Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/7a78d4-0340-4227-b147-35b53d2376d2/1/XpgU1DFdMK28jeMGAFVq6cPPns4.mft
File: XpgU1DFdMK28jeMGAFVq6cPPns4.mft (raw, json)
Hash identifier: MUwGH8LULC+eob/YbHV+V2EdammxwIO/pGFDU6plOcM=
Subject key identifier: FF:5B:E6:55:01:4C:68:47:51:74:20:D9:8E:1F:A6:83:56:46:D9:8A
Authority key identifier: 5E:98:14:D4:31:5D:30:AD:BC:8D:E3:06:00:55:6A:E9:C3:CF:9E:CE
Certificate issuer: /CN=5e9814d4315d30adbc8de30600556ae9c3cf9ece
Certificate serial: 019D394169277129CFB727DFC941C1492AFC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XpgU1DFdMK28jeMGAFVq6cPPns4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/7a78d4-0340-4227-b147-35b53d2376d2/1/XpgU1DFdMK28jeMGAFVq6cPPns4.mft
Manifest number: 1891
Signing time: Sun 29 Mar 2026 11:01:21 +0000
Manifest this update: Sun 29 Mar 2026 11:01:21 +0000
Manifest next update: Mon 30 Mar 2026 11:01:21 +0000
Files and hashes: 1: QBinzFbTX8ICJKPb335BTjaNXKk.roa (hash: phGs/IfWO4O9NiG9zthPXCYOMupHdBQa3yN7pRaGe2k=)
2: XpgU1DFdMK28jeMGAFVq6cPPns4.crl (hash: GJxfp4ZNtLoJou/C3QKVnQTYNztwjiv+7S9j73ICXbk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/7a78d4-0340-4227-b147-35b53d2376d2/1/XpgU1DFdMK28jeMGAFVq6cPPns4.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/7a78d4-0340-4227-b147-35b53d2376d2/1/XpgU1DFdMK28jeMGAFVq6cPPns4.mft
rsync://rpki.ripe.net/repository/DEFAULT/XpgU1DFdMK28jeMGAFVq6cPPns4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:41:69:27:71:29:cf:b7:27:df:c9:41:c1:49:2a:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e9814d4315d30adbc8de30600556ae9c3cf9ece
Validity
Not Before: Mar 29 11:01:21 2026 GMT
Not After : Mar 30 11:01:21 2026 GMT
Subject: CN=ff5be655014c6847517420d98e1fa6835646d98a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:d3:cb:e6:db:5b:f6:a5:57:cf:04:5b:9a:f7:
ad:48:57:20:5c:2e:60:05:87:ce:e6:00:e4:bf:ec:
65:83:9c:08:85:e9:86:26:2f:02:6f:d8:5f:38:de:
90:47:59:29:59:66:2d:73:48:61:6e:47:c6:24:ea:
2b:35:fc:fc:77:44:31:35:ac:77:01:bb:6a:5f:c5:
26:88:17:34:7d:6c:fa:29:ff:22:30:a9:5e:82:a3:
b8:8b:b0:a8:f4:6b:c8:0c:ba:d1:5e:b8:87:72:f4:
bb:72:b3:48:c8:5b:4c:93:20:db:e0:4e:c9:7a:e1:
9e:64:04:47:3d:3a:3b:ba:f2:26:07:0c:3f:da:c1:
90:ae:52:a7:c8:ed:2c:be:47:76:ab:20:2c:da:76:
0b:cc:82:10:fd:b2:9c:90:63:31:68:c3:ec:5a:56:
c6:ba:3e:1a:0e:21:5c:7f:05:22:9f:7a:54:b3:d0:
ef:17:01:c2:1b:db:ab:f3:42:9d:8b:95:ad:a7:cb:
4b:2f:e2:c9:e5:5c:fb:67:8b:e5:5c:f0:22:37:02:
c9:a0:60:b8:5a:d5:3d:84:94:d6:e8:1e:ed:82:28:
23:b7:28:00:58:69:9b:55:c2:08:7a:90:9d:70:a4:
e2:49:06:f9:ed:7f:9b:f6:ef:e5:b1:ed:b1:c6:e1:
ee:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:5B:E6:55:01:4C:68:47:51:74:20:D9:8E:1F:A6:83:56:46:D9:8A
X509v3 Authority Key Identifier:
keyid:5E:98:14:D4:31:5D:30:AD:BC:8D:E3:06:00:55:6A:E9:C3:CF:9E:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XpgU1DFdMK28jeMGAFVq6cPPns4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/7a78d4-0340-4227-b147-35b53d2376d2/1/XpgU1DFdMK28jeMGAFVq6cPPns4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/7a78d4-0340-4227-b147-35b53d2376d2/1/XpgU1DFdMK28jeMGAFVq6cPPns4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
64:fa:51:d9:5b:7d:63:ba:6c:26:36:51:39:45:bd:c1:99:99:
c2:ee:15:d4:3e:96:5b:7c:e1:58:19:32:3a:ca:2b:ab:78:f7:
5e:db:22:d9:b0:9b:22:71:b4:69:07:65:24:fb:8d:34:88:d6:
78:7c:5e:bc:03:ca:a3:94:eb:d0:11:ca:2d:1b:97:cd:04:27:
ce:55:10:2f:3a:71:da:3a:c6:6a:5f:1f:0d:da:82:0b:69:a6:
33:1a:67:62:04:40:98:47:c7:f6:0b:7f:ff:f2:da:05:d5:41:
9a:29:70:d2:14:c2:7f:13:38:a9:01:e5:56:59:25:68:7c:13:
b9:09:b0:79:30:f3:d5:31:79:91:8a:a5:6a:74:d1:3b:a8:f1:
02:6d:fc:06:a8:3d:8b:2b:67:51:93:ea:9b:c7:ab:55:28:74:
5d:16:c8:ac:d5:43:08:a2:fb:5a:3b:a9:71:8c:c5:77:a2:73:
a7:2a:15:70:d6:35:8b:f2:43:84:2c:4f:31:17:f8:43:4e:a8:
0f:80:a0:53:05:ae:56:ed:a3:ea:2c:5a:ca:c8:3b:53:ff:50:
c1:69:c6:a6:f4:67:fd:36:1e:35:c3:56:eb:31:90:b9:87:76:
74:b3:2a:83:c5:ec:1c:01:57:5f:7c:65:80:2e:49:51:af:6f:
52:1f:86:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QWkncSnPtyffyUHBSSr8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlOTgxNGQ0MzE1ZDMwYWRiYzhkZTMwNjAwNTU2YWU5YzNj
ZjllY2UwHhcNMjYwMzI5MTEwMTIxWhcNMjYwMzMwMTEwMTIxWjAzMTEwLwYDVQQD
EyhmZjViZTY1NTAxNGM2ODQ3NTE3NDIwZDk4ZTFmYTY4MzU2NDZkOThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5NPL5ttb9qVXzwRbmvetSFcgXC5g
BYfO5gDkv+xlg5wIhemGJi8Cb9hfON6QR1kpWWYtc0hhbkfGJOorNfz8d0QxNax3
AbtqX8UmiBc0fWz6Kf8iMKlegqO4i7Co9GvIDLrRXriHcvS7crNIyFtMkyDb4E7J
euGeZARHPTo7uvImBww/2sGQrlKnyO0svkd2qyAs2nYLzIIQ/bKckGMxaMPsWlbG
uj4aDiFcfwUin3pUs9DvFwHCG9ur80Kdi5Wtp8tLL+LJ5Vz7Z4vlXPAiNwLJoGC4
WtU9hJTW6B7tgigjtygAWGmbVcIIepCdcKTiSQb57X+b9u/lse2xxuHuqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP9b5lUBTGhHUXQg2Y4fpoNWRtmKMB8GA1UdIwQY
MBaAFF6YFNQxXTCtvI3jBgBVaunDz57OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHBnVTFERmRNSzI4amVNR0FGVnE2Y1BQbnM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS83YTc4ZDQtMDM0MC00MjI3LWIxNDct
MzViNTNkMjM3NmQyLzEvWHBnVTFERmRNSzI4amVNR0FGVnE2Y1BQbnM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS83YTc4ZDQtMDM0MC00MjI3LWIxNDctMzViNTNkMjM3NmQy
LzEvWHBnVTFERmRNSzI4amVNR0FGVnE2Y1BQbnM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZPpR2Vt9
Y7psJjZROUW9wZmZwu4V1D6WW3zhWBkyOsorq3j3Xtsi2bCbInG0aQdlJPuNNIjW
eHxevAPKo5Tr0BHKLRuXzQQnzlUQLzpx2jrGal8fDdqCC2mmMxpnYgRAmEfH9gt/
//LaBdVBmilw0hTCfxM4qQHlVlklaHwTuQmweTDz1TF5kYqlanTRO6jxAm38Bqg9
iytnUZPqm8erVSh0XRbIrNVDCKL7WjupcYzFd6JzpyoVcNY1i/JDhCxPMRf4Q06o
D4CgUwWuVu2j6ixaysg7U/9QwWnGpvRn/TYeNcNW6zGQuYd2dLMqg8XsHAFXX3xl
gC5JUa9vUh+Gtg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:50:16 2026 by rpki-client