Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/114340-2c70-41fc-abe7-2fa7c9b111b1/1/rXz7zh1tOmok8lZSBl0xV1go7bU.mft
File: rXz7zh1tOmok8lZSBl0xV1go7bU.mft (raw, json)
Hash identifier: Wxa0T7RCOKj4DC3MOmcfj+2PSd/n6UubMV6foDsoWlE=
Subject key identifier: DB:EE:28:97:BC:72:A2:C9:07:BE:3F:23:BE:67:85:21:D7:FF:97:13
Authority key identifier: AD:7C:FB:CE:1D:6D:3A:6A:24:F2:56:52:06:5D:31:57:58:28:ED:B5
Certificate issuer: /CN=ad7cfbce1d6d3a6a24f25652065d31575828edb5
Certificate serial: 019D3865AD7C71B3F751E8BEDEC0CDE71BB2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rXz7zh1tOmok8lZSBl0xV1go7bU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/114340-2c70-41fc-abe7-2fa7c9b111b1/1/rXz7zh1tOmok8lZSBl0xV1go7bU.mft
Manifest number: 0FA1
Signing time: Sun 29 Mar 2026 07:01:20 +0000
Manifest this update: Sun 29 Mar 2026 07:01:20 +0000
Manifest next update: Mon 30 Mar 2026 07:01:20 +0000
Files and hashes: 1: X95prXHzq8X1CPwv1gtcHecBZ9A.roa (hash: kIyKmeEmNUCd7/Tfz3mqcBFszHGcJgIalIr5T8BFnbY=)
2: rXz7zh1tOmok8lZSBl0xV1go7bU.crl (hash: Oe9Bcef/XXSzBMNJ0OotbysC1FZeRw2OtlieMOewSG4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/114340-2c70-41fc-abe7-2fa7c9b111b1/1/rXz7zh1tOmok8lZSBl0xV1go7bU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/114340-2c70-41fc-abe7-2fa7c9b111b1/1/rXz7zh1tOmok8lZSBl0xV1go7bU.mft
rsync://rpki.ripe.net/repository/DEFAULT/rXz7zh1tOmok8lZSBl0xV1go7bU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:65:ad:7c:71:b3:f7:51:e8:be:de:c0:cd:e7:1b:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad7cfbce1d6d3a6a24f25652065d31575828edb5
Validity
Not Before: Mar 29 07:01:20 2026 GMT
Not After : Mar 30 07:01:20 2026 GMT
Subject: CN=dbee2897bc72a2c907be3f23be678521d7ff9713
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f2:c4:d6:21:89:1f:8f:98:77:e5:31:98:15:
41:81:38:4c:ad:91:ab:9b:80:79:53:f6:46:09:10:
47:b5:9c:cd:0e:d8:54:76:26:ff:da:bc:da:3d:1c:
1b:15:a8:ee:82:33:ea:c8:6f:8c:4a:22:d1:43:d0:
95:16:0f:5a:3a:21:45:c7:d4:3d:b6:7e:05:d8:0b:
84:5d:af:f3:bc:84:f2:e2:67:56:94:ee:85:a5:ca:
3b:b6:75:74:d1:f6:6d:a5:6e:2a:47:4b:25:4e:eb:
a2:02:ec:2c:87:13:07:1a:98:72:27:31:bb:5a:61:
06:7f:87:ef:cb:e9:d2:b0:df:72:5e:86:18:6c:2f:
ec:b9:b4:48:cb:53:d3:b9:0e:ad:82:d4:f8:e0:ad:
2a:f6:84:e9:69:a3:86:0c:50:9e:86:20:40:d7:f1:
ca:6a:84:4c:f4:98:87:5d:91:89:27:bb:4f:c3:7c:
d2:63:4a:8e:2c:03:6d:72:e7:6e:88:56:6a:99:e9:
97:43:3f:ae:a1:a8:7e:9c:8c:64:ec:a9:91:42:99:
70:ef:5b:d3:77:94:00:ff:ea:e1:0f:40:de:90:b7:
8e:2c:91:06:f1:f0:ba:de:b6:fc:4a:0d:91:2e:fa:
40:ed:29:9a:ee:4a:ce:c3:b0:d6:9b:ad:91:ef:7a:
3c:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:EE:28:97:BC:72:A2:C9:07:BE:3F:23:BE:67:85:21:D7:FF:97:13
X509v3 Authority Key Identifier:
keyid:AD:7C:FB:CE:1D:6D:3A:6A:24:F2:56:52:06:5D:31:57:58:28:ED:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rXz7zh1tOmok8lZSBl0xV1go7bU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/114340-2c70-41fc-abe7-2fa7c9b111b1/1/rXz7zh1tOmok8lZSBl0xV1go7bU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/114340-2c70-41fc-abe7-2fa7c9b111b1/1/rXz7zh1tOmok8lZSBl0xV1go7bU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
34:b9:f6:ec:86:21:0e:5f:67:6e:75:23:7b:8d:6b:23:e4:18:
bf:57:dd:bb:df:af:f7:80:49:87:db:9d:27:ce:32:c1:f7:87:
7c:a1:10:64:61:42:e3:25:0a:ef:ff:04:11:fb:f6:b9:9e:b3:
99:c3:7c:15:38:13:2b:4f:9d:14:21:20:4d:75:81:21:48:4a:
dd:81:07:0e:14:f7:b7:fc:5d:fd:42:16:ea:66:4e:59:4d:05:
24:a7:ac:96:26:47:41:ea:7c:fb:62:10:1b:c0:ae:2e:ee:08:
b4:24:e0:b1:c2:af:b2:f4:f8:be:8d:b9:10:21:8a:24:70:c7:
fe:97:63:96:24:d3:2b:e7:3c:15:79:e2:b5:88:47:0b:b9:cc:
5d:71:41:b3:36:5c:0a:fa:2c:9a:57:d3:4f:0c:57:c7:40:cd:
28:76:24:83:b2:18:d4:f3:3e:3f:c2:38:e9:ce:10:19:01:9d:
c3:d8:cc:30:0d:01:17:d3:a1:20:b7:f7:d7:3b:1a:ae:69:a0:
c2:77:e5:bf:b8:fa:9f:66:95:2e:4f:49:df:f2:fe:77:14:3f:
e1:46:6e:ca:7f:f0:3d:50:af:bc:75:22:f0:5c:8c:36:bb:95:
08:89:ca:f3:70:fc:32:1c:9d:20:3a:ab:77:78:4a:aa:fe:6c:
d3:e3:8f:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Za18cbP3Uei+3sDN5xuyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkN2NmYmNlMWQ2ZDNhNmEyNGYyNTY1MjA2NWQzMTU3NTgy
OGVkYjUwHhcNMjYwMzI5MDcwMTIwWhcNMjYwMzMwMDcwMTIwWjAzMTEwLwYDVQQD
EyhkYmVlMjg5N2JjNzJhMmM5MDdiZTNmMjNiZTY3ODUyMWQ3ZmY5NzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvLE1iGJH4+Yd+UxmBVBgThMrZGr
m4B5U/ZGCRBHtZzNDthUdib/2rzaPRwbFajugjPqyG+MSiLRQ9CVFg9aOiFFx9Q9
tn4F2AuEXa/zvITy4mdWlO6Fpco7tnV00fZtpW4qR0slTuuiAuwshxMHGphyJzG7
WmEGf4fvy+nSsN9yXoYYbC/subRIy1PTuQ6tgtT44K0q9oTpaaOGDFCehiBA1/HK
aoRM9JiHXZGJJ7tPw3zSY0qOLANtcuduiFZqmemXQz+uoah+nIxk7KmRQplw71vT
d5QA/+rhD0DekLeOLJEG8fC63rb8Sg2RLvpA7Sma7krOw7DWm62R73o8fQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNvuKJe8cqLJB74/I75nhSHX/5cTMB8GA1UdIwQY
MBaAFK18+84dbTpqJPJWUgZdMVdYKO21MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclh6N3poMXRPbW9rOGxaU0JsMHhWMWdvN2JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xMTQzNDAtMmM3MC00MWZjLWFiZTct
MmZhN2M5YjExMWIxLzEvclh6N3poMXRPbW9rOGxaU0JsMHhWMWdvN2JVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xMTQzNDAtMmM3MC00MWZjLWFiZTctMmZhN2M5YjExMWIx
LzEvclh6N3poMXRPbW9rOGxaU0JsMHhWMWdvN2JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANLn27IYh
Dl9nbnUje41rI+QYv1fdu9+v94BJh9udJ84ywfeHfKEQZGFC4yUK7/8EEfv2uZ6z
mcN8FTgTK0+dFCEgTXWBIUhK3YEHDhT3t/xd/UIW6mZOWU0FJKesliZHQep8+2IQ
G8CuLu4ItCTgscKvsvT4vo25ECGKJHDH/pdjliTTK+c8FXnitYhHC7nMXXFBszZc
CvosmlfTTwxXx0DNKHYkg7IY1PM+P8I46c4QGQGdw9jMMA0BF9OhILf31zsarmmg
wnflv7j6n2aVLk9J3/L+dxQ/4UZuyn/wPVCvvHUi8FyMNruVCInK83D8MhydIDqr
d3hKqv5s0+OPhg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:46:45 2026 by rpki-client