Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/9f54a6-933f-47de-8726-eddf527e8f2d/1/xcSzrlnZgfJQzIfatZeFSr7XowA.mft
File: xcSzrlnZgfJQzIfatZeFSr7XowA.mft (raw, json)
Hash identifier: b2fyvLION8BA44CQCmbdtfVjxeTdjuhS0onPdr7ulYI=
Subject key identifier: 38:CA:85:B2:04:54:82:D2:7B:4B:09:3B:C8:17:B6:22:07:E0:C3:82
Authority key identifier: C5:C4:B3:AE:59:D9:81:F2:50:CC:87:DA:B5:97:85:4A:BE:D7:A3:00
Certificate issuer: /CN=c5c4b3ae59d981f250cc87dab597854abed7a300
Certificate serial: 019DD12C4685937489E1DD261FF0033F2F9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xcSzrlnZgfJQzIfatZeFSr7XowA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/9f54a6-933f-47de-8726-eddf527e8f2d/1/xcSzrlnZgfJQzIfatZeFSr7XowA.mft
Manifest number: 07F7
Signing time: Mon 27 Apr 2026 23:00:32 +0000
Manifest this update: Mon 27 Apr 2026 23:00:32 +0000
Manifest next update: Tue 28 Apr 2026 23:00:32 +0000
Files and hashes: 1: OBYyhiA-o_Lu_Sii3K0csw4HB8Q.roa (hash: losaCS7PxxPceDw56uDFnzA7tz476/wdte0ltw/SmOk=)
2: xcSzrlnZgfJQzIfatZeFSr7XowA.crl (hash: s/XSCOl3IEegPlyRmZw3ayZRwaDj00SR2GljGol5ImA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/9f54a6-933f-47de-8726-eddf527e8f2d/1/xcSzrlnZgfJQzIfatZeFSr7XowA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/9f54a6-933f-47de-8726-eddf527e8f2d/1/xcSzrlnZgfJQzIfatZeFSr7XowA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xcSzrlnZgfJQzIfatZeFSr7XowA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 17:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d1:2c:46:85:93:74:89:e1:dd:26:1f:f0:03:3f:2f:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5c4b3ae59d981f250cc87dab597854abed7a300
Validity
Not Before: Apr 27 23:00:32 2026 GMT
Not After : Apr 28 23:00:32 2026 GMT
Subject: CN=38ca85b2045482d27b4b093bc817b62207e0c382
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:8e:71:1c:86:75:63:a5:04:76:53:76:c0:cb:
53:9d:ab:40:5c:35:38:3c:30:7c:d1:3b:a3:36:b4:
88:0b:f1:21:60:a2:8e:38:1e:09:d5:93:d4:36:7e:
c5:36:66:a0:12:95:5b:c4:44:a5:76:e7:ae:cf:cf:
2e:d3:ce:72:2b:88:3f:cc:45:0c:9f:7d:24:2d:38:
e8:96:f2:15:67:8d:4c:7f:a1:1b:f0:01:d1:6c:d7:
49:b1:88:5d:17:58:48:bc:20:2a:1a:ed:d9:46:c9:
fb:1b:29:a1:bf:f0:19:66:7d:90:ef:f6:b5:84:d5:
3e:f7:0b:5f:7f:09:b1:58:9f:cb:59:e6:42:70:f2:
31:db:30:7e:f1:54:93:8d:5f:c5:dc:66:92:1e:89:
e9:86:1f:6d:76:8c:de:1b:ff:ef:16:a8:84:05:25:
64:1f:fa:0d:a2:08:67:90:37:f3:e8:08:d3:4c:79:
15:9f:38:e4:c9:10:e9:1f:f7:d6:eb:a0:fc:b3:4f:
b3:d9:58:21:05:38:b6:a0:a7:1d:b7:49:1b:89:54:
27:06:31:ed:24:81:6f:0a:0d:d6:46:8b:70:0a:9b:
f9:97:1a:ce:aa:24:fa:0c:6a:49:1b:bb:e8:75:ba:
1c:dc:be:f7:5c:a0:09:73:d1:d9:b7:62:d6:7b:26:
5d:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:CA:85:B2:04:54:82:D2:7B:4B:09:3B:C8:17:B6:22:07:E0:C3:82
X509v3 Authority Key Identifier:
keyid:C5:C4:B3:AE:59:D9:81:F2:50:CC:87:DA:B5:97:85:4A:BE:D7:A3:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xcSzrlnZgfJQzIfatZeFSr7XowA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/9f54a6-933f-47de-8726-eddf527e8f2d/1/xcSzrlnZgfJQzIfatZeFSr7XowA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/9f54a6-933f-47de-8726-eddf527e8f2d/1/xcSzrlnZgfJQzIfatZeFSr7XowA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a7:6f:29:6a:24:23:ff:7a:c7:f2:cd:fd:01:1e:d8:33:33:18:
74:f9:bd:95:ec:b7:9e:68:fc:bd:dd:26:e7:24:2e:55:b8:c0:
27:fd:d7:48:a4:29:05:22:76:84:ea:b8:00:d8:a8:9c:e3:cb:
06:67:b2:b4:8a:d5:7a:cc:bb:07:7c:a8:dc:ee:4c:7f:3a:3d:
da:40:d1:ed:72:a4:66:1b:e1:8e:5f:17:4c:16:d4:23:90:1d:
6f:cc:e1:ae:b3:a4:8f:58:77:aa:10:0a:a6:b9:80:a7:b4:fa:
15:34:44:89:24:f6:29:32:10:fa:ce:c2:22:cf:74:70:4b:90:
83:ce:a6:f9:cf:a0:d4:4a:9a:fe:fe:33:14:71:3b:c0:ee:99:
5f:0e:ea:dc:34:41:93:5d:bd:1a:79:a9:d1:e7:46:e9:09:ee:
a3:28:06:91:04:1b:80:86:94:00:49:66:72:70:81:06:2d:7e:
22:ff:3d:e1:53:00:2e:eb:00:28:36:09:a5:af:a5:42:0b:46:
14:37:ef:d1:17:bc:93:49:c0:ea:77:1a:03:bc:78:aa:be:e8:
f8:65:45:85:e1:a4:2f:21:d9:70:74:cd:0a:3d:5b:2c:c2:04:
ac:c9:0b:a4:ef:88:6d:f8:0d:e7:56:da:ec:03:d5:36:98:ee:
04:7e:17:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3RLEaFk3SJ4d0mH/ADPy+eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YzRiM2FlNTlkOTgxZjI1MGNjODdkYWI1OTc4NTRhYmVk
N2EzMDAwHhcNMjYwNDI3MjMwMDMyWhcNMjYwNDI4MjMwMDMyWjAzMTEwLwYDVQQD
EygzOGNhODViMjA0NTQ4MmQyN2I0YjA5M2JjODE3YjYyMjA3ZTBjMzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0I5xHIZ1Y6UEdlN2wMtTnatAXDU4
PDB80TujNrSIC/EhYKKOOB4J1ZPUNn7FNmagEpVbxESldueuz88u085yK4g/zEUM
n30kLTjolvIVZ41Mf6Eb8AHRbNdJsYhdF1hIvCAqGu3ZRsn7Gymhv/AZZn2Q7/a1
hNU+9wtffwmxWJ/LWeZCcPIx2zB+8VSTjV/F3GaSHonphh9tdozeG//vFqiEBSVk
H/oNoghnkDfz6AjTTHkVnzjkyRDpH/fW66D8s0+z2VghBTi2oKcdt0kbiVQnBjHt
JIFvCg3WRotwCpv5lxrOqiT6DGpJG7vodboc3L73XKAJc9HZt2LWeyZdfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDjKhbIEVILSe0sJO8gXtiIH4MOCMB8GA1UdIwQY
MBaAFMXEs65Z2YHyUMyH2rWXhUq+16MAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGNTenJsblpnZkpReklmYXRaZUZTcjdYb3dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS85ZjU0YTYtOTMzZi00N2RlLTg3MjYt
ZWRkZjUyN2U4ZjJkLzEveGNTenJsblpnZkpReklmYXRaZUZTcjdYb3dBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS85ZjU0YTYtOTMzZi00N2RlLTg3MjYtZWRkZjUyN2U4ZjJk
LzEveGNTenJsblpnZkpReklmYXRaZUZTcjdYb3dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp28paiQj
/3rH8s39AR7YMzMYdPm9ley3nmj8vd0m5yQuVbjAJ/3XSKQpBSJ2hOq4ANionOPL
BmeytIrVesy7B3yo3O5Mfzo92kDR7XKkZhvhjl8XTBbUI5Adb8zhrrOkj1h3qhAK
prmAp7T6FTREiST2KTIQ+s7CIs90cEuQg86m+c+g1Eqa/v4zFHE7wO6ZXw7q3DRB
k129Gnmp0edG6QnuoygGkQQbgIaUAElmcnCBBi1+Iv894VMALusAKDYJpa+lQgtG
FDfv0Re8k0nA6ncaA7x4qr7o+GVFheGkLyHZcHTNCj1bLMIErMkLpO+IbfgN51ba
7APVNpjuBH4XkQ==
-----END CERTIFICATE-----
Generated at Tue Apr 28 03:23:32 2026 by rpki-client