Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.mft
File: XGGrSm35u5XP3orwdmaKWVs0HeE.mft (raw, json)
Hash identifier: oGeayKlsVypD/r8dpKI795lcxIR9DcXJpMEg/rTqi4A=
Subject key identifier: 19:EB:9A:E5:A4:02:F0:C8:71:CE:20:E3:8E:FF:0D:D4:ED:B4:61:08
Authority key identifier: 5C:61:AB:4A:6D:F9:BB:95:CF:DE:8A:F0:76:66:8A:59:5B:34:1D:E1
Certificate issuer: /CN=5c61ab4a6df9bb95cfde8af076668a595b341de1
Certificate serial: 019CBD71811DDEDB7A53F6D1920314B0B85C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGGrSm35u5XP3orwdmaKWVs0HeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.mft
Manifest number: 0537
Signing time: Thu 05 Mar 2026 10:00:58 +0000
Manifest this update: Thu 05 Mar 2026 10:00:58 +0000
Manifest next update: Fri 06 Mar 2026 10:00:58 +0000
Files and hashes: 1: XGGrSm35u5XP3orwdmaKWVs0HeE.crl (hash: xstVYZXDJwDnA5Z9ohpSQhQK4sIAvrxPdevKMXFr9U0=)
2: d9ad6eSfGOCAtJCyfx5T80LXc84.roa (hash: l8TnxH7nYsbi9OkxC5kgX4fiX1lQ108inFjyeEj/BH0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.mft
rsync://rpki.ripe.net/repository/DEFAULT/XGGrSm35u5XP3orwdmaKWVs0HeE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Mar 2026 10:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:bd:71:81:1d:de:db:7a:53:f6:d1:92:03:14:b0:b8:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c61ab4a6df9bb95cfde8af076668a595b341de1
Validity
Not Before: Mar 5 10:00:58 2026 GMT
Not After : Mar 6 10:00:58 2026 GMT
Subject: CN=19eb9ae5a402f0c871ce20e38eff0dd4edb46108
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:29:28:91:d2:ff:39:20:73:8e:6d:b3:4a:4a:
16:1c:38:0c:ce:cc:1f:34:48:71:ef:27:8c:e8:47:
19:00:ad:79:55:85:10:08:2c:bd:d9:c8:06:a9:54:
bd:e3:f2:34:9c:b5:8a:87:fa:f9:01:42:e4:17:b7:
28:9f:20:8c:25:0b:01:34:cd:fd:a2:3a:d5:c6:68:
5d:78:e2:89:96:91:22:1d:5e:da:b8:16:e0:17:29:
10:51:cf:53:36:97:20:29:9c:ad:9f:78:59:a8:b8:
3a:50:14:b2:d8:23:b9:87:37:56:1e:5d:21:c4:13:
b3:05:fe:27:ed:9d:99:81:70:7d:20:3a:9d:a8:3d:
4f:1d:f3:7f:e3:21:28:a1:d6:b2:f8:cf:9e:79:82:
69:e1:e2:03:57:ad:4a:a5:9e:39:6d:07:8b:93:f3:
a4:5d:81:54:c3:bb:09:82:94:5a:e4:ec:19:bd:1e:
da:9c:4b:53:9c:b5:0f:5e:ee:90:26:9f:a9:13:74:
b4:e9:8b:c3:1c:58:3a:04:0b:9d:2b:a3:a9:27:f1:
cf:dd:46:14:b8:96:4c:f6:ef:b8:01:b2:30:fc:7b:
e8:74:a9:c0:9c:f3:bd:f0:47:c9:7a:0f:94:12:6b:
43:d0:e2:48:ce:77:d1:fb:c8:a6:98:ec:d5:c3:2c:
39:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:EB:9A:E5:A4:02:F0:C8:71:CE:20:E3:8E:FF:0D:D4:ED:B4:61:08
X509v3 Authority Key Identifier:
keyid:5C:61:AB:4A:6D:F9:BB:95:CF:DE:8A:F0:76:66:8A:59:5B:34:1D:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGGrSm35u5XP3orwdmaKWVs0HeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
36:7e:ff:a1:ca:4b:86:37:5c:55:dc:0b:3a:a6:14:a7:33:3c:
ec:15:41:f2:0f:ef:97:0a:84:fc:f1:44:37:c0:e1:e8:26:cf:
53:b7:61:f2:78:1f:ee:b4:5f:e8:ed:07:bb:5b:a2:45:6f:e1:
af:42:9f:4f:a3:86:b7:13:98:d9:df:38:03:eb:22:9d:6f:9e:
a2:94:68:2f:56:31:65:3d:c8:92:2d:5a:36:7f:2f:f9:e1:0e:
d9:95:8e:7d:09:08:64:dc:f3:c0:70:8f:97:52:d3:8e:fe:4e:
68:38:0e:a2:29:a4:75:8d:6d:ab:dc:34:c5:bc:71:11:e3:60:
d9:0d:97:ea:ec:47:13:1d:cd:a4:77:79:64:ec:fd:e3:60:35:
14:d4:e8:b3:24:af:47:9a:77:3f:51:8c:12:05:23:06:d3:d1:
9d:b9:d1:e4:38:fc:02:8f:b9:2c:a3:a6:f9:35:1e:81:f3:4f:
07:d8:c1:89:ef:56:40:d3:e5:60:39:46:c9:6a:60:5a:16:d6:
9b:a5:94:9f:4c:ee:5d:1f:6c:b6:87:e3:d9:d4:31:44:91:51:
d4:e4:50:2c:06:97:33:b7:f9:11:9c:80:69:ae:d7:a2:c0:ca:
e6:a2:b7:54:06:bf:87:e1:d8:f0:0a:52:06:4e:14:70:96:49:
ad:46:15:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZy9cYEd3tt6U/bRkgMUsLhcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNjFhYjRhNmRmOWJiOTVjZmRlOGFmMDc2NjY4YTU5NWIz
NDFkZTEwHhcNMjYwMzA1MTAwMDU4WhcNMjYwMzA2MTAwMDU4WjAzMTEwLwYDVQQD
EygxOWViOWFlNWE0MDJmMGM4NzFjZTIwZTM4ZWZmMGRkNGVkYjQ2MTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyykokdL/OSBzjm2zSkoWHDgMzswf
NEhx7yeM6EcZAK15VYUQCCy92cgGqVS94/I0nLWKh/r5AULkF7conyCMJQsBNM39
ojrVxmhdeOKJlpEiHV7auBbgFykQUc9TNpcgKZytn3hZqLg6UBSy2CO5hzdWHl0h
xBOzBf4n7Z2ZgXB9IDqdqD1PHfN/4yEooday+M+eeYJp4eIDV61KpZ45bQeLk/Ok
XYFUw7sJgpRa5OwZvR7anEtTnLUPXu6QJp+pE3S06YvDHFg6BAudK6OpJ/HP3UYU
uJZM9u+4AbIw/HvodKnAnPO98EfJeg+UEmtD0OJIznfR+8immOzVwyw5TQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBnrmuWkAvDIcc4g447/DdTttGEIMB8GA1UdIwQY
MBaAFFxhq0pt+buVz96K8HZmillbNB3hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEdHclNtMzV1NVhQM29yd2RtYUtXVnMwSGVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9mZDVhOTgtMjcyZi00MDc4LTk0OGQt
NmZhODY4OTIxZGZiLzEvWEdHclNtMzV1NVhQM29yd2RtYUtXVnMwSGVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9mZDVhOTgtMjcyZi00MDc4LTk0OGQtNmZhODY4OTIxZGZi
LzEvWEdHclNtMzV1NVhQM29yd2RtYUtXVnMwSGVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANn7/ocpL
hjdcVdwLOqYUpzM87BVB8g/vlwqE/PFEN8Dh6CbPU7dh8ngf7rRf6O0Hu1uiRW/h
r0KfT6OGtxOY2d84A+sinW+eopRoL1YxZT3Iki1aNn8v+eEO2ZWOfQkIZNzzwHCP
l1LTjv5OaDgOoimkdY1tq9w0xbxxEeNg2Q2X6uxHEx3NpHd5ZOz942A1FNTosySv
R5p3P1GMEgUjBtPRnbnR5Dj8Ao+5LKOm+TUegfNPB9jBie9WQNPlYDlGyWpgWhbW
m6WUn0zuXR9stofj2dQxRJFR1ORQLAaXM7f5EZyAaa7XosDK5qK3VAa/h+HY8ApS
Bk4UcJZJrUYVyw==
-----END CERTIFICATE-----
Generated at Thu Mar 5 18:08:29 2026 by rpki-client