Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/XYHR_0WxVHwAqEtG75nsot-9Rbw.mft
File: XYHR_0WxVHwAqEtG75nsot-9Rbw.mft (raw, json)
Hash identifier: 5+jL6S90kWA5zN24xmGnke5pZyVwJwxyKS71LANwjUI=
Subject key identifier: 9C:08:29:B5:E8:AC:31:5A:58:E1:2B:68:A7:5C:10:05:A2:B6:78:4F
Authority key identifier: 5D:81:D1:FF:45:B1:54:7C:00:A8:4B:46:EF:99:EC:A2:DF:BD:45:BC
Certificate issuer: /CN=5d81d1ff45b1547c00a84b46ef99eca2dfbd45bc
Certificate serial: 019D38D332718D1EEBE7461BE21D862BC9BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XYHR_0WxVHwAqEtG75nsot-9Rbw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/XYHR_0WxVHwAqEtG75nsot-9Rbw.mft
Manifest number: 1892
Signing time: Sun 29 Mar 2026 09:00:58 +0000
Manifest this update: Sun 29 Mar 2026 09:00:58 +0000
Manifest next update: Mon 30 Mar 2026 09:00:58 +0000
Files and hashes: 1: XYHR_0WxVHwAqEtG75nsot-9Rbw.crl (hash: /+AR0BSalHcL8iKxV4adzzT4kXenB+jqiwunw8PYX54=)
2: xBNYTN26rjrftroj6bw53BOmtsE.roa (hash: aH3rJts1biSMOKPSezn36e6c7+ndTrVwqPqYWonjaSQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/XYHR_0WxVHwAqEtG75nsot-9Rbw.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/XYHR_0WxVHwAqEtG75nsot-9Rbw.mft
rsync://rpki.ripe.net/repository/DEFAULT/XYHR_0WxVHwAqEtG75nsot-9Rbw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:32:71:8d:1e:eb:e7:46:1b:e2:1d:86:2b:c9:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d81d1ff45b1547c00a84b46ef99eca2dfbd45bc
Validity
Not Before: Mar 29 09:00:58 2026 GMT
Not After : Mar 30 09:00:58 2026 GMT
Subject: CN=9c0829b5e8ac315a58e12b68a75c1005a2b6784f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:1c:31:00:33:ff:b7:71:ba:fb:71:31:10:1c:
1d:72:9e:91:8d:71:4c:d7:5c:30:52:69:9a:48:44:
29:cd:27:c3:0b:ea:ef:33:27:c3:5c:46:4c:93:92:
d2:94:1a:ed:ed:c2:3f:d5:dc:e0:6d:1a:4e:f6:bc:
75:ff:86:ed:14:eb:91:c4:58:da:5d:6b:61:9e:d0:
8d:3f:8d:60:ec:e4:c5:82:74:ac:aa:14:52:d2:99:
2c:60:a7:7d:52:c9:07:0f:88:0d:35:13:cc:a0:21:
b0:15:e5:b1:16:97:c1:f3:65:14:06:d9:17:2f:2c:
53:5d:34:30:57:1c:7b:79:c0:50:88:9f:44:b4:19:
4f:b0:fe:14:32:14:2f:8d:6b:52:ac:04:01:ac:76:
17:87:68:02:b4:c3:7a:00:c3:7a:d1:c0:54:77:71:
bb:30:e7:35:77:f5:90:82:d4:ff:e7:ac:43:ec:11:
35:0f:6e:b1:74:8d:f6:9e:b7:a7:86:b1:81:8b:9e:
bd:b4:6d:fa:eb:2f:99:29:02:da:00:1a:93:31:92:
af:d9:15:3d:4e:5c:91:a9:17:3f:e7:97:0f:75:83:
f6:86:fb:a1:ac:ca:89:12:4c:ba:f4:52:0f:cf:de:
bf:53:aa:6b:c1:81:dc:10:74:2f:5c:13:8a:12:9d:
8c:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:08:29:B5:E8:AC:31:5A:58:E1:2B:68:A7:5C:10:05:A2:B6:78:4F
X509v3 Authority Key Identifier:
keyid:5D:81:D1:FF:45:B1:54:7C:00:A8:4B:46:EF:99:EC:A2:DF:BD:45:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYHR_0WxVHwAqEtG75nsot-9Rbw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/XYHR_0WxVHwAqEtG75nsot-9Rbw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/XYHR_0WxVHwAqEtG75nsot-9Rbw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
59:23:12:71:22:dd:3e:b0:80:46:69:78:ef:f9:33:c5:c1:64:
d0:ae:d3:76:29:ed:64:da:cc:89:b6:e3:fc:69:df:65:f9:cb:
91:61:ae:13:17:b2:23:28:61:10:d3:52:91:10:3f:2d:32:fd:
c1:b1:5a:19:1d:04:b5:a0:9c:16:20:58:89:62:53:e5:65:20:
9a:4c:c3:fe:5d:96:62:35:f1:1d:15:a0:6d:36:f8:75:54:0b:
4e:91:03:d1:97:dd:52:d6:fb:7a:0e:48:30:4c:6b:2b:e2:b4:
46:14:57:d0:33:2c:f3:7f:4a:81:ec:5d:69:76:14:95:b6:98:
33:c9:2b:4c:36:65:09:8e:75:98:24:69:ed:ad:84:db:71:5e:
76:31:df:43:f3:d0:5d:b5:06:c6:80:13:a2:5d:70:cb:8a:0f:
e7:46:5c:da:58:cf:e7:df:f2:23:58:52:b1:49:f0:7c:24:9c:
17:0d:ca:54:ae:ce:7a:a8:d2:73:c8:f1:a2:f9:73:7a:6e:6f:
b1:e6:cc:b1:cd:af:ec:1c:0f:23:4d:1f:b7:3b:86:45:5c:44:
af:2b:22:dd:5d:f1:5f:18:95:ec:3c:5a:a0:60:0f:16:90:23:
1d:f5:e0:c8:98:60:0e:1e:77:02:93:b4:c4:94:60:56:ee:a5:
ac:cb:e4:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040zJxjR7r50Yb4h2GK8m6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkODFkMWZmNDViMTU0N2MwMGE4NGI0NmVmOTllY2EyZGZi
ZDQ1YmMwHhcNMjYwMzI5MDkwMDU4WhcNMjYwMzMwMDkwMDU4WjAzMTEwLwYDVQQD
Eyg5YzA4MjliNWU4YWMzMTVhNThlMTJiNjhhNzVjMTAwNWEyYjY3ODRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRwxADP/t3G6+3ExEBwdcp6RjXFM
11wwUmmaSEQpzSfDC+rvMyfDXEZMk5LSlBrt7cI/1dzgbRpO9rx1/4btFOuRxFja
XWthntCNP41g7OTFgnSsqhRS0pksYKd9UskHD4gNNRPMoCGwFeWxFpfB82UUBtkX
LyxTXTQwVxx7ecBQiJ9EtBlPsP4UMhQvjWtSrAQBrHYXh2gCtMN6AMN60cBUd3G7
MOc1d/WQgtT/56xD7BE1D26xdI32nrenhrGBi569tG366y+ZKQLaABqTMZKv2RU9
TlyRqRc/55cPdYP2hvuhrMqJEky69FIPz96/U6prwYHcEHQvXBOKEp2MfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJwIKbXorDFaWOEraKdcEAWitnhPMB8GA1UdIwQY
MBaAFF2B0f9FsVR8AKhLRu+Z7KLfvUW8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFlIUl8wV3hWSHdBcUV0Rzc1bnNvdC05UmJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9hY2Q3ZTMtOWM3Ni00ZmY2LWI1YWUt
ZWU4MGEyZDI5NTJkLzEvWFlIUl8wV3hWSHdBcUV0Rzc1bnNvdC05UmJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9hY2Q3ZTMtOWM3Ni00ZmY2LWI1YWUtZWU4MGEyZDI5NTJk
LzEvWFlIUl8wV3hWSHdBcUV0Rzc1bnNvdC05UmJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWSMScSLd
PrCARml47/kzxcFk0K7TdintZNrMibbj/GnfZfnLkWGuExeyIyhhENNSkRA/LTL9
wbFaGR0EtaCcFiBYiWJT5WUgmkzD/l2WYjXxHRWgbTb4dVQLTpED0ZfdUtb7eg5I
MExrK+K0RhRX0DMs839KgexdaXYUlbaYM8krTDZlCY51mCRp7a2E23FedjHfQ/PQ
XbUGxoATol1wy4oP50Zc2ljP59/yI1hSsUnwfCScFw3KVK7OeqjSc8jxovlzem5v
sebMsc2v7BwPI00ftzuGRVxErysi3V3xXxiV7DxaoGAPFpAjHfXgyJhgDh53ApO0
xJRgVu6lrMvk6A==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:07:23 2026 by rpki-client