Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/32f8d3-7328-45f0-a007-402238638ea3/1/Xx8hO4x5K34BP6UEH1uJlx5vYtY.mft
File: Xx8hO4x5K34BP6UEH1uJlx5vYtY.mft (raw, json)
Hash identifier: kzAoJ87jIGe3aq++8V7m2yUh8Mf5T0r9jyJ26nRdt9E=
Subject key identifier: 74:33:65:BA:54:5F:F2:41:6A:D6:73:BC:88:CD:FC:97:BD:89:4A:6B
Authority key identifier: 5F:1F:21:3B:8C:79:2B:7E:01:3F:A5:04:1F:5B:89:97:1E:6F:62:D6
Certificate issuer: /CN=5f1f213b8c792b7e013fa5041f5b89971e6f62d6
Certificate serial: 019D28BBAD8B5C5EE1F4745C0EC60FCE340A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xx8hO4x5K34BP6UEH1uJlx5vYtY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/32f8d3-7328-45f0-a007-402238638ea3/1/Xx8hO4x5K34BP6UEH1uJlx5vYtY.mft
Manifest number: 0D79
Signing time: Thu 26 Mar 2026 06:01:21 +0000
Manifest this update: Thu 26 Mar 2026 06:01:21 +0000
Manifest next update: Fri 27 Mar 2026 06:01:21 +0000
Files and hashes: 1: RrwlRSSdwln9HbzArcN9f7ThR9c.roa (hash: Ic3y0/hXv+5FL5zNAqt7WX+ncQH0cGC5wuQsjbsXF7I=)
2: Xx8hO4x5K34BP6UEH1uJlx5vYtY.crl (hash: YmV4zRDVUmejjxbdqfN4cILmWNaH+yqMfe0P840W3jQ=)
3: fWpL_ta7aXoIKT8lwYmDL0nQegU.roa (hash: r+7J0jRgrAdlkGpSk5T7jtJhr78GxAY9zYWBhS85+uQ=)
4: l5tw0iDO7abT_AibKjZJaQ4nwWc.roa (hash: r+71S+WnEwowT4NhvO1eI4eYiERh6tzaeOlSbc80Img=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/32f8d3-7328-45f0-a007-402238638ea3/1/Xx8hO4x5K34BP6UEH1uJlx5vYtY.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/32f8d3-7328-45f0-a007-402238638ea3/1/Xx8hO4x5K34BP6UEH1uJlx5vYtY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xx8hO4x5K34BP6UEH1uJlx5vYtY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 06:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:bb:ad:8b:5c:5e:e1:f4:74:5c:0e:c6:0f:ce:34:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f1f213b8c792b7e013fa5041f5b89971e6f62d6
Validity
Not Before: Mar 26 06:01:21 2026 GMT
Not After : Mar 27 06:01:21 2026 GMT
Subject: CN=743365ba545ff2416ad673bc88cdfc97bd894a6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:0f:ea:66:11:65:c6:97:b9:f3:11:e3:e4:2d:
66:d7:61:f5:26:87:b8:d9:5c:32:7d:0e:0e:71:da:
08:1e:ca:49:1b:83:4a:3f:fd:48:1c:12:49:0d:2a:
7a:cb:d0:83:ca:7d:11:dc:d5:fc:34:96:56:23:12:
77:3b:ab:40:2e:1d:7b:38:a7:36:74:8f:c1:f9:0b:
4c:ff:ad:f4:f4:04:f3:b7:e0:d8:0f:b4:1b:95:25:
27:96:87:e7:bf:47:79:dc:0a:a2:c0:36:7f:30:74:
2b:80:14:75:22:88:5d:2e:4d:b5:81:bf:5b:46:42:
4e:dc:11:e6:93:72:bc:ed:10:73:3b:49:3a:64:25:
4d:e9:a0:fd:5f:33:a1:6b:1d:90:78:80:e5:7a:44:
b3:63:e1:fd:e0:fc:16:e6:17:63:4f:b0:a1:eb:fe:
6f:a8:43:9b:e4:44:c2:6b:15:52:7a:f9:b3:ff:97:
a9:1d:ae:c8:85:79:d7:13:27:cb:41:82:a4:7f:40:
11:d8:15:7b:60:2c:ce:2c:66:fd:65:e2:90:3a:86:
8a:41:91:8a:d5:71:48:bc:5c:70:01:ba:e4:11:c4:
24:a9:92:df:68:67:0d:4f:12:92:8d:df:c4:26:a6:
81:94:c2:d0:60:f8:da:05:9b:19:43:bf:04:d8:e5:
ac:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:33:65:BA:54:5F:F2:41:6A:D6:73:BC:88:CD:FC:97:BD:89:4A:6B
X509v3 Authority Key Identifier:
keyid:5F:1F:21:3B:8C:79:2B:7E:01:3F:A5:04:1F:5B:89:97:1E:6F:62:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xx8hO4x5K34BP6UEH1uJlx5vYtY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/32f8d3-7328-45f0-a007-402238638ea3/1/Xx8hO4x5K34BP6UEH1uJlx5vYtY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/32f8d3-7328-45f0-a007-402238638ea3/1/Xx8hO4x5K34BP6UEH1uJlx5vYtY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7b:d8:ff:24:bb:b7:bc:68:46:4f:33:68:d8:e8:49:36:36:4e:
ce:a5:d1:3b:3f:07:7d:23:2a:9e:a5:84:86:65:c0:52:4a:a5:
cd:56:16:11:8e:20:42:41:62:2c:d4:4c:10:81:3f:a1:47:3d:
aa:11:07:1a:70:84:2e:1f:16:d7:d2:01:4d:4d:9f:c5:22:c9:
ed:39:1e:70:32:c5:06:54:93:2d:bb:c4:df:e3:d1:ac:7f:ad:
1b:42:b6:3e:81:7e:57:3a:28:08:76:92:f5:15:46:9c:b6:76:
84:29:24:95:59:01:c5:b2:fa:34:3e:90:17:c3:3f:22:6b:7a:
38:14:15:c4:f2:ee:a8:f6:bf:92:4d:0a:1c:10:c4:de:b6:e2:
9a:04:6c:ac:e4:71:a1:da:05:ee:7c:f5:ae:b9:35:3c:cc:66:
40:9f:22:fd:5d:ec:21:62:dc:88:5f:e1:24:ea:a0:70:25:f0:
72:a7:be:6f:04:f1:e1:89:4f:0f:01:8d:8d:a0:c4:bf:1c:57:
33:9c:3e:ed:10:34:c9:53:19:9d:4c:0d:c5:01:12:c1:2c:cb:
3e:63:b6:28:2c:93:ac:79:7c:31:90:0e:b9:c4:94:b2:7a:a3:
d9:3f:58:a1:84:fc:5f:2e:07:15:f5:80:b7:bf:85:64:31:38:
bf:50:f1:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ou62LXF7h9HRcDsYPzjQKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMWYyMTNiOGM3OTJiN2UwMTNmYTUwNDFmNWI4OTk3MWU2
ZjYyZDYwHhcNMjYwMzI2MDYwMTIxWhcNMjYwMzI3MDYwMTIxWjAzMTEwLwYDVQQD
Eyg3NDMzNjViYTU0NWZmMjQxNmFkNjczYmM4OGNkZmM5N2JkODk0YTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQ/qZhFlxpe58xHj5C1m12H1Joe4
2VwyfQ4OcdoIHspJG4NKP/1IHBJJDSp6y9CDyn0R3NX8NJZWIxJ3O6tALh17OKc2
dI/B+QtM/6309ATzt+DYD7QblSUnlofnv0d53AqiwDZ/MHQrgBR1IohdLk21gb9b
RkJO3BHmk3K87RBzO0k6ZCVN6aD9XzOhax2QeIDlekSzY+H94PwW5hdjT7Ch6/5v
qEOb5ETCaxVSevmz/5epHa7IhXnXEyfLQYKkf0AR2BV7YCzOLGb9ZeKQOoaKQZGK
1XFIvFxwAbrkEcQkqZLfaGcNTxKSjd/EJqaBlMLQYPjaBZsZQ78E2OWsGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHQzZbpUX/JBatZzvIjN/Je9iUprMB8GA1UdIwQY
MBaAFF8fITuMeSt+AT+lBB9biZceb2LWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHg4aE80eDVLMzRCUDZVRUgxdUpseDV2WXRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zMmY4ZDMtNzMyOC00NWYwLWEwMDct
NDAyMjM4NjM4ZWEzLzEvWHg4aE80eDVLMzRCUDZVRUgxdUpseDV2WXRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zMmY4ZDMtNzMyOC00NWYwLWEwMDctNDAyMjM4NjM4ZWEz
LzEvWHg4aE80eDVLMzRCUDZVRUgxdUpseDV2WXRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe9j/JLu3
vGhGTzNo2OhJNjZOzqXROz8HfSMqnqWEhmXAUkqlzVYWEY4gQkFiLNRMEIE/oUc9
qhEHGnCELh8W19IBTU2fxSLJ7TkecDLFBlSTLbvE3+PRrH+tG0K2PoF+VzooCHaS
9RVGnLZ2hCkklVkBxbL6ND6QF8M/Imt6OBQVxPLuqPa/kk0KHBDE3rbimgRsrORx
odoF7nz1rrk1PMxmQJ8i/V3sIWLciF/hJOqgcCXwcqe+bwTx4YlPDwGNjaDEvxxX
M5w+7RA0yVMZnUwNxQESwSzLPmO2KCyTrHl8MZAOucSUsnqj2T9YoYT8Xy4HFfWA
t7+FZDE4v1DxLw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 17:37:50 2026 by rpki-client