Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/3e23d7-a3b7-416f-8810-1efa7cf773a0/1/XqaMhTgQ0DILFWhE8pMXcBtYYQ0.mft
File: XqaMhTgQ0DILFWhE8pMXcBtYYQ0.mft (raw, json)
Hash identifier: 5Dal9gYt05CsbEdEwn67bGsF8hnrDma6+vZEzuPPZu0=
Subject key identifier: 9D:1B:01:B9:34:57:05:2C:BA:D7:9A:C9:73:32:78:12:36:D2:89:3B
Authority key identifier: 5E:A6:8C:85:38:10:D0:32:0B:15:68:44:F2:93:17:70:1B:58:61:0D
Certificate issuer: /CN=5ea68c853810d0320b156844f29317701b58610d
Certificate serial: 019D37C0D2FA272FEF172C4E7653AD314BED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XqaMhTgQ0DILFWhE8pMXcBtYYQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/3e23d7-a3b7-416f-8810-1efa7cf773a0/1/XqaMhTgQ0DILFWhE8pMXcBtYYQ0.mft
Manifest number: 0CCD
Signing time: Sun 29 Mar 2026 04:01:16 +0000
Manifest this update: Sun 29 Mar 2026 04:01:16 +0000
Manifest next update: Mon 30 Mar 2026 04:01:16 +0000
Files and hashes: 1: LiEVK06b_iEfWKONoW7STd84p8o.roa (hash: KP0hMh+NQgDSgDAVVXQlg1eOWnVVyRKaORcdjPcukmI=)
2: XqaMhTgQ0DILFWhE8pMXcBtYYQ0.crl (hash: JqO96sxRvDHlWoWQVyXwXokiHf4RdPQQsqwTR6lYuxQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/3e23d7-a3b7-416f-8810-1efa7cf773a0/1/XqaMhTgQ0DILFWhE8pMXcBtYYQ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/3e23d7-a3b7-416f-8810-1efa7cf773a0/1/XqaMhTgQ0DILFWhE8pMXcBtYYQ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/XqaMhTgQ0DILFWhE8pMXcBtYYQ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 04:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:c0:d2:fa:27:2f:ef:17:2c:4e:76:53:ad:31:4b:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ea68c853810d0320b156844f29317701b58610d
Validity
Not Before: Mar 29 04:01:16 2026 GMT
Not After : Mar 30 04:01:16 2026 GMT
Subject: CN=9d1b01b93457052cbad79ac97332781236d2893b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:4a:3a:5a:1e:8a:46:d0:43:14:12:7d:6c:31:
3f:bc:5f:6a:97:4b:76:f3:b9:fa:06:06:6f:86:6b:
59:46:82:20:f5:f7:dc:ab:8e:ae:d2:56:6a:ee:4d:
98:a8:5e:41:a4:f0:ac:7a:e3:5b:ae:a3:80:3f:7c:
a3:3c:f1:19:d5:02:50:ef:cf:49:8a:0a:b8:83:4e:
e0:64:86:2c:27:4e:08:df:44:1d:89:46:a2:44:4a:
5a:f0:20:0d:55:3a:01:ae:f7:2b:4f:aa:9e:46:cd:
65:c5:bc:76:73:d2:0e:a3:8a:99:f3:cf:e4:f1:81:
fc:f3:34:a0:1d:62:a0:f8:71:a2:e0:e7:16:7d:ef:
eb:b2:66:b0:b7:a7:fd:47:70:16:62:e8:e6:94:6f:
96:d9:ed:fb:80:fe:78:53:cd:e4:e4:8b:fe:b1:1a:
49:43:a3:63:c3:d9:ae:a3:d9:40:c1:50:e5:8e:21:
a8:f5:47:90:e3:27:21:b9:75:79:82:75:14:38:86:
87:3f:a9:99:19:34:94:e9:5b:1a:09:39:12:51:8d:
7e:90:78:a5:4f:1f:94:02:eb:f2:97:de:a7:1c:86:
5c:72:1e:a7:87:8f:53:03:10:03:e4:f0:c1:b4:46:
eb:f7:06:60:b6:58:49:7c:1a:ee:61:81:c0:6e:fd:
65:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:1B:01:B9:34:57:05:2C:BA:D7:9A:C9:73:32:78:12:36:D2:89:3B
X509v3 Authority Key Identifier:
keyid:5E:A6:8C:85:38:10:D0:32:0B:15:68:44:F2:93:17:70:1B:58:61:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XqaMhTgQ0DILFWhE8pMXcBtYYQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/3e23d7-a3b7-416f-8810-1efa7cf773a0/1/XqaMhTgQ0DILFWhE8pMXcBtYYQ0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/3e23d7-a3b7-416f-8810-1efa7cf773a0/1/XqaMhTgQ0DILFWhE8pMXcBtYYQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0b:58:96:0d:00:1e:b9:59:e1:99:19:0b:fd:46:a3:aa:c0:36:
ca:75:c2:b0:49:52:01:ea:f7:54:58:b7:95:41:cf:b9:fc:06:
85:2f:9c:49:f0:66:e2:6f:16:81:3f:53:e6:61:d4:10:ef:eb:
bd:db:95:4c:5e:17:a3:54:dc:09:83:7e:3a:0d:97:8f:b9:cd:
db:c9:35:33:0b:0f:11:e7:73:40:1c:0e:85:1b:7a:92:46:0c:
d2:42:1d:92:45:63:ab:63:f2:68:74:90:39:ac:3e:3e:95:57:
59:c2:30:f3:ea:6d:26:2c:8c:95:26:67:be:4d:6a:95:dc:cf:
5d:94:95:6c:9f:0e:23:a0:55:86:b3:7d:3e:60:91:d6:40:25:
bf:07:ac:66:d4:03:05:ee:46:0a:d8:c8:c9:1b:eb:c9:61:e8:
14:03:54:15:f5:8c:64:66:82:77:21:6e:af:41:ba:e8:f6:35:
41:b5:c1:98:3e:eb:04:6b:e9:a2:fa:33:7d:08:8b:fd:96:b3:
21:b7:ff:e5:ea:91:72:af:5e:32:12:6c:4d:8a:d2:e9:39:ff:
21:60:7e:4d:10:6f:b1:ae:6f:9f:af:4d:e5:75:14:43:e6:cd:
b6:e8:47:84:76:f7:b2:f3:78:c6:b1:b8:77:0a:d2:d8:85:d4:
50:a2:f5:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wNL6Jy/vFyxOdlOtMUvtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYTY4Yzg1MzgxMGQwMzIwYjE1Njg0NGYyOTMxNzcwMWI1
ODYxMGQwHhcNMjYwMzI5MDQwMTE2WhcNMjYwMzMwMDQwMTE2WjAzMTEwLwYDVQQD
Eyg5ZDFiMDFiOTM0NTcwNTJjYmFkNzlhYzk3MzMyNzgxMjM2ZDI4OTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0o6Wh6KRtBDFBJ9bDE/vF9ql0t2
87n6BgZvhmtZRoIg9ffcq46u0lZq7k2YqF5BpPCseuNbrqOAP3yjPPEZ1QJQ789J
igq4g07gZIYsJ04I30QdiUaiREpa8CANVToBrvcrT6qeRs1lxbx2c9IOo4qZ88/k
8YH88zSgHWKg+HGi4OcWfe/rsmawt6f9R3AWYujmlG+W2e37gP54U83k5Iv+sRpJ
Q6Njw9muo9lAwVDljiGo9UeQ4ychuXV5gnUUOIaHP6mZGTSU6VsaCTkSUY1+kHil
Tx+UAuvyl96nHIZcch6nh49TAxAD5PDBtEbr9wZgtlhJfBruYYHAbv1l0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ0bAbk0VwUsuteayXMyeBI20ok7MB8GA1UdIwQY
MBaAFF6mjIU4ENAyCxVoRPKTF3AbWGENMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHFhTWhUZ1EwRElMRldoRThwTVhjQnRZWVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8zZTIzZDctYTNiNy00MTZmLTg4MTAt
MWVmYTdjZjc3M2EwLzEvWHFhTWhUZ1EwRElMRldoRThwTVhjQnRZWVEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8zZTIzZDctYTNiNy00MTZmLTg4MTAtMWVmYTdjZjc3M2Ew
LzEvWHFhTWhUZ1EwRElMRldoRThwTVhjQnRZWVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC1iWDQAe
uVnhmRkL/UajqsA2ynXCsElSAer3VFi3lUHPufwGhS+cSfBm4m8WgT9T5mHUEO/r
vduVTF4Xo1TcCYN+Og2Xj7nN28k1MwsPEedzQBwOhRt6kkYM0kIdkkVjq2PyaHSQ
Oaw+PpVXWcIw8+ptJiyMlSZnvk1qldzPXZSVbJ8OI6BVhrN9PmCR1kAlvwesZtQD
Be5GCtjIyRvryWHoFANUFfWMZGaCdyFur0G66PY1QbXBmD7rBGvpovozfQiL/Zaz
Ibf/5eqRcq9eMhJsTYrS6Tn/IWB+TRBvsa5vn69N5XUUQ+bNtuhHhHb3svN4xrG4
dwrS2IXUUKL1fA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:45:16 2026 by rpki-client