Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/xb-nGlET_tgkZHdsFDcVFMkhjvU.mft
File: xb-nGlET_tgkZHdsFDcVFMkhjvU.mft (raw, json)
Hash identifier: Z/ZvGVHrI2m2zsjZ36sukGih9HKQBmxu47oaQlsIiJE=
Subject key identifier: DD:C8:A5:00:69:EB:89:52:3C:B0:73:BC:1E:8C:C6:17:A5:1B:28:47
Authority key identifier: C5:BF:A7:1A:51:13:FE:D8:24:64:77:6C:14:37:15:14:C9:21:8E:F5
Certificate issuer: /CN=c5bfa71a5113fed82464776c14371514c9218ef5
Certificate serial: 019D37894863BBED9ADC81B4196A756B277C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xb-nGlET_tgkZHdsFDcVFMkhjvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/xb-nGlET_tgkZHdsFDcVFMkhjvU.mft
Manifest number: 0CC7
Signing time: Sun 29 Mar 2026 03:00:36 +0000
Manifest this update: Sun 29 Mar 2026 03:00:36 +0000
Manifest next update: Mon 30 Mar 2026 03:00:36 +0000
Files and hashes: 1: jBvSHulkiAFNZq-1Sz_1NBwC4gw.roa (hash: kIr3tsaXSv0n1HwqnJcooiylPmXgSiBfGD9CqML14GU=)
2: xb-nGlET_tgkZHdsFDcVFMkhjvU.crl (hash: XQip9D9J/wEwPgKm1bVTN1dTra32rbbSFxTA82SSq3g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/xb-nGlET_tgkZHdsFDcVFMkhjvU.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/xb-nGlET_tgkZHdsFDcVFMkhjvU.mft
rsync://rpki.ripe.net/repository/DEFAULT/xb-nGlET_tgkZHdsFDcVFMkhjvU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 03:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:89:48:63:bb:ed:9a:dc:81:b4:19:6a:75:6b:27:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5bfa71a5113fed82464776c14371514c9218ef5
Validity
Not Before: Mar 29 03:00:36 2026 GMT
Not After : Mar 30 03:00:36 2026 GMT
Subject: CN=ddc8a50069eb89523cb073bc1e8cc617a51b2847
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:fb:2f:d8:6f:9c:13:49:15:f4:9c:ae:ad:3b:
4c:b9:ab:93:c6:55:f5:f6:d2:b7:7e:d3:29:dd:fb:
e5:0b:2a:51:60:d7:75:c9:c1:8f:1f:4a:6d:02:82:
5d:21:b4:53:eb:94:e7:20:35:1f:50:5e:d6:c5:1b:
32:ef:9a:0f:81:aa:ba:af:ca:a9:dc:12:90:f4:ee:
e7:3d:70:f2:87:4c:f4:9d:c3:a7:5a:5b:75:84:e2:
44:40:e1:34:b7:ed:8c:80:53:9f:86:f3:ad:c0:67:
1f:6f:6a:23:1f:8b:76:67:ec:ca:33:9a:a8:f9:81:
57:b7:2d:e2:52:34:bb:a9:c8:72:5a:bd:73:c1:ff:
b8:70:e3:bf:4f:b7:40:15:79:66:a7:ba:6a:09:69:
c6:0c:df:5f:6f:63:fb:55:33:30:a6:0d:eb:5c:5a:
2e:b1:93:1c:0d:87:c9:2f:dc:56:9c:23:c3:1f:bd:
41:d6:f8:c7:55:a1:10:9d:79:3d:b5:0e:f1:0a:b1:
69:af:96:d0:24:f2:bf:f5:f8:6c:a3:99:b6:ff:a4:
69:6a:4b:72:d4:5c:2a:a0:e9:0a:dd:bb:5e:fe:7b:
3d:a2:ff:1a:d3:a8:7f:dd:8f:ce:39:0d:c9:23:8c:
09:27:97:9d:43:79:37:fa:9d:96:e4:40:33:7e:7a:
f5:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:C8:A5:00:69:EB:89:52:3C:B0:73:BC:1E:8C:C6:17:A5:1B:28:47
X509v3 Authority Key Identifier:
keyid:C5:BF:A7:1A:51:13:FE:D8:24:64:77:6C:14:37:15:14:C9:21:8E:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xb-nGlET_tgkZHdsFDcVFMkhjvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/xb-nGlET_tgkZHdsFDcVFMkhjvU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/xb-nGlET_tgkZHdsFDcVFMkhjvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7f:d0:b8:ff:de:b5:01:67:2d:2d:eb:39:26:f0:42:c0:4b:a8:
ce:50:ea:3d:ec:20:8c:55:12:45:65:3f:53:44:b7:1c:08:d0:
f4:8f:33:6d:9e:6d:71:d2:c0:d5:0b:4b:f5:df:85:24:a1:db:
59:84:5c:6c:ab:11:b3:b4:91:8a:d7:0c:4a:dd:39:03:b7:ee:
25:82:94:8d:c8:fb:ec:1d:2c:3d:21:fd:f9:24:b5:bc:65:da:
f1:87:0a:d5:be:ad:c3:a5:78:8a:21:07:d7:26:5e:94:c4:4b:
d0:15:2c:78:8c:cb:7e:21:f9:f8:93:d5:2f:dd:a2:61:3a:cd:
37:fb:d5:e5:ff:bc:bd:c7:75:20:d7:2c:e1:fb:46:67:f6:90:
d5:70:fe:d1:59:c5:47:ec:cb:0c:87:2f:a4:82:0a:f7:d4:28:
08:ed:d6:fd:17:de:79:23:d7:13:b6:d7:b3:17:5b:43:66:3a:
16:92:97:ab:40:84:1b:a9:2b:fd:fc:95:da:ec:d4:33:d6:2c:
f1:31:72:2f:4e:d3:e9:ce:57:a1:2f:6e:f4:d2:51:b9:80:89:
f1:1c:6c:00:f6:3e:68:c2:ec:42:0a:be:63:8d:8c:26:8d:11:
7f:fe:0a:15:4a:1e:a2:64:9b:3c:db:a1:d6:6c:25:2b:11:28:
bb:68:45:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iUhju+2a3IG0GWp1ayd8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YmZhNzFhNTExM2ZlZDgyNDY0Nzc2YzE0MzcxNTE0Yzky
MThlZjUwHhcNMjYwMzI5MDMwMDM2WhcNMjYwMzMwMDMwMDM2WjAzMTEwLwYDVQQD
EyhkZGM4YTUwMDY5ZWI4OTUyM2NiMDczYmMxZThjYzYxN2E1MWIyODQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPsv2G+cE0kV9JyurTtMuauTxlX1
9tK3ftMp3fvlCypRYNd1ycGPH0ptAoJdIbRT65TnIDUfUF7WxRsy75oPgaq6r8qp
3BKQ9O7nPXDyh0z0ncOnWlt1hOJEQOE0t+2MgFOfhvOtwGcfb2ojH4t2Z+zKM5qo
+YFXty3iUjS7qchyWr1zwf+4cOO/T7dAFXlmp7pqCWnGDN9fb2P7VTMwpg3rXFou
sZMcDYfJL9xWnCPDH71B1vjHVaEQnXk9tQ7xCrFpr5bQJPK/9fhso5m2/6Rpakty
1FwqoOkK3bte/ns9ov8a06h/3Y/OOQ3JI4wJJ5edQ3k3+p2W5EAzfnr1sQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN3IpQBp64lSPLBzvB6MxhelGyhHMB8GA1UdIwQY
MBaAFMW/pxpRE/7YJGR3bBQ3FRTJIY71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGItbkdsRVRfdGdrWkhkc0ZEY1ZGTWtoanZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC82N2M4ZmItMDI1Ny00ZDYwLWEwZGYt
NmZjZTAzMzI1YjNmLzEveGItbkdsRVRfdGdrWkhkc0ZEY1ZGTWtoanZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC82N2M4ZmItMDI1Ny00ZDYwLWEwZGYtNmZjZTAzMzI1YjNm
LzEveGItbkdsRVRfdGdrWkhkc0ZEY1ZGTWtoanZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf9C4/961
AWctLes5JvBCwEuozlDqPewgjFUSRWU/U0S3HAjQ9I8zbZ5tcdLA1QtL9d+FJKHb
WYRcbKsRs7SRitcMSt05A7fuJYKUjcj77B0sPSH9+SS1vGXa8YcK1b6tw6V4iiEH
1yZelMRL0BUseIzLfiH5+JPVL92iYTrNN/vV5f+8vcd1INcs4ftGZ/aQ1XD+0VnF
R+zLDIcvpIIK99QoCO3W/RfeeSPXE7bXsxdbQ2Y6FpKXq0CEG6kr/fyV2uzUM9Ys
8TFyL07T6c5XoS9u9NJRuYCJ8RxsAPY+aMLsQgq+Y42MJo0Rf/4KFUoeomSbPNuh
1mwlKxEou2hFBw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:28:33 2026 by rpki-client