Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.mft
File: xTG2PRGmzC0c5p4TEch6waanBzM.mft (raw, json)
Hash identifier: utBZsldyuMhA0BGtEkyRz+4Oq+RwETHW2pcH0KNqQds=
Subject key identifier: 0A:8A:EA:3A:A5:75:87:6F:4A:EA:59:00:F9:01:E4:01:B3:77:F7:CF
Authority key identifier: C5:31:B6:3D:11:A6:CC:2D:1C:E6:9E:13:11:C8:7A:C1:A6:A7:07:33
Certificate issuer: /CN=c531b63d11a6cc2d1ce69e1311c87ac1a6a70733
Certificate serial: 019D382DE886A524F74F8E880CB3E76A6E38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xTG2PRGmzC0c5p4TEch6waanBzM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.mft
Manifest number: 1114
Signing time: Sun 29 Mar 2026 06:00:25 +0000
Manifest this update: Sun 29 Mar 2026 06:00:25 +0000
Manifest next update: Mon 30 Mar 2026 06:00:25 +0000
Files and hashes: 1: WGUKVj-vf2RKGeE0tMRbU2IE_NQ.roa (hash: tHeLPtV3EhtYhN1tkXzaqoA9I1M0f8QKiOJp3r6uMxQ=)
2: xTG2PRGmzC0c5p4TEch6waanBzM.crl (hash: fJcdcTr1EjKljYoyH2/58QTPqGCBXc6dTvMc0/rVbig=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.mft
rsync://rpki.ripe.net/repository/DEFAULT/xTG2PRGmzC0c5p4TEch6waanBzM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 06:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:2d:e8:86:a5:24:f7:4f:8e:88:0c:b3:e7:6a:6e:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c531b63d11a6cc2d1ce69e1311c87ac1a6a70733
Validity
Not Before: Mar 29 06:00:25 2026 GMT
Not After : Mar 30 06:00:25 2026 GMT
Subject: CN=0a8aea3aa575876f4aea5900f901e401b377f7cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:08:79:0a:75:bc:7c:65:69:cc:6b:af:83:21:
f5:3f:90:52:4c:79:20:f4:ad:54:c8:51:d8:16:b7:
ca:db:27:94:f8:8e:09:bd:ff:8f:94:aa:21:3f:1e:
90:04:70:42:67:be:f9:4e:c8:f1:23:f8:49:25:d4:
cc:6c:1f:83:c0:7d:80:04:11:52:2e:db:d8:30:07:
5d:f8:b5:d3:02:57:67:22:49:59:d7:31:29:70:ef:
ce:c1:f7:9b:83:16:f8:7c:51:92:13:12:ab:95:14:
9c:80:2d:d1:29:07:8d:e3:62:58:e6:d8:aa:63:44:
10:8d:4d:3e:36:92:1b:0e:a7:f2:0d:32:79:fe:f7:
25:2c:cd:ad:2c:2c:b8:d8:f3:f9:12:c5:17:bc:65:
2e:9a:5f:2c:30:ab:6a:ca:91:b9:99:58:11:47:de:
77:81:59:82:76:28:68:40:e3:f2:16:9a:f2:74:03:
fa:21:2a:ad:1b:57:b4:52:1b:45:06:35:fd:2a:c3:
9f:5b:fd:ce:71:ca:05:ea:75:36:a1:bc:6d:86:52:
6c:b3:b9:37:30:5d:3d:78:54:59:f7:13:86:69:5b:
e8:0d:d7:14:35:e6:8c:a5:ac:4b:f7:82:d7:93:9a:
29:41:4b:23:fc:71:df:d4:1e:19:61:d8:ee:86:ba:
27:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:8A:EA:3A:A5:75:87:6F:4A:EA:59:00:F9:01:E4:01:B3:77:F7:CF
X509v3 Authority Key Identifier:
keyid:C5:31:B6:3D:11:A6:CC:2D:1C:E6:9E:13:11:C8:7A:C1:A6:A7:07:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xTG2PRGmzC0c5p4TEch6waanBzM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
42:24:9e:28:2a:30:1c:9b:33:33:38:01:c9:16:a9:67:3a:f2:
4b:a3:98:fa:e8:28:7e:a8:ed:19:9f:39:13:48:37:ac:ea:62:
df:08:bb:e0:5a:a0:9a:34:89:4e:ac:45:98:e3:4f:72:f0:42:
bf:9d:b9:ef:db:eb:a5:c4:c2:74:62:e2:0f:13:e5:4c:5f:c6:
c9:ca:5b:19:b2:f8:05:d0:d1:62:f2:2d:d6:64:cc:12:7e:62:
30:a9:ee:36:4a:50:bb:06:29:d5:ee:c5:2f:65:bc:2e:70:c8:
57:0f:aa:a3:60:85:4f:81:09:59:04:0e:5a:67:93:f1:72:6a:
f4:ac:a2:5d:a5:c4:95:cd:d2:94:b2:8a:4c:72:7a:76:77:4d:
38:bc:93:8a:d5:1c:4a:e7:ce:66:39:0f:d4:d3:16:47:b6:22:
00:38:ff:6b:07:e0:ab:a7:89:e1:17:89:6c:f3:87:bb:35:d6:
29:08:51:3c:6c:a3:8a:77:4d:04:46:7d:5c:6a:30:fd:6b:e7:
36:b3:ca:07:5b:dd:fc:2b:2d:ea:94:51:13:4c:e4:da:91:b6:
b9:fa:98:d3:75:09:22:3f:8b:a6:21:89:39:84:4f:7f:8b:38:
04:94:dc:8b:73:9c:b0:03:44:2f:dc:40:f0:e4:fc:1d:ea:52:
4f:ae:2c:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04LeiGpST3T46IDLPnam44MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1MzFiNjNkMTFhNmNjMmQxY2U2OWUxMzExYzg3YWMxYTZh
NzA3MzMwHhcNMjYwMzI5MDYwMDI1WhcNMjYwMzMwMDYwMDI1WjAzMTEwLwYDVQQD
EygwYThhZWEzYWE1NzU4NzZmNGFlYTU5MDBmOTAxZTQwMWIzNzdmN2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwh5CnW8fGVpzGuvgyH1P5BSTHkg
9K1UyFHYFrfK2yeU+I4Jvf+PlKohPx6QBHBCZ775TsjxI/hJJdTMbB+DwH2ABBFS
LtvYMAdd+LXTAldnIklZ1zEpcO/Owfebgxb4fFGSExKrlRScgC3RKQeN42JY5tiq
Y0QQjU0+NpIbDqfyDTJ5/vclLM2tLCy42PP5EsUXvGUuml8sMKtqypG5mVgRR953
gVmCdihoQOPyFprydAP6ISqtG1e0UhtFBjX9KsOfW/3OccoF6nU2obxthlJss7k3
MF09eFRZ9xOGaVvoDdcUNeaMpaxL94LXk5opQUsj/HHf1B4ZYdjuhroniwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAqK6jqldYdvSupZAPkB5AGzd/fPMB8GA1UdIwQY
MBaAFMUxtj0RpswtHOaeExHIesGmpwczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFRHMlBSR216QzBjNXA0VEVjaDZ3YWFuQnpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC84Njg5OGUtZTZlNi00Yjg4LTg4MTEt
ZGI4Y2FiY2VlMjFlLzEveFRHMlBSR216QzBjNXA0VEVjaDZ3YWFuQnpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC84Njg5OGUtZTZlNi00Yjg4LTg4MTEtZGI4Y2FiY2VlMjFl
LzEveFRHMlBSR216QzBjNXA0VEVjaDZ3YWFuQnpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQiSeKCow
HJszMzgByRapZzryS6OY+ugofqjtGZ85E0g3rOpi3wi74FqgmjSJTqxFmONPcvBC
v52579vrpcTCdGLiDxPlTF/GycpbGbL4BdDRYvIt1mTMEn5iMKnuNkpQuwYp1e7F
L2W8LnDIVw+qo2CFT4EJWQQOWmeT8XJq9KyiXaXElc3SlLKKTHJ6dndNOLyTitUc
SufOZjkP1NMWR7YiADj/awfgq6eJ4ReJbPOHuzXWKQhRPGyjindNBEZ9XGow/Wvn
NrPKB1vd/Cst6pRRE0zk2pG2ufqY03UJIj+LpiGJOYRPf4s4BJTci3OcsANEL9xA
8OT8HepST64suA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:00:51 2026 by rpki-client