Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft
File: XNhYOyEXQQSea7GalG2DGqvxGtM.mft (raw, json)
Hash identifier: 2RYA0FM7FOmx7G1PIx6sKhwHl/hRmgJZo1kn7KPVjzY=
Subject key identifier: 53:E9:8F:DC:D7:4D:9B:97:F4:AB:F0:FD:42:08:C6:21:B7:1A:7C:A8
Authority key identifier: 5C:D8:58:3B:21:17:41:04:9E:6B:B1:9A:94:6D:83:1A:AB:F1:1A:D3
Certificate issuer: /CN=5cd8583b211741049e6bb19a946d831aabf11ad3
Certificate serial: 019D38D3BE78B81FF69DCC71BDECD26DAA0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft
Manifest number: 17D1
Signing time: Sun 29 Mar 2026 09:01:34 +0000
Manifest this update: Sun 29 Mar 2026 09:01:34 +0000
Manifest next update: Mon 30 Mar 2026 09:01:34 +0000
Files and hashes: 1: S2GzX7bjyNfk8zuc_J7yDO8r8_A.roa (hash: 9cgwTQAZVGZH9VKGn5dJT7UJ2jaArnzhzVtmHDdrHjU=)
2: XNhYOyEXQQSea7GalG2DGqvxGtM.crl (hash: CxI0h66XUNU3kqUfzECd5NOqw1bYgjVNDWcbvWFnBSs=)
3: rSchH_WpkAQtklBw4R5ArVw7Etg.roa (hash: FQrYCtK1inx5vQ38kiI4C/z5+zK3xo4th9Fjypdt9nc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft
rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:be:78:b8:1f:f6:9d:cc:71:bd:ec:d2:6d:aa:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cd8583b211741049e6bb19a946d831aabf11ad3
Validity
Not Before: Mar 29 09:01:34 2026 GMT
Not After : Mar 30 09:01:34 2026 GMT
Subject: CN=53e98fdcd74d9b97f4abf0fd4208c621b71a7ca8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:3f:f6:fe:a1:19:6b:a7:c0:04:24:33:3f:f0:
9a:66:82:f0:e4:99:5a:4b:23:d6:06:24:3d:b9:ab:
ce:8c:45:92:8e:89:5b:12:f3:69:94:f9:05:35:76:
bf:be:08:1a:85:85:4b:2e:00:e2:04:91:df:49:27:
56:cf:0e:71:ab:e8:4f:eb:62:d4:ce:dc:28:58:2d:
d7:89:3c:47:2a:8f:81:53:9a:fc:32:88:dd:b4:dd:
2b:36:48:21:04:c5:12:24:ab:3f:8a:89:74:be:5d:
8a:81:e7:e3:f9:86:28:d2:bc:9e:be:b5:f4:85:eb:
a3:c3:d2:0c:da:7a:b1:02:cb:45:f6:6e:2d:aa:94:
65:0b:98:9c:06:07:bf:13:e8:8b:50:b2:f5:40:49:
c1:ef:92:99:02:a9:03:26:53:75:b6:dd:f6:d7:b5:
57:56:ae:d2:1c:52:dc:41:90:54:57:94:9c:56:c4:
b4:a2:2f:6f:87:25:c3:e8:89:7a:45:f0:84:49:45:
bc:84:ae:73:13:10:3b:9a:d3:34:95:0a:54:c9:4e:
67:ec:8f:91:43:4b:96:fa:94:85:77:09:c9:b0:5a:
cc:1b:ed:4a:be:7e:6c:93:03:6f:05:bc:47:c8:cb:
cd:18:17:79:20:83:6c:cb:f5:0e:1a:56:d7:ac:b1:
c3:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:E9:8F:DC:D7:4D:9B:97:F4:AB:F0:FD:42:08:C6:21:B7:1A:7C:A8
X509v3 Authority Key Identifier:
keyid:5C:D8:58:3B:21:17:41:04:9E:6B:B1:9A:94:6D:83:1A:AB:F1:1A:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1c:d9:62:57:f6:95:52:e8:db:67:78:bd:07:4e:b2:ae:08:e8:
91:e8:8e:19:2c:8b:dd:7d:23:98:ed:cd:9c:72:1f:d4:01:bb:
a5:27:6c:0e:ce:5b:fd:ae:d5:7c:5d:47:cd:7b:6d:c4:d2:90:
34:87:1c:95:68:61:32:39:53:64:5a:99:f1:58:61:0c:29:08:
11:9d:b0:ef:f8:29:0f:24:b4:21:44:c2:1b:26:88:08:82:35:
b7:74:bc:e2:9b:17:3e:c3:44:2b:7f:fc:34:fb:96:9f:e7:28:
bb:8c:0c:8b:b2:3d:13:31:53:19:b1:cb:11:83:9d:35:aa:b4:
68:39:df:35:ca:ac:60:1e:20:f1:ff:87:74:64:32:ab:53:cb:
53:a3:cd:8a:8a:70:4a:29:fa:4b:1a:e0:2f:00:75:c3:f0:71:
90:8c:6a:a0:d7:6c:71:30:81:64:c0:8c:79:68:d0:a3:9e:8e:
ae:f1:f9:17:a3:eb:c5:da:d8:fc:a2:eb:59:53:97:23:65:9a:
fb:0c:de:ba:c9:9a:cf:9b:70:cd:81:55:0f:30:53:d2:e5:b5:
b9:df:ce:54:2e:2e:f7:eb:78:07:eb:3c:a7:b3:f4:2e:6a:1d:
d9:47:04:8f:f3:36:39:da:3c:6d:c7:75:12:09:16:44:f2:86:
d8:82:37:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040754uB/2ncxxvezSbaoOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZDg1ODNiMjExNzQxMDQ5ZTZiYjE5YTk0NmQ4MzFhYWJm
MTFhZDMwHhcNMjYwMzI5MDkwMTM0WhcNMjYwMzMwMDkwMTM0WjAzMTEwLwYDVQQD
Eyg1M2U5OGZkY2Q3NGQ5Yjk3ZjRhYmYwZmQ0MjA4YzYyMWI3MWE3Y2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApj/2/qEZa6fABCQzP/CaZoLw5Jla
SyPWBiQ9uavOjEWSjolbEvNplPkFNXa/vggahYVLLgDiBJHfSSdWzw5xq+hP62LU
ztwoWC3XiTxHKo+BU5r8MojdtN0rNkghBMUSJKs/iol0vl2Kgefj+YYo0ryevrX0
heujw9IM2nqxAstF9m4tqpRlC5icBge/E+iLULL1QEnB75KZAqkDJlN1tt3217VX
Vq7SHFLcQZBUV5ScVsS0oi9vhyXD6Il6RfCESUW8hK5zExA7mtM0lQpUyU5n7I+R
Q0uW+pSFdwnJsFrMG+1Kvn5skwNvBbxHyMvNGBd5IINsy/UOGlbXrLHDvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFPpj9zXTZuX9Kvw/UIIxiG3GnyoMB8GA1UdIwQY
MBaAFFzYWDshF0EEnmuxmpRtgxqr8RrTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC83Mjk4YWItN2I5Yy00N2FkLTkwODUt
NTA5NzRiY2RjMjQ4LzEvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC83Mjk4YWItN2I5Yy00N2FkLTkwODUtNTA5NzRiY2RjMjQ4
LzEvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHNliV/aV
UujbZ3i9B06yrgjokeiOGSyL3X0jmO3NnHIf1AG7pSdsDs5b/a7VfF1HzXttxNKQ
NIcclWhhMjlTZFqZ8VhhDCkIEZ2w7/gpDyS0IUTCGyaICII1t3S84psXPsNEK3/8
NPuWn+cou4wMi7I9EzFTGbHLEYOdNaq0aDnfNcqsYB4g8f+HdGQyq1PLU6PNiopw
Sin6SxrgLwB1w/BxkIxqoNdscTCBZMCMeWjQo56OrvH5F6PrxdrY/KLrWVOXI2Wa
+wzeusmaz5twzYFVDzBT0uW1ud/OVC4u9+t4B+s8p7P0Lmod2UcEj/M2Odo8bcd1
EgkWRPKG2II3CQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:12:19 2026 by rpki-client