Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/652780-3ea1-415e-839e-844729137ee5/1/X2c9L2Ia4xQHABdIu95jisvYYFA.mft
File: X2c9L2Ia4xQHABdIu95jisvYYFA.mft (raw, json)
Hash identifier: EbREVX7dCJ2P4g2WwjXq5p3x/YDfH4yHDGKVlxq91sI=
Subject key identifier: DB:7B:4F:A2:68:13:09:BF:3D:02:BD:EE:9F:B1:18:C3:7D:20:62:3B
Authority key identifier: 5F:67:3D:2F:62:1A:E3:14:07:00:17:48:BB:DE:63:8A:CB:D8:60:50
Certificate issuer: /CN=5f673d2f621ae31407001748bbde638acbd86050
Certificate serial: 019D37C024658404E4C7A349DF663BEE3D68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X2c9L2Ia4xQHABdIu95jisvYYFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/652780-3ea1-415e-839e-844729137ee5/1/X2c9L2Ia4xQHABdIu95jisvYYFA.mft
Manifest number: 0904
Signing time: Sun 29 Mar 2026 04:00:32 +0000
Manifest this update: Sun 29 Mar 2026 04:00:32 +0000
Manifest next update: Mon 30 Mar 2026 04:00:32 +0000
Files and hashes: 1: EFQb-DdMIUfYk8otFJG8FPsYqSg.roa (hash: xz8HTmmrpuajVW7QayylP4C5tRbZcnyfwKq4BdsJEEg=)
2: X2c9L2Ia4xQHABdIu95jisvYYFA.crl (hash: 3Rp3xYEZ+bO6DU7Xn5gQKXHvqooGy56tsFWT2m6YhaQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/652780-3ea1-415e-839e-844729137ee5/1/X2c9L2Ia4xQHABdIu95jisvYYFA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/652780-3ea1-415e-839e-844729137ee5/1/X2c9L2Ia4xQHABdIu95jisvYYFA.mft
rsync://rpki.ripe.net/repository/DEFAULT/X2c9L2Ia4xQHABdIu95jisvYYFA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 04:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:c0:24:65:84:04:e4:c7:a3:49:df:66:3b:ee:3d:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f673d2f621ae31407001748bbde638acbd86050
Validity
Not Before: Mar 29 04:00:32 2026 GMT
Not After : Mar 30 04:00:32 2026 GMT
Subject: CN=db7b4fa2681309bf3d02bdee9fb118c37d20623b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:49:ce:50:83:2d:b3:c7:fb:45:10:11:37:7d:
51:e2:f8:ec:d6:5a:e0:c8:79:5b:e8:a9:43:45:2b:
74:57:a7:6a:54:f8:1f:dd:21:de:d1:01:90:2b:e3:
2e:01:76:1e:f8:36:91:7e:55:f1:c2:1e:93:20:57:
0f:a6:fd:ec:be:5d:83:53:ad:d7:d7:fa:71:ce:a0:
f9:5a:e9:ae:db:d9:44:1d:49:a9:3e:68:16:74:c1:
aa:b3:f5:69:50:57:4d:d9:de:e2:b9:f8:60:03:09:
fd:cd:fa:5d:1b:de:1c:29:16:16:02:8b:ac:3c:73:
46:e6:0d:e0:8e:80:5e:7d:87:9f:d0:d5:cb:d2:bb:
c5:f4:de:4c:c1:48:ac:74:17:bc:b4:4d:89:f6:bd:
d9:3a:83:8b:94:58:be:dc:8c:76:e6:b1:f9:55:94:
e3:10:b7:31:77:ee:79:1d:92:d8:bb:26:40:43:bb:
e3:d8:82:b1:73:8d:26:83:18:6e:31:13:eb:52:a2:
70:91:d1:fd:c9:79:3f:28:09:96:bd:1d:27:a1:3a:
78:d8:76:32:c5:9b:46:a4:82:61:87:a3:49:6b:86:
0b:a8:ff:a0:a5:73:fa:55:ec:8f:aa:d1:af:d3:1c:
c5:32:7f:ec:72:c7:a8:6d:9c:ab:da:a9:c7:10:9f:
d2:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:7B:4F:A2:68:13:09:BF:3D:02:BD:EE:9F:B1:18:C3:7D:20:62:3B
X509v3 Authority Key Identifier:
keyid:5F:67:3D:2F:62:1A:E3:14:07:00:17:48:BB:DE:63:8A:CB:D8:60:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X2c9L2Ia4xQHABdIu95jisvYYFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/652780-3ea1-415e-839e-844729137ee5/1/X2c9L2Ia4xQHABdIu95jisvYYFA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/652780-3ea1-415e-839e-844729137ee5/1/X2c9L2Ia4xQHABdIu95jisvYYFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4e:08:5b:07:6d:c1:5a:fd:00:eb:1e:ca:0d:4b:d2:c2:8f:d0:
d6:c0:6a:85:05:e1:71:75:d1:70:59:d5:6a:98:68:6d:e3:45:
9b:f5:d0:9b:e3:3e:8e:96:c3:d0:e7:ee:d3:6c:02:4b:cb:bb:
eb:51:56:b4:43:ea:67:ea:02:02:28:bf:c5:ff:92:fd:ee:eb:
85:a2:7d:52:9e:ea:72:82:c7:32:91:cc:9e:92:bd:1f:ed:02:
52:96:c4:01:2f:87:ed:7f:f1:e1:4a:8f:01:74:00:1e:1a:1b:
ce:e0:f8:bb:cb:6f:34:80:b0:02:1d:44:54:2b:e4:2b:5e:77:
54:1a:4c:5a:9a:33:03:b9:32:42:5f:31:9a:82:f2:2f:e5:d2:
0d:59:cf:73:dd:c5:b2:ef:6b:3a:57:80:83:36:a4:13:9f:cc:
50:56:60:35:26:ba:31:1c:d8:66:d3:f3:2d:7c:32:d7:f5:15:
31:ed:2f:9c:54:7d:56:f0:53:b4:a4:f9:d0:80:78:63:73:21:
6f:29:5e:35:b7:57:c2:ed:14:33:a8:c0:09:0b:d4:33:f8:4f:
ec:46:75:c5:12:74:0e:fa:a7:8d:95:aa:42:ff:57:b9:72:2b:
fa:7f:60:95:95:f6:79:35:2b:a6:8f:4e:3a:25:d2:c4:de:1e:
d9:be:9f:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wCRlhATkx6NJ32Y77j1oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmNjczZDJmNjIxYWUzMTQwNzAwMTc0OGJiZGU2MzhhY2Jk
ODYwNTAwHhcNMjYwMzI5MDQwMDMyWhcNMjYwMzMwMDQwMDMyWjAzMTEwLwYDVQQD
EyhkYjdiNGZhMjY4MTMwOWJmM2QwMmJkZWU5ZmIxMThjMzdkMjA2MjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEnOUIMts8f7RRARN31R4vjs1lrg
yHlb6KlDRSt0V6dqVPgf3SHe0QGQK+MuAXYe+DaRflXxwh6TIFcPpv3svl2DU63X
1/pxzqD5Wumu29lEHUmpPmgWdMGqs/VpUFdN2d7iufhgAwn9zfpdG94cKRYWAous
PHNG5g3gjoBefYef0NXL0rvF9N5MwUisdBe8tE2J9r3ZOoOLlFi+3Ix25rH5VZTj
ELcxd+55HZLYuyZAQ7vj2IKxc40mgxhuMRPrUqJwkdH9yXk/KAmWvR0noTp42HYy
xZtGpIJhh6NJa4YLqP+gpXP6VeyPqtGv0xzFMn/scseobZyr2qnHEJ/S2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNt7T6JoEwm/PQK97p+xGMN9IGI7MB8GA1UdIwQY
MBaAFF9nPS9iGuMUBwAXSLveY4rL2GBQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDJjOUwySWE0eFFIQUJkSXU5NWppc3ZZWUZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC82NTI3ODAtM2VhMS00MTVlLTgzOWUt
ODQ0NzI5MTM3ZWU1LzEvWDJjOUwySWE0eFFIQUJkSXU5NWppc3ZZWUZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC82NTI3ODAtM2VhMS00MTVlLTgzOWUtODQ0NzI5MTM3ZWU1
LzEvWDJjOUwySWE0eFFIQUJkSXU5NWppc3ZZWUZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATghbB23B
Wv0A6x7KDUvSwo/Q1sBqhQXhcXXRcFnVaphobeNFm/XQm+M+jpbD0Ofu02wCS8u7
61FWtEPqZ+oCAii/xf+S/e7rhaJ9Up7qcoLHMpHMnpK9H+0CUpbEAS+H7X/x4UqP
AXQAHhobzuD4u8tvNICwAh1EVCvkK153VBpMWpozA7kyQl8xmoLyL+XSDVnPc93F
su9rOleAgzakE5/MUFZgNSa6MRzYZtPzLXwy1/UVMe0vnFR9VvBTtKT50IB4Y3Mh
byleNbdXwu0UM6jACQvUM/hP7EZ1xRJ0DvqnjZWqQv9XuXIr+n9glZX2eTUrpo9O
OiXSxN4e2b6fHw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:14:10 2026 by rpki-client