Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/f3cca4-f6bf-4734-abbd-0964464c1751/1/XNN5ztzcIPCHXEsIuUtBFhs-jAM.mft
File: XNN5ztzcIPCHXEsIuUtBFhs-jAM.mft (raw, json)
Hash identifier: ZBWEhuV3Py2zLXTHA+LQxy1WD2nkXldRD1idPMNDkyc=
Subject key identifier: CD:F5:98:BA:13:7F:37:C5:28:2D:2C:2F:C4:3B:FC:77:2C:F3:E8:C2
Authority key identifier: 5C:D3:79:CE:DC:DC:20:F0:87:5C:4B:08:B9:4B:41:16:1B:3E:8C:03
Certificate issuer: /CN=5cd379cedcdc20f0875c4b08b94b41161b3e8c03
Certificate serial: 019D37C00571A14550DCCD1E35E4E1D4546E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XNN5ztzcIPCHXEsIuUtBFhs-jAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/f3cca4-f6bf-4734-abbd-0964464c1751/1/XNN5ztzcIPCHXEsIuUtBFhs-jAM.mft
Manifest number: 100C
Signing time: Sun 29 Mar 2026 04:00:24 +0000
Manifest this update: Sun 29 Mar 2026 04:00:24 +0000
Manifest next update: Mon 30 Mar 2026 04:00:24 +0000
Files and hashes: 1: OUhIXcYKuJwX-1gGqSyC-ytysk8.roa (hash: SNKMZI12Bd30LXMDKulFyeiCL2F4p+Ej66EZURTKN18=)
2: XNN5ztzcIPCHXEsIuUtBFhs-jAM.crl (hash: BEqhdC4SP6uWy1fH2tihSyaE2LDkYwY3jRqafcIFUks=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/f3cca4-f6bf-4734-abbd-0964464c1751/1/XNN5ztzcIPCHXEsIuUtBFhs-jAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/f3cca4-f6bf-4734-abbd-0964464c1751/1/XNN5ztzcIPCHXEsIuUtBFhs-jAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/XNN5ztzcIPCHXEsIuUtBFhs-jAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 04:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:c0:05:71:a1:45:50:dc:cd:1e:35:e4:e1:d4:54:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cd379cedcdc20f0875c4b08b94b41161b3e8c03
Validity
Not Before: Mar 29 04:00:24 2026 GMT
Not After : Mar 30 04:00:24 2026 GMT
Subject: CN=cdf598ba137f37c5282d2c2fc43bfc772cf3e8c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:ff:32:5c:e5:92:f3:e6:f2:d7:35:ba:a1:4d:
ab:64:f3:c6:40:ee:42:cf:31:24:c8:18:e2:db:51:
c4:61:ca:a2:c3:69:3b:2a:fb:6c:b3:88:57:78:f0:
11:ec:27:7e:cf:d2:70:f7:1c:91:81:3c:c5:e8:dc:
55:29:5c:50:2e:c4:d7:4a:18:d8:6b:70:59:b5:15:
1a:34:ad:a7:e0:b0:91:c1:1a:db:5c:13:ff:16:ab:
0d:4a:5a:13:40:89:2a:35:81:58:ea:77:ef:6e:01:
06:ae:5d:a7:24:64:04:27:d2:58:7c:f7:c1:70:89:
4f:85:93:af:a4:cc:a3:44:14:16:52:7f:bd:06:79:
00:a1:e5:14:8c:55:67:a5:1c:b5:c0:05:43:18:1c:
bb:84:06:5c:e0:65:28:53:e2:93:4c:8f:77:fd:59:
9c:cf:5a:d1:9e:f6:cc:e8:b6:82:89:ef:0c:be:90:
9a:45:9c:30:86:b0:69:1e:19:d2:60:6f:c3:51:1a:
53:17:68:30:de:7b:7a:24:8b:f2:97:fe:f5:42:6c:
0e:12:31:80:ab:82:cf:10:5f:3a:e8:77:f0:6f:73:
e0:50:45:e5:21:2c:15:cf:1b:66:24:65:70:6b:a5:
e4:85:31:62:37:75:e6:c7:0f:17:d2:ae:92:c0:92:
61:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:F5:98:BA:13:7F:37:C5:28:2D:2C:2F:C4:3B:FC:77:2C:F3:E8:C2
X509v3 Authority Key Identifier:
keyid:5C:D3:79:CE:DC:DC:20:F0:87:5C:4B:08:B9:4B:41:16:1B:3E:8C:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XNN5ztzcIPCHXEsIuUtBFhs-jAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/f3cca4-f6bf-4734-abbd-0964464c1751/1/XNN5ztzcIPCHXEsIuUtBFhs-jAM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/f3cca4-f6bf-4734-abbd-0964464c1751/1/XNN5ztzcIPCHXEsIuUtBFhs-jAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
93:db:52:3c:5c:de:bf:1d:76:31:69:42:81:b4:2a:6c:b4:c5:
37:25:ec:72:16:35:a6:61:56:ea:25:14:60:8a:59:3f:1a:fa:
f7:18:50:79:c9:3a:33:a5:91:fc:b0:3a:65:08:c2:f3:fc:eb:
36:e7:9c:f2:5e:89:0f:73:01:7d:99:bd:01:53:eb:b2:b8:56:
d5:66:b3:ff:ca:8c:ff:cc:a3:cd:1b:53:d0:88:0e:4e:c5:c5:
83:7d:49:16:83:60:64:90:71:d7:c3:0e:fd:5d:05:7a:27:33:
51:fe:eb:fd:4f:0e:62:1d:6c:17:86:0e:5e:62:8b:64:1f:28:
b1:3c:72:9c:b3:c9:93:3b:3e:59:76:b2:93:15:b8:b1:f6:b9:
d6:45:5a:76:16:2b:ef:d5:3f:4e:8f:e8:86:56:41:75:26:d7:
39:d8:35:3a:8f:7c:fa:44:f4:2b:d2:5b:fa:a2:25:50:56:ea:
42:5f:63:c3:d4:5a:15:a2:4f:e9:d2:c3:1c:f5:c2:ec:63:77:
4e:3c:49:73:84:69:51:2c:bc:de:ba:bc:41:90:b9:61:3a:26:
2c:e7:b6:63:f9:a2:c5:28:46:44:12:64:54:ad:8c:4f:54:10:
e8:45:e6:08:ed:e3:0b:1a:44:67:1b:51:be:6a:6e:f2:81:27:
c0:d0:73:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wAVxoUVQ3M0eNeTh1FRuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZDM3OWNlZGNkYzIwZjA4NzVjNGIwOGI5NGI0MTE2MWIz
ZThjMDMwHhcNMjYwMzI5MDQwMDI0WhcNMjYwMzMwMDQwMDI0WjAzMTEwLwYDVQQD
EyhjZGY1OThiYTEzN2YzN2M1MjgyZDJjMmZjNDNiZmM3NzJjZjNlOGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiv8yXOWS8+by1zW6oU2rZPPGQO5C
zzEkyBji21HEYcqiw2k7Kvtss4hXePAR7Cd+z9Jw9xyRgTzF6NxVKVxQLsTXShjY
a3BZtRUaNK2n4LCRwRrbXBP/FqsNSloTQIkqNYFY6nfvbgEGrl2nJGQEJ9JYfPfB
cIlPhZOvpMyjRBQWUn+9BnkAoeUUjFVnpRy1wAVDGBy7hAZc4GUoU+KTTI93/Vmc
z1rRnvbM6LaCie8MvpCaRZwwhrBpHhnSYG/DURpTF2gw3nt6JIvyl/71QmwOEjGA
q4LPEF866Hfwb3PgUEXlISwVzxtmJGVwa6XkhTFiN3Xmxw8X0q6SwJJhZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM31mLoTfzfFKC0sL8Q7/Hcs8+jCMB8GA1UdIwQY
MBaAFFzTec7c3CDwh1xLCLlLQRYbPowDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE5ONXp0emNJUENIWEVzSXVVdEJGaHMtakFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9mM2NjYTQtZjZiZi00NzM0LWFiYmQt
MDk2NDQ2NGMxNzUxLzEvWE5ONXp0emNJUENIWEVzSXVVdEJGaHMtakFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9mM2NjYTQtZjZiZi00NzM0LWFiYmQtMDk2NDQ2NGMxNzUx
LzEvWE5ONXp0emNJUENIWEVzSXVVdEJGaHMtakFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk9tSPFze
vx12MWlCgbQqbLTFNyXschY1pmFW6iUUYIpZPxr69xhQeck6M6WR/LA6ZQjC8/zr
Nuec8l6JD3MBfZm9AVPrsrhW1Waz/8qM/8yjzRtT0IgOTsXFg31JFoNgZJBx18MO
/V0FeiczUf7r/U8OYh1sF4YOXmKLZB8osTxynLPJkzs+WXaykxW4sfa51kVadhYr
79U/To/ohlZBdSbXOdg1Oo98+kT0K9Jb+qIlUFbqQl9jw9RaFaJP6dLDHPXC7GN3
TjxJc4RpUSy83rq8QZC5YTomLOe2Y/mixShGRBJkVK2MT1QQ6EXmCO3jCxpEZxtR
vmpu8oEnwNBzRg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:43:21 2026 by rpki-client