Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/0d615e-24db-47ef-9aa3-60e6b148d28b/1/1XfOFDQjLYCBldDKcKs5HfsHry0.mft
File: 1XfOFDQjLYCBldDKcKs5HfsHry0.mft (raw, json)
Hash identifier: QRgjCRJBu3kdOxo+gj62dBLXAu4zqZaQSyoXa7N/kZo=
Subject key identifier: AA:15:F2:76:02:71:47:C7:D2:1F:BF:80:56:D1:95:11:1B:9C:DF:66
Authority key identifier: D5:77:CE:14:34:23:2D:80:81:95:D0:CA:70:AB:39:1D:FB:07:AF:2D
Certificate issuer: /CN=d577ce1434232d808195d0ca70ab391dfb07af2d
Certificate serial: 019D371B22CF69FE57D9A081723EB83553B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1XfOFDQjLYCBldDKcKs5HfsHry0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/0d615e-24db-47ef-9aa3-60e6b148d28b/1/1XfOFDQjLYCBldDKcKs5HfsHry0.mft
Manifest number: 1890
Signing time: Sun 29 Mar 2026 01:00:18 +0000
Manifest this update: Sun 29 Mar 2026 01:00:18 +0000
Manifest next update: Mon 30 Mar 2026 01:00:18 +0000
Files and hashes: 1: 1XfOFDQjLYCBldDKcKs5HfsHry0.crl (hash: xLoe8WwiZ2i2AhwAA8mBYKqFPsBlc/hhFBaYePkpBAU=)
2: OeILc9n1u8YEH2AOBIE0o0dgpEE.roa (hash: /7A8rLMm0YbWTOXfPXut3LLp0Fa9Ut9MxlMvs+Wsm1w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/0d615e-24db-47ef-9aa3-60e6b148d28b/1/1XfOFDQjLYCBldDKcKs5HfsHry0.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/0d615e-24db-47ef-9aa3-60e6b148d28b/1/1XfOFDQjLYCBldDKcKs5HfsHry0.mft
rsync://rpki.ripe.net/repository/DEFAULT/1XfOFDQjLYCBldDKcKs5HfsHry0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 01:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:1b:22:cf:69:fe:57:d9:a0:81:72:3e:b8:35:53:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d577ce1434232d808195d0ca70ab391dfb07af2d
Validity
Not Before: Mar 29 01:00:18 2026 GMT
Not After : Mar 30 01:00:18 2026 GMT
Subject: CN=aa15f276027147c7d21fbf8056d195111b9cdf66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:7e:78:12:73:d1:a9:ee:7d:64:69:d9:81:e0:
a8:eb:8d:ae:aa:84:1d:dc:d1:56:ae:ff:55:22:89:
12:04:76:d1:5b:ac:bb:b9:5f:a8:e7:f9:ef:55:f3:
e9:d5:d8:62:29:da:76:7d:a6:9c:0e:d9:50:2b:7a:
04:d1:f0:69:c0:4e:18:7b:78:06:fc:79:f7:65:84:
94:f4:29:74:4a:c8:66:bd:31:98:d6:71:08:5f:96:
18:16:5b:3a:94:51:b9:4e:cb:5e:d6:57:1d:2c:4d:
7d:d5:5d:4e:46:38:28:f0:79:dd:f5:7f:86:94:15:
43:30:bc:e1:1a:7f:92:2c:76:33:d7:6e:7b:07:06:
4d:b7:66:82:48:06:5c:80:39:c7:30:94:fa:8b:17:
44:05:d6:82:b1:f9:a5:51:3b:58:08:8a:17:c7:fc:
e2:c8:b4:12:9c:0f:31:dd:20:3e:aa:b9:98:27:2f:
4e:d3:8e:b9:e4:1e:c8:76:55:23:b3:fc:31:13:b4:
6b:50:2c:32:e1:17:9c:e4:7e:8b:7e:9d:bf:bd:db:
6b:92:7a:b8:db:19:95:68:b2:3c:e1:f6:59:6a:dc:
28:c7:4e:4c:77:ac:dd:7a:bb:c6:d1:6f:d9:06:e8:
ae:0d:9f:67:2f:ba:fc:3c:0b:dc:c5:d6:da:29:ce:
3d:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:15:F2:76:02:71:47:C7:D2:1F:BF:80:56:D1:95:11:1B:9C:DF:66
X509v3 Authority Key Identifier:
keyid:D5:77:CE:14:34:23:2D:80:81:95:D0:CA:70:AB:39:1D:FB:07:AF:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1XfOFDQjLYCBldDKcKs5HfsHry0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/0d615e-24db-47ef-9aa3-60e6b148d28b/1/1XfOFDQjLYCBldDKcKs5HfsHry0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/0d615e-24db-47ef-9aa3-60e6b148d28b/1/1XfOFDQjLYCBldDKcKs5HfsHry0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4c:b7:d5:0c:c3:4c:7b:82:4d:3f:c1:32:81:fe:80:58:07:56:
d0:e1:ed:cc:de:20:cf:23:97:0e:c7:17:9a:26:74:9d:42:92:
a4:40:c3:89:bb:0c:31:e7:d0:78:f7:96:07:29:c1:5a:9c:77:
05:a1:01:f7:e6:69:53:82:ce:69:a8:cd:7c:53:9b:d3:9b:d4:
3a:b1:f1:df:00:fe:af:58:d0:87:cd:9d:0f:b3:f2:46:2c:b9:
65:74:68:c2:18:78:51:ee:12:59:b0:19:dc:e1:bc:02:55:cd:
e3:24:7f:22:9c:91:f6:78:61:31:ce:9c:29:3b:a8:5e:5b:3b:
79:44:42:82:98:d9:c2:3b:22:a7:98:a2:c0:c4:04:05:7a:cf:
ef:15:a4:f7:8b:9f:fd:7e:08:a4:6e:68:67:27:ea:b9:e7:2e:
6b:d1:36:1d:58:76:2f:b7:26:77:b7:a9:75:fb:c4:6f:8a:69:
c4:20:70:1d:5f:c1:ff:14:24:b1:a4:1c:eb:4b:1d:fd:2e:6d:
ce:24:61:20:ce:1f:a1:bd:a4:1b:cf:4c:c1:85:fb:ba:ca:ff:
fe:b9:7f:20:54:b4:2f:c8:8d:fe:b8:83:ba:b4:11:7d:e6:e2:
21:cc:84:89:2d:4c:fb:ee:a0:83:5d:ab:a3:8f:96:73:b8:48:
49:97:bc:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03GyLPaf5X2aCBcj64NVO4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NzdjZTE0MzQyMzJkODA4MTk1ZDBjYTcwYWIzOTFkZmIw
N2FmMmQwHhcNMjYwMzI5MDEwMDE4WhcNMjYwMzMwMDEwMDE4WjAzMTEwLwYDVQQD
EyhhYTE1ZjI3NjAyNzE0N2M3ZDIxZmJmODA1NmQxOTUxMTFiOWNkZjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvn54EnPRqe59ZGnZgeCo642uqoQd
3NFWrv9VIokSBHbRW6y7uV+o5/nvVfPp1dhiKdp2faacDtlQK3oE0fBpwE4Ye3gG
/Hn3ZYSU9Cl0SshmvTGY1nEIX5YYFls6lFG5Tste1lcdLE191V1ORjgo8Hnd9X+G
lBVDMLzhGn+SLHYz1257BwZNt2aCSAZcgDnHMJT6ixdEBdaCsfmlUTtYCIoXx/zi
yLQSnA8x3SA+qrmYJy9O04655B7IdlUjs/wxE7RrUCwy4Rec5H6Lfp2/vdtrknq4
2xmVaLI84fZZatwox05Md6zdervG0W/ZBuiuDZ9nL7r8PAvcxdbaKc49HwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKoV8nYCcUfH0h+/gFbRlREbnN9mMB8GA1UdIwQY
MBaAFNV3zhQ0Iy2AgZXQynCrOR37B68tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVhmT0ZEUWpMWUNCbGRES2NLczVIZnNIcnkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8wZDYxNWUtMjRkYi00N2VmLTlhYTMt
NjBlNmIxNDhkMjhiLzEvMVhmT0ZEUWpMWUNCbGRES2NLczVIZnNIcnkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8wZDYxNWUtMjRkYi00N2VmLTlhYTMtNjBlNmIxNDhkMjhi
LzEvMVhmT0ZEUWpMWUNCbGRES2NLczVIZnNIcnkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATLfVDMNM
e4JNP8Eygf6AWAdW0OHtzN4gzyOXDscXmiZ0nUKSpEDDibsMMefQePeWBynBWpx3
BaEB9+ZpU4LOaajNfFOb05vUOrHx3wD+r1jQh82dD7PyRiy5ZXRowhh4Ue4SWbAZ
3OG8AlXN4yR/IpyR9nhhMc6cKTuoXls7eURCgpjZwjsip5iiwMQEBXrP7xWk94uf
/X4IpG5oZyfquecua9E2HVh2L7cmd7epdfvEb4ppxCBwHV/B/xQksaQc60sd/S5t
ziRhIM4fob2kG89MwYX7usr//rl/IFS0L8iN/riDurQRfebiIcyEiS1M++6gg12r
o4+Wc7hISZe8PQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:13:10 2026 by rpki-client