Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/18491f-b04d-4b0d-907b-d5705ae37014/1/_XTetBhEJvpiIlthIMNnBvc3uOI.mft
File: _XTetBhEJvpiIlthIMNnBvc3uOI.mft (raw, json)
Hash identifier: HT7mFZBVX11mbaaHrjkbL0a15GezcpL8NqfdCvQhNa4=
Subject key identifier: 35:9F:55:09:0A:87:5A:92:85:71:4A:D5:02:C3:0A:E2:8C:2F:DD:79
Authority key identifier: FD:74:DE:B4:18:44:26:FA:62:22:5B:61:20:C3:67:06:F7:37:B8:E2
Certificate issuer: /CN=fd74deb4184426fa62225b6120c36706f737b8e2
Certificate serial: 019D389C5146C482850D8E8D1F613E8A628A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_XTetBhEJvpiIlthIMNnBvc3uOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/18491f-b04d-4b0d-907b-d5705ae37014/1/_XTetBhEJvpiIlthIMNnBvc3uOI.mft
Manifest number: 1890
Signing time: Sun 29 Mar 2026 08:01:01 +0000
Manifest this update: Sun 29 Mar 2026 08:01:01 +0000
Manifest next update: Mon 30 Mar 2026 08:01:01 +0000
Files and hashes: 1: 4H3kqbZKgvCRJ41TW2E8J1NDC88.roa (hash: ah0Wo037A9MM/sUCKBiJ/BqofxWUcKYL1Cq5STwAUy8=)
2: _XTetBhEJvpiIlthIMNnBvc3uOI.crl (hash: 8JUNe3QLVXf7YUBIeOGO3kApXVszS2GhSVB+Woz14S0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/18491f-b04d-4b0d-907b-d5705ae37014/1/_XTetBhEJvpiIlthIMNnBvc3uOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/18491f-b04d-4b0d-907b-d5705ae37014/1/_XTetBhEJvpiIlthIMNnBvc3uOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/_XTetBhEJvpiIlthIMNnBvc3uOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9c:51:46:c4:82:85:0d:8e:8d:1f:61:3e:8a:62:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd74deb4184426fa62225b6120c36706f737b8e2
Validity
Not Before: Mar 29 08:01:01 2026 GMT
Not After : Mar 30 08:01:01 2026 GMT
Subject: CN=359f55090a875a9285714ad502c30ae28c2fdd79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:85:27:cc:ef:77:e3:6d:a2:70:81:78:2f:02:
9c:37:b8:36:4d:d9:cf:34:35:44:d9:cf:33:87:8b:
39:8d:e4:25:33:a8:0f:18:33:23:36:2c:33:66:f8:
df:0b:28:fa:67:1e:08:04:5f:c0:22:91:a5:97:bc:
0b:61:1d:fe:4f:bc:99:9b:d7:be:42:7f:97:62:d3:
a8:75:3b:8f:7b:4a:ab:d0:35:22:63:38:ba:c1:be:
9a:5c:03:69:7a:95:e3:b1:e4:09:d6:cc:35:f2:67:
91:f5:7b:81:74:e5:47:d8:46:a4:86:07:8a:d1:dd:
8e:77:9f:bf:38:20:53:eb:46:0f:59:16:c5:4e:4e:
b9:d7:e8:ab:ac:0c:8f:ab:b6:d6:60:86:65:25:36:
37:13:13:e3:bd:09:e7:94:aa:91:4d:c4:29:81:16:
1c:e5:44:e0:fc:16:5f:92:12:32:d2:4a:cc:13:9c:
96:aa:f3:8d:83:ea:d3:10:58:32:6f:7e:ad:e5:2c:
e0:d8:1a:85:15:f6:61:2b:32:8c:8f:ee:1a:fd:8e:
13:7e:5f:9f:6b:a3:08:99:bc:dd:3e:2f:d1:42:ee:
15:f2:ff:2b:ad:b1:63:e2:98:1c:9f:68:e3:d1:8b:
3b:a9:4b:c1:60:0e:79:e7:d0:a9:6c:66:39:ed:ca:
da:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:9F:55:09:0A:87:5A:92:85:71:4A:D5:02:C3:0A:E2:8C:2F:DD:79
X509v3 Authority Key Identifier:
keyid:FD:74:DE:B4:18:44:26:FA:62:22:5B:61:20:C3:67:06:F7:37:B8:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_XTetBhEJvpiIlthIMNnBvc3uOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/18491f-b04d-4b0d-907b-d5705ae37014/1/_XTetBhEJvpiIlthIMNnBvc3uOI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/18491f-b04d-4b0d-907b-d5705ae37014/1/_XTetBhEJvpiIlthIMNnBvc3uOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8c:2b:d9:46:28:c2:bc:be:f6:86:2c:39:f7:a6:45:1c:f8:5b:
82:5d:f4:b0:d5:31:d8:b7:03:9b:9b:5a:4b:b5:2a:92:28:f6:
78:c9:3f:b6:a3:e5:e9:d3:4b:cd:78:40:75:41:3d:7a:b6:15:
b9:43:ee:03:60:57:86:c9:b9:9a:4c:39:aa:a5:3c:c8:cc:4f:
f8:c6:cb:6d:87:3c:ab:22:19:ac:47:ad:64:01:c5:31:e5:5b:
07:f3:a0:fc:44:63:18:f5:a9:d6:7d:5a:d6:49:ce:fc:69:15:
48:8b:d5:c4:a0:e4:33:cc:b5:27:3b:b8:fa:ad:4c:27:87:d1:
51:cf:ae:d5:f3:3a:c3:a7:97:49:53:59:f8:cb:ea:ee:5e:f1:
21:d2:07:1a:fe:ce:bc:e9:fe:98:b4:a4:e7:0f:2a:fd:e2:c9:
4b:d1:12:6d:78:90:e5:8b:38:65:c4:0b:ba:ca:53:98:94:3d:
3b:72:f7:37:8d:f5:af:35:47:00:ff:8b:a2:7d:8f:8f:e6:80:
eb:9c:95:61:64:8a:47:e7:91:89:2c:fa:b4:3a:3b:18:de:62:
38:a9:8a:4a:51:4a:f8:b2:16:97:58:98:36:e2:f1:2b:c0:2b:
f6:0e:60:fe:32:4d:ea:a0:59:57:5d:b9:5f:d7:ae:e7:ac:5c:
0b:64:9c:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04nFFGxIKFDY6NH2E+imKKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkNzRkZWI0MTg0NDI2ZmE2MjIyNWI2MTIwYzM2NzA2Zjcz
N2I4ZTIwHhcNMjYwMzI5MDgwMTAxWhcNMjYwMzMwMDgwMTAxWjAzMTEwLwYDVQQD
EygzNTlmNTUwOTBhODc1YTkyODU3MTRhZDUwMmMzMGFlMjhjMmZkZDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4YUnzO93422icIF4LwKcN7g2TdnP
NDVE2c8zh4s5jeQlM6gPGDMjNiwzZvjfCyj6Zx4IBF/AIpGll7wLYR3+T7yZm9e+
Qn+XYtOodTuPe0qr0DUiYzi6wb6aXANpepXjseQJ1sw18meR9XuBdOVH2EakhgeK
0d2Od5+/OCBT60YPWRbFTk651+irrAyPq7bWYIZlJTY3ExPjvQnnlKqRTcQpgRYc
5UTg/BZfkhIy0krME5yWqvONg+rTEFgyb36t5Szg2BqFFfZhKzKMj+4a/Y4Tfl+f
a6MImbzdPi/RQu4V8v8rrbFj4pgcn2jj0Ys7qUvBYA5559CpbGY57craqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDWfVQkKh1qShXFK1QLDCuKML915MB8GA1UdIwQY
MBaAFP103rQYRCb6YiJbYSDDZwb3N7jiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1hUZXRCaEVKdnBpSWx0aElNTm5CdmMzdU9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8xODQ5MWYtYjA0ZC00YjBkLTkwN2It
ZDU3MDVhZTM3MDE0LzEvX1hUZXRCaEVKdnBpSWx0aElNTm5CdmMzdU9JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8xODQ5MWYtYjA0ZC00YjBkLTkwN2ItZDU3MDVhZTM3MDE0
LzEvX1hUZXRCaEVKdnBpSWx0aElNTm5CdmMzdU9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjCvZRijC
vL72hiw596ZFHPhbgl30sNUx2LcDm5taS7Uqkij2eMk/tqPl6dNLzXhAdUE9erYV
uUPuA2BXhsm5mkw5qqU8yMxP+MbLbYc8qyIZrEetZAHFMeVbB/Og/ERjGPWp1n1a
1knO/GkVSIvVxKDkM8y1Jzu4+q1MJ4fRUc+u1fM6w6eXSVNZ+Mvq7l7xIdIHGv7O
vOn+mLSk5w8q/eLJS9ESbXiQ5Ys4ZcQLuspTmJQ9O3L3N431rzVHAP+Lon2Pj+aA
65yVYWSKR+eRiSz6tDo7GN5iOKmKSlFK+LIWl1iYNuLxK8Ar9g5g/jJN6qBZV125
X9eu56xcC2ScFQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:56:08 2026 by rpki-client