Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/a0475f-ca97-4b16-96db-2145ca75e383/1/XWU9B97R6Nf08uoEvTaELFsS8V4.mft
File: XWU9B97R6Nf08uoEvTaELFsS8V4.mft (raw, json)
Hash identifier: 89t1iIKwZS13sleFcsaJn8gmz3SeovoS0czGl08kxRI=
Subject key identifier: 22:93:A8:77:19:1E:98:1A:24:91:DE:83:6D:18:25:DB:CF:F8:2F:26
Authority key identifier: 5D:65:3D:07:DE:D1:E8:D7:F4:F2:EA:04:BD:36:84:2C:5B:12:F1:5E
Certificate issuer: /CN=5d653d07ded1e8d7f4f2ea04bd36842c5b12f15e
Certificate serial: 019D29CDFA1FD1A67EF11ABEBAFE02CEF4A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XWU9B97R6Nf08uoEvTaELFsS8V4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/a0475f-ca97-4b16-96db-2145ca75e383/1/XWU9B97R6Nf08uoEvTaELFsS8V4.mft
Manifest number: 10B0
Signing time: Thu 26 Mar 2026 11:00:57 +0000
Manifest this update: Thu 26 Mar 2026 11:00:57 +0000
Manifest next update: Fri 27 Mar 2026 11:00:57 +0000
Files and hashes: 1: XWU9B97R6Nf08uoEvTaELFsS8V4.crl (hash: XCMB2HFvngdtileb/5bJrvr/6+35pJvBtyk+aZQuGxM=)
2: y8aS9NjGoMwtiWTSfAPqlGnxCWs.roa (hash: ZuvgKYnV+P1b5dUwqqoJerGmgiPYibNQHqD2j8CfPTc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/a0475f-ca97-4b16-96db-2145ca75e383/1/XWU9B97R6Nf08uoEvTaELFsS8V4.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/a0475f-ca97-4b16-96db-2145ca75e383/1/XWU9B97R6Nf08uoEvTaELFsS8V4.mft
rsync://rpki.ripe.net/repository/DEFAULT/XWU9B97R6Nf08uoEvTaELFsS8V4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:cd:fa:1f:d1:a6:7e:f1:1a:be:ba:fe:02:ce:f4:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d653d07ded1e8d7f4f2ea04bd36842c5b12f15e
Validity
Not Before: Mar 26 11:00:57 2026 GMT
Not After : Mar 27 11:00:57 2026 GMT
Subject: CN=2293a877191e981a2491de836d1825dbcff82f26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:cb:85:57:4a:b5:76:3a:a2:e1:f1:bc:dc:80:
3d:96:ec:52:2b:11:0d:3d:a2:b4:0d:d4:29:6f:ed:
f4:5f:3b:41:92:c1:52:2c:c2:43:ff:bd:75:79:8a:
5a:48:da:d9:42:30:33:9a:cc:b9:03:43:ad:02:08:
79:c6:42:28:d2:a1:1f:73:62:7a:79:ee:33:cd:22:
54:0f:77:e5:bd:e4:bf:46:37:41:36:42:d1:96:2b:
77:21:66:cf:72:b1:2f:62:0f:b1:ed:c6:4e:da:e6:
47:09:cd:e6:5f:df:0c:4d:ae:fb:34:a6:88:43:05:
1e:42:04:c4:4e:ff:01:b5:b5:e6:62:3c:87:ed:64:
75:e4:00:54:c6:03:af:51:d6:9e:e1:0b:49:e7:9e:
e4:ec:b5:b6:25:d3:77:26:bb:91:f5:e0:4d:9c:19:
8d:d4:ca:9d:07:da:b1:1a:29:3e:59:5f:f1:d5:6b:
56:fb:34:6e:38:2c:8b:96:f3:26:42:b3:6a:b3:ed:
64:db:64:b1:d0:d9:7b:73:5d:61:89:da:7b:9c:cb:
7c:72:a2:92:c2:97:d4:eb:c0:a9:55:05:04:7a:f4:
21:48:00:72:9e:d4:dd:92:05:95:ae:3b:51:90:f5:
3c:84:3a:97:ec:bb:45:bb:04:a2:ee:7a:03:c2:ab:
2f:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:93:A8:77:19:1E:98:1A:24:91:DE:83:6D:18:25:DB:CF:F8:2F:26
X509v3 Authority Key Identifier:
keyid:5D:65:3D:07:DE:D1:E8:D7:F4:F2:EA:04:BD:36:84:2C:5B:12:F1:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XWU9B97R6Nf08uoEvTaELFsS8V4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a0475f-ca97-4b16-96db-2145ca75e383/1/XWU9B97R6Nf08uoEvTaELFsS8V4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a0475f-ca97-4b16-96db-2145ca75e383/1/XWU9B97R6Nf08uoEvTaELFsS8V4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
11:de:00:7b:b1:ec:e8:6b:d6:aa:3b:6d:4d:30:0b:ad:53:1e:
3e:19:0b:ad:0b:e3:df:b9:c1:f1:d1:1c:f7:24:63:a8:6f:10:
14:1c:ac:b5:cd:e6:9c:4e:60:f5:12:78:4c:13:98:d4:c2:6d:
e9:4b:58:9b:97:27:82:14:78:9a:34:af:17:c2:f9:a0:2c:23:
9a:f5:12:e8:61:d3:7e:65:81:a4:81:36:50:02:6d:77:bf:80:
ce:d4:84:23:9e:6f:0c:86:52:e1:06:66:94:5f:38:2f:d7:86:
71:1d:94:05:9a:0e:cf:54:a9:b4:ca:e8:33:e3:ab:09:84:e0:
4f:e9:6a:9c:e6:86:bc:2f:03:fe:39:47:0c:dc:27:4a:bf:e4:
01:d1:a1:81:28:ee:be:5e:4f:7d:d7:06:73:63:3d:2b:85:db:
99:fe:9c:30:25:2e:6d:74:be:05:6a:74:c9:c3:80:37:3f:c0:
34:12:f6:3c:97:42:88:19:02:b0:bd:78:c9:bc:f0:e1:9e:ab:
86:21:b3:6f:d4:d0:d4:bd:74:e8:80:4a:41:07:03:a4:47:61:
ce:da:76:4a:00:8c:bc:6d:24:d0:73:b4:d1:ff:19:b9:36:b6:
2f:8e:88:49:6b:7c:f4:04:ef:1a:db:d0:a5:58:28:ed:46:b7:
a2:d1:e0:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pzfof0aZ+8Rq+uv4CzvSoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkNjUzZDA3ZGVkMWU4ZDdmNGYyZWEwNGJkMzY4NDJjNWIx
MmYxNWUwHhcNMjYwMzI2MTEwMDU3WhcNMjYwMzI3MTEwMDU3WjAzMTEwLwYDVQQD
EygyMjkzYTg3NzE5MWU5ODFhMjQ5MWRlODM2ZDE4MjVkYmNmZjgyZjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4suFV0q1djqi4fG83IA9luxSKxEN
PaK0DdQpb+30XztBksFSLMJD/711eYpaSNrZQjAzmsy5A0OtAgh5xkIo0qEfc2J6
ee4zzSJUD3flveS/RjdBNkLRlit3IWbPcrEvYg+x7cZO2uZHCc3mX98MTa77NKaI
QwUeQgTETv8BtbXmYjyH7WR15ABUxgOvUdae4QtJ557k7LW2JdN3JruR9eBNnBmN
1MqdB9qxGik+WV/x1WtW+zRuOCyLlvMmQrNqs+1k22Sx0Nl7c11hidp7nMt8cqKS
wpfU68CpVQUEevQhSAByntTdkgWVrjtRkPU8hDqX7LtFuwSi7noDwqsvHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCKTqHcZHpgaJJHeg20YJdvP+C8mMB8GA1UdIwQY
MBaAFF1lPQfe0ejX9PLqBL02hCxbEvFeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFdVOUI5N1I2TmYwOHVvRXZUYUVMRnNTOFY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hMDQ3NWYtY2E5Ny00YjE2LTk2ZGIt
MjE0NWNhNzVlMzgzLzEvWFdVOUI5N1I2TmYwOHVvRXZUYUVMRnNTOFY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9hMDQ3NWYtY2E5Ny00YjE2LTk2ZGItMjE0NWNhNzVlMzgz
LzEvWFdVOUI5N1I2TmYwOHVvRXZUYUVMRnNTOFY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEd4Ae7Hs
6GvWqjttTTALrVMePhkLrQvj37nB8dEc9yRjqG8QFBystc3mnE5g9RJ4TBOY1MJt
6UtYm5cnghR4mjSvF8L5oCwjmvUS6GHTfmWBpIE2UAJtd7+AztSEI55vDIZS4QZm
lF84L9eGcR2UBZoOz1SptMroM+OrCYTgT+lqnOaGvC8D/jlHDNwnSr/kAdGhgSju
vl5PfdcGc2M9K4Xbmf6cMCUubXS+BWp0ycOANz/ANBL2PJdCiBkCsL14ybzw4Z6r
hiGzb9TQ1L106IBKQQcDpEdhztp2SgCMvG0k0HO00f8ZuTa2L46ISWt89ATvGtvQ
pVgo7Ua3otHgBw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:52:33 2026 by rpki-client