Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.mft
File: xafD9LFGk1EiAllaik-VsNa3oQE.mft (raw, json)
Hash identifier: CQKdjQtd1/cU8Gtrae5LXIFVGPtaBeITHgQ/2iZEmT8=
Subject key identifier: BF:20:0C:BA:F1:8C:20:F8:AB:B9:B9:50:2B:BB:49:4C:9C:06:96:F4
Authority key identifier: C5:A7:C3:F4:B1:46:93:51:22:02:59:5A:8A:4F:95:B0:D6:B7:A1:01
Certificate issuer: /CN=c5a7c3f4b14693512202595a8a4f95b0d6b7a101
Certificate serial: 019F1944353D7CC2201A9A0C12D8ECC91CA6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xafD9LFGk1EiAllaik-VsNa3oQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.mft
Manifest number: 191C
Signing time: Tue 30 Jun 2026 16:02:08 +0000
Manifest this update: Tue 30 Jun 2026 16:02:08 +0000
Manifest next update: Wed 01 Jul 2026 16:02:08 +0000
Files and hashes: 1: 2hbC2fRcwVVGLuxr3y8s9IdUqJ0.roa (hash: WENyhbzOdCYh/WeleDC3Eb7ZL7vwxD85NmDsUD+Ca/o=)
2: rJ0B3_PG0rjHq-_hS6K9nBrn-PY.roa (hash: m7Zi/TNYib5gTH6m2mPeaQUI4WRQNMe1ierjcvG2bOc=)
3: xOCpqHIGWYpMZiK0D_GduGL-xNY.roa (hash: EH/6F7DAxWGzLP0f7IyWGiPlk48ND1XykF58xtVXDcQ=)
4: xafD9LFGk1EiAllaik-VsNa3oQE.crl (hash: tlnbHhOzn/FK/Cn8dtLEXhjeQ84tS3FxtYZ/VkdMEx4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.mft
rsync://rpki.ripe.net/repository/DEFAULT/xafD9LFGk1EiAllaik-VsNa3oQE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Jul 2026 14:31:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:19:44:35:3d:7c:c2:20:1a:9a:0c:12:d8:ec:c9:1c:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5a7c3f4b14693512202595a8a4f95b0d6b7a101
Validity
Not Before: Jun 30 16:02:08 2026 GMT
Not After : Jul 1 16:02:08 2026 GMT
Subject: CN=bf200cbaf18c20f8abb9b9502bbb494c9c0696f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:4f:a7:d7:1e:39:9c:dc:97:1f:f2:d1:cb:c5:
87:dc:3e:7a:cd:8b:7c:2d:da:59:e1:a9:6c:f5:7c:
39:b5:b3:34:db:6f:54:84:02:84:c8:21:50:57:47:
43:6e:45:00:b8:2e:82:b4:a3:c9:5f:9f:68:29:98:
38:09:97:d5:de:75:83:ce:56:05:98:d0:84:1b:1e:
2d:90:cd:66:3f:3c:a0:0b:12:31:e0:5d:38:18:63:
99:88:12:0a:75:be:59:7a:ab:71:cf:0b:1f:91:8d:
76:9d:7a:cd:f3:02:c7:0d:2b:73:e8:f4:db:3e:2d:
64:f3:ca:74:10:06:6d:1d:8a:2a:e0:4e:05:53:f7:
b8:f3:98:b2:e5:f5:f0:ee:8c:43:6f:55:64:7a:53:
3e:93:db:78:99:54:c4:97:66:50:3d:ab:3b:b8:44:
d5:d5:08:15:0d:6c:16:1b:6e:a0:ef:69:59:d3:b0:
20:26:df:69:89:d1:0f:00:3c:84:9f:41:5f:38:3d:
d5:d5:1a:e3:d5:27:ae:bb:02:49:10:6b:b4:ff:47:
ba:92:af:b2:bd:01:8e:8b:8d:03:45:75:93:42:b3:
6f:42:ac:66:08:5e:a7:ff:7a:36:75:b7:c5:b2:d6:
47:98:63:f4:79:ee:41:b4:d2:2f:cb:94:b8:24:b4:
f5:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:20:0C:BA:F1:8C:20:F8:AB:B9:B9:50:2B:BB:49:4C:9C:06:96:F4
X509v3 Authority Key Identifier:
keyid:C5:A7:C3:F4:B1:46:93:51:22:02:59:5A:8A:4F:95:B0:D6:B7:A1:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xafD9LFGk1EiAllaik-VsNa3oQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4b:e0:e8:a3:2d:32:21:21:f5:80:ef:c2:75:a2:5b:0e:7f:80:
1a:27:00:32:7a:8a:4d:c3:24:8b:3b:5b:e8:6b:0c:20:dc:42:
91:47:17:60:6f:bb:cc:ba:10:fd:77:da:f6:08:ef:01:32:e4:
a5:ff:e2:bf:8c:07:df:89:3a:55:50:48:bc:08:3c:cf:4d:a5:
54:a8:4f:9c:2a:b9:fd:f4:35:c2:a6:db:89:ad:9b:53:5b:7e:
61:2d:8b:fa:fc:26:73:cf:09:e8:15:7b:65:3b:4c:39:74:e5:
be:55:49:19:f1:ae:45:a0:7e:e1:18:08:9a:e2:95:c9:fa:a0:
73:3b:57:a1:57:5d:b1:1e:b2:b2:ff:82:73:18:9e:c2:11:c8:
a3:62:cd:ba:65:77:80:98:41:5b:f6:0e:0c:fe:87:a0:0d:89:
87:88:0c:07:27:56:36:a3:05:99:a0:93:5d:40:68:39:cd:bc:
c9:a6:96:50:71:25:62:62:a5:2c:24:6d:c2:9d:d3:0c:eb:05:
5a:e7:1a:fa:9a:ab:f3:6f:68:43:ff:3c:fc:7e:50:33:63:cb:
25:55:0a:1f:22:13:9e:83:95:28:b7:63:f4:bf:e0:ee:ae:d0:
45:6e:4a:01:ed:0b:e8:fa:90:19:c8:50:0b:24:26:9c:8e:23:
d0:70:58:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8ZRDU9fMIgGpoMEtjsyRymMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YTdjM2Y0YjE0NjkzNTEyMjAyNTk1YThhNGY5NWIwZDZi
N2ExMDEwHhcNMjYwNjMwMTYwMjA4WhcNMjYwNzAxMTYwMjA4WjAzMTEwLwYDVQQD
EyhiZjIwMGNiYWYxOGMyMGY4YWJiOWI5NTAyYmJiNDk0YzljMDY5NmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoU+n1x45nNyXH/LRy8WH3D56zYt8
LdpZ4als9Xw5tbM0229UhAKEyCFQV0dDbkUAuC6CtKPJX59oKZg4CZfV3nWDzlYF
mNCEGx4tkM1mPzygCxIx4F04GGOZiBIKdb5ZeqtxzwsfkY12nXrN8wLHDStz6PTb
Pi1k88p0EAZtHYoq4E4FU/e485iy5fXw7oxDb1VkelM+k9t4mVTEl2ZQPas7uETV
1QgVDWwWG26g72lZ07AgJt9pidEPADyEn0FfOD3V1Rrj1SeuuwJJEGu0/0e6kq+y
vQGOi40DRXWTQrNvQqxmCF6n/3o2dbfFstZHmGP0ee5BtNIvy5S4JLT1KwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL8gDLrxjCD4q7m5UCu7SUycBpb0MB8GA1UdIwQY
MBaAFMWnw/SxRpNRIgJZWopPlbDWt6EBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGFmRDlMRkdrMUVpQWxsYWlrLVZzTmEzb1FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8zYTNiMmMtNzZiOS00OWI0LTgyMTgt
ZDEyZjFlMjQ1NmJhLzEveGFmRDlMRkdrMUVpQWxsYWlrLVZzTmEzb1FFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8zYTNiMmMtNzZiOS00OWI0LTgyMTgtZDEyZjFlMjQ1NmJh
LzEveGFmRDlMRkdrMUVpQWxsYWlrLVZzTmEzb1FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS+Dooy0y
ISH1gO/CdaJbDn+AGicAMnqKTcMkiztb6GsMINxCkUcXYG+7zLoQ/Xfa9gjvATLk
pf/iv4wH34k6VVBIvAg8z02lVKhPnCq5/fQ1wqbbia2bU1t+YS2L+vwmc88J6BV7
ZTtMOXTlvlVJGfGuRaB+4RgImuKVyfqgcztXoVddsR6ysv+CcxiewhHIo2LNumV3
gJhBW/YODP6HoA2Jh4gMBydWNqMFmaCTXUBoOc28yaaWUHElYmKlLCRtwp3TDOsF
Wuca+pqr829oQ/88/H5QM2PLJVUKHyITnoOVKLdj9L/g7q7QRW5KAe0L6PqQGchQ
CyQmnI4j0HBYZw==
-----END CERTIFICATE-----
Generated at Tue Jun 30 22:18:35 2026 by rpki-client