Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/a2fe68-761d-4e6c-9dcd-594c1acd9daf/1/P-XZqjR4a6oW1Fa9857K-12XMPg.mft
File: P-XZqjR4a6oW1Fa9857K-12XMPg.mft (raw, json)
Hash identifier: lh2obhXn7f5vPM9d0uWyZX/Khuw3+Zlv2hY8VimjOxk=
Subject key identifier: 33:9E:23:C5:06:17:D2:33:3F:BF:6F:DB:59:CD:DB:9E:2F:19:05:40
Authority key identifier: 3F:E5:D9:AA:34:78:6B:AA:16:D4:56:BD:F3:9E:CA:FB:5D:97:30:F8
Certificate issuer: /CN=3fe5d9aa34786baa16d456bdf39ecafb5d9730f8
Certificate serial: 019D382E6AE3449AAC045CC3F930AF7BAA30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-XZqjR4a6oW1Fa9857K-12XMPg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/a2fe68-761d-4e6c-9dcd-594c1acd9daf/1/P-XZqjR4a6oW1Fa9857K-12XMPg.mft
Manifest number: 188E
Signing time: Sun 29 Mar 2026 06:00:59 +0000
Manifest this update: Sun 29 Mar 2026 06:00:59 +0000
Manifest next update: Mon 30 Mar 2026 06:00:59 +0000
Files and hashes: 1: P-XZqjR4a6oW1Fa9857K-12XMPg.crl (hash: G75JXmGLJLvndKIUFHdWcwqx31V+UPqHchOReFgE7gA=)
2: g5nPMDhR1xXE3aUl3Zj948mnSZo.roa (hash: hy3Afkla54p1JUhAk/RCQlLZSfZ1AsKTh6gnAbaPJ04=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/a2fe68-761d-4e6c-9dcd-594c1acd9daf/1/P-XZqjR4a6oW1Fa9857K-12XMPg.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/a2fe68-761d-4e6c-9dcd-594c1acd9daf/1/P-XZqjR4a6oW1Fa9857K-12XMPg.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-XZqjR4a6oW1Fa9857K-12XMPg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 06:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:2e:6a:e3:44:9a:ac:04:5c:c3:f9:30:af:7b:aa:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fe5d9aa34786baa16d456bdf39ecafb5d9730f8
Validity
Not Before: Mar 29 06:00:59 2026 GMT
Not After : Mar 30 06:00:59 2026 GMT
Subject: CN=339e23c50617d2333fbf6fdb59cddb9e2f190540
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:af:11:f3:27:25:55:93:77:5d:5a:e2:aa:f6:
d5:03:6f:08:8e:5e:d4:66:8b:44:d6:95:37:4c:d3:
fd:06:51:8a:56:a7:26:5c:b5:8c:64:dd:ad:e7:d8:
44:4d:6e:e8:cb:f3:b2:15:19:2e:3b:20:90:6c:64:
40:f6:92:1d:db:03:0f:9d:85:a6:a0:47:4b:56:bd:
54:32:16:c0:5b:2a:40:f3:9b:6f:d4:12:95:a4:6f:
a2:04:bd:09:30:25:67:7a:ec:6c:8b:a2:77:04:8a:
8f:ff:ad:6f:25:bf:3c:32:d4:0b:ca:1c:88:14:93:
c5:48:91:a7:e9:ad:11:23:f2:d6:fb:76:b9:8d:f1:
ce:7c:b6:81:28:4a:b4:b8:49:71:0f:04:14:f9:ab:
b9:ed:d9:65:d5:06:dc:1a:d8:2d:2f:7d:bb:e0:b2:
0c:17:95:be:49:41:a9:73:d1:3a:62:42:f8:0d:76:
75:aa:cf:fd:62:9a:57:7c:47:6a:b2:63:1b:e1:1b:
48:2c:bf:13:2a:31:37:f2:9d:ca:f4:8a:68:6c:c3:
62:9d:75:e6:d8:5e:7e:ca:75:6c:21:d5:6d:ae:8f:
50:fa:bc:23:22:67:18:07:63:fe:1b:e2:a5:8d:6c:
fa:10:f8:98:1b:97:78:31:73:30:0b:26:39:0a:7c:
dd:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:9E:23:C5:06:17:D2:33:3F:BF:6F:DB:59:CD:DB:9E:2F:19:05:40
X509v3 Authority Key Identifier:
keyid:3F:E5:D9:AA:34:78:6B:AA:16:D4:56:BD:F3:9E:CA:FB:5D:97:30:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-XZqjR4a6oW1Fa9857K-12XMPg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/a2fe68-761d-4e6c-9dcd-594c1acd9daf/1/P-XZqjR4a6oW1Fa9857K-12XMPg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/a2fe68-761d-4e6c-9dcd-594c1acd9daf/1/P-XZqjR4a6oW1Fa9857K-12XMPg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4c:0b:7c:5f:19:5b:ab:67:77:e6:98:34:77:42:ed:cf:ae:7a:
c8:86:41:55:ae:42:8e:d5:43:24:67:f8:ea:20:cf:ac:52:70:
e9:1e:59:37:d3:cd:79:1d:f0:15:aa:d6:65:a1:1c:4d:47:7a:
86:23:74:bb:3c:ce:fe:5e:26:1a:60:20:7e:51:64:ad:92:26:
63:a5:6f:b1:3c:c6:11:ef:4c:0b:3f:9c:ab:89:2f:13:8b:43:
0b:72:25:d6:2d:f4:79:d0:38:93:8c:56:07:91:de:df:62:e8:
81:5f:92:88:17:24:a8:e2:22:74:a9:fb:b4:28:e1:e4:b2:0e:
68:66:86:b7:ee:e1:0e:44:dc:23:47:64:c2:b0:df:51:53:99:
c3:50:57:72:b0:15:ce:c2:02:48:0e:18:0a:df:c2:1b:aa:69:
85:3e:27:6c:cc:cd:b1:bf:cb:5e:1b:28:f1:fc:3f:43:92:b3:
a2:f1:11:7a:9f:5a:04:71:c1:4d:16:53:9b:39:ea:00:9f:e1:
8e:6d:42:da:e2:67:41:9c:ac:5b:f5:c5:99:9a:31:fc:75:9d:
0e:5b:ae:2f:d8:43:69:f8:58:f7:47:a5:d1:8d:f5:76:3a:fe:
57:b5:c2:16:9b:6c:60:c1:61:3a:0e:bb:d6:98:e8:4f:8e:6f:
fa:5c:11:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04LmrjRJqsBFzD+TCve6owMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZTVkOWFhMzQ3ODZiYWExNmQ0NTZiZGYzOWVjYWZiNWQ5
NzMwZjgwHhcNMjYwMzI5MDYwMDU5WhcNMjYwMzMwMDYwMDU5WjAzMTEwLwYDVQQD
EygzMzllMjNjNTA2MTdkMjMzM2ZiZjZmZGI1OWNkZGI5ZTJmMTkwNTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx68R8yclVZN3XVriqvbVA28Ijl7U
ZotE1pU3TNP9BlGKVqcmXLWMZN2t59hETW7oy/OyFRkuOyCQbGRA9pId2wMPnYWm
oEdLVr1UMhbAWypA85tv1BKVpG+iBL0JMCVneuxsi6J3BIqP/61vJb88MtQLyhyI
FJPFSJGn6a0RI/LW+3a5jfHOfLaBKEq0uElxDwQU+au57dll1QbcGtgtL3274LIM
F5W+SUGpc9E6YkL4DXZ1qs/9YppXfEdqsmMb4RtILL8TKjE38p3K9IpobMNinXXm
2F5+ynVsIdVtro9Q+rwjImcYB2P+G+KljWz6EPiYG5d4MXMwCyY5CnzdFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDOeI8UGF9IzP79v21nN254vGQVAMB8GA1UdIwQY
MBaAFD/l2ao0eGuqFtRWvfOeyvtdlzD4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUC1YWnFqUjRhNm9XMUZhOTg1N0stMTJYTVBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9hMmZlNjgtNzYxZC00ZTZjLTlkY2Qt
NTk0YzFhY2Q5ZGFmLzEvUC1YWnFqUjRhNm9XMUZhOTg1N0stMTJYTVBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9hMmZlNjgtNzYxZC00ZTZjLTlkY2QtNTk0YzFhY2Q5ZGFm
LzEvUC1YWnFqUjRhNm9XMUZhOTg1N0stMTJYTVBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATAt8Xxlb
q2d35pg0d0Ltz656yIZBVa5CjtVDJGf46iDPrFJw6R5ZN9PNeR3wFarWZaEcTUd6
hiN0uzzO/l4mGmAgflFkrZImY6VvsTzGEe9MCz+cq4kvE4tDC3Il1i30edA4k4xW
B5He32LogV+SiBckqOIidKn7tCjh5LIOaGaGt+7hDkTcI0dkwrDfUVOZw1BXcrAV
zsICSA4YCt/CG6pphT4nbMzNsb/LXhso8fw/Q5KzovERep9aBHHBTRZTmznqAJ/h
jm1C2uJnQZysW/XFmZox/HWdDluuL9hDafhY90el0Y31djr+V7XCFptsYMFhOg67
1pjoT45v+lwR4A==
-----END CERTIFICATE-----
Generated at Sun Mar 29 15:24:10 2026 by rpki-client