Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/bcd792-8956-45fe-8534-0931fd3e5bee/1/XZrYiZ1byFSe7dPlny0NYhNczxQ.mft
File: XZrYiZ1byFSe7dPlny0NYhNczxQ.mft (raw, json)
Hash identifier: c4FxhXRV1BXvEBZ9QgF7PITxo00UAvh3YntwC89ym+0=
Subject key identifier: 10:8C:07:C4:21:5B:93:18:8D:AE:CB:93:4F:24:61:1A:C8:1E:DC:50
Authority key identifier: 5D:9A:D8:89:9D:5B:C8:54:9E:ED:D3:E5:9F:2D:0D:62:13:5C:CF:14
Certificate issuer: /CN=5d9ad8899d5bc8549eedd3e59f2d0d62135ccf14
Certificate serial: 019D38D2B76A25E40B9543885FB82A0340BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XZrYiZ1byFSe7dPlny0NYhNczxQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/bcd792-8956-45fe-8534-0931fd3e5bee/1/XZrYiZ1byFSe7dPlny0NYhNczxQ.mft
Manifest number: 0400
Signing time: Sun 29 Mar 2026 09:00:26 +0000
Manifest this update: Sun 29 Mar 2026 09:00:26 +0000
Manifest next update: Mon 30 Mar 2026 09:00:26 +0000
Files and hashes: 1: SMN2TicHTITFE7SoU6JvilZobIM.roa (hash: Jgb+gxe0VdXUottoUDRHcVAZQNKtB28hNd2imzpc8AQ=)
2: XZrYiZ1byFSe7dPlny0NYhNczxQ.crl (hash: S+Q8tagWMUG+bEi9Nyku6qRTpILsrFcxhogD5O6U7fw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/bcd792-8956-45fe-8534-0931fd3e5bee/1/XZrYiZ1byFSe7dPlny0NYhNczxQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/bcd792-8956-45fe-8534-0931fd3e5bee/1/XZrYiZ1byFSe7dPlny0NYhNczxQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/XZrYiZ1byFSe7dPlny0NYhNczxQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d2:b7:6a:25:e4:0b:95:43:88:5f:b8:2a:03:40:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d9ad8899d5bc8549eedd3e59f2d0d62135ccf14
Validity
Not Before: Mar 29 09:00:26 2026 GMT
Not After : Mar 30 09:00:26 2026 GMT
Subject: CN=108c07c4215b93188daecb934f24611ac81edc50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:13:44:87:15:ae:3d:89:1b:de:f3:74:03:de:
12:fc:36:66:c7:b4:e3:0b:5a:f7:6e:cb:87:1a:0f:
5f:51:c4:1c:c1:c5:06:b2:e7:57:07:73:89:52:67:
7f:5e:6f:97:ae:5e:1a:c2:ce:83:c7:f4:0f:6d:ea:
f7:a3:87:f2:41:9c:30:6e:0b:60:a3:9b:63:ab:51:
17:e9:cd:79:cf:ce:c7:fb:0a:e9:b1:b0:29:2b:35:
15:b5:91:19:c9:69:6c:1d:be:c5:ae:36:f1:27:bc:
5b:98:09:d6:a4:66:6e:c6:7b:7e:28:9f:48:6f:6b:
8a:7c:19:be:36:51:f2:85:89:d9:58:96:60:a6:0a:
7d:9c:73:3a:6e:65:64:f2:9b:60:86:63:02:60:d2:
e5:1f:d7:b4:35:f7:cb:ad:71:bc:be:1a:da:53:8b:
79:64:ea:7e:fe:70:78:96:bd:d0:dd:f6:29:be:8f:
d5:7f:7e:95:13:e1:d9:12:cc:b0:88:d1:76:08:85:
0b:c4:49:60:fe:18:87:9f:16:43:ff:23:d1:75:a9:
99:be:3b:28:1c:4a:b7:8e:18:62:d5:0a:ab:91:a0:
6e:d4:a4:3d:bd:04:41:9b:0d:12:db:85:cb:99:e8:
f8:70:98:aa:2c:b3:4d:78:d2:5b:77:b5:91:8c:e7:
d2:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:8C:07:C4:21:5B:93:18:8D:AE:CB:93:4F:24:61:1A:C8:1E:DC:50
X509v3 Authority Key Identifier:
keyid:5D:9A:D8:89:9D:5B:C8:54:9E:ED:D3:E5:9F:2D:0D:62:13:5C:CF:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XZrYiZ1byFSe7dPlny0NYhNczxQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/bcd792-8956-45fe-8534-0931fd3e5bee/1/XZrYiZ1byFSe7dPlny0NYhNczxQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/bcd792-8956-45fe-8534-0931fd3e5bee/1/XZrYiZ1byFSe7dPlny0NYhNczxQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5e:68:07:77:90:c4:fb:12:3b:83:57:26:b7:52:5a:8c:ed:39:
98:f8:dc:56:c8:4a:86:3a:56:28:8e:0e:e5:f9:f5:5e:98:2d:
12:85:4c:21:5a:32:14:66:2e:72:e1:65:2b:09:2b:c4:62:18:
1e:aa:6e:bf:55:fe:db:65:44:37:58:3a:11:f7:d9:96:0d:7a:
7f:87:c9:cb:b5:0a:2d:7d:a9:f8:b5:0d:af:05:bb:31:30:39:
77:91:80:4b:c2:54:0b:5c:a1:fa:c9:af:47:13:c3:ba:33:bf:
3e:26:4a:e5:17:c5:12:e8:ac:b6:71:b3:6a:0c:bd:34:bf:a5:
ee:be:22:5f:fb:72:64:ce:34:0d:6d:88:a9:54:34:09:e4:4f:
a5:9b:d5:1c:e7:2a:bc:59:68:4e:0d:6d:f3:18:a7:36:eb:a7:
64:51:41:e9:61:7d:cd:dc:0b:05:95:06:ce:27:20:37:d6:d6:
f7:b6:a9:57:4b:61:38:40:19:99:b9:b7:1b:5c:7c:66:c3:f9:
23:f5:f3:3c:af:17:3b:81:ff:a4:d4:bf:23:ee:85:3d:a3:0c:
30:de:dc:67:44:41:3b:91:9d:9e:90:ad:fd:26:e5:b2:5b:0d:
bd:4b:ff:f8:62:8b:79:06:24:35:4b:51:dc:3c:5f:40:1b:4e:
6a:8a:5f:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040rdqJeQLlUOIX7gqA0C+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkOWFkODg5OWQ1YmM4NTQ5ZWVkZDNlNTlmMmQwZDYyMTM1
Y2NmMTQwHhcNMjYwMzI5MDkwMDI2WhcNMjYwMzMwMDkwMDI2WjAzMTEwLwYDVQQD
EygxMDhjMDdjNDIxNWI5MzE4OGRhZWNiOTM0ZjI0NjExYWM4MWVkYzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRNEhxWuPYkb3vN0A94S/DZmx7Tj
C1r3bsuHGg9fUcQcwcUGsudXB3OJUmd/Xm+Xrl4aws6Dx/QPber3o4fyQZwwbgtg
o5tjq1EX6c15z87H+wrpsbApKzUVtZEZyWlsHb7FrjbxJ7xbmAnWpGZuxnt+KJ9I
b2uKfBm+NlHyhYnZWJZgpgp9nHM6bmVk8ptghmMCYNLlH9e0NffLrXG8vhraU4t5
ZOp+/nB4lr3Q3fYpvo/Vf36VE+HZEsywiNF2CIULxElg/hiHnxZD/yPRdamZvjso
HEq3jhhi1QqrkaBu1KQ9vQRBmw0S24XLmej4cJiqLLNNeNJbd7WRjOfSfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBCMB8QhW5MYja7Lk08kYRrIHtxQMB8GA1UdIwQY
MBaAFF2a2ImdW8hUnu3T5Z8tDWITXM8UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFpyWWlaMWJ5RlNlN2RQbG55ME5ZaE5jenhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9iY2Q3OTItODk1Ni00NWZlLTg1MzQt
MDkzMWZkM2U1YmVlLzEvWFpyWWlaMWJ5RlNlN2RQbG55ME5ZaE5jenhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9iY2Q3OTItODk1Ni00NWZlLTg1MzQtMDkzMWZkM2U1YmVl
LzEvWFpyWWlaMWJ5RlNlN2RQbG55ME5ZaE5jenhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXmgHd5DE
+xI7g1cmt1JajO05mPjcVshKhjpWKI4O5fn1XpgtEoVMIVoyFGYucuFlKwkrxGIY
Hqpuv1X+22VEN1g6EffZlg16f4fJy7UKLX2p+LUNrwW7MTA5d5GAS8JUC1yh+smv
RxPDujO/PiZK5RfFEuistnGzagy9NL+l7r4iX/tyZM40DW2IqVQ0CeRPpZvVHOcq
vFloTg1t8xinNuunZFFB6WF9zdwLBZUGzicgN9bW97apV0thOEAZmbm3G1x8ZsP5
I/XzPK8XO4H/pNS/I+6FPaMMMN7cZ0RBO5GdnpCt/SblslsNvUv/+GKLeQYkNUtR
3DxfQBtOaopf3Q==
-----END CERTIFICATE-----
Generated at Sun Mar 29 15:31:47 2026 by rpki-client