Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/5ccbaf-c51d-4e76-a3ee-35ab420173db/1/mXwn0VtG2xhLwCswPIa0fEScG1Q.mft
File: mXwn0VtG2xhLwCswPIa0fEScG1Q.mft (raw, json)
Hash identifier: 8tajq+Eqa9vhb8aYZ2eJMYocg7UialQLmT87DSAy308=
Subject key identifier: 44:2C:D5:9A:85:9E:91:F2:D0:E9:9B:43:8F:57:BF:32:02:A0:40:44
Authority key identifier: 99:7C:27:D1:5B:46:DB:18:4B:C0:2B:30:3C:86:B4:7C:44:9C:1B:54
Certificate issuer: /CN=997c27d15b46db184bc02b303c86b47c449c1b54
Certificate serial: 019D382DF334F1D96F6E09EF4FAF9834076B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mXwn0VtG2xhLwCswPIa0fEScG1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/5ccbaf-c51d-4e76-a3ee-35ab420173db/1/mXwn0VtG2xhLwCswPIa0fEScG1Q.mft
Manifest number: 1154
Signing time: Sun 29 Mar 2026 06:00:28 +0000
Manifest this update: Sun 29 Mar 2026 06:00:28 +0000
Manifest next update: Mon 30 Mar 2026 06:00:28 +0000
Files and hashes: 1: I7V5V1cM7CVsM1y0YVXX0evu4RA.roa (hash: 3YvBTIxXWovXFR/5L6HbEj29abytJrCEZQSlYTFVAvk=)
2: mXwn0VtG2xhLwCswPIa0fEScG1Q.crl (hash: H/4MQF+Fe5hSoCg3uz/NtuQKuTgWh7DaorHp4uw8ktc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/5ccbaf-c51d-4e76-a3ee-35ab420173db/1/mXwn0VtG2xhLwCswPIa0fEScG1Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/5ccbaf-c51d-4e76-a3ee-35ab420173db/1/mXwn0VtG2xhLwCswPIa0fEScG1Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/mXwn0VtG2xhLwCswPIa0fEScG1Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 06:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:2d:f3:34:f1:d9:6f:6e:09:ef:4f:af:98:34:07:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=997c27d15b46db184bc02b303c86b47c449c1b54
Validity
Not Before: Mar 29 06:00:28 2026 GMT
Not After : Mar 30 06:00:28 2026 GMT
Subject: CN=442cd59a859e91f2d0e99b438f57bf3202a04044
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:92:93:f8:ab:94:b5:b6:3d:eb:e7:1d:64:80:
bd:49:55:ac:f4:62:4d:c0:e4:49:89:1d:0e:4f:fb:
8a:bb:a6:fe:c6:d1:b1:ea:7e:98:52:29:48:53:d2:
04:47:9e:2a:ff:15:91:2f:fb:0e:ba:ab:57:c6:d8:
02:b8:96:6d:07:d4:82:f5:fd:aa:48:58:30:8d:a4:
7d:93:10:53:b9:03:21:65:8b:d3:6b:5f:59:9a:26:
1f:23:11:a8:22:71:94:0b:aa:95:99:49:ec:c1:6a:
20:6c:27:24:34:d6:5d:d1:30:d2:92:57:71:37:f2:
b9:57:ec:92:ae:1b:e4:eb:9a:30:15:26:ac:b6:ff:
c7:33:64:fa:dd:10:d7:16:07:a8:43:b2:a0:db:56:
17:2b:02:26:72:a3:b9:67:f9:d5:84:d0:a5:76:53:
bb:04:76:bd:b3:fe:9e:8a:54:f8:11:34:e7:7a:ef:
0d:65:02:d4:85:be:a1:10:93:64:cb:cb:97:7a:4a:
a5:11:42:c8:9b:9a:e6:97:be:f6:c2:ba:3c:1e:f5:
ee:7f:ec:ca:3a:11:81:b7:b8:fa:5c:ed:ce:f6:62:
08:08:51:53:0b:0d:2d:69:4f:28:0d:c9:5c:e3:b9:
df:2d:93:e6:08:dc:cd:6b:1a:75:4d:a3:1c:6c:df:
da:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:2C:D5:9A:85:9E:91:F2:D0:E9:9B:43:8F:57:BF:32:02:A0:40:44
X509v3 Authority Key Identifier:
keyid:99:7C:27:D1:5B:46:DB:18:4B:C0:2B:30:3C:86:B4:7C:44:9C:1B:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mXwn0VtG2xhLwCswPIa0fEScG1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/5ccbaf-c51d-4e76-a3ee-35ab420173db/1/mXwn0VtG2xhLwCswPIa0fEScG1Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/5ccbaf-c51d-4e76-a3ee-35ab420173db/1/mXwn0VtG2xhLwCswPIa0fEScG1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
68:ff:7c:ef:24:c7:ba:0b:6c:db:9a:bd:24:c1:a7:ff:b4:f5:
d9:1e:4c:e9:e1:89:8d:bc:79:bb:55:96:51:cd:5c:62:d2:22:
f9:29:07:8d:9e:90:05:58:b4:84:47:35:4a:fc:3f:0f:c3:76:
2b:0c:8d:3e:e5:49:1a:5e:93:e5:26:71:46:01:0d:1e:9f:68:
db:2f:51:ac:4c:4e:db:c8:0b:0d:10:11:16:69:ab:22:51:4b:
de:6d:c2:bc:63:a0:a5:19:c8:cc:b0:dc:f7:1f:4d:b9:85:3c:
6f:44:97:38:08:92:de:61:d9:97:e3:4e:5c:db:69:f7:cf:64:
ea:60:3d:02:cd:6e:20:69:78:cb:3f:8e:1a:af:30:91:e8:53:
8c:aa:3e:03:4a:4b:9f:db:17:9a:35:89:a0:18:0e:32:4e:19:
f6:18:f4:58:14:72:43:52:d0:da:a0:3d:dc:09:3d:31:b6:0f:
41:5f:fc:93:5b:3f:31:9f:22:1a:6c:b4:10:68:35:9b:82:3c:
41:b3:20:b7:a2:a3:12:a2:d8:be:3c:7e:97:37:9a:76:d3:01:
f7:ab:86:32:d0:8a:0e:0c:9b:62:f8:d1:61:8c:45:4e:6c:23:
4f:28:03:e9:1b:79:07:12:65:63:48:ec:0e:18:7f:1d:25:87:
df:14:00:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04LfM08dlvbgnvT6+YNAdrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5N2MyN2QxNWI0NmRiMTg0YmMwMmIzMDNjODZiNDdjNDQ5
YzFiNTQwHhcNMjYwMzI5MDYwMDI4WhcNMjYwMzMwMDYwMDI4WjAzMTEwLwYDVQQD
Eyg0NDJjZDU5YTg1OWU5MWYyZDBlOTliNDM4ZjU3YmYzMjAyYTA0MDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkpKT+KuUtbY96+cdZIC9SVWs9GJN
wORJiR0OT/uKu6b+xtGx6n6YUilIU9IER54q/xWRL/sOuqtXxtgCuJZtB9SC9f2q
SFgwjaR9kxBTuQMhZYvTa19ZmiYfIxGoInGUC6qVmUnswWogbCckNNZd0TDSkldx
N/K5V+ySrhvk65owFSastv/HM2T63RDXFgeoQ7Kg21YXKwImcqO5Z/nVhNCldlO7
BHa9s/6eilT4ETTneu8NZQLUhb6hEJNky8uXekqlEULIm5rml772wro8HvXuf+zK
OhGBt7j6XO3O9mIICFFTCw0taU8oDclc47nfLZPmCNzNaxp1TaMcbN/aWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEQs1ZqFnpHy0OmbQ49XvzICoEBEMB8GA1UdIwQY
MBaAFJl8J9FbRtsYS8ArMDyGtHxEnBtUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVh3bjBWdEcyeGhMd0Nzd1BJYTBmRVNjRzFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi81Y2NiYWYtYzUxZC00ZTc2LWEzZWUt
MzVhYjQyMDE3M2RiLzEvbVh3bjBWdEcyeGhMd0Nzd1BJYTBmRVNjRzFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi81Y2NiYWYtYzUxZC00ZTc2LWEzZWUtMzVhYjQyMDE3M2Ri
LzEvbVh3bjBWdEcyeGhMd0Nzd1BJYTBmRVNjRzFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaP987yTH
ugts25q9JMGn/7T12R5M6eGJjbx5u1WWUc1cYtIi+SkHjZ6QBVi0hEc1Svw/D8N2
KwyNPuVJGl6T5SZxRgENHp9o2y9RrExO28gLDRARFmmrIlFL3m3CvGOgpRnIzLDc
9x9NuYU8b0SXOAiS3mHZl+NOXNtp989k6mA9As1uIGl4yz+OGq8wkehTjKo+A0pL
n9sXmjWJoBgOMk4Z9hj0WBRyQ1LQ2qA93Ak9MbYPQV/8k1s/MZ8iGmy0EGg1m4I8
QbMgt6KjEqLYvjx+lzeadtMB96uGMtCKDgybYvjRYYxFTmwjTygD6Rt5BxJlY0js
Dhh/HSWH3xQAYA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:41:33 2026 by rpki-client