Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.mft
File: xafD9LFGk1EiAllaik-VsNa3oQE.mft (raw, json)
Hash identifier: 3cbv2EC68DUY52sPo/emcoe8rNCAdKBIFOMz6+dqDiY=
Subject key identifier: C8:65:3E:6A:07:C9:90:26:FC:B2:B2:37:32:6B:EA:82:BE:CA:24:88
Authority key identifier: C5:A7:C3:F4:B1:46:93:51:22:02:59:5A:8A:4F:95:B0:D6:B7:A1:01
Certificate issuer: /CN=c5a7c3f4b14693512202595a8a4f95b0d6b7a101
Certificate serial: 019D38657E830F87C38A4EF42A152F06DAAF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xafD9LFGk1EiAllaik-VsNa3oQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.mft
Manifest number: 1823
Signing time: Sun 29 Mar 2026 07:01:08 +0000
Manifest this update: Sun 29 Mar 2026 07:01:08 +0000
Manifest next update: Mon 30 Mar 2026 07:01:08 +0000
Files and hashes: 1: 2hbC2fRcwVVGLuxr3y8s9IdUqJ0.roa (hash: WENyhbzOdCYh/WeleDC3Eb7ZL7vwxD85NmDsUD+Ca/o=)
2: rJ0B3_PG0rjHq-_hS6K9nBrn-PY.roa (hash: m7Zi/TNYib5gTH6m2mPeaQUI4WRQNMe1ierjcvG2bOc=)
3: xOCpqHIGWYpMZiK0D_GduGL-xNY.roa (hash: EH/6F7DAxWGzLP0f7IyWGiPlk48ND1XykF58xtVXDcQ=)
4: xafD9LFGk1EiAllaik-VsNa3oQE.crl (hash: Esj8SphxPtSXN1Bh2HS8FhpwD+vUxp3l2MJFpcn/tMs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.mft
rsync://rpki.ripe.net/repository/DEFAULT/xafD9LFGk1EiAllaik-VsNa3oQE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:65:7e:83:0f:87:c3:8a:4e:f4:2a:15:2f:06:da:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5a7c3f4b14693512202595a8a4f95b0d6b7a101
Validity
Not Before: Mar 29 07:01:08 2026 GMT
Not After : Mar 30 07:01:08 2026 GMT
Subject: CN=c8653e6a07c99026fcb2b237326bea82beca2488
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:37:05:8a:ff:76:30:34:98:ca:6d:af:bb:3d:
9f:c3:d2:ad:7f:22:58:20:7f:00:aa:68:64:84:d8:
cb:71:77:11:33:43:d1:86:8a:37:0a:29:36:94:0f:
da:6d:26:20:0d:8d:de:58:72:c1:e6:ce:88:3b:61:
b4:31:89:cb:9b:7a:04:d0:9f:31:1a:e0:b4:e6:43:
8b:bd:cf:26:2e:04:03:38:ce:b4:00:a4:0f:50:d9:
45:42:14:5f:c5:81:4d:77:5f:68:99:d1:af:17:c0:
28:b8:19:07:ba:8b:e1:58:cf:4e:4d:01:48:9b:5f:
d5:f9:e1:53:2d:70:16:56:6b:46:bc:13:61:20:de:
98:e4:a2:c8:a3:ea:60:a0:b6:84:94:7b:78:65:d4:
f3:b7:c8:e1:f6:38:40:4d:0e:04:94:47:58:e0:38:
8a:f9:8a:5e:f2:21:c5:7c:78:22:a6:d5:b2:53:65:
c7:76:fd:9d:ae:ef:f4:a5:9b:6d:0c:7d:43:fd:e6:
a0:cf:52:a4:38:89:df:05:18:0e:3b:b0:f0:b8:05:
f9:9f:d9:cf:c5:b2:00:ad:80:52:91:c9:e1:3a:56:
a3:7d:34:2b:4a:b9:61:c5:7d:7e:f0:dd:4c:16:56:
20:99:75:2b:be:9c:b4:c4:5b:e3:cd:d1:95:5b:a9:
16:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:65:3E:6A:07:C9:90:26:FC:B2:B2:37:32:6B:EA:82:BE:CA:24:88
X509v3 Authority Key Identifier:
keyid:C5:A7:C3:F4:B1:46:93:51:22:02:59:5A:8A:4F:95:B0:D6:B7:A1:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xafD9LFGk1EiAllaik-VsNa3oQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6e:b0:e7:a9:93:29:be:79:4a:b5:c4:91:d0:6d:2b:1b:09:c2:
d6:f9:8d:a5:6b:08:63:84:ec:5c:a2:3d:3a:49:a3:4a:e9:27:
ba:00:79:08:01:f6:77:09:c2:eb:23:9c:e1:e8:29:e6:94:46:
2a:0e:3c:ab:a5:11:7e:1c:b0:9c:2d:5c:b9:a9:66:ef:1b:a5:
f7:ba:c0:6e:b4:c8:94:b2:b8:b1:d7:28:49:88:bf:07:f7:c5:
33:da:bd:b2:f0:8f:aa:29:ab:ce:ee:ce:1e:72:b0:42:87:6d:
82:a3:17:07:38:ff:f8:de:37:e3:0d:ec:0f:48:df:4b:58:27:
d9:e4:15:5e:fb:05:f6:c5:9b:9e:1f:72:4f:5d:66:e1:01:6c:
65:95:94:ca:20:5d:ac:bd:c4:84:5d:cb:18:6c:bb:13:86:28:
8f:be:15:f3:2a:d2:be:30:0b:b2:58:15:d7:c0:36:c2:a5:e5:
ce:38:f1:f2:7c:35:f8:89:1e:16:be:00:f0:a7:9f:45:02:88:
1a:c1:4e:5f:ee:cb:bf:40:60:8d:d0:2c:45:79:a1:bb:a3:2a:
2e:a0:0e:6a:05:e5:9c:8f:32:d8:66:27:ee:2c:2a:09:29:0d:
8f:12:65:40:e2:02:c2:dd:e6:9c:61:f0:01:13:7e:65:13:62:
bc:d5:52:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZX6DD4fDik70KhUvBtqvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YTdjM2Y0YjE0NjkzNTEyMjAyNTk1YThhNGY5NWIwZDZi
N2ExMDEwHhcNMjYwMzI5MDcwMTA4WhcNMjYwMzMwMDcwMTA4WjAzMTEwLwYDVQQD
EyhjODY1M2U2YTA3Yzk5MDI2ZmNiMmIyMzczMjZiZWE4MmJlY2EyNDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTcFiv92MDSYym2vuz2fw9KtfyJY
IH8AqmhkhNjLcXcRM0PRhoo3Cik2lA/abSYgDY3eWHLB5s6IO2G0MYnLm3oE0J8x
GuC05kOLvc8mLgQDOM60AKQPUNlFQhRfxYFNd19omdGvF8AouBkHuovhWM9OTQFI
m1/V+eFTLXAWVmtGvBNhIN6Y5KLIo+pgoLaElHt4ZdTzt8jh9jhATQ4ElEdY4DiK
+Ype8iHFfHgiptWyU2XHdv2dru/0pZttDH1D/eagz1KkOInfBRgOO7DwuAX5n9nP
xbIArYBSkcnhOlajfTQrSrlhxX1+8N1MFlYgmXUrvpy0xFvjzdGVW6kWtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMhlPmoHyZAm/LKyNzJr6oK+yiSIMB8GA1UdIwQY
MBaAFMWnw/SxRpNRIgJZWopPlbDWt6EBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGFmRDlMRkdrMUVpQWxsYWlrLVZzTmEzb1FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8zYTNiMmMtNzZiOS00OWI0LTgyMTgt
ZDEyZjFlMjQ1NmJhLzEveGFmRDlMRkdrMUVpQWxsYWlrLVZzTmEzb1FFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8zYTNiMmMtNzZiOS00OWI0LTgyMTgtZDEyZjFlMjQ1NmJh
LzEveGFmRDlMRkdrMUVpQWxsYWlrLVZzTmEzb1FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbrDnqZMp
vnlKtcSR0G0rGwnC1vmNpWsIY4TsXKI9OkmjSuknugB5CAH2dwnC6yOc4egp5pRG
Kg48q6URfhywnC1cualm7xul97rAbrTIlLK4sdcoSYi/B/fFM9q9svCPqimrzu7O
HnKwQodtgqMXBzj/+N434w3sD0jfS1gn2eQVXvsF9sWbnh9yT11m4QFsZZWUyiBd
rL3EhF3LGGy7E4Yoj74V8yrSvjALslgV18A2wqXlzjjx8nw1+IkeFr4A8KefRQKI
GsFOX+7Lv0BgjdAsRXmhu6MqLqAOagXlnI8y2GYn7iwqCSkNjxJlQOICwt3mnGHw
ARN+ZRNivNVSLg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:48:53 2026 by rpki-client