Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/32e3d3-9a8d-4653-94fa-a2019988330f/1/_XBhwg1PCXYTrAMTI3pt8rsstdw.mft
File: _XBhwg1PCXYTrAMTI3pt8rsstdw.mft (raw, json)
Hash identifier: 32U61RV+8uB9HmXUojKOaBAa7QSjn2KGM7ABkqhvx1U=
Subject key identifier: 01:49:3A:1C:6E:9B:2C:83:81:17:B7:55:CC:1B:3A:7E:4B:74:9C:65
Authority key identifier: FD:70:61:C2:0D:4F:09:76:13:AC:03:13:23:7A:6D:F2:BB:2C:B5:DC
Certificate issuer: /CN=fd7061c20d4f097613ac0313237a6df2bb2cb5dc
Certificate serial: 019D389BD70CDDE9C0367637B17ED3F97A60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_XBhwg1PCXYTrAMTI3pt8rsstdw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/32e3d3-9a8d-4653-94fa-a2019988330f/1/_XBhwg1PCXYTrAMTI3pt8rsstdw.mft
Manifest number: 0425
Signing time: Sun 29 Mar 2026 08:00:30 +0000
Manifest this update: Sun 29 Mar 2026 08:00:30 +0000
Manifest next update: Mon 30 Mar 2026 08:00:30 +0000
Files and hashes: 1: ON48mzQU_ZkOuAlZyHAa9FLTToE.roa (hash: TGKZsRuel7PSpfKiU9Wd7dmrbOAx1arJ02E3xTpIfM8=)
2: _XBhwg1PCXYTrAMTI3pt8rsstdw.crl (hash: hqC5SZPZLWDLhVumD4YA/aDIV7TNBccA1mFQlugCasQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/32e3d3-9a8d-4653-94fa-a2019988330f/1/_XBhwg1PCXYTrAMTI3pt8rsstdw.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/32e3d3-9a8d-4653-94fa-a2019988330f/1/_XBhwg1PCXYTrAMTI3pt8rsstdw.mft
rsync://rpki.ripe.net/repository/DEFAULT/_XBhwg1PCXYTrAMTI3pt8rsstdw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9b:d7:0c:dd:e9:c0:36:76:37:b1:7e:d3:f9:7a:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd7061c20d4f097613ac0313237a6df2bb2cb5dc
Validity
Not Before: Mar 29 08:00:30 2026 GMT
Not After : Mar 30 08:00:30 2026 GMT
Subject: CN=01493a1c6e9b2c838117b755cc1b3a7e4b749c65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:de:8d:0c:0e:d6:b6:88:9f:44:7f:b6:54:96:
56:70:b9:4a:2a:ec:c1:a5:c5:c0:09:37:d5:42:a8:
db:e1:b8:55:1b:db:29:d9:36:a2:a4:f2:35:20:81:
68:70:7b:8f:ab:f2:52:d5:06:06:e1:da:55:c2:1d:
82:e0:5b:82:1d:5a:b3:a3:9a:41:7c:00:ea:85:6f:
09:51:cd:80:67:94:be:c6:a3:7c:fa:82:5d:ff:74:
1a:da:22:83:fd:a0:c7:91:7e:70:db:1a:86:94:56:
88:0b:cb:e9:97:d6:ed:94:5d:00:18:96:fe:53:9d:
c4:cf:b5:62:69:81:b4:34:e3:e0:4c:7e:bb:2f:c9:
fb:bd:d9:d6:65:42:37:de:67:a9:b7:a0:97:c0:81:
91:7e:cd:76:ed:92:8d:20:4a:8e:08:29:e7:00:71:
b8:86:df:ba:a5:9f:ce:60:e3:f5:3b:e4:74:83:93:
ef:78:21:f4:45:5e:56:9a:fc:c3:7c:43:5e:06:17:
8a:8d:b3:78:51:9f:6a:8a:d3:01:0d:f1:97:65:c9:
48:08:c0:08:7d:2a:d4:c2:6f:90:4c:ab:3f:35:78:
ee:59:12:b1:4e:ab:cf:3b:0a:79:7c:c8:cf:a3:8e:
e9:a7:fa:56:0a:67:6c:91:b1:57:48:aa:f7:cd:f6:
12:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:49:3A:1C:6E:9B:2C:83:81:17:B7:55:CC:1B:3A:7E:4B:74:9C:65
X509v3 Authority Key Identifier:
keyid:FD:70:61:C2:0D:4F:09:76:13:AC:03:13:23:7A:6D:F2:BB:2C:B5:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_XBhwg1PCXYTrAMTI3pt8rsstdw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/32e3d3-9a8d-4653-94fa-a2019988330f/1/_XBhwg1PCXYTrAMTI3pt8rsstdw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/32e3d3-9a8d-4653-94fa-a2019988330f/1/_XBhwg1PCXYTrAMTI3pt8rsstdw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
56:40:8a:8b:54:65:7e:3c:d9:13:44:a6:48:44:24:7e:4f:14:
0e:bf:7e:63:27:d6:7c:8a:2f:4e:9f:84:6a:41:72:fd:6e:12:
f6:99:ec:50:07:39:0a:23:4e:8e:2b:43:1b:44:be:39:b7:e9:
7b:dc:14:09:53:2b:ef:90:4b:9e:7b:57:9a:e6:dc:d4:cb:3d:
ea:55:a1:13:64:ed:ef:62:44:c1:88:67:54:4c:b0:c7:f5:0e:
d0:91:87:8b:05:ca:af:89:4e:a5:86:08:37:ca:76:a1:ef:cc:
e6:8d:fe:8c:56:18:35:f3:ec:c6:61:83:a5:c6:d0:3b:3b:0c:
e4:3e:30:29:35:59:72:32:50:ad:fc:94:4a:04:40:88:4f:f2:
18:3e:46:95:86:bb:74:97:99:19:ea:f3:50:c3:8d:b0:11:87:
38:99:74:60:b7:8f:60:33:c3:eb:24:db:1c:11:26:fc:33:f4:
8e:d1:a6:00:44:56:52:2f:3f:10:f5:35:93:dc:b2:3c:75:33:
e8:32:99:83:46:84:dc:22:07:d0:0c:75:99:10:9e:0e:be:2b:
76:0f:00:28:85:8f:45:d0:7d:43:68:da:31:43:56:00:bc:59:
d4:2d:5e:78:42:41:89:db:15:b6:0f:c5:43:85:bd:6f:03:91:
58:65:86:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04m9cM3enANnY3sX7T+XpgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkNzA2MWMyMGQ0ZjA5NzYxM2FjMDMxMzIzN2E2ZGYyYmIy
Y2I1ZGMwHhcNMjYwMzI5MDgwMDMwWhcNMjYwMzMwMDgwMDMwWjAzMTEwLwYDVQQD
EygwMTQ5M2ExYzZlOWIyYzgzODExN2I3NTVjYzFiM2E3ZTRiNzQ5YzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtd6NDA7WtoifRH+2VJZWcLlKKuzB
pcXACTfVQqjb4bhVG9sp2TaipPI1IIFocHuPq/JS1QYG4dpVwh2C4FuCHVqzo5pB
fADqhW8JUc2AZ5S+xqN8+oJd/3Qa2iKD/aDHkX5w2xqGlFaIC8vpl9btlF0AGJb+
U53Ez7ViaYG0NOPgTH67L8n7vdnWZUI33mept6CXwIGRfs127ZKNIEqOCCnnAHG4
ht+6pZ/OYOP1O+R0g5PveCH0RV5WmvzDfENeBheKjbN4UZ9qitMBDfGXZclICMAI
fSrUwm+QTKs/NXjuWRKxTqvPOwp5fMjPo47pp/pWCmdskbFXSKr3zfYS4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAFJOhxumyyDgRe3VcwbOn5LdJxlMB8GA1UdIwQY
MBaAFP1wYcINTwl2E6wDEyN6bfK7LLXcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1hCaHdnMVBDWFlUckFNVEkzcHQ4cnNzdGR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8zMmUzZDMtOWE4ZC00NjUzLTk0ZmEt
YTIwMTk5ODgzMzBmLzEvX1hCaHdnMVBDWFlUckFNVEkzcHQ4cnNzdGR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8zMmUzZDMtOWE4ZC00NjUzLTk0ZmEtYTIwMTk5ODgzMzBm
LzEvX1hCaHdnMVBDWFlUckFNVEkzcHQ4cnNzdGR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVkCKi1Rl
fjzZE0SmSEQkfk8UDr9+YyfWfIovTp+EakFy/W4S9pnsUAc5CiNOjitDG0S+Obfp
e9wUCVMr75BLnntXmubc1Ms96lWhE2Tt72JEwYhnVEywx/UO0JGHiwXKr4lOpYYI
N8p2oe/M5o3+jFYYNfPsxmGDpcbQOzsM5D4wKTVZcjJQrfyUSgRAiE/yGD5GlYa7
dJeZGerzUMONsBGHOJl0YLePYDPD6yTbHBEm/DP0jtGmAERWUi8/EPU1k9yyPHUz
6DKZg0aE3CIH0Ax1mRCeDr4rdg8AKIWPRdB9Q2jaMUNWALxZ1C1eeEJBidsVtg/F
Q4W9bwORWGWGTg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:49:04 2026 by rpki-client