Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/8a430f-40c5-474b-8fd9-074ed70b4673/1/XcYkXKggiZ1-tBQDAsIQQbXbygY.mft
File: XcYkXKggiZ1-tBQDAsIQQbXbygY.mft (raw, json)
Hash identifier: 71fgyhg9hsnTRksQwljQbK8DoVpqw2R1ar3puFze9IY=
Subject key identifier: 32:90:63:DD:C3:86:99:79:2B:C6:B1:F0:F9:2B:87:2B:E0:05:B1:62
Authority key identifier: 5D:C6:24:5C:A8:20:89:9D:7E:B4:14:03:02:C2:10:41:B5:DB:CA:06
Certificate issuer: /CN=5dc6245ca820899d7eb4140302c21041b5dbca06
Certificate serial: 019D390A2EFCBE0A0B54D14248A8E5878CD6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XcYkXKggiZ1-tBQDAsIQQbXbygY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/8a430f-40c5-474b-8fd9-074ed70b4673/1/XcYkXKggiZ1-tBQDAsIQQbXbygY.mft
Manifest number: 087A
Signing time: Sun 29 Mar 2026 10:01:01 +0000
Manifest this update: Sun 29 Mar 2026 10:01:01 +0000
Manifest next update: Mon 30 Mar 2026 10:01:01 +0000
Files and hashes: 1: XcYkXKggiZ1-tBQDAsIQQbXbygY.crl (hash: mWwFVDj/ddPM+dJUbmSQSdLpm/zjPwd4Zjdf6L7lroM=)
2: iDrTmSYQpvy7vo3KT85M4NqZ4jY.roa (hash: +0AgLX/1nLHcInEl5vkO9SuWGWou8jccVXQFvcHqqjk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/8a430f-40c5-474b-8fd9-074ed70b4673/1/XcYkXKggiZ1-tBQDAsIQQbXbygY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/8a430f-40c5-474b-8fd9-074ed70b4673/1/XcYkXKggiZ1-tBQDAsIQQbXbygY.mft
rsync://rpki.ripe.net/repository/DEFAULT/XcYkXKggiZ1-tBQDAsIQQbXbygY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:0a:2e:fc:be:0a:0b:54:d1:42:48:a8:e5:87:8c:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dc6245ca820899d7eb4140302c21041b5dbca06
Validity
Not Before: Mar 29 10:01:01 2026 GMT
Not After : Mar 30 10:01:01 2026 GMT
Subject: CN=329063ddc38699792bc6b1f0f92b872be005b162
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:e0:40:cc:18:0c:77:ef:47:f1:ff:98:03:9d:
3c:80:4a:c1:6a:30:1c:35:7e:e9:c2:eb:24:0c:2a:
e5:92:05:03:55:59:c5:f1:bf:05:93:19:80:2e:ab:
3d:df:41:cb:db:f6:e7:51:d5:ce:e3:97:9a:4a:e3:
59:1a:b5:9d:4a:73:e7:75:f3:e9:ed:60:88:4f:e5:
ec:3c:16:e5:9c:95:e8:a9:a0:c3:5d:23:3c:ee:fd:
04:fe:f8:cd:a0:26:c3:48:5c:3f:d4:0d:54:ab:a9:
6f:6e:03:bf:5a:c6:87:a1:05:81:9d:9b:e5:6a:b9:
48:4b:b2:25:31:d9:3b:02:b9:32:d9:e9:f7:d0:47:
51:ed:2d:87:1c:b3:4d:ff:24:2e:ec:1f:81:47:a5:
e8:14:38:98:ba:7a:9a:66:3e:37:dc:34:9c:95:6b:
d3:d1:03:b5:13:4f:2f:28:14:6b:4b:13:99:8b:d4:
82:cb:7f:d0:d4:7d:bd:6e:e9:01:99:a1:26:b5:93:
60:93:69:d3:b4:00:7c:76:42:bb:f1:50:75:ce:34:
25:9b:02:49:9b:b4:ae:7e:85:43:cb:6b:b4:37:71:
c6:6e:3d:a4:42:51:f9:9c:5d:ea:a6:15:5d:2f:6e:
9a:2a:d0:6e:a1:f0:4e:6c:bb:f7:2f:d5:2f:fa:e4:
94:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:90:63:DD:C3:86:99:79:2B:C6:B1:F0:F9:2B:87:2B:E0:05:B1:62
X509v3 Authority Key Identifier:
keyid:5D:C6:24:5C:A8:20:89:9D:7E:B4:14:03:02:C2:10:41:B5:DB:CA:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XcYkXKggiZ1-tBQDAsIQQbXbygY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/8a430f-40c5-474b-8fd9-074ed70b4673/1/XcYkXKggiZ1-tBQDAsIQQbXbygY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/8a430f-40c5-474b-8fd9-074ed70b4673/1/XcYkXKggiZ1-tBQDAsIQQbXbygY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7a:dc:f0:ce:93:84:4b:0c:d2:25:49:18:59:4f:b7:05:a8:49:
be:94:ac:0d:64:1f:36:68:b1:76:00:bc:87:1c:bf:f1:f7:ab:
76:54:62:66:5e:d0:04:25:6e:15:5f:b5:76:75:34:79:d2:b5:
8c:55:8e:cc:d1:31:ca:ea:97:23:a2:a3:d5:3d:bd:ca:93:13:
1b:58:00:eb:f3:74:d8:00:cf:05:2a:b8:ad:aa:22:23:74:e6:
43:e3:c9:5a:07:4d:d3:bd:80:46:09:8e:3b:0f:6f:f9:f4:fb:
0e:32:47:09:c1:5f:c7:d3:b8:e0:87:49:4e:e3:5b:b8:f9:18:
d8:a7:1a:7c:03:3f:91:0e:c6:8b:ca:85:94:2c:41:76:44:d7:
84:28:2e:67:21:2c:a8:72:12:02:e0:94:e5:8e:1a:45:ee:bf:
d7:fc:6c:5e:ee:c8:0f:af:49:49:8f:40:6a:40:66:bb:00:fe:
67:58:83:94:58:00:a1:a6:89:97:11:df:66:d2:16:e4:5e:c0:
67:56:e5:aa:e3:dc:5e:82:2e:2f:eb:44:31:e4:c3:a1:1b:87:
85:9b:3a:9a:10:dc:d9:be:45:8d:7e:37:d8:76:7f:d9:60:0a:
17:45:ea:c8:83:13:da:5c:db:05:5e:87:f5:f8:f1:71:37:a1:
89:ee:16:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05Ci78vgoLVNFCSKjlh4zWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYzYyNDVjYTgyMDg5OWQ3ZWI0MTQwMzAyYzIxMDQxYjVk
YmNhMDYwHhcNMjYwMzI5MTAwMTAxWhcNMjYwMzMwMTAwMTAxWjAzMTEwLwYDVQQD
EygzMjkwNjNkZGMzODY5OTc5MmJjNmIxZjBmOTJiODcyYmUwMDViMTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyuBAzBgMd+9H8f+YA508gErBajAc
NX7pwuskDCrlkgUDVVnF8b8FkxmALqs930HL2/bnUdXO45eaSuNZGrWdSnPndfPp
7WCIT+XsPBblnJXoqaDDXSM87v0E/vjNoCbDSFw/1A1Uq6lvbgO/WsaHoQWBnZvl
arlIS7IlMdk7Arky2en30EdR7S2HHLNN/yQu7B+BR6XoFDiYunqaZj433DSclWvT
0QO1E08vKBRrSxOZi9SCy3/Q1H29bukBmaEmtZNgk2nTtAB8dkK78VB1zjQlmwJJ
m7SufoVDy2u0N3HGbj2kQlH5nF3qphVdL26aKtBuofBObLv3L9Uv+uSUIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDKQY93Dhpl5K8ax8PkrhyvgBbFiMB8GA1UdIwQY
MBaAFF3GJFyoIImdfrQUAwLCEEG128oGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGNZa1hLZ2dpWjEtdEJRREFzSVFRYlhieWdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi84YTQzMGYtNDBjNS00NzRiLThmZDkt
MDc0ZWQ3MGI0NjczLzEvWGNZa1hLZ2dpWjEtdEJRREFzSVFRYlhieWdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi84YTQzMGYtNDBjNS00NzRiLThmZDktMDc0ZWQ3MGI0Njcz
LzEvWGNZa1hLZ2dpWjEtdEJRREFzSVFRYlhieWdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAetzwzpOE
SwzSJUkYWU+3BahJvpSsDWQfNmixdgC8hxy/8ferdlRiZl7QBCVuFV+1dnU0edK1
jFWOzNExyuqXI6Kj1T29ypMTG1gA6/N02ADPBSq4raoiI3TmQ+PJWgdN072ARgmO
Ow9v+fT7DjJHCcFfx9O44IdJTuNbuPkY2KcafAM/kQ7Gi8qFlCxBdkTXhCguZyEs
qHISAuCU5Y4aRe6/1/xsXu7ID69JSY9AakBmuwD+Z1iDlFgAoaaJlxHfZtIW5F7A
Z1blquPcXoIuL+tEMeTDoRuHhZs6mhDc2b5FjX432HZ/2WAKF0XqyIMT2lzbBV6H
9fjxcTehie4W/Q==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:51:40 2026 by rpki-client