Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft
File: XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft (raw, json)
Hash identifier: X3lcWRme69eeiNSRLWMo5o3Z92EjPUs0AWEBRN/52rc=
Subject key identifier: 3B:53:A3:42:2C:6B:5A:26:BA:E7:25:B3:D7:6B:79:72:0E:77:F4:90
Authority key identifier: 5D:D6:C1:38:4B:4A:4C:A5:01:DD:33:C5:F0:D8:58:0D:44:16:EB:3A
Certificate issuer: /CN=5dd6c1384b4a4ca501dd33c5f0d8580d4416eb3a
Certificate serial: 019D3977DB0E832B5D3E08A441EA486A8C8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XdbBOEtKTKUB3TPF8NhYDUQW6zo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft
Manifest number: 058A
Signing time: Sun 29 Mar 2026 12:00:49 +0000
Manifest this update: Sun 29 Mar 2026 12:00:49 +0000
Manifest next update: Mon 30 Mar 2026 12:00:49 +0000
Files and hashes: 1: XdbBOEtKTKUB3TPF8NhYDUQW6zo.crl (hash: sU4kslvZozGO+zubpg3u/VBn1HkMEoUeseOR7q9btN0=)
2: x90dPkWW8REhzconoQULUI7Rl80.roa (hash: IZPztQukbhq4U8uDrkKMf9ofAgLjzhebtlSwoKIMZXM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft
rsync://rpki.ripe.net/repository/DEFAULT/XdbBOEtKTKUB3TPF8NhYDUQW6zo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:77:db:0e:83:2b:5d:3e:08:a4:41:ea:48:6a:8c:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dd6c1384b4a4ca501dd33c5f0d8580d4416eb3a
Validity
Not Before: Mar 29 12:00:49 2026 GMT
Not After : Mar 30 12:00:49 2026 GMT
Subject: CN=3b53a3422c6b5a26bae725b3d76b79720e77f490
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:78:7c:91:e1:8d:18:7c:16:ce:26:d4:de:b6:
47:16:8c:0e:40:15:43:0c:ee:67:ca:70:f3:a7:92:
16:d6:96:01:1d:c7:0c:de:06:b0:32:e2:83:f3:72:
25:33:49:9a:64:36:fd:e7:50:06:ea:2a:5b:5c:eb:
da:08:eb:df:7b:15:cf:67:f9:0f:b0:a3:9d:df:f6:
24:0c:0d:42:f2:47:e3:12:46:f9:bb:2a:8f:9e:e1:
82:74:e1:12:11:a1:39:a3:f0:53:c0:2b:36:b9:65:
e3:f3:3e:46:20:ad:0c:7a:5b:15:52:ef:a7:12:b7:
ba:f8:3c:89:34:56:90:b3:8e:53:26:f5:87:bc:d1:
18:8b:20:94:4d:7d:dc:ea:d2:b7:19:13:30:55:89:
85:f5:cc:33:73:1f:96:42:f4:f3:d0:de:41:6e:8c:
16:fc:54:4b:27:86:37:94:5a:61:70:3e:74:50:40:
2c:39:11:78:72:e3:47:2f:fa:57:76:14:75:68:d0:
56:25:33:65:08:12:8f:14:96:7d:a4:ab:d6:60:0d:
d7:04:a0:19:82:e6:89:68:16:a3:6e:50:88:95:7a:
35:11:e8:98:59:e3:f3:c1:93:a7:53:39:5c:8f:83:
d9:01:98:ac:7d:ad:d3:bf:10:6b:c7:d6:97:f2:a2:
42:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:53:A3:42:2C:6B:5A:26:BA:E7:25:B3:D7:6B:79:72:0E:77:F4:90
X509v3 Authority Key Identifier:
keyid:5D:D6:C1:38:4B:4A:4C:A5:01:DD:33:C5:F0:D8:58:0D:44:16:EB:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XdbBOEtKTKUB3TPF8NhYDUQW6zo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b7:97:2e:74:cc:df:bb:34:b6:73:37:7a:39:87:e2:97:21:c4:
20:77:be:71:49:a4:55:4f:b2:c3:cd:db:7c:d3:2d:3b:f0:33:
f2:b1:1d:27:a4:ef:a6:87:82:dc:8e:1d:d7:fc:4f:45:7c:21:
58:ae:5b:9f:27:5b:7d:86:58:81:a6:98:05:48:f2:25:b2:b9:
5a:c7:09:9e:33:82:ba:d2:62:cb:e2:4c:84:a2:84:01:08:12:
89:81:4d:ff:60:a9:a7:13:6a:3f:78:2d:0f:2c:be:65:17:d3:
4f:49:7b:a1:00:a0:86:eb:4e:44:2a:05:62:a0:9a:7d:2f:d6:
86:bd:d0:20:ea:dd:14:28:9a:15:85:5a:23:78:9d:72:56:a2:
f8:35:f5:7f:c1:a1:a8:98:54:a8:98:78:06:b0:79:8d:7a:c4:
18:f4:37:d2:a0:67:ac:14:dd:cc:d3:a6:5b:4f:65:46:fb:dd:
30:a5:4c:63:93:2e:79:ec:a2:7f:d9:e2:24:6b:3f:6b:6a:99:
49:72:be:32:b8:a4:85:c0:82:a6:7c:1a:99:c2:b5:a6:6a:d5:
32:c8:d4:05:57:02:48:8d:85:c2:ea:c3:63:ed:0c:70:07:dd:
d2:bf:8a:8f:d8:ce:83:ce:f0:20:7c:07:6e:5b:96:2c:94:64:
b5:2b:70:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05d9sOgytdPgikQepIaoyPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZDZjMTM4NGI0YTRjYTUwMWRkMzNjNWYwZDg1ODBkNDQx
NmViM2EwHhcNMjYwMzI5MTIwMDQ5WhcNMjYwMzMwMTIwMDQ5WjAzMTEwLwYDVQQD
EygzYjUzYTM0MjJjNmI1YTI2YmFlNzI1YjNkNzZiNzk3MjBlNzdmNDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Hh8keGNGHwWzibU3rZHFowOQBVD
DO5nynDzp5IW1pYBHccM3gawMuKD83IlM0maZDb951AG6ipbXOvaCOvfexXPZ/kP
sKOd3/YkDA1C8kfjEkb5uyqPnuGCdOESEaE5o/BTwCs2uWXj8z5GIK0MelsVUu+n
Ere6+DyJNFaQs45TJvWHvNEYiyCUTX3c6tK3GRMwVYmF9cwzcx+WQvTz0N5BbowW
/FRLJ4Y3lFphcD50UEAsORF4cuNHL/pXdhR1aNBWJTNlCBKPFJZ9pKvWYA3XBKAZ
guaJaBajblCIlXo1EeiYWePzwZOnUzlcj4PZAZisfa3TvxBrx9aX8qJCZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDtTo0Isa1omuucls9dreXIOd/SQMB8GA1UdIwQY
MBaAFF3WwThLSkylAd0zxfDYWA1EFus6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGRiQk9FdEtUS1VCM1RQRjhOaFlEVVFXNnpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi85MTU3YTktMDRiMC00MWJlLTljMjQt
ZDgyZDA2YTg3YmZlLzEvWGRiQk9FdEtUS1VCM1RQRjhOaFlEVVFXNnpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi85MTU3YTktMDRiMC00MWJlLTljMjQtZDgyZDA2YTg3YmZl
LzEvWGRiQk9FdEtUS1VCM1RQRjhOaFlEVVFXNnpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAt5cudMzf
uzS2czd6OYfilyHEIHe+cUmkVU+yw83bfNMtO/Az8rEdJ6TvpoeC3I4d1/xPRXwh
WK5bnydbfYZYgaaYBUjyJbK5WscJnjOCutJiy+JMhKKEAQgSiYFN/2CppxNqP3gt
Dyy+ZRfTT0l7oQCghutORCoFYqCafS/Whr3QIOrdFCiaFYVaI3idclai+DX1f8Gh
qJhUqJh4BrB5jXrEGPQ30qBnrBTdzNOmW09lRvvdMKVMY5Mueeyif9niJGs/a2qZ
SXK+MrikhcCCpnwamcK1pmrVMsjUBVcCSI2FwurDY+0McAfd0r+Kj9jOg87wIHwH
bluWLJRktStwdw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:49:22 2026 by rpki-client