Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/307c33-38a7-4fda-9a08-9abdca39d4f7/1/xFyYQwiFYolxMHxZtc8kFoIQI3g.mft
File: xFyYQwiFYolxMHxZtc8kFoIQI3g.mft (raw, json)
Hash identifier: o4sGhwxvYTjrZHbluomjJJxgPE2RDTFQj3TYCLz9Esg=
Subject key identifier: 95:79:22:C1:67:12:32:37:00:1D:44:95:54:A4:60:F2:E8:D3:D9:B5
Authority key identifier: C4:5C:98:43:08:85:62:89:71:30:7C:59:B5:CF:24:16:82:10:23:78
Certificate issuer: /CN=c45c98430885628971307c59b5cf241682102378
Certificate serial: 019D37C05039A7961B97ADB0B711F5807825
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xFyYQwiFYolxMHxZtc8kFoIQI3g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/307c33-38a7-4fda-9a08-9abdca39d4f7/1/xFyYQwiFYolxMHxZtc8kFoIQI3g.mft
Manifest number: 1890
Signing time: Sun 29 Mar 2026 04:00:43 +0000
Manifest this update: Sun 29 Mar 2026 04:00:43 +0000
Manifest next update: Mon 30 Mar 2026 04:00:43 +0000
Files and hashes: 1: ghzuYkE_gnJGPgiMxRgv65RQqec.roa (hash: 1+GlWtDdPLwRz4VbLN8GbkLKLROJEbW43VoOa31HX4g=)
2: xFyYQwiFYolxMHxZtc8kFoIQI3g.crl (hash: wW+RBjZ5fLcFKg3UW/LZGLmXo2GsvDlr0r79Dr7z6eM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/307c33-38a7-4fda-9a08-9abdca39d4f7/1/xFyYQwiFYolxMHxZtc8kFoIQI3g.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/307c33-38a7-4fda-9a08-9abdca39d4f7/1/xFyYQwiFYolxMHxZtc8kFoIQI3g.mft
rsync://rpki.ripe.net/repository/DEFAULT/xFyYQwiFYolxMHxZtc8kFoIQI3g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 04:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:c0:50:39:a7:96:1b:97:ad:b0:b7:11:f5:80:78:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c45c98430885628971307c59b5cf241682102378
Validity
Not Before: Mar 29 04:00:43 2026 GMT
Not After : Mar 30 04:00:43 2026 GMT
Subject: CN=957922c167123237001d449554a460f2e8d3d9b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:c2:e1:92:18:6c:90:04:81:f3:f6:f4:51:80:
6d:53:2c:6f:ee:c3:0b:3e:f8:10:73:9c:64:31:f9:
e6:b3:97:94:ff:2c:9c:6d:db:79:67:77:3d:fe:a4:
ad:63:ba:b4:dd:91:67:65:13:1c:ea:9a:9b:8b:24:
58:79:cd:89:12:35:0f:51:31:81:a2:57:e4:e1:ae:
56:09:32:d7:7b:dd:6a:a5:f7:b1:0c:4e:32:ba:76:
2d:51:3e:cd:04:d3:2e:ff:44:43:e7:e5:33:cf:fa:
90:89:1b:f6:7c:82:59:6b:c6:53:2e:3e:a7:3d:0f:
d8:73:7a:18:f1:22:3f:af:30:7a:24:91:e4:a5:f2:
0b:6a:f0:38:b5:ec:d7:6d:94:45:7d:d3:a9:e2:74:
95:f5:41:23:bc:a2:1c:ca:f4:20:88:cb:d8:94:9b:
78:85:36:e2:9a:fa:1a:48:9f:03:f9:5e:0b:c1:ff:
c4:28:c4:c9:2a:4d:0c:99:37:d0:1d:aa:ea:06:c1:
ab:53:1d:2d:7f:94:0b:f3:d4:5c:2e:1d:63:86:07:
88:72:d5:6a:ae:78:fd:c5:38:d4:a6:c9:a3:eb:95:
30:84:97:af:e7:36:c0:57:0d:fd:43:4e:e6:dd:69:
03:51:52:ad:3a:02:ab:83:41:84:c9:ea:7f:2a:38:
60:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:79:22:C1:67:12:32:37:00:1D:44:95:54:A4:60:F2:E8:D3:D9:B5
X509v3 Authority Key Identifier:
keyid:C4:5C:98:43:08:85:62:89:71:30:7C:59:B5:CF:24:16:82:10:23:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xFyYQwiFYolxMHxZtc8kFoIQI3g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/307c33-38a7-4fda-9a08-9abdca39d4f7/1/xFyYQwiFYolxMHxZtc8kFoIQI3g.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/307c33-38a7-4fda-9a08-9abdca39d4f7/1/xFyYQwiFYolxMHxZtc8kFoIQI3g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
71:97:41:7f:3b:67:ab:48:bc:38:87:e5:00:de:54:96:af:44:
ed:dc:b9:e3:90:8a:73:b7:ea:12:54:5f:3b:71:30:81:23:71:
29:be:35:e6:b0:34:8c:f5:28:6a:98:90:04:d1:4d:6e:f3:ae:
29:f3:46:c7:25:09:73:78:7d:86:90:13:d4:e4:82:3a:75:16:
6d:d0:42:3e:c3:8e:e8:6a:66:49:27:08:04:80:fb:68:e0:ea:
d5:e7:a2:9c:46:29:74:43:39:bc:c7:71:8e:08:70:c4:a5:eb:
41:08:9e:21:b4:ae:ed:99:17:81:fa:de:3c:cf:34:79:d3:93:
99:02:67:9d:db:ae:08:e2:90:2c:35:bb:c4:df:aa:4b:5c:cd:
af:76:13:9a:ed:25:14:f4:e5:fb:70:13:ee:b1:07:6f:71:ba:
ff:9a:64:82:d2:49:24:f1:ed:68:28:dc:f7:07:04:83:37:56:
8b:14:fe:bd:c9:56:de:d1:83:08:46:82:04:75:82:cc:08:4d:
63:0d:24:97:0d:91:09:77:e7:34:ea:c8:04:21:18:ff:ad:61:
cd:12:7e:ca:3a:56:ed:df:17:99:df:ce:4d:65:fe:9c:62:ac:
f7:11:7c:32:b7:40:0e:d6:37:a4:f7:a4:39:c1:34:65:d2:11:
5c:45:3b:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wFA5p5Ybl62wtxH1gHglMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NWM5ODQzMDg4NTYyODk3MTMwN2M1OWI1Y2YyNDE2ODIx
MDIzNzgwHhcNMjYwMzI5MDQwMDQzWhcNMjYwMzMwMDQwMDQzWjAzMTEwLwYDVQQD
Eyg5NTc5MjJjMTY3MTIzMjM3MDAxZDQ0OTU1NGE0NjBmMmU4ZDNkOWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+MLhkhhskASB8/b0UYBtUyxv7sML
PvgQc5xkMfnms5eU/yycbdt5Z3c9/qStY7q03ZFnZRMc6pqbiyRYec2JEjUPUTGB
olfk4a5WCTLXe91qpfexDE4yunYtUT7NBNMu/0RD5+Uzz/qQiRv2fIJZa8ZTLj6n
PQ/Yc3oY8SI/rzB6JJHkpfILavA4tezXbZRFfdOp4nSV9UEjvKIcyvQgiMvYlJt4
hTbimvoaSJ8D+V4Lwf/EKMTJKk0MmTfQHarqBsGrUx0tf5QL89RcLh1jhgeIctVq
rnj9xTjUpsmj65UwhJev5zbAVw39Q07m3WkDUVKtOgKrg0GEyep/KjhgRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJV5IsFnEjI3AB1ElVSkYPLo09m1MB8GA1UdIwQY
MBaAFMRcmEMIhWKJcTB8WbXPJBaCECN4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEZ5WVF3aUZZb2x4TUh4WnRjOGtGb0lRSTNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8zMDdjMzMtMzhhNy00ZmRhLTlhMDgt
OWFiZGNhMzlkNGY3LzEveEZ5WVF3aUZZb2x4TUh4WnRjOGtGb0lRSTNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8zMDdjMzMtMzhhNy00ZmRhLTlhMDgtOWFiZGNhMzlkNGY3
LzEveEZ5WVF3aUZZb2x4TUh4WnRjOGtGb0lRSTNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcZdBfztn
q0i8OIflAN5Ulq9E7dy545CKc7fqElRfO3EwgSNxKb415rA0jPUoapiQBNFNbvOu
KfNGxyUJc3h9hpAT1OSCOnUWbdBCPsOO6GpmSScIBID7aODq1eeinEYpdEM5vMdx
jghwxKXrQQieIbSu7ZkXgfrePM80edOTmQJnnduuCOKQLDW7xN+qS1zNr3YTmu0l
FPTl+3AT7rEHb3G6/5pkgtJJJPHtaCjc9wcEgzdWixT+vclW3tGDCEaCBHWCzAhN
Yw0klw2RCXfnNOrIBCEY/61hzRJ+yjpW7d8Xmd/OTWX+nGKs9xF8MrdADtY3pPek
OcE0ZdIRXEU7aQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:26:08 2026 by rpki-client