Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/X32laK0Ce54knBPiI9MidpiBop8.mft
File: X32laK0Ce54knBPiI9MidpiBop8.mft (raw, json)
Hash identifier: g22E/GQee1Y0s+VVuuWzur8rj8XCwggZ9lM6CPTQsZc=
Subject key identifier: 5B:F8:C4:DD:9D:C6:F6:B2:52:5B:A7:6D:56:DD:C2:EB:4D:A0:0C:07
Authority key identifier: 5F:7D:A5:68:AD:02:7B:9E:24:9C:13:E2:23:D3:22:76:98:81:A2:9F
Certificate issuer: /CN=5f7da568ad027b9e249c13e223d322769881a29f
Certificate serial: 019D394084615E81EBE0C72313643FF2E185
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X32laK0Ce54knBPiI9MidpiBop8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/X32laK0Ce54knBPiI9MidpiBop8.mft
Manifest number: 0E15
Signing time: Sun 29 Mar 2026 11:00:22 +0000
Manifest this update: Sun 29 Mar 2026 11:00:22 +0000
Manifest next update: Mon 30 Mar 2026 11:00:22 +0000
Files and hashes: 1: 1OR7MiBYrBCTFUeXZt8nxO3fT1w.roa (hash: O61r2RIUvERzmLaBVoDYNHK7kM7U4nIi+QM0eXMDPoU=)
2: 3D1cLIqJM9j2TiDk4FKtoH3bACY.roa (hash: 9wyJBuDfbj2/qxzFzPQPUFVR/sga3QbA+VZr0ZYglIg=)
3: 5lLzlOSe2EMzTCpU7J1Pn4O1Qb8.roa (hash: yloQb3FNDE4bgwNWi1qn6U4HxV6wapprJyRxX2uAb+o=)
4: DVjlzf9-odFEmzfa3WbgW4SKOHc.roa (hash: G99ptyhMQXh4T7sxQFOQiD1Ft8xrRXqhmTKs+Lr/jf8=)
5: OOjjbiEjw5WVY_zDG3MNRgHawWc.roa (hash: 6hSHQjeZPUQqSFTuBckD24PIf8hoBIsHEYoWzKPaWp4=)
6: Uv7GAQ_UlMBXFGvxutIi16HxUTg.roa (hash: CsEeDd1h6WkVmrp/M5Z/7OMRR7HqcBmhfSum5Jl9L2E=)
7: X32laK0Ce54knBPiI9MidpiBop8.crl (hash: +SmfD51PkKKOql3cXxMlOxmG2KntBfAM8FePSrOGBko=)
8: _GfFqUw5mWGbjc_mCBWnNfju97k.roa (hash: 2siq+SOSG2tsLvn2PAlvw4ivV0pVSjLxvVW1AegSSYg=)
9: wYvIMqVJD5kGsVB7Odk1zqw9PLE.roa (hash: lv2FW5IzYlo7gJNIKly5LsLWJkSxo+G8ybKR+UJH+Vg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/X32laK0Ce54knBPiI9MidpiBop8.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/X32laK0Ce54knBPiI9MidpiBop8.mft
rsync://rpki.ripe.net/repository/DEFAULT/X32laK0Ce54knBPiI9MidpiBop8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 08:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:40:84:61:5e:81:eb:e0:c7:23:13:64:3f:f2:e1:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f7da568ad027b9e249c13e223d322769881a29f
Validity
Not Before: Mar 29 11:00:22 2026 GMT
Not After : Mar 30 11:00:22 2026 GMT
Subject: CN=5bf8c4dd9dc6f6b2525ba76d56ddc2eb4da00c07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:61:af:f3:1f:b2:2b:69:ac:28:b1:39:e4:7f:
73:7c:62:ef:18:04:09:6b:2c:68:9c:c4:03:17:b2:
6b:26:a3:09:60:46:17:f4:f4:05:27:5b:ae:e9:bf:
0a:68:0a:eb:c5:25:f2:b1:07:92:4d:66:1b:e0:cc:
b5:79:01:43:bc:70:22:54:cd:23:23:36:c9:03:40:
1b:c6:1b:74:b3:84:09:0f:c6:fa:da:fd:c3:50:2f:
6c:00:f8:29:96:2a:2a:29:29:08:8d:29:0a:20:f1:
06:3b:54:5d:3c:e1:a5:c2:1a:e0:22:61:c0:e3:99:
38:fb:37:5c:57:79:24:ec:44:75:88:a9:a5:63:b0:
73:40:c0:be:fd:20:3d:cf:b3:19:25:75:1c:da:4e:
ab:52:1d:3e:f5:4c:ce:01:28:8c:9d:94:04:5e:99:
0c:e8:2d:dc:0b:c5:06:ba:49:96:18:17:73:30:b8:
e5:36:f6:8c:18:fc:e0:73:51:55:93:e6:76:6a:01:
41:cc:c9:a7:60:d2:1b:78:a6:0b:93:d2:56:66:a0:
44:0f:ff:19:87:96:0d:59:2a:b5:7c:e2:23:78:1f:
31:4b:2c:19:1c:d1:7e:bb:7f:0f:c5:fa:5f:44:cc:
60:1e:f1:f2:1d:0b:c4:3a:b8:5a:f7:82:bf:99:70:
cd:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:F8:C4:DD:9D:C6:F6:B2:52:5B:A7:6D:56:DD:C2:EB:4D:A0:0C:07
X509v3 Authority Key Identifier:
keyid:5F:7D:A5:68:AD:02:7B:9E:24:9C:13:E2:23:D3:22:76:98:81:A2:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X32laK0Ce54knBPiI9MidpiBop8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/X32laK0Ce54knBPiI9MidpiBop8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/X32laK0Ce54knBPiI9MidpiBop8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a1:d4:a6:ba:a9:b4:6b:59:50:69:d8:6f:a3:b1:c3:3f:c2:a8:
b1:86:20:c4:60:85:5d:3b:a1:71:7f:7b:7c:45:dd:c8:c1:01:
23:d1:1a:99:ca:9f:9a:63:44:cf:70:a6:84:4c:8d:06:d2:b1:
32:6f:e0:a3:4a:6b:1a:44:e7:48:96:fa:61:ce:55:cf:b7:52:
6e:a3:52:e6:a3:31:9c:d2:a1:f5:81:61:61:24:fe:2f:e7:f1:
a6:2c:69:c7:d8:67:de:47:8a:17:c7:0a:00:bd:08:02:af:19:
52:05:59:ea:0a:8a:c8:20:10:cc:3d:45:19:2a:a9:03:77:70:
d1:75:75:27:95:19:e0:5b:f3:19:66:54:94:6c:f7:f3:b7:a1:
ed:bf:f2:5e:7a:0e:5a:04:11:cf:9c:e0:4d:fe:57:2d:c8:ab:
a1:b5:36:a6:b7:df:a9:a6:88:cb:00:5d:75:6e:fb:77:d9:71:
6c:f4:07:d9:5b:df:42:41:4a:68:55:28:76:84:51:c9:03:f8:
b3:8c:d4:48:54:6e:c6:83:62:cf:39:c0:b8:f7:89:f7:f1:4a:
d0:7f:09:ff:cc:4e:9f:87:93:99:fa:f7:75:c8:aa:0c:6c:dd:
7e:1e:64:25:ff:ac:67:80:16:36:f8:26:f8:12:be:b7:a2:56:
d6:eb:32:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QIRhXoHr4McjE2Q/8uGFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmN2RhNTY4YWQwMjdiOWUyNDljMTNlMjIzZDMyMjc2OTg4
MWEyOWYwHhcNMjYwMzI5MTEwMDIyWhcNMjYwMzMwMTEwMDIyWjAzMTEwLwYDVQQD
Eyg1YmY4YzRkZDlkYzZmNmIyNTI1YmE3NmQ1NmRkYzJlYjRkYTAwYzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2Gv8x+yK2msKLE55H9zfGLvGAQJ
ayxonMQDF7JrJqMJYEYX9PQFJ1uu6b8KaArrxSXysQeSTWYb4My1eQFDvHAiVM0j
IzbJA0Abxht0s4QJD8b62v3DUC9sAPgplioqKSkIjSkKIPEGO1RdPOGlwhrgImHA
45k4+zdcV3kk7ER1iKmlY7BzQMC+/SA9z7MZJXUc2k6rUh0+9UzOASiMnZQEXpkM
6C3cC8UGukmWGBdzMLjlNvaMGPzgc1FVk+Z2agFBzMmnYNIbeKYLk9JWZqBED/8Z
h5YNWSq1fOIjeB8xSywZHNF+u38PxfpfRMxgHvHyHQvEOrha94K/mXDNLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFv4xN2dxvayUlunbVbdwutNoAwHMB8GA1UdIwQY
MBaAFF99pWitAnueJJwT4iPTInaYgaKfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDMybGFLMENlNTRrbkJQaUk5TWlkcGlCb3A4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8wNTQ4OGYtZjRlMC00ZTZjLTk0ZjUt
Mzc1NzUzOWMyYWM5LzEvWDMybGFLMENlNTRrbkJQaUk5TWlkcGlCb3A4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8wNTQ4OGYtZjRlMC00ZTZjLTk0ZjUtMzc1NzUzOWMyYWM5
LzEvWDMybGFLMENlNTRrbkJQaUk5TWlkcGlCb3A4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAodSmuqm0
a1lQadhvo7HDP8KosYYgxGCFXTuhcX97fEXdyMEBI9EamcqfmmNEz3CmhEyNBtKx
Mm/go0prGkTnSJb6Yc5Vz7dSbqNS5qMxnNKh9YFhYST+L+fxpixpx9hn3keKF8cK
AL0IAq8ZUgVZ6gqKyCAQzD1FGSqpA3dw0XV1J5UZ4FvzGWZUlGz387eh7b/yXnoO
WgQRz5zgTf5XLcirobU2prffqaaIywBddW77d9lxbPQH2VvfQkFKaFUodoRRyQP4
s4zUSFRuxoNizznAuPeJ9/FK0H8J/8xOn4eTmfr3dciqDGzdfh5kJf+sZ4AWNvgm
+BK+t6JW1usycw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 18:11:04 2026 by rpki-client