Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft
File: XasLCOUfgYIkYp-zohHYPVvjVEA.mft (raw, json)
Hash identifier: BxNWCLHEIPxuhqeXpmwaJmj6NjClBPzil1KFs+GQuw0=
Subject key identifier: F7:D3:8D:77:AD:10:48:B3:B4:E8:20:5D:13:DD:03:8A:89:BC:43:76
Authority key identifier: 5D:AB:0B:08:E5:1F:81:82:24:62:9F:B3:A2:11:D8:3D:5B:E3:54:40
Certificate issuer: /CN=5dab0b08e51f818224629fb3a211d83d5be35440
Certificate serial: 019D382EC6B6DD2AEE83C167C450610698DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft
Manifest number: 169D
Signing time: Sun 29 Mar 2026 06:01:22 +0000
Manifest this update: Sun 29 Mar 2026 06:01:22 +0000
Manifest next update: Mon 30 Mar 2026 06:01:22 +0000
Files and hashes: 1: HdxQx8q8ZBcZded3E8nmTrSkgmE.roa (hash: me4VXnxn0oOOrXZ4tjj+/iKQpTq2YIw30gSY0JjN42A=)
2: XasLCOUfgYIkYp-zohHYPVvjVEA.crl (hash: 8cao0YkRzUrJtYvCymeaHl4odVeooeneFyXcT8a9X/s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft
rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 06:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:2e:c6:b6:dd:2a:ee:83:c1:67:c4:50:61:06:98:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dab0b08e51f818224629fb3a211d83d5be35440
Validity
Not Before: Mar 29 06:01:22 2026 GMT
Not After : Mar 30 06:01:22 2026 GMT
Subject: CN=f7d38d77ad1048b3b4e8205d13dd038a89bc4376
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:66:c1:97:9c:02:9a:b8:59:dd:88:33:c7:3f:
c3:19:10:78:1a:07:cd:c3:3e:2c:08:40:4d:26:40:
bb:6b:44:fd:6c:44:12:13:cf:e8:45:2b:2d:01:9d:
d3:11:26:68:b1:2f:1c:b2:a9:7d:6c:b7:60:7f:ec:
5b:8d:47:76:5f:cb:59:02:60:73:a1:34:8e:87:7c:
17:79:2a:5a:0f:c3:65:31:c7:79:7d:75:fb:d2:2e:
f1:6e:a2:8f:78:fb:ec:3d:2d:15:bc:68:0d:ed:23:
c6:58:f7:0f:20:58:8f:76:1c:9a:28:40:84:df:71:
a2:71:86:cc:08:20:2f:5f:b6:98:75:f0:ad:75:62:
f3:21:ec:69:e0:c3:37:f2:ef:c6:3e:1d:e3:7b:63:
4a:3d:55:07:2b:14:eb:32:6e:ff:39:a8:62:02:47:
b7:65:5c:96:ed:80:b5:ac:be:94:45:30:6e:04:6d:
74:42:71:0d:09:c3:17:1e:d0:78:b5:ae:37:92:90:
fd:36:1e:3e:3a:d0:a2:0f:34:85:f6:f9:b5:04:ff:
00:fc:6e:2c:80:10:08:92:41:0b:ac:7f:b4:55:9b:
f4:4d:2f:6a:b7:6d:0b:6b:d4:a6:72:cb:e3:27:9f:
57:9e:0d:4a:4f:be:e1:4e:c5:af:28:6d:a1:89:0d:
c2:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:D3:8D:77:AD:10:48:B3:B4:E8:20:5D:13:DD:03:8A:89:BC:43:76
X509v3 Authority Key Identifier:
keyid:5D:AB:0B:08:E5:1F:81:82:24:62:9F:B3:A2:11:D8:3D:5B:E3:54:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
94:48:3e:6c:84:c1:51:76:df:a8:da:10:48:4f:e8:91:5d:ee:
4c:e0:02:4f:95:3e:a1:78:5b:95:19:1b:15:bf:44:56:6c:b1:
e8:dc:6f:e7:0d:c7:00:25:de:77:91:2f:b2:59:3a:8d:ad:90:
01:c3:c6:4b:b6:61:46:7b:9e:06:e8:d4:95:80:e0:86:2a:5a:
21:0b:b6:b9:05:19:ad:49:94:ac:2d:d9:af:ee:30:c8:55:96:
63:67:5a:30:23:d7:3d:12:40:e5:3f:4a:58:de:ed:88:10:d7:
d9:00:7b:bb:5c:d5:16:6b:63:50:3f:ee:fb:76:14:e5:38:26:
ef:27:e5:d3:73:8c:eb:71:6b:e7:8b:64:74:39:50:c7:2d:9b:
36:73:90:7e:e3:c4:e6:d1:c9:88:a1:0a:ff:71:b8:d3:f6:31:
cf:35:9c:df:d1:e4:cd:05:22:6d:66:7d:e6:43:cc:29:03:12:
bf:0d:cd:80:56:d9:70:df:09:36:b7:1a:19:a3:8c:c6:a3:db:
34:96:0e:33:7b:87:de:17:40:22:e6:79:25:9a:3b:f7:a2:81:
2e:4f:84:bf:e1:b7:85:bd:e9:df:12:b3:3c:09:bb:f8:fe:c9:
e4:dc:74:b2:a8:80:24:f2:73:23:1d:bd:bc:e3:a8:91:3e:77:
83:be:3a:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Lsa23Srug8FnxFBhBpjaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYWIwYjA4ZTUxZjgxODIyNDYyOWZiM2EyMTFkODNkNWJl
MzU0NDAwHhcNMjYwMzI5MDYwMTIyWhcNMjYwMzMwMDYwMTIyWjAzMTEwLwYDVQQD
EyhmN2QzOGQ3N2FkMTA0OGIzYjRlODIwNWQxM2RkMDM4YTg5YmM0Mzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4WbBl5wCmrhZ3Ygzxz/DGRB4GgfN
wz4sCEBNJkC7a0T9bEQSE8/oRSstAZ3TESZosS8csql9bLdgf+xbjUd2X8tZAmBz
oTSOh3wXeSpaD8NlMcd5fXX70i7xbqKPePvsPS0VvGgN7SPGWPcPIFiPdhyaKECE
33GicYbMCCAvX7aYdfCtdWLzIexp4MM38u/GPh3je2NKPVUHKxTrMm7/OahiAke3
ZVyW7YC1rL6URTBuBG10QnENCcMXHtB4ta43kpD9Nh4+OtCiDzSF9vm1BP8A/G4s
gBAIkkELrH+0VZv0TS9qt20La9SmcsvjJ59Xng1KT77hTsWvKG2hiQ3CywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPfTjXetEEiztOggXRPdA4qJvEN2MB8GA1UdIwQY
MBaAFF2rCwjlH4GCJGKfs6IR2D1b41RAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9lNjIwODktYjk4YS00ZmRkLTljNGUt
NjI3ODkxODJhMGYzLzEvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9lNjIwODktYjk4YS00ZmRkLTljNGUtNjI3ODkxODJhMGYz
LzEvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlEg+bITB
UXbfqNoQSE/okV3uTOACT5U+oXhblRkbFb9EVmyx6Nxv5w3HACXed5Evslk6ja2Q
AcPGS7ZhRnueBujUlYDghipaIQu2uQUZrUmUrC3Zr+4wyFWWY2daMCPXPRJA5T9K
WN7tiBDX2QB7u1zVFmtjUD/u+3YU5Tgm7yfl03OM63Fr54tkdDlQxy2bNnOQfuPE
5tHJiKEK/3G40/YxzzWc39HkzQUibWZ95kPMKQMSvw3NgFbZcN8JNrcaGaOMxqPb
NJYOM3uH3hdAIuZ5JZo796KBLk+Ev+G3hb3p3xKzPAm7+P7J5Nx0sqiAJPJzIx29
vOOokT53g7468g==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:49:14 2026 by rpki-client