Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/0d615e-24db-47ef-9aa3-60e6b148d28b/1/1XfOFDQjLYCBldDKcKs5HfsHry0.mft
File: 1XfOFDQjLYCBldDKcKs5HfsHry0.mft (raw, json)
Hash identifier: iFYAYrf0n9uFfOfDfHJzB/XBvzoQK3L7W1dR9Eajy/8=
Subject key identifier: 23:1F:39:36:C3:16:BD:C9:88:5B:1E:FF:B9:23:78:7E:54:94:FC:07
Authority key identifier: D5:77:CE:14:34:23:2D:80:81:95:D0:CA:70:AB:39:1D:FB:07:AF:2D
Certificate issuer: /CN=d577ce1434232d808195d0ca70ab391dfb07af2d
Certificate serial: 019F17F98FB7ED3AB8B02A6AD01769168C76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1XfOFDQjLYCBldDKcKs5HfsHry0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/0d615e-24db-47ef-9aa3-60e6b148d28b/1/1XfOFDQjLYCBldDKcKs5HfsHry0.mft
Manifest number: 1989
Signing time: Tue 30 Jun 2026 10:00:58 +0000
Manifest this update: Tue 30 Jun 2026 10:00:58 +0000
Manifest next update: Wed 01 Jul 2026 10:00:58 +0000
Files and hashes: 1: 1XfOFDQjLYCBldDKcKs5HfsHry0.crl (hash: 8gPpS8Mya+eWj6gAEiFWe+zBNCjJwTlCXBLxhFRZ4o4=)
2: OeILc9n1u8YEH2AOBIE0o0dgpEE.roa (hash: /7A8rLMm0YbWTOXfPXut3LLp0Fa9Ut9MxlMvs+Wsm1w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/0d615e-24db-47ef-9aa3-60e6b148d28b/1/1XfOFDQjLYCBldDKcKs5HfsHry0.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/0d615e-24db-47ef-9aa3-60e6b148d28b/1/1XfOFDQjLYCBldDKcKs5HfsHry0.mft
rsync://rpki.ripe.net/repository/DEFAULT/1XfOFDQjLYCBldDKcKs5HfsHry0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Jul 2026 10:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:17:f9:8f:b7:ed:3a:b8:b0:2a:6a:d0:17:69:16:8c:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d577ce1434232d808195d0ca70ab391dfb07af2d
Validity
Not Before: Jun 30 10:00:58 2026 GMT
Not After : Jul 1 10:00:58 2026 GMT
Subject: CN=231f3936c316bdc9885b1effb923787e5494fc07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:9b:7b:4c:34:3e:7c:47:f8:02:15:76:8c:46:
30:37:b0:d8:b3:80:bb:fc:c0:7e:d5:2d:2e:ac:da:
8c:77:59:07:dd:c2:d4:1a:b7:06:49:f0:b7:96:d2:
14:40:a5:a8:22:fa:17:d5:38:53:aa:76:25:f1:9a:
6b:88:7d:59:81:ef:81:5b:f2:23:40:86:57:15:98:
84:b5:fb:ae:dc:6e:8f:c4:2b:4a:c1:68:76:78:76:
d0:e5:cd:01:ae:7c:a4:49:0f:94:aa:0a:4b:a4:f7:
c5:ff:f6:50:2f:58:ab:1f:05:24:fe:dc:5d:96:5d:
ce:e1:ca:09:ce:e3:b7:ab:fe:de:4a:e3:3b:05:9f:
11:3c:29:bd:23:b8:9b:5f:05:52:a6:4b:51:b6:c9:
11:5d:3b:3e:6e:a7:d6:1d:1a:95:b7:59:44:22:e2:
cf:1e:ab:63:b6:b6:ca:5e:ab:8e:71:82:b6:9c:ab:
30:67:a9:ba:20:8d:dd:4e:d4:68:65:c9:99:4e:01:
01:10:35:b1:25:33:e8:61:d3:28:e1:17:8f:df:5b:
65:2f:12:76:3e:c6:ec:8b:75:dc:ba:0d:67:aa:61:
68:f8:26:10:0a:6b:97:df:40:eb:e2:5a:20:20:b5:
6d:12:b8:aa:72:00:e3:9a:c3:e0:d6:88:0d:a1:90:
46:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:1F:39:36:C3:16:BD:C9:88:5B:1E:FF:B9:23:78:7E:54:94:FC:07
X509v3 Authority Key Identifier:
keyid:D5:77:CE:14:34:23:2D:80:81:95:D0:CA:70:AB:39:1D:FB:07:AF:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1XfOFDQjLYCBldDKcKs5HfsHry0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/0d615e-24db-47ef-9aa3-60e6b148d28b/1/1XfOFDQjLYCBldDKcKs5HfsHry0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/0d615e-24db-47ef-9aa3-60e6b148d28b/1/1XfOFDQjLYCBldDKcKs5HfsHry0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4c:a6:b6:4d:6a:2d:22:59:c6:8d:18:c6:cb:14:93:7e:85:eb:
d8:08:5e:9c:ca:05:b9:70:75:78:86:f5:be:af:6b:44:6a:39:
02:d9:40:c7:5a:c3:fa:c7:4b:50:c4:2d:b9:57:d2:13:f3:32:
18:4f:a6:3c:83:bb:18:bc:f6:5c:01:c0:76:64:6b:dd:a9:b4:
88:c8:f3:9e:70:b1:3b:b0:67:bf:f7:30:48:c9:81:ed:35:a4:
7b:b8:e2:e9:91:0c:63:be:e1:e8:9b:6e:27:59:f3:8d:a6:99:
f1:46:d1:50:af:11:be:b8:c5:3e:cc:ee:84:42:78:22:39:08:
02:fb:3d:c1:2a:0b:6a:94:40:58:aa:ad:d9:6e:77:43:06:eb:
fc:9a:82:3d:96:9a:93:22:d7:ee:b1:34:10:82:80:a0:3f:6d:
d9:5a:db:4b:18:fe:f4:b8:01:52:7a:3a:8e:4d:7e:73:4c:1b:
11:12:83:8f:7e:ca:21:75:d4:dd:52:40:18:8b:69:c9:22:bd:
13:a5:0d:08:f9:fb:31:09:5a:65:b5:75:2d:dc:bf:67:63:1e:
3f:6d:43:e0:c3:15:27:c1:a2:8c:76:29:0b:5b:81:4e:b8:5d:
9d:b9:bf:d8:13:ff:c6:ae:ed:3b:88:92:be:c1:51:24:d8:40:
f7:61:38:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8X+Y+37Tq4sCpq0BdpFox2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NzdjZTE0MzQyMzJkODA4MTk1ZDBjYTcwYWIzOTFkZmIw
N2FmMmQwHhcNMjYwNjMwMTAwMDU4WhcNMjYwNzAxMTAwMDU4WjAzMTEwLwYDVQQD
EygyMzFmMzkzNmMzMTZiZGM5ODg1YjFlZmZiOTIzNzg3ZTU0OTRmYzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspt7TDQ+fEf4AhV2jEYwN7DYs4C7
/MB+1S0urNqMd1kH3cLUGrcGSfC3ltIUQKWoIvoX1ThTqnYl8ZpriH1Zge+BW/Ij
QIZXFZiEtfuu3G6PxCtKwWh2eHbQ5c0BrnykSQ+UqgpLpPfF//ZQL1irHwUk/txd
ll3O4coJzuO3q/7eSuM7BZ8RPCm9I7ibXwVSpktRtskRXTs+bqfWHRqVt1lEIuLP
HqtjtrbKXquOcYK2nKswZ6m6II3dTtRoZcmZTgEBEDWxJTPoYdMo4ReP31tlLxJ2
Psbsi3Xcug1nqmFo+CYQCmuX30Dr4logILVtEriqcgDjmsPg1ogNoZBGawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCMfOTbDFr3JiFse/7kjeH5UlPwHMB8GA1UdIwQY
MBaAFNV3zhQ0Iy2AgZXQynCrOR37B68tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVhmT0ZEUWpMWUNCbGRES2NLczVIZnNIcnkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8wZDYxNWUtMjRkYi00N2VmLTlhYTMt
NjBlNmIxNDhkMjhiLzEvMVhmT0ZEUWpMWUNCbGRES2NLczVIZnNIcnkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8wZDYxNWUtMjRkYi00N2VmLTlhYTMtNjBlNmIxNDhkMjhi
LzEvMVhmT0ZEUWpMWUNCbGRES2NLczVIZnNIcnkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATKa2TWot
IlnGjRjGyxSTfoXr2AhenMoFuXB1eIb1vq9rRGo5AtlAx1rD+sdLUMQtuVfSE/My
GE+mPIO7GLz2XAHAdmRr3am0iMjznnCxO7Bnv/cwSMmB7TWke7ji6ZEMY77h6Jtu
J1nzjaaZ8UbRUK8RvrjFPszuhEJ4IjkIAvs9wSoLapRAWKqt2W53Qwbr/JqCPZaa
kyLX7rE0EIKAoD9t2VrbSxj+9LgBUno6jk1+c0wbERKDj37KIXXU3VJAGItpySK9
E6UNCPn7MQlaZbV1Ldy/Z2MeP21D4MMVJ8GijHYpC1uBTrhdnbm/2BP/xq7tO4iS
vsFRJNhA92E4tQ==
-----END CERTIFICATE-----
Generated at Tue Jun 30 18:23:17 2026 by rpki-client