Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/7e75fd-865c-4240-be38-9e6822ca8899/1/MXSuUHEeGtXy-CuiDS9zyrcJ2rg.mft
File: MXSuUHEeGtXy-CuiDS9zyrcJ2rg.mft (raw, json)
Hash identifier: bP2cvrfzfTjexn7G2q3weqDesNWIPeGtnfeFvnCRHu0=
Subject key identifier: 3D:CB:6F:AF:AD:B0:EC:0F:86:C7:00:E5:0A:29:41:59:FE:F2:75:21
Authority key identifier: 31:74:AE:50:71:1E:1A:D5:F2:F8:2B:A2:0D:2F:73:CA:B7:09:DA:B8
Certificate issuer: /CN=3174ae50711e1ad5f2f82ba20d2f73cab709dab8
Certificate serial: 019E4E45FA8C735DC73D3EE022E4E3FB8004
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MXSuUHEeGtXy-CuiDS9zyrcJ2rg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/7e75fd-865c-4240-be38-9e6822ca8899/1/MXSuUHEeGtXy-CuiDS9zyrcJ2rg.mft
Manifest number: D5
Signing time: Fri 22 May 2026 06:01:09 +0000
Manifest this update: Fri 22 May 2026 06:01:09 +0000
Manifest next update: Sat 23 May 2026 06:01:09 +0000
Files and hashes: 1: EqD5liyFpdPq2XLyZyti6Tv-BNE.roa (hash: 45CS/GD+FH3aynJbkHhA0cCnbCPZTt1kF44EBED09Gk=)
2: MXSuUHEeGtXy-CuiDS9zyrcJ2rg.crl (hash: 9OT5JXvr9CSR2FU4ZJe9TbUlGi9ZDniJaX2sw+oa3lw=)
3: ZUFhy3Q3TnBrOEV6oC_51srJdWY.roa (hash: 9diosIXqGs1+lYyW3HLA/DSBkni7soymXvUgQxb3AL0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/7e75fd-865c-4240-be38-9e6822ca8899/1/MXSuUHEeGtXy-CuiDS9zyrcJ2rg.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/7e75fd-865c-4240-be38-9e6822ca8899/1/MXSuUHEeGtXy-CuiDS9zyrcJ2rg.mft
rsync://rpki.ripe.net/repository/DEFAULT/MXSuUHEeGtXy-CuiDS9zyrcJ2rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 May 2026 06:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:4e:45:fa:8c:73:5d:c7:3d:3e:e0:22:e4:e3:fb:80:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3174ae50711e1ad5f2f82ba20d2f73cab709dab8
Validity
Not Before: May 22 06:01:09 2026 GMT
Not After : May 23 06:01:09 2026 GMT
Subject: CN=3dcb6fafadb0ec0f86c700e50a294159fef27521
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:63:e4:9c:87:f7:f5:00:3c:ac:a8:27:ab:b1:
95:81:a0:61:e6:d1:dd:f9:9b:48:3e:89:e2:d4:dd:
d7:d6:bc:b6:93:5d:7d:42:c9:32:75:69:8f:cf:18:
41:ab:2f:07:46:36:af:5c:31:c4:78:83:51:1b:ac:
c7:ed:38:e2:46:c2:a9:86:e2:c9:5c:50:50:63:5a:
e7:40:16:9a:34:90:65:3c:c0:94:b8:25:f9:b2:69:
9c:3d:c6:28:97:4a:48:68:da:a6:0d:4f:43:b5:52:
7a:37:79:16:9a:af:f2:1c:ec:a3:38:f4:79:91:48:
9f:ee:ab:8d:1b:98:94:f9:a3:f5:3a:90:45:ef:26:
3a:8a:18:34:bb:a1:12:f3:43:ae:01:5f:5f:c6:6b:
5b:69:2a:6e:2e:83:70:0e:6c:17:cf:f2:4b:91:21:
e0:fb:d2:2e:d7:96:fa:53:ed:39:a9:65:1e:66:95:
39:bb:70:52:73:e6:c5:5b:22:0e:d0:97:ac:1c:32:
ab:1c:54:7d:d4:a1:c3:11:93:92:bf:b7:d1:12:a0:
c5:7d:19:8b:6e:3d:21:f2:81:04:59:78:b1:92:77:
ee:e4:ab:e4:53:c3:d6:ec:d3:f0:2e:09:2a:ce:04:
0f:10:b8:c0:20:0d:b6:5a:f4:e4:23:73:f0:1a:38:
f8:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:CB:6F:AF:AD:B0:EC:0F:86:C7:00:E5:0A:29:41:59:FE:F2:75:21
X509v3 Authority Key Identifier:
keyid:31:74:AE:50:71:1E:1A:D5:F2:F8:2B:A2:0D:2F:73:CA:B7:09:DA:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MXSuUHEeGtXy-CuiDS9zyrcJ2rg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/7e75fd-865c-4240-be38-9e6822ca8899/1/MXSuUHEeGtXy-CuiDS9zyrcJ2rg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/7e75fd-865c-4240-be38-9e6822ca8899/1/MXSuUHEeGtXy-CuiDS9zyrcJ2rg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5f:1b:2d:3e:73:8d:27:6f:71:68:8f:f5:cd:9a:c0:e3:22:99:
81:65:14:04:cb:ed:7f:e9:f3:7f:49:46:4e:f0:01:c4:d1:d8:
c7:be:9b:67:d6:40:3a:ad:1e:5a:ad:03:1b:8e:0d:47:f4:a4:
49:37:78:70:73:cc:9c:e7:e6:34:fc:f1:48:28:b8:92:de:d3:
5d:df:7c:5e:75:af:d7:8b:63:2c:eb:4c:fc:3f:de:57:22:65:
90:8a:07:f4:53:af:7c:a8:a4:d1:a3:82:fb:60:34:37:ed:7e:
05:b0:ee:59:7e:55:44:bb:27:44:ab:14:85:4a:37:48:8e:8c:
f2:f2:b8:7b:a5:91:01:5b:4b:2a:c0:59:a5:0d:c2:36:4d:69:
d7:c2:10:77:69:9a:82:c2:23:41:16:51:82:f3:ab:64:21:d2:
b7:05:43:49:69:eb:d7:08:84:5c:69:a2:ba:7a:db:e3:e8:94:
79:f4:2c:97:a2:9a:e3:8e:e1:37:8d:c0:0d:1e:68:c1:7c:db:
ef:9f:92:5d:ce:5d:4f:a1:4e:62:68:21:bc:59:9a:93:f3:dd:
43:f7:d5:38:f7:92:fe:28:2d:c1:b7:ab:73:2a:73:d2:3a:a1:
ea:c5:e2:01:ec:a0:66:54:d2:4e:bb:eb:ac:5c:b6:67:ff:d1:
f7:60:e6:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ5ORfqMc13HPT7gIuTj+4AEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxNzRhZTUwNzExZTFhZDVmMmY4MmJhMjBkMmY3M2NhYjcw
OWRhYjgwHhcNMjYwNTIyMDYwMTA5WhcNMjYwNTIzMDYwMTA5WjAzMTEwLwYDVQQD
EygzZGNiNmZhZmFkYjBlYzBmODZjNzAwZTUwYTI5NDE1OWZlZjI3NTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGPknIf39QA8rKgnq7GVgaBh5tHd
+ZtIPoni1N3X1ry2k119QskydWmPzxhBqy8HRjavXDHEeINRG6zH7TjiRsKphuLJ
XFBQY1rnQBaaNJBlPMCUuCX5smmcPcYol0pIaNqmDU9DtVJ6N3kWmq/yHOyjOPR5
kUif7quNG5iU+aP1OpBF7yY6ihg0u6ES80OuAV9fxmtbaSpuLoNwDmwXz/JLkSHg
+9Iu15b6U+05qWUeZpU5u3BSc+bFWyIO0JesHDKrHFR91KHDEZOSv7fREqDFfRmL
bj0h8oEEWXixknfu5KvkU8PW7NPwLgkqzgQPELjAIA22WvTkI3PwGjj4lQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD3Lb6+tsOwPhscA5QopQVn+8nUhMB8GA1UdIwQY
MBaAFDF0rlBxHhrV8vgrog0vc8q3Cdq4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVhTdVVIRWVHdFh5LUN1aURTOXp5cmNKMnJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS83ZTc1ZmQtODY1Yy00MjQwLWJlMzgt
OWU2ODIyY2E4ODk5LzEvTVhTdVVIRWVHdFh5LUN1aURTOXp5cmNKMnJnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS83ZTc1ZmQtODY1Yy00MjQwLWJlMzgtOWU2ODIyY2E4ODk5
LzEvTVhTdVVIRWVHdFh5LUN1aURTOXp5cmNKMnJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXxstPnON
J29xaI/1zZrA4yKZgWUUBMvtf+nzf0lGTvABxNHYx76bZ9ZAOq0eWq0DG44NR/Sk
STd4cHPMnOfmNPzxSCi4kt7TXd98XnWv14tjLOtM/D/eVyJlkIoH9FOvfKik0aOC
+2A0N+1+BbDuWX5VRLsnRKsUhUo3SI6M8vK4e6WRAVtLKsBZpQ3CNk1p18IQd2ma
gsIjQRZRgvOrZCHStwVDSWnr1wiEXGmiunrb4+iUefQsl6Ka447hN43ADR5owXzb
75+SXc5dT6FOYmghvFmak/PdQ/fVOPeS/igtwbercypz0jqh6sXiAeygZlTSTrvr
rFy2Z//R92DmAw==
-----END CERTIFICATE-----
Generated at Fri May 22 15:08:11 2026 by rpki-client