20:
5d:7e:c2:27:9d:7a:3b:26:e3:de:9c:3f:36:66:63:ea:39:c8:
72:2a:65:3e:78:a2:e2:56:40:22:b7:ad:fc:fb:63:ba:98:a9:
e4:9f:2d:08:78:5c:dc:52:29:c0:aa:f5:af:7b:c7:a7:2a:98:
aa:98:92:5c:0d:e8:c3:43:fb:c1:58:f1:25:03:47:a6:84:08:
ae:7b:a9:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zb4lx8clHeuoUiu2N9hgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YWQxMDc2MjgwNTcxOTI1NjQwYjJhZWRhMzljYzA5NzRj
MDZjZTIwHhcNMjYwMzI5MDcwMTI1WhcNMjYwMzMwMDcwMTI1WjAzMTEwLwYDVQQD
EyhlYmI1NjgzZTU5OTNlNjM2ZDExNTE2OTA5MWQxNTFkOWJmYTY5YjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAug9qXQv9xCKRASfrcW7mPDneQjTV
4bGLKL2sOtVGiRmiWE6sLbdkOgFpc0Y3tRl0WGlOOO92YAQBIGTTZsasRzf6gKK6
mTiIhIlnaWQcrT/vKT7H31SP/j/W218Yty9xph1ncHu5EgtbQKk5YZ1HESurho9g
HHISg0njL8dkdemjoTjH0JbxbORUPAacLieLMYMtC+ZV9eJE0t+VoccMKfJwjF6f
wUF8U/roxDYeiJmxnO4OqrW2NKby/RXXw226azKDVbOnGwdpx6RQMvxobB2/Sj1o
TpKtV9vy9I5b3uKfYrsiIEg6ioPl/8/qn1dx/vWRngoq5LqI3TPMvCySpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOu1aD5Zk+Y20RUWkJHRUdm/ppuTMB8GA1UdIwQY
MBaAFMWtEHYoBXGSVkCyrto5zAl0wGziMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGEwUWRpZ0ZjWkpXUUxLdTJqbk1DWFRBYk9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NWFkOTEtZmNmYy00Y2Y0LWFiMjIt
ZDBmOTgwNGE5ZjFlLzEveGEwUWRpZ0ZjWkpXUUxLdTJqbk1DWFRBYk9JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NWFkOTEtZmNmYy00Y2Y0LWFiMjItZDBmOTgwNGE5ZjFl
LzEveGEwUWRpZ0ZjWkpXUUxLdTJqbk1DWFRBYk9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHeYm+5q1
tBk5E6WMc/LgAvaNbnFOnFk0EVRcDvFlz2A2XHopBddJTNABLsljlqxPe3Btmv+b
HC0wb8s85Am9Pi9VWqmoHiDQ5byMhBDb13S/b6xQ2DLmneL4lIw4iCrKDPiwnuYu
BfqPrKy/Pb344zc1LbDkQ4SOatpePMiucSBncplL7HsNEJjZm5NCQpRLegzYo1wv
FNm1dotl77TsmtdHaDnr7K788Lg44DQCS2TmmSkgXX7CJ516Oybj3pw/NmZj6jnI
ciplPnii4lZAIret/Ptjupip5J8tCHhc3FIpwKr1r3vHpyqYqpiSXA3ow0P7wVjx
JQNHpoQIrnupaQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:55:51 2026 by rpki-client