Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/1bf5fa-f69b-417c-bc0b-5d5bb7fe571a/1/FXaJHPKx2OxWwDvHqW3pWKDgADI.mft
File: FXaJHPKx2OxWwDvHqW3pWKDgADI.mft (raw, json)
Hash identifier: DDorUE57OkrNBkPK9QZ/oEd4zHh3QbACoAJlSVzXTX4=
Subject key identifier: 88:30:5B:53:DC:D2:FC:6A:1A:F0:86:65:DD:3C:7E:1C:54:35:B3:D7
Authority key identifier: 15:76:89:1C:F2:B1:D8:EC:56:C0:3B:C7:A9:6D:E9:58:A0:E0:00:32
Certificate issuer: /CN=1576891cf2b1d8ec56c03bc7a96de958a0e00032
Certificate serial: 019D382E5D1CDA3ACC32D49E65692666BAE2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FXaJHPKx2OxWwDvHqW3pWKDgADI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/1bf5fa-f69b-417c-bc0b-5d5bb7fe571a/1/FXaJHPKx2OxWwDvHqW3pWKDgADI.mft
Manifest number: 0638
Signing time: Sun 29 Mar 2026 06:00:55 +0000
Manifest this update: Sun 29 Mar 2026 06:00:55 +0000
Manifest next update: Mon 30 Mar 2026 06:00:55 +0000
Files and hashes: 1: FXaJHPKx2OxWwDvHqW3pWKDgADI.crl (hash: U7Qls4cb0wABiATMhHM8hl6yCfBlkjK9fmyosx0F2FE=)
2: IeSw-4bcio5RXnwbEa4KykMgwOY.roa (hash: OoWXczxt8RFsumILUeDSej8qKitlw3VHsPcYq7wi388=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/1bf5fa-f69b-417c-bc0b-5d5bb7fe571a/1/FXaJHPKx2OxWwDvHqW3pWKDgADI.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/1bf5fa-f69b-417c-bc0b-5d5bb7fe571a/1/FXaJHPKx2OxWwDvHqW3pWKDgADI.mft
rsync://rpki.ripe.net/repository/DEFAULT/FXaJHPKx2OxWwDvHqW3pWKDgADI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 06:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:2e:5d:1c:da:3a:cc:32:d4:9e:65:69:26:66:ba:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1576891cf2b1d8ec56c03bc7a96de958a0e00032
Validity
Not Before: Mar 29 06:00:55 2026 GMT
Not After : Mar 30 06:00:55 2026 GMT
Subject: CN=88305b53dcd2fc6a1af08665dd3c7e1c5435b3d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:3d:f4:d4:20:e8:4a:05:ba:ec:34:f6:11:04:
dd:f4:86:45:e4:d9:9d:72:2f:ca:c8:52:5c:99:8f:
e8:91:1d:3d:f0:3b:72:7f:71:19:e0:2e:f4:80:31:
d2:e5:18:fa:8d:f1:af:66:28:6d:ba:91:e8:70:e0:
80:83:a0:86:2f:cd:8e:aa:f2:55:46:57:a3:b0:d8:
41:f3:4d:94:cf:28:8a:a5:70:84:33:ab:49:68:a8:
a5:28:eb:e0:76:c8:c1:99:9b:60:87:15:fd:93:a1:
0c:47:fa:c0:a8:cc:dc:30:d4:66:b4:44:82:1e:80:
ea:80:ef:61:67:a0:d6:52:6c:8d:58:43:98:b7:98:
14:61:78:b6:2e:db:50:7f:b1:f3:be:bc:a5:11:11:
a6:fe:61:63:7c:3a:1e:fe:47:e5:41:be:b1:b2:73:
98:82:cd:d2:98:17:99:65:26:23:5e:a0:89:5a:af:
e1:76:e6:90:74:f8:03:82:98:d7:aa:f0:ab:89:e6:
d4:1a:66:49:aa:7a:85:1c:17:9c:14:62:70:0a:89:
c5:47:66:2c:e3:60:5f:9b:c9:91:3f:38:56:c4:c6:
78:ca:36:52:97:1f:79:66:80:00:cf:c8:b3:52:61:
60:bb:b0:7e:bc:0d:a5:06:b3:91:b8:9d:0a:c6:da:
e8:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:30:5B:53:DC:D2:FC:6A:1A:F0:86:65:DD:3C:7E:1C:54:35:B3:D7
X509v3 Authority Key Identifier:
keyid:15:76:89:1C:F2:B1:D8:EC:56:C0:3B:C7:A9:6D:E9:58:A0:E0:00:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FXaJHPKx2OxWwDvHqW3pWKDgADI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/1bf5fa-f69b-417c-bc0b-5d5bb7fe571a/1/FXaJHPKx2OxWwDvHqW3pWKDgADI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/1bf5fa-f69b-417c-bc0b-5d5bb7fe571a/1/FXaJHPKx2OxWwDvHqW3pWKDgADI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
04:ae:9a:97:1f:24:cd:7f:f5:2c:2c:0f:17:4c:4c:c9:38:bc:
97:da:20:36:01:e2:c3:e4:24:dc:11:df:8e:29:5e:f1:b0:f4:
45:94:c8:96:fe:b7:1f:05:4e:59:b9:99:b1:82:69:5d:f0:48:
1f:63:01:8a:87:c9:c5:71:5c:ce:bd:23:64:b3:3a:49:7e:31:
6d:e7:b8:42:27:f2:6a:bc:b2:24:0a:5b:91:53:89:ed:60:7e:
f4:ca:b8:5e:79:bc:e7:b1:50:ef:b6:48:5b:ac:74:e8:f7:63:
7f:36:cb:af:20:4d:05:5d:b2:92:d0:14:2a:fd:07:31:77:69:
ee:96:6c:4f:a8:45:41:30:ab:2a:65:2e:e3:ce:1d:47:36:6e:
2f:be:83:78:0f:5d:28:e7:28:48:9b:90:92:e0:6e:5a:88:4a:
5c:e7:3d:24:3f:0b:dd:b0:84:d5:02:9f:fd:d7:51:7a:c3:10:
d1:59:f2:44:91:5a:bb:f2:72:a1:51:78:05:b1:50:52:1e:81:
d8:ab:95:52:ea:a4:91:a6:da:8d:2a:65:99:bd:b4:2a:1e:38:
7f:af:f1:49:79:10:8a:b4:f4:90:e4:37:0d:5f:52:aa:5f:2b:
1a:e5:a4:c5:3a:ea:20:c2:a9:b9:6f:f5:f0:aa:cd:3a:7d:c4:
9d:5b:2e:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Ll0c2jrMMtSeZWkmZrriMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1NzY4OTFjZjJiMWQ4ZWM1NmMwM2JjN2E5NmRlOTU4YTBl
MDAwMzIwHhcNMjYwMzI5MDYwMDU1WhcNMjYwMzMwMDYwMDU1WjAzMTEwLwYDVQQD
Eyg4ODMwNWI1M2RjZDJmYzZhMWFmMDg2NjVkZDNjN2UxYzU0MzViM2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApD301CDoSgW67DT2EQTd9IZF5Nmd
ci/KyFJcmY/okR098Dtyf3EZ4C70gDHS5Rj6jfGvZihtupHocOCAg6CGL82OqvJV
RlejsNhB802UzyiKpXCEM6tJaKilKOvgdsjBmZtghxX9k6EMR/rAqMzcMNRmtESC
HoDqgO9hZ6DWUmyNWEOYt5gUYXi2LttQf7HzvrylERGm/mFjfDoe/kflQb6xsnOY
gs3SmBeZZSYjXqCJWq/hduaQdPgDgpjXqvCriebUGmZJqnqFHBecFGJwConFR2Ys
42Bfm8mRPzhWxMZ4yjZSlx95ZoAAz8izUmFgu7B+vA2lBrORuJ0KxtroqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIgwW1Pc0vxqGvCGZd08fhxUNbPXMB8GA1UdIwQY
MBaAFBV2iRzysdjsVsA7x6lt6Vig4AAyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlhhSkhQS3gyT3hXd0R2SHFXM3BXS0RnQURJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS8xYmY1ZmEtZjY5Yi00MTdjLWJjMGIt
NWQ1YmI3ZmU1NzFhLzEvRlhhSkhQS3gyT3hXd0R2SHFXM3BXS0RnQURJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS8xYmY1ZmEtZjY5Yi00MTdjLWJjMGItNWQ1YmI3ZmU1NzFh
LzEvRlhhSkhQS3gyT3hXd0R2SHFXM3BXS0RnQURJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABK6alx8k
zX/1LCwPF0xMyTi8l9ogNgHiw+Qk3BHfjile8bD0RZTIlv63HwVOWbmZsYJpXfBI
H2MBiofJxXFczr0jZLM6SX4xbee4QifyaryyJApbkVOJ7WB+9Mq4Xnm857FQ77ZI
W6x06PdjfzbLryBNBV2yktAUKv0HMXdp7pZsT6hFQTCrKmUu484dRzZuL76DeA9d
KOcoSJuQkuBuWohKXOc9JD8L3bCE1QKf/ddResMQ0VnyRJFau/JyoVF4BbFQUh6B
2KuVUuqkkabajSplmb20Kh44f6/xSXkQirT0kOQ3DV9Sql8rGuWkxTrqIMKpuW/1
8KrNOn3EnVsu/w==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:26:36 2026 by rpki-client