Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/95e060-fa2a-4057-9578-b0898fbb1cab/1/xHKa8T09FW9BGXaxduVU-mcddvc.mft
File: xHKa8T09FW9BGXaxduVU-mcddvc.mft (raw, json)
Hash identifier: uU2KPQkyyNbmGjMK+ORFRCJSRHFYseQKETu+UOHaiIw=
Subject key identifier: DD:C3:89:AA:0D:3B:64:E7:39:33:23:CE:E3:D5:CB:DD:21:76:66:16
Authority key identifier: C4:72:9A:F1:3D:3D:15:6F:41:19:76:B1:76:E5:54:FA:67:1D:76:F7
Certificate issuer: /CN=c4729af13d3d156f411976b176e554fa671d76f7
Certificate serial: 019D3977A1CDFA3B78972D39E7F759920EEF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xHKa8T09FW9BGXaxduVU-mcddvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/95e060-fa2a-4057-9578-b0898fbb1cab/1/xHKa8T09FW9BGXaxduVU-mcddvc.mft
Manifest number: 15D4
Signing time: Sun 29 Mar 2026 12:00:34 +0000
Manifest this update: Sun 29 Mar 2026 12:00:34 +0000
Manifest next update: Mon 30 Mar 2026 12:00:34 +0000
Files and hashes: 1: 5bGOVGgpUSjx1uwMkRS9oqXlCJM.roa (hash: gEd4SfTflxW3Gsgz2afT2mctC6KsEwsMe5axMz0injA=)
2: xHKa8T09FW9BGXaxduVU-mcddvc.crl (hash: dwRIBqFzXZXARyY8N4cnKUk8+YgC2PTpBxUVc6ezuq4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/95e060-fa2a-4057-9578-b0898fbb1cab/1/xHKa8T09FW9BGXaxduVU-mcddvc.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/95e060-fa2a-4057-9578-b0898fbb1cab/1/xHKa8T09FW9BGXaxduVU-mcddvc.mft
rsync://rpki.ripe.net/repository/DEFAULT/xHKa8T09FW9BGXaxduVU-mcddvc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:77:a1:cd:fa:3b:78:97:2d:39:e7:f7:59:92:0e:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4729af13d3d156f411976b176e554fa671d76f7
Validity
Not Before: Mar 29 12:00:34 2026 GMT
Not After : Mar 30 12:00:34 2026 GMT
Subject: CN=ddc389aa0d3b64e7393323cee3d5cbdd21766616
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:3b:b7:26:3f:43:9f:27:e5:f8:61:8e:e2:57:
60:85:a6:68:d1:3b:e0:33:55:f8:2a:ba:54:6e:c5:
b7:6e:03:51:47:83:7b:64:a0:9d:c2:32:f8:8b:b2:
45:3b:c3:ca:0c:20:1f:27:2a:0e:e1:5b:91:9d:b0:
4c:06:f4:a0:a9:24:1f:d1:fc:b3:2a:bf:bf:b6:7d:
a5:1a:12:8f:50:34:9a:2e:12:94:9c:82:78:4c:97:
05:83:79:49:9e:65:1a:ea:9b:bd:a2:12:7a:c9:0a:
62:78:c9:a0:ff:9a:ee:94:8f:79:34:04:9e:73:57:
2e:24:e7:81:e7:48:76:e6:25:db:0e:68:5c:1b:1a:
34:15:05:65:7d:69:8f:ec:61:e4:a9:2e:bf:3e:87:
d7:ee:56:cb:ac:3c:6a:de:85:a4:bc:e6:c6:28:64:
8c:5e:7e:f4:3b:ca:24:a4:b2:44:c1:0d:64:d4:77:
3e:73:2b:ae:52:8a:74:74:93:2f:94:58:69:30:8a:
e8:2e:d5:3b:c1:5e:b2:dc:6b:93:90:61:c4:02:43:
0d:bb:39:4e:fc:18:e0:9d:db:c1:37:ac:f7:dc:28:
c2:e8:86:e2:c3:53:b0:20:24:5a:41:53:c6:fc:7b:
db:71:75:2c:1b:27:01:a5:80:ed:64:0e:05:12:01:
cd:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:C3:89:AA:0D:3B:64:E7:39:33:23:CE:E3:D5:CB:DD:21:76:66:16
X509v3 Authority Key Identifier:
keyid:C4:72:9A:F1:3D:3D:15:6F:41:19:76:B1:76:E5:54:FA:67:1D:76:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xHKa8T09FW9BGXaxduVU-mcddvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/95e060-fa2a-4057-9578-b0898fbb1cab/1/xHKa8T09FW9BGXaxduVU-mcddvc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/95e060-fa2a-4057-9578-b0898fbb1cab/1/xHKa8T09FW9BGXaxduVU-mcddvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0e:03:22:94:31:8b:c9:5c:93:8f:2d:46:e4:1c:87:3b:f6:72:
15:75:d2:7e:64:7f:f1:1f:f5:ac:09:f8:dd:6e:90:66:bd:9e:
c0:3a:c4:4a:b5:1d:c5:d9:93:bf:fc:e6:c0:86:2d:99:9e:87:
06:c5:8a:a6:80:07:14:3a:78:ac:95:5d:23:82:df:64:31:db:
40:de:e6:47:9d:78:5f:b8:fd:93:46:72:5f:f1:e5:42:2d:1c:
ff:0f:af:4a:22:9a:30:53:69:93:53:aa:19:0a:ff:fe:e1:a6:
43:d7:8b:d4:c5:94:b9:2b:c0:65:cd:e5:92:18:93:6e:97:90:
63:10:51:2e:c3:20:ef:e9:c9:bb:89:ed:60:fa:92:49:a7:58:
21:57:e7:61:f4:f6:6c:76:c2:27:24:fb:0b:58:46:bc:8a:02:
18:1d:ac:63:a4:52:c2:45:39:d2:04:de:ce:43:b0:6d:4e:fb:
23:0e:06:ab:8b:fb:60:92:f9:a7:26:fb:fa:e4:0e:05:98:9f:
c2:f5:37:4a:63:cd:2a:b2:02:d0:7e:c2:2c:88:a1:e3:ee:9e:
be:0c:56:c7:aa:66:3f:fb:24:dd:aa:45:5f:a6:47:2a:fe:4f:
ee:40:79:dc:6b:0d:65:e2:4f:16:87:3d:28:87:b7:fe:6e:b6:
57:5a:0c:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05d6HN+jt4ly055/dZkg7vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NzI5YWYxM2QzZDE1NmY0MTE5NzZiMTc2ZTU1NGZhNjcx
ZDc2ZjcwHhcNMjYwMzI5MTIwMDM0WhcNMjYwMzMwMTIwMDM0WjAzMTEwLwYDVQQD
EyhkZGMzODlhYTBkM2I2NGU3MzkzMzIzY2VlM2Q1Y2JkZDIxNzY2NjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyju3Jj9Dnyfl+GGO4ldghaZo0Tvg
M1X4KrpUbsW3bgNRR4N7ZKCdwjL4i7JFO8PKDCAfJyoO4VuRnbBMBvSgqSQf0fyz
Kr+/tn2lGhKPUDSaLhKUnIJ4TJcFg3lJnmUa6pu9ohJ6yQpieMmg/5rulI95NASe
c1cuJOeB50h25iXbDmhcGxo0FQVlfWmP7GHkqS6/PofX7lbLrDxq3oWkvObGKGSM
Xn70O8okpLJEwQ1k1Hc+cyuuUop0dJMvlFhpMIroLtU7wV6y3GuTkGHEAkMNuzlO
/BjgndvBN6z33CjC6Ibiw1OwICRaQVPG/HvbcXUsGycBpYDtZA4FEgHNCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN3DiaoNO2TnOTMjzuPVy90hdmYWMB8GA1UdIwQY
MBaAFMRymvE9PRVvQRl2sXblVPpnHXb3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEhLYThUMDlGVzlCR1hheGR1VlUtbWNkZHZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85NWUwNjAtZmEyYS00MDU3LTk1Nzgt
YjA4OThmYmIxY2FiLzEveEhLYThUMDlGVzlCR1hheGR1VlUtbWNkZHZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85NWUwNjAtZmEyYS00MDU3LTk1NzgtYjA4OThmYmIxY2Fi
LzEveEhLYThUMDlGVzlCR1hheGR1VlUtbWNkZHZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADgMilDGL
yVyTjy1G5ByHO/ZyFXXSfmR/8R/1rAn43W6QZr2ewDrESrUdxdmTv/zmwIYtmZ6H
BsWKpoAHFDp4rJVdI4LfZDHbQN7mR514X7j9k0ZyX/HlQi0c/w+vSiKaMFNpk1Oq
GQr//uGmQ9eL1MWUuSvAZc3lkhiTbpeQYxBRLsMg7+nJu4ntYPqSSadYIVfnYfT2
bHbCJyT7C1hGvIoCGB2sY6RSwkU50gTezkOwbU77Iw4Gq4v7YJL5pyb7+uQOBZif
wvU3SmPNKrIC0H7CLIih4+6evgxWx6pmP/sk3apFX6ZHKv5P7kB53GsNZeJPFoc9
KIe3/m62V1oMRw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 16:58:59 2026 by rpki-client