Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/9c7ce4-2cd4-4854-8840-b0fe9221efb7/1/xJkOwgER9C-2LzmoHHOSqSGVW_I.mft
File: xJkOwgER9C-2LzmoHHOSqSGVW_I.mft (raw, json)
Hash identifier: 2DINpc0aGh8cCINzvqRinYgRV8Hbs4BgQ8IwdRQJ3x0=
Subject key identifier: E5:A3:53:25:5D:2E:23:90:A6:DE:2C:71:57:C6:97:FF:FD:2F:BA:11
Authority key identifier: C4:99:0E:C2:01:11:F4:2F:B6:2F:39:A8:1C:73:92:A9:21:95:5B:F2
Certificate issuer: /CN=c4990ec20111f42fb62f39a81c7392a921955bf2
Certificate serial: 019D3789AE0CB7A17BBF29AAD2BFC0619BD9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xJkOwgER9C-2LzmoHHOSqSGVW_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/9c7ce4-2cd4-4854-8840-b0fe9221efb7/1/xJkOwgER9C-2LzmoHHOSqSGVW_I.mft
Manifest number: 04F1
Signing time: Sun 29 Mar 2026 03:01:03 +0000
Manifest this update: Sun 29 Mar 2026 03:01:03 +0000
Manifest next update: Mon 30 Mar 2026 03:01:03 +0000
Files and hashes: 1: 9xmBM7L_OxbERlsRfyJd0cq_X64.roa (hash: eKCgpHNS7X6MicYQsrZGeTzZ5yIaoRnXGdc8m8M+l4U=)
2: xJkOwgER9C-2LzmoHHOSqSGVW_I.crl (hash: vSv4pAu95wdm/RQQup1G+Aw9SBhudeA3nVrEtoahXvU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/9c7ce4-2cd4-4854-8840-b0fe9221efb7/1/xJkOwgER9C-2LzmoHHOSqSGVW_I.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/9c7ce4-2cd4-4854-8840-b0fe9221efb7/1/xJkOwgER9C-2LzmoHHOSqSGVW_I.mft
rsync://rpki.ripe.net/repository/DEFAULT/xJkOwgER9C-2LzmoHHOSqSGVW_I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 03:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:89:ae:0c:b7:a1:7b:bf:29:aa:d2:bf:c0:61:9b:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4990ec20111f42fb62f39a81c7392a921955bf2
Validity
Not Before: Mar 29 03:01:03 2026 GMT
Not After : Mar 30 03:01:03 2026 GMT
Subject: CN=e5a353255d2e2390a6de2c7157c697fffd2fba11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:cb:8c:1b:5f:38:ca:78:65:fd:c6:ba:c1:c2:
1d:d6:a6:10:71:6b:ee:33:23:b6:8e:de:29:e4:ba:
5d:bb:cc:d0:be:64:eb:32:80:db:f5:31:31:51:2e:
68:c5:f7:31:8e:c5:3a:0d:ed:0d:90:ed:dc:93:76:
87:3f:1e:7a:9f:e0:75:ce:52:1e:2e:c2:03:a1:32:
0b:73:7f:af:6c:d2:fd:51:0c:67:a2:7c:40:52:38:
d6:b5:41:79:5f:d8:76:d3:52:46:4f:63:55:17:13:
9e:c2:c1:42:2c:d8:59:2a:64:b1:69:94:a4:f6:8c:
70:ef:62:83:40:9a:b2:17:75:bd:f2:e0:18:d7:85:
fa:37:dd:bc:03:e1:f4:98:ca:80:e2:3d:6a:68:2f:
c4:71:69:01:02:f1:49:c0:ba:54:7a:ad:57:17:13:
e6:23:5e:ed:83:d5:f6:d0:5d:f8:19:7f:75:7f:a0:
37:32:8c:8c:06:38:5c:66:ba:09:3d:3e:76:83:52:
75:71:21:b0:26:ee:cc:87:07:26:4b:f8:de:3b:92:
df:9e:68:cb:57:89:14:14:c4:0c:81:b3:5b:42:6f:
e3:21:4f:eb:d7:ff:37:48:44:f8:5b:d2:34:03:ee:
4b:7d:5a:6a:18:3e:44:4a:b2:fb:ce:1c:82:1d:14:
e0:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:A3:53:25:5D:2E:23:90:A6:DE:2C:71:57:C6:97:FF:FD:2F:BA:11
X509v3 Authority Key Identifier:
keyid:C4:99:0E:C2:01:11:F4:2F:B6:2F:39:A8:1C:73:92:A9:21:95:5B:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xJkOwgER9C-2LzmoHHOSqSGVW_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/9c7ce4-2cd4-4854-8840-b0fe9221efb7/1/xJkOwgER9C-2LzmoHHOSqSGVW_I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/9c7ce4-2cd4-4854-8840-b0fe9221efb7/1/xJkOwgER9C-2LzmoHHOSqSGVW_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
15:d0:d2:d4:23:64:4f:2a:18:45:4b:76:b8:44:fc:d6:ed:65:
61:e3:99:62:6b:f1:9a:86:c3:04:8b:75:6e:cd:15:ba:9e:31:
67:fc:79:bf:92:ac:05:90:07:c8:fa:81:1f:3a:c2:b7:59:84:
6b:6b:52:3a:91:6d:96:71:1e:97:a0:5c:eb:ad:ea:3e:57:f0:
fb:dd:da:03:f5:26:d9:72:5f:98:e5:e1:91:a8:c8:e3:34:a4:
d7:a8:84:ad:c3:52:48:ab:f3:c9:c6:4f:da:9a:0d:83:31:30:
dc:db:b0:02:e7:02:6a:60:a5:52:db:96:9c:fc:b7:4c:12:f2:
0e:93:5c:3b:9e:56:88:8d:53:28:63:19:9f:52:1a:7c:bd:a6:
40:95:6c:57:75:f3:bc:84:6c:fc:e7:4c:06:90:3d:e2:ba:a0:
62:6c:d8:b2:da:56:28:36:82:f0:e0:5d:17:81:18:2e:6c:e0:
d5:39:ef:2a:52:9b:8b:8f:3c:85:57:a8:99:d5:75:87:17:52:
2f:08:21:6c:7a:1a:6f:65:cc:65:21:45:01:58:08:8f:77:c5:
fb:16:8a:d0:57:4f:36:47:99:bb:60:b3:e1:7c:9e:62:e2:d7:
4e:f2:d0:86:b4:d5:9f:aa:ab:77:54:ec:07:09:2d:a7:72:e0:
2f:56:a0:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03ia4Mt6F7vymq0r/AYZvZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0OTkwZWMyMDExMWY0MmZiNjJmMzlhODFjNzM5MmE5MjE5
NTViZjIwHhcNMjYwMzI5MDMwMTAzWhcNMjYwMzMwMDMwMTAzWjAzMTEwLwYDVQQD
EyhlNWEzNTMyNTVkMmUyMzkwYTZkZTJjNzE1N2M2OTdmZmZkMmZiYTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8uMG184ynhl/ca6wcId1qYQcWvu
MyO2jt4p5Lpdu8zQvmTrMoDb9TExUS5oxfcxjsU6De0NkO3ck3aHPx56n+B1zlIe
LsIDoTILc3+vbNL9UQxnonxAUjjWtUF5X9h201JGT2NVFxOewsFCLNhZKmSxaZSk
9oxw72KDQJqyF3W98uAY14X6N928A+H0mMqA4j1qaC/EcWkBAvFJwLpUeq1XFxPm
I17tg9X20F34GX91f6A3MoyMBjhcZroJPT52g1J1cSGwJu7MhwcmS/jeO5LfnmjL
V4kUFMQMgbNbQm/jIU/r1/83SET4W9I0A+5LfVpqGD5ESrL7zhyCHRTgqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOWjUyVdLiOQpt4scVfGl//9L7oRMB8GA1UdIwQY
MBaAFMSZDsIBEfQvti85qBxzkqkhlVvyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEprT3dnRVI5Qy0yTHptb0hIT1NxU0dWV19JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS85YzdjZTQtMmNkNC00ODU0LTg4NDAt
YjBmZTkyMjFlZmI3LzEveEprT3dnRVI5Qy0yTHptb0hIT1NxU0dWV19JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS85YzdjZTQtMmNkNC00ODU0LTg4NDAtYjBmZTkyMjFlZmI3
LzEveEprT3dnRVI5Qy0yTHptb0hIT1NxU0dWV19JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFdDS1CNk
TyoYRUt2uET81u1lYeOZYmvxmobDBIt1bs0Vup4xZ/x5v5KsBZAHyPqBHzrCt1mE
a2tSOpFtlnEel6Bc663qPlfw+93aA/Um2XJfmOXhkajI4zSk16iErcNSSKvzycZP
2poNgzEw3NuwAucCamClUtuWnPy3TBLyDpNcO55WiI1TKGMZn1IafL2mQJVsV3Xz
vIRs/OdMBpA94rqgYmzYstpWKDaC8OBdF4EYLmzg1TnvKlKbi488hVeomdV1hxdS
LwghbHoab2XMZSFFAVgIj3fF+xaK0FdPNkeZu2Cz4XyeYuLXTvLQhrTVn6qrd1Ts
Bwktp3LgL1agdw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:46:13 2026 by rpki-client