Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/149332-6969-4c4b-b591-7c2c08b5ee49/1/xxnK2ZIhFbz6dFK6Cm5Dpq9OTCQ.mft
File: xxnK2ZIhFbz6dFK6Cm5Dpq9OTCQ.mft (raw, json)
Hash identifier: pkk/VV7+qv3HWbaQUiI9PbU/Aq95MMiJL+7h8AWBRzE=
Subject key identifier: B5:DF:64:E8:A1:F9:B5:22:CC:0D:C8:A9:7D:6F:6C:AA:54:F3:B4:FA
Authority key identifier: C7:19:CA:D9:92:21:15:BC:FA:74:52:BA:0A:6E:43:A6:AF:4E:4C:24
Certificate issuer: /CN=c719cad9922115bcfa7452ba0a6e43a6af4e4c24
Certificate serial: 019D1A5ABDD83E414C49E3CE6ECB592AC913
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xxnK2ZIhFbz6dFK6Cm5Dpq9OTCQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/149332-6969-4c4b-b591-7c2c08b5ee49/1/xxnK2ZIhFbz6dFK6Cm5Dpq9OTCQ.mft
Manifest number: 16D5
Signing time: Mon 23 Mar 2026 11:00:47 +0000
Manifest this update: Mon 23 Mar 2026 11:00:47 +0000
Manifest next update: Tue 24 Mar 2026 11:00:47 +0000
Files and hashes: 1: RA_P8M2CbE3vpnTaUf4TR1pQq4c.roa (hash: sqZi/SBA/dg8k8Qf9vK6EYY7YFO+mp6oMfC87nRDLEY=)
2: xxnK2ZIhFbz6dFK6Cm5Dpq9OTCQ.crl (hash: tIhF81US2ftv/SamjoK+cTnOLr8LjpdAk/Ao2soPeBU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/149332-6969-4c4b-b591-7c2c08b5ee49/1/xxnK2ZIhFbz6dFK6Cm5Dpq9OTCQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/149332-6969-4c4b-b591-7c2c08b5ee49/1/xxnK2ZIhFbz6dFK6Cm5Dpq9OTCQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/xxnK2ZIhFbz6dFK6Cm5Dpq9OTCQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 24 Mar 2026 11:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1a:5a:bd:d8:3e:41:4c:49:e3:ce:6e:cb:59:2a:c9:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c719cad9922115bcfa7452ba0a6e43a6af4e4c24
Validity
Not Before: Mar 23 11:00:47 2026 GMT
Not After : Mar 24 11:00:47 2026 GMT
Subject: CN=b5df64e8a1f9b522cc0dc8a97d6f6caa54f3b4fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:44:ac:36:02:23:73:dc:12:8a:d3:3f:43:1c:
0c:8a:1b:d1:99:c5:26:bf:bd:55:f5:ca:de:30:c0:
a2:f9:b0:cb:92:04:1e:c4:cc:a2:e3:0c:38:dc:e3:
a5:9d:aa:de:b7:cc:fe:b5:9b:3a:53:8d:4c:fd:46:
92:b8:c0:c9:72:ae:7c:dd:67:ac:10:31:2b:48:69:
4d:1b:24:23:53:f8:03:95:f4:4c:2a:23:fa:46:b9:
4b:32:a1:1f:f4:bf:73:ee:d4:db:f4:85:5b:91:29:
7c:b6:9e:61:f1:e2:e2:1e:7e:ed:0b:48:02:b7:f7:
62:b1:06:f8:67:fa:71:a1:cf:4f:26:69:75:28:a7:
f2:c2:c2:7d:11:8d:62:f8:84:71:77:89:93:09:c8:
af:e3:29:c5:ab:f8:53:d3:3a:d6:75:6f:8f:72:8f:
c4:01:c2:fc:f1:85:39:48:d5:85:15:fb:b0:73:69:
f0:73:e6:d2:b8:aa:da:e1:8c:43:02:fa:60:d7:71:
82:65:ea:47:50:3a:a9:04:58:df:9f:b8:b8:a7:16:
d0:c2:a3:2a:1c:e8:63:5c:88:f1:38:f6:91:e1:51:
ec:3d:da:08:8c:7b:6a:df:ae:5e:33:14:ba:6c:3c:
50:5c:dc:ce:00:c8:55:88:57:4b:12:1e:a4:e9:cf:
bc:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:DF:64:E8:A1:F9:B5:22:CC:0D:C8:A9:7D:6F:6C:AA:54:F3:B4:FA
X509v3 Authority Key Identifier:
keyid:C7:19:CA:D9:92:21:15:BC:FA:74:52:BA:0A:6E:43:A6:AF:4E:4C:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xxnK2ZIhFbz6dFK6Cm5Dpq9OTCQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/149332-6969-4c4b-b591-7c2c08b5ee49/1/xxnK2ZIhFbz6dFK6Cm5Dpq9OTCQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/149332-6969-4c4b-b591-7c2c08b5ee49/1/xxnK2ZIhFbz6dFK6Cm5Dpq9OTCQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c5:99:d5:69:9d:e6:d5:26:69:d7:09:aa:e2:bf:0c:18:02:e7:
00:30:30:b2:86:be:70:48:51:b1:a3:fc:2a:67:f6:a0:35:3a:
e2:a9:8b:73:23:9d:f1:d6:a7:36:11:1d:48:97:54:a4:2d:40:
d7:24:88:0e:21:f5:00:2d:91:ac:82:7f:b9:f6:02:e3:a4:66:
13:8e:27:b6:23:f9:1c:cd:3a:fc:c8:d6:4d:5f:00:12:f6:d2:
4d:a6:be:f6:b1:68:50:9b:8e:44:bd:0c:ed:b9:ce:17:ba:91:
d6:26:5a:55:f0:b9:a6:73:0e:b4:f6:b8:01:4f:78:25:46:35:
8c:cb:52:98:37:89:85:63:de:03:e6:f7:38:18:41:73:a3:5a:
78:9e:48:98:4b:e6:fc:74:1d:0a:b2:b4:d4:36:3e:25:19:34:
89:41:08:d1:c7:40:9f:80:fd:a9:61:67:52:4a:37:ec:b5:95:
8f:79:c7:ed:ed:e6:14:09:e1:c3:a1:57:fc:60:1e:c8:38:96:
ed:ae:e6:af:eb:33:cc:82:b9:f9:c5:64:46:9a:a6:d8:1a:db:
d3:2d:27:a1:b0:02:e2:5a:4a:0f:f4:86:d2:27:25:bd:04:57:
e4:5c:f8:2d:3e:1f:9e:a3:13:be:54:33:a3:02:c9:7f:66:a0:
9b:4e:5f:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0aWr3YPkFMSePObstZKskTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3MTljYWQ5OTIyMTE1YmNmYTc0NTJiYTBhNmU0M2E2YWY0
ZTRjMjQwHhcNMjYwMzIzMTEwMDQ3WhcNMjYwMzI0MTEwMDQ3WjAzMTEwLwYDVQQD
EyhiNWRmNjRlOGExZjliNTIyY2MwZGM4YTk3ZDZmNmNhYTU0ZjNiNGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAykSsNgIjc9wSitM/QxwMihvRmcUm
v71V9creMMCi+bDLkgQexMyi4ww43OOlnaret8z+tZs6U41M/UaSuMDJcq583Wes
EDErSGlNGyQjU/gDlfRMKiP6RrlLMqEf9L9z7tTb9IVbkSl8tp5h8eLiHn7tC0gC
t/disQb4Z/pxoc9PJml1KKfywsJ9EY1i+IRxd4mTCciv4ynFq/hT0zrWdW+Pco/E
AcL88YU5SNWFFfuwc2nwc+bSuKra4YxDAvpg13GCZepHUDqpBFjfn7i4pxbQwqMq
HOhjXIjxOPaR4VHsPdoIjHtq365eMxS6bDxQXNzOAMhViFdLEh6k6c+8kwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLXfZOih+bUizA3IqX1vbKpU87T6MB8GA1UdIwQY
MBaAFMcZytmSIRW8+nRSugpuQ6avTkwkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHhuSzJaSWhGYno2ZEZLNkNtNURwcTlPVENRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8xNDkzMzItNjk2OS00YzRiLWI1OTEt
N2MyYzA4YjVlZTQ5LzEveHhuSzJaSWhGYno2ZEZLNkNtNURwcTlPVENRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8xNDkzMzItNjk2OS00YzRiLWI1OTEtN2MyYzA4YjVlZTQ5
LzEveHhuSzJaSWhGYno2ZEZLNkNtNURwcTlPVENRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxZnVaZ3m
1SZp1wmq4r8MGALnADAwsoa+cEhRsaP8Kmf2oDU64qmLcyOd8danNhEdSJdUpC1A
1ySIDiH1AC2RrIJ/ufYC46RmE44ntiP5HM06/MjWTV8AEvbSTaa+9rFoUJuORL0M
7bnOF7qR1iZaVfC5pnMOtPa4AU94JUY1jMtSmDeJhWPeA+b3OBhBc6NaeJ5ImEvm
/HQdCrK01DY+JRk0iUEI0cdAn4D9qWFnUko37LWVj3nH7e3mFAnhw6FX/GAeyDiW
7a7mr+szzIK5+cVkRpqm2Brb0y0nobAC4lpKD/SG0iclvQRX5Fz4LT4fnqMTvlQz
owLJf2agm05f9w==
-----END CERTIFICATE-----
Generated at Mon Mar 23 21:56:31 2026 by rpki-client