Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/c7871c-51d9-463d-acb8-9b932ecd2ecc/1/xBK7PaZcqrUkhR74bOm6piB04e0.mft
File: xBK7PaZcqrUkhR74bOm6piB04e0.mft (raw, json)
Hash identifier: 2qnrXwb0bLD3OCvNceMPwrJlMV4+I5O+Z83VuLiNxq8=
Subject key identifier: BF:40:AA:32:56:59:4F:47:78:B7:91:08:D7:E9:0A:A8:91:59:E1:62
Authority key identifier: C4:12:BB:3D:A6:5C:AA:B5:24:85:1E:F8:6C:E9:BA:A6:20:74:E1:ED
Certificate issuer: /CN=c412bb3da65caab524851ef86ce9baa62074e1ed
Certificate serial: 019E1D595B82CA56E446D7D3FED8D88AFFA7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xBK7PaZcqrUkhR74bOm6piB04e0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/c7871c-51d9-463d-acb8-9b932ecd2ecc/1/xBK7PaZcqrUkhR74bOm6piB04e0.mft
Manifest number: 1902
Signing time: Tue 12 May 2026 18:00:55 +0000
Manifest this update: Tue 12 May 2026 18:00:55 +0000
Manifest next update: Wed 13 May 2026 18:00:55 +0000
Files and hashes: 1: sesfpS4vflQUJ0zHNMlqdR_eVFI.roa (hash: EeKCakHwf9lALKZ5zNCtLbT5f2osgE69W3ufAPv/OQY=)
2: xBK7PaZcqrUkhR74bOm6piB04e0.crl (hash: xi0lSIjMCBq0bAFUNA6sAWxr1EpqGxuH+LVhtSLEJN0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/c7871c-51d9-463d-acb8-9b932ecd2ecc/1/xBK7PaZcqrUkhR74bOm6piB04e0.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/c7871c-51d9-463d-acb8-9b932ecd2ecc/1/xBK7PaZcqrUkhR74bOm6piB04e0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xBK7PaZcqrUkhR74bOm6piB04e0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 18:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1d:59:5b:82:ca:56:e4:46:d7:d3:fe:d8:d8:8a:ff:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c412bb3da65caab524851ef86ce9baa62074e1ed
Validity
Not Before: May 12 18:00:55 2026 GMT
Not After : May 13 18:00:55 2026 GMT
Subject: CN=bf40aa3256594f4778b79108d7e90aa89159e162
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:dd:9c:eb:3c:f8:60:87:0c:4f:7a:5b:a0:3c:
36:13:60:d7:78:63:7f:33:ff:cf:dc:b3:fd:ba:cf:
b2:90:f8:81:5a:7c:1f:55:c3:6b:4c:da:1f:6a:fe:
14:68:19:ea:02:2a:91:e0:d0:27:65:2d:49:23:a9:
ac:19:55:05:b5:d1:61:93:79:54:86:6d:50:05:ac:
15:67:2b:fa:06:fd:c3:43:0e:67:4a:ab:a0:2b:43:
61:fe:df:dd:83:4d:94:02:92:b3:57:ba:24:aa:e1:
44:0c:f0:92:5c:16:95:53:bc:52:88:3f:80:f4:af:
00:28:5d:83:ff:80:90:11:72:f5:50:fa:2c:35:af:
a8:89:d4:ba:97:b5:21:33:cd:e8:74:fe:af:86:d4:
d0:ed:8f:e1:4e:5a:5c:19:d0:e7:dc:d5:68:23:a8:
b6:b3:1d:d0:a4:99:4b:26:3e:59:51:95:40:2c:29:
d2:59:cc:df:6b:06:a4:67:6a:af:d4:b8:07:30:0a:
e9:e6:16:6c:80:03:ca:35:d8:43:e8:81:8b:5f:8d:
a6:e4:04:3c:1e:8e:81:8a:ad:01:45:6f:8f:a8:d8:
a7:ee:49:03:c1:8a:3a:4b:b6:c3:9a:91:a6:9d:46:
8e:01:02:d3:e1:41:af:2c:88:b6:eb:d0:72:fc:66:
87:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:40:AA:32:56:59:4F:47:78:B7:91:08:D7:E9:0A:A8:91:59:E1:62
X509v3 Authority Key Identifier:
keyid:C4:12:BB:3D:A6:5C:AA:B5:24:85:1E:F8:6C:E9:BA:A6:20:74:E1:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBK7PaZcqrUkhR74bOm6piB04e0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c7871c-51d9-463d-acb8-9b932ecd2ecc/1/xBK7PaZcqrUkhR74bOm6piB04e0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c7871c-51d9-463d-acb8-9b932ecd2ecc/1/xBK7PaZcqrUkhR74bOm6piB04e0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
03:9e:1a:10:7c:3a:54:7e:06:ba:93:59:5f:c9:53:dd:41:f6:
ab:1d:aa:5f:67:df:c0:09:f5:cb:71:f2:7b:2e:1f:55:bf:83:
fc:7b:94:ba:fe:7e:dc:f2:5e:ee:8d:62:35:13:8b:3a:66:52:
61:e6:61:37:09:f7:6e:2a:85:c8:72:3d:b8:ec:a8:b8:3f:de:
e1:da:bd:57:ee:3d:00:54:cc:9e:89:b7:ab:70:d5:22:ea:74:
75:7a:1b:83:36:e9:38:53:94:9a:9d:02:46:0a:db:5b:85:23:
b2:e4:6e:b2:13:58:eb:ba:04:40:6c:29:37:28:e6:9b:cd:9c:
77:40:2d:bd:a5:bc:6d:ed:0b:23:53:46:ed:f5:cb:6e:c6:3c:
dc:f6:b4:fd:68:78:52:49:0a:4b:40:83:f0:f4:e4:4b:bb:51:
e7:8d:ac:24:ab:ab:b2:fe:c7:ca:2f:60:d6:60:24:48:5e:aa:
3f:94:c0:d8:48:79:59:f6:a2:0f:e7:a2:18:3b:b7:be:78:1f:
b1:4d:28:9d:70:b2:37:79:e0:c1:40:37:02:01:b9:1d:4e:8c:
d1:cc:95:68:6d:ee:3b:5c:f8:5b:ad:e3:f3:40:c4:37:19:f3:
98:53:5c:02:7b:bd:06:b4:f4:06:d5:d9:dd:d2:6d:c5:d0:c9:
b3:39:f5:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4dWVuCylbkRtfT/tjYiv+nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MTJiYjNkYTY1Y2FhYjUyNDg1MWVmODZjZTliYWE2MjA3
NGUxZWQwHhcNMjYwNTEyMTgwMDU1WhcNMjYwNTEzMTgwMDU1WjAzMTEwLwYDVQQD
EyhiZjQwYWEzMjU2NTk0ZjQ3NzhiNzkxMDhkN2U5MGFhODkxNTllMTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqd2c6zz4YIcMT3pboDw2E2DXeGN/
M//P3LP9us+ykPiBWnwfVcNrTNofav4UaBnqAiqR4NAnZS1JI6msGVUFtdFhk3lU
hm1QBawVZyv6Bv3DQw5nSqugK0Nh/t/dg02UApKzV7okquFEDPCSXBaVU7xSiD+A
9K8AKF2D/4CQEXL1UPosNa+oidS6l7UhM83odP6vhtTQ7Y/hTlpcGdDn3NVoI6i2
sx3QpJlLJj5ZUZVALCnSWczfawakZ2qv1LgHMArp5hZsgAPKNdhD6IGLX42m5AQ8
Ho6Biq0BRW+PqNin7kkDwYo6S7bDmpGmnUaOAQLT4UGvLIi269By/GaHRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL9AqjJWWU9HeLeRCNfpCqiRWeFiMB8GA1UdIwQY
MBaAFMQSuz2mXKq1JIUe+GzpuqYgdOHtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEJLN1BhWmNxclVraFI3NGJPbTZwaUIwNGUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9jNzg3MWMtNTFkOS00NjNkLWFjYjgt
OWI5MzJlY2QyZWNjLzEveEJLN1BhWmNxclVraFI3NGJPbTZwaUIwNGUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9jNzg3MWMtNTFkOS00NjNkLWFjYjgtOWI5MzJlY2QyZWNj
LzEveEJLN1BhWmNxclVraFI3NGJPbTZwaUIwNGUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA54aEHw6
VH4GupNZX8lT3UH2qx2qX2ffwAn1y3Hyey4fVb+D/HuUuv5+3PJe7o1iNROLOmZS
YeZhNwn3biqFyHI9uOyouD/e4dq9V+49AFTMnom3q3DVIup0dXobgzbpOFOUmp0C
RgrbW4UjsuRushNY67oEQGwpNyjmm82cd0AtvaW8be0LI1NG7fXLbsY83Pa0/Wh4
UkkKS0CD8PTkS7tR542sJKursv7Hyi9g1mAkSF6qP5TA2Eh5WfaiD+eiGDu3vngf
sU0onXCyN3ngwUA3AgG5HU6M0cyVaG3uO1z4W63j80DENxnzmFNcAnu9BrT0BtXZ
3dJtxdDJszn19w==
-----END CERTIFICATE-----
Generated at Wed May 13 03:39:17 2026 by rpki-client