Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft
File: XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft (raw, json)
Hash identifier: 6qzV7U2+Anqsl5D16YMuy9dy7sRJ49xQBjKGbalOWFQ=
Subject key identifier: F8:EE:F4:41:3F:28:C5:04:87:F7:BB:8C:CF:2A:DE:CB:78:C2:E6:66
Authority key identifier: 5E:77:44:67:E2:18:49:52:49:43:D2:BD:45:90:10:72:0F:3E:20:E4
Certificate issuer: /CN=5e774467e21849524943d2bd459010720f3e20e4
Certificate serial: 019D27E02B51471D60893847D5FD4F9110CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft
Manifest number: 1396
Signing time: Thu 26 Mar 2026 02:01:35 +0000
Manifest this update: Thu 26 Mar 2026 02:01:35 +0000
Manifest next update: Fri 27 Mar 2026 02:01:35 +0000
Files and hashes: 1: 46eH9Cj2ZoAvvZOdO1gLEixXty0.roa (hash: nutrSegvu5QxeGV6g/QuVOtrzFyb4Km/JeoI/dWaXRo=)
2: XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.crl (hash: jCnosWNJ2i42n6Ui/qwKmdKK3vQIiWdJ6R5KtkmGZys=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 02:01:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:e0:2b:51:47:1d:60:89:38:47:d5:fd:4f:91:10:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e774467e21849524943d2bd459010720f3e20e4
Validity
Not Before: Mar 26 02:01:35 2026 GMT
Not After : Mar 27 02:01:35 2026 GMT
Subject: CN=f8eef4413f28c50487f7bb8ccf2adecb78c2e666
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b1:00:f0:e8:56:60:9e:9d:5a:1e:19:be:8e:
14:ad:d9:45:07:05:af:6d:f6:3f:0c:6c:7b:c0:75:
75:87:d8:06:55:16:fa:bf:ba:4c:e9:0d:0a:82:49:
6c:1b:97:b0:d6:44:e2:cb:0d:13:00:5f:1f:49:c0:
cb:07:ff:68:58:4e:bd:f3:ee:4f:a5:9c:fa:fc:3c:
cf:6d:42:a2:57:6e:1c:e9:36:bd:79:cc:0b:f7:95:
6b:e7:71:37:60:ce:d9:05:5b:64:31:66:ec:a5:02:
a7:5b:9c:10:2e:0e:13:42:3a:c9:96:36:1f:9a:5d:
6a:13:b9:c4:d0:82:de:43:18:23:27:dc:13:93:21:
10:70:14:75:91:c5:cb:47:55:24:b4:b6:2b:66:00:
e5:2a:2a:90:ca:3a:13:3c:93:13:e2:f6:1c:e3:3e:
29:31:da:ee:3e:72:a6:d1:fb:b3:92:ee:c7:85:ce:
0b:9c:3a:06:87:d3:23:56:c7:5b:ce:bb:c9:aa:0e:
25:2e:42:dc:88:70:dd:e7:a0:0e:59:f3:bb:48:a4:
79:02:51:21:cb:4f:1e:4e:af:92:e1:31:4e:c1:b7:
9a:f5:72:e8:ed:c4:fd:07:c4:32:34:27:e4:ca:6c:
91:9a:86:44:4b:05:28:09:da:88:7f:cd:79:c0:f3:
ea:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:EE:F4:41:3F:28:C5:04:87:F7:BB:8C:CF:2A:DE:CB:78:C2:E6:66
X509v3 Authority Key Identifier:
keyid:5E:77:44:67:E2:18:49:52:49:43:D2:BD:45:90:10:72:0F:3E:20:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1e:d0:bd:66:24:1b:dd:48:c8:43:1a:85:cb:a6:63:b3:8d:09:
10:27:dc:df:d6:fc:e2:4e:7b:bf:dd:2d:13:05:d6:cf:96:24:
f1:3b:38:ec:22:73:cb:48:bc:26:f1:e8:1b:8d:d5:fc:14:3c:
5d:da:26:c9:77:74:a3:a8:77:81:9c:5b:59:ef:ac:51:32:fc:
ef:50:60:22:c3:c1:49:cb:6c:9a:b1:f4:a2:e8:77:f5:6d:54:
6f:7f:ce:8a:fa:8d:6b:d5:4c:6f:c6:ab:3e:db:4c:6c:20:fa:
fd:92:d1:96:ff:a7:c3:24:a1:63:a2:cb:5d:de:c0:14:34:4a:
52:64:c4:7e:e3:db:b2:1e:45:25:ca:58:15:01:0b:a9:6d:98:
77:f1:76:5f:c6:0a:9e:83:76:fc:d9:cd:a4:24:86:3c:28:33:
ba:d1:8a:ad:49:b1:27:ac:0e:59:cb:2c:81:da:6c:66:79:c0:
4c:18:32:9d:0f:c4:87:45:d3:a3:76:3c:61:eb:b1:70:21:fb:
bc:26:62:86:9d:e9:23:7b:a4:0a:62:d3:19:a0:09:d5:f6:cf:
53:d1:42:ad:0a:53:38:89:0a:ff:c1:90:65:78:92:9f:d1:fd:
bb:dd:b8:cc:e9:7c:9a:58:8b:3b:d7:bc:23:5d:f6:21:e1:76:
4f:e8:80:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n4CtRRx1giThH1f1PkRDMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNzc0NDY3ZTIxODQ5NTI0OTQzZDJiZDQ1OTAxMDcyMGYz
ZTIwZTQwHhcNMjYwMzI2MDIwMTM1WhcNMjYwMzI3MDIwMTM1WjAzMTEwLwYDVQQD
EyhmOGVlZjQ0MTNmMjhjNTA0ODdmN2JiOGNjZjJhZGVjYjc4YzJlNjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLEA8OhWYJ6dWh4Zvo4UrdlFBwWv
bfY/DGx7wHV1h9gGVRb6v7pM6Q0KgklsG5ew1kTiyw0TAF8fScDLB/9oWE698+5P
pZz6/DzPbUKiV24c6Ta9ecwL95Vr53E3YM7ZBVtkMWbspQKnW5wQLg4TQjrJljYf
ml1qE7nE0ILeQxgjJ9wTkyEQcBR1kcXLR1UktLYrZgDlKiqQyjoTPJMT4vYc4z4p
MdruPnKm0fuzku7Hhc4LnDoGh9MjVsdbzrvJqg4lLkLciHDd56AOWfO7SKR5AlEh
y08eTq+S4TFOwbea9XLo7cT9B8QyNCfkymyRmoZESwUoCdqIf815wPPqCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPju9EE/KMUEh/e7jM8q3st4wuZmMB8GA1UdIwQY
MBaAFF53RGfiGElSSUPSvUWQEHIPPiDkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWG5kRVotSVlTVkpKUTlLOVJaQVFjZzgtSU9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8yMGEyMmYtMjBmYS00ZDk4LThiMDMt
YWE0MDA1MzJkYWViLzEvWG5kRVotSVlTVkpKUTlLOVJaQVFjZzgtSU9RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8yMGEyMmYtMjBmYS00ZDk4LThiMDMtYWE0MDA1MzJkYWVi
LzEvWG5kRVotSVlTVkpKUTlLOVJaQVFjZzgtSU9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHtC9ZiQb
3UjIQxqFy6Zjs40JECfc39b84k57v90tEwXWz5Yk8Ts47CJzy0i8JvHoG43V/BQ8
XdomyXd0o6h3gZxbWe+sUTL871BgIsPBSctsmrH0ouh39W1Ub3/OivqNa9VMb8ar
PttMbCD6/ZLRlv+nwyShY6LLXd7AFDRKUmTEfuPbsh5FJcpYFQELqW2Yd/F2X8YK
noN2/NnNpCSGPCgzutGKrUmxJ6wOWcssgdpsZnnATBgynQ/Eh0XTo3Y8YeuxcCH7
vCZihp3pI3ukCmLTGaAJ1fbPU9FCrQpTOIkK/8GQZXiSn9H9u924zOl8mliLO9e8
I132IeF2T+iA5A==
-----END CERTIFICATE-----
Generated at Thu Mar 26 12:56:40 2026 by rpki-client