Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/a27a03-f645-462b-94e7-66c5ae8a36b4/1/XHkaG6CbnU01jvBare1_DoXogbY.mft
File: XHkaG6CbnU01jvBare1_DoXogbY.mft (raw, json)
Hash identifier: LurcpqfT/xyamw5bQcCI3fLp7+xgGMhBN2Zh8EILByI=
Subject key identifier: 26:7D:2A:79:10:56:D2:9C:86:AE:21:37:A4:CF:1C:F1:A2:C3:CC:43
Authority key identifier: 5C:79:1A:1B:A0:9B:9D:4D:35:8E:F0:5A:AD:ED:7F:0E:85:E8:81:B6
Certificate issuer: /CN=5c791a1ba09b9d4d358ef05aaded7f0e85e881b6
Certificate serial: 019D382EAD3BA1AFCCE72F0A9882DE0493F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XHkaG6CbnU01jvBare1_DoXogbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/a27a03-f645-462b-94e7-66c5ae8a36b4/1/XHkaG6CbnU01jvBare1_DoXogbY.mft
Manifest number: 0DCC
Signing time: Sun 29 Mar 2026 06:01:16 +0000
Manifest this update: Sun 29 Mar 2026 06:01:16 +0000
Manifest next update: Mon 30 Mar 2026 06:01:16 +0000
Files and hashes: 1: 6y5zOsV9mgf7F2BHXrtRk7xzs4U.roa (hash: u0j0WMKCrPC+ARtOidkhhJpiGvpkSNz5tPW2s6UUp9I=)
2: XHkaG6CbnU01jvBare1_DoXogbY.crl (hash: V2FAQHBSE384Z+cQRKY7ffYI0bsNg4/QZ7sxf3Grs6E=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/a27a03-f645-462b-94e7-66c5ae8a36b4/1/XHkaG6CbnU01jvBare1_DoXogbY.crl
rsync://rpki.ripe.net/repository/DEFAULT/9d/a27a03-f645-462b-94e7-66c5ae8a36b4/1/XHkaG6CbnU01jvBare1_DoXogbY.mft
rsync://rpki.ripe.net/repository/DEFAULT/XHkaG6CbnU01jvBare1_DoXogbY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 06:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:2e:ad:3b:a1:af:cc:e7:2f:0a:98:82:de:04:93:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c791a1ba09b9d4d358ef05aaded7f0e85e881b6
Validity
Not Before: Mar 29 06:01:16 2026 GMT
Not After : Mar 30 06:01:16 2026 GMT
Subject: CN=267d2a791056d29c86ae2137a4cf1cf1a2c3cc43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:81:94:ad:bf:ce:93:84:0c:0b:25:15:c6:22:
b6:f4:39:08:44:9e:4c:46:eb:94:ab:b2:78:4b:8d:
6a:e2:be:b5:38:32:15:df:fe:14:91:58:91:5e:fa:
f1:f1:81:c3:58:9d:8a:d6:63:24:93:a8:3f:1d:46:
c8:20:c9:c8:44:d9:48:37:55:75:2c:99:9c:83:f2:
e8:6f:8d:29:69:45:9c:c2:11:50:2d:99:b6:a7:86:
36:c7:70:b6:cc:cb:7c:8f:3f:a4:56:5f:07:e7:bb:
14:df:f9:85:33:74:08:3f:0e:2a:ba:b5:69:eb:6d:
ed:22:29:f7:2b:53:ca:f2:02:76:aa:1d:6e:40:37:
af:cb:21:bf:85:69:cc:38:6b:3e:48:43:47:72:bc:
44:6a:4b:52:43:4e:1f:40:55:55:17:56:14:38:a7:
be:0a:47:3c:3d:3b:d9:07:a7:d1:c5:13:bd:41:91:
5a:2b:de:10:51:42:0d:d5:63:eb:28:0a:f8:be:70:
dc:35:d5:4d:a8:78:06:6d:bb:af:c3:24:9f:e9:ec:
b9:c0:c5:79:b5:d6:47:63:7f:d2:74:b0:02:ba:e9:
36:9a:bb:01:35:27:06:dd:d1:8e:1c:39:5f:77:6e:
34:f0:00:a9:be:9f:aa:82:b5:11:ec:73:90:63:f8:
92:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:7D:2A:79:10:56:D2:9C:86:AE:21:37:A4:CF:1C:F1:A2:C3:CC:43
X509v3 Authority Key Identifier:
keyid:5C:79:1A:1B:A0:9B:9D:4D:35:8E:F0:5A:AD:ED:7F:0E:85:E8:81:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XHkaG6CbnU01jvBare1_DoXogbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/a27a03-f645-462b-94e7-66c5ae8a36b4/1/XHkaG6CbnU01jvBare1_DoXogbY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/a27a03-f645-462b-94e7-66c5ae8a36b4/1/XHkaG6CbnU01jvBare1_DoXogbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
54:59:3b:9d:67:74:ad:1e:ef:c4:8c:92:0a:93:68:b3:f1:5d:
b2:33:68:16:38:9b:24:a8:6f:48:78:65:b0:3f:65:72:e4:a4:
a0:b3:bb:05:29:73:e9:54:c9:6d:71:71:be:5a:96:7f:c9:54:
06:86:93:51:d3:28:72:3e:ae:b4:85:d5:bf:0d:3e:3f:77:e2:
e3:34:cb:f5:bd:22:70:08:10:d4:8d:95:40:ee:db:19:f4:df:
b7:3c:cf:25:7d:6f:84:db:ed:cb:b5:db:01:19:3c:83:5e:78:
51:05:86:3f:bf:27:25:82:80:d2:df:99:2a:7f:b3:49:fc:40:
db:d5:e2:05:56:7f:64:50:57:36:bc:4c:59:4a:d2:c3:68:40:
aa:6b:ab:f3:db:34:46:b4:4b:04:41:75:5f:8e:d8:84:df:58:
bd:8c:47:bb:80:b8:f1:ae:75:99:0a:57:04:8a:bf:c3:4d:14:
b6:78:f8:db:1d:a4:4e:7a:ca:9b:5f:1e:fd:5f:c4:1b:61:b2:
26:38:0c:23:63:78:d2:f0:5e:12:71:ef:cf:07:a7:21:54:9f:
fa:db:db:4a:e4:f3:e2:2a:81:fc:f4:40:03:81:40:95:db:57:
a2:a7:74:28:98:06:e5:e0:6d:73:76:45:bd:ed:f5:a5:16:ca:
5c:b3:5c:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Lq07oa/M5y8KmILeBJPzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNzkxYTFiYTA5YjlkNGQzNThlZjA1YWFkZWQ3ZjBlODVl
ODgxYjYwHhcNMjYwMzI5MDYwMTE2WhcNMjYwMzMwMDYwMTE2WjAzMTEwLwYDVQQD
EygyNjdkMmE3OTEwNTZkMjljODZhZTIxMzdhNGNmMWNmMWEyYzNjYzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIGUrb/Ok4QMCyUVxiK29DkIRJ5M
RuuUq7J4S41q4r61ODIV3/4UkViRXvrx8YHDWJ2K1mMkk6g/HUbIIMnIRNlIN1V1
LJmcg/Lob40paUWcwhFQLZm2p4Y2x3C2zMt8jz+kVl8H57sU3/mFM3QIPw4qurVp
623tIin3K1PK8gJ2qh1uQDevyyG/hWnMOGs+SENHcrxEaktSQ04fQFVVF1YUOKe+
Ckc8PTvZB6fRxRO9QZFaK94QUUIN1WPrKAr4vnDcNdVNqHgGbbuvwySf6ey5wMV5
tdZHY3/SdLACuuk2mrsBNScG3dGOHDlfd2408ACpvp+qgrUR7HOQY/iSIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCZ9KnkQVtKchq4hN6TPHPGiw8xDMB8GA1UdIwQY
MBaAFFx5Ghugm51NNY7wWq3tfw6F6IG2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEhrYUc2Q2JuVTAxanZCYXJlMV9Eb1hvZ2JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9hMjdhMDMtZjY0NS00NjJiLTk0ZTct
NjZjNWFlOGEzNmI0LzEvWEhrYUc2Q2JuVTAxanZCYXJlMV9Eb1hvZ2JZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC9hMjdhMDMtZjY0NS00NjJiLTk0ZTctNjZjNWFlOGEzNmI0
LzEvWEhrYUc2Q2JuVTAxanZCYXJlMV9Eb1hvZ2JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVFk7nWd0
rR7vxIySCpNos/FdsjNoFjibJKhvSHhlsD9lcuSkoLO7BSlz6VTJbXFxvlqWf8lU
BoaTUdMocj6utIXVvw0+P3fi4zTL9b0icAgQ1I2VQO7bGfTftzzPJX1vhNvty7Xb
ARk8g154UQWGP78nJYKA0t+ZKn+zSfxA29XiBVZ/ZFBXNrxMWUrSw2hAqmur89s0
RrRLBEF1X47YhN9YvYxHu4C48a51mQpXBIq/w00Utnj42x2kTnrKm18e/V/EG2Gy
JjgMI2N40vBeEnHvzwenIVSf+tvbSuTz4iqB/PRAA4FAldtXoqd0KJgG5eBtc3ZF
ve31pRbKXLNc+g==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:47:26 2026 by rpki-client