Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/3ef921-29ed-40cf-b454-4c2acb78309e/1/Xk8aMqN-CDkAq6VhcI5SqyNOOjg.mft
File: Xk8aMqN-CDkAq6VhcI5SqyNOOjg.mft (raw, json)
Hash identifier: 41a85jnD58E5uYXPIZS7IBBp6sJGuFABa8iimSQIE4A=
Subject key identifier: 08:F9:ED:5B:52:AF:5C:2F:F1:25:38:21:86:71:F8:AB:75:46:17:BA
Authority key identifier: 5E:4F:1A:32:A3:7E:08:39:00:AB:A5:61:70:8E:52:AB:23:4E:3A:38
Certificate issuer: /CN=5e4f1a32a37e083900aba561708e52ab234e3a38
Certificate serial: 019D33E417DF6390EC9A79DC43555152F21D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xk8aMqN-CDkAq6VhcI5SqyNOOjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/3ef921-29ed-40cf-b454-4c2acb78309e/1/Xk8aMqN-CDkAq6VhcI5SqyNOOjg.mft
Manifest number: 084B
Signing time: Sat 28 Mar 2026 10:01:19 +0000
Manifest this update: Sat 28 Mar 2026 10:01:19 +0000
Manifest next update: Sun 29 Mar 2026 10:01:19 +0000
Files and hashes: 1: LI8mfoguQg_wE6aQfHZYVjBGEwA.roa (hash: ZNCQmm2JmdPCyWjwNoC7wMjJStghkA3kdN5AbD7KwIA=)
2: Xk8aMqN-CDkAq6VhcI5SqyNOOjg.crl (hash: IXWHCjH8KXjxIdqARBXx/SNiaJXejV0rNvFQO7HKYxQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/3ef921-29ed-40cf-b454-4c2acb78309e/1/Xk8aMqN-CDkAq6VhcI5SqyNOOjg.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/3ef921-29ed-40cf-b454-4c2acb78309e/1/Xk8aMqN-CDkAq6VhcI5SqyNOOjg.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xk8aMqN-CDkAq6VhcI5SqyNOOjg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 10:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:33:e4:17:df:63:90:ec:9a:79:dc:43:55:51:52:f2:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e4f1a32a37e083900aba561708e52ab234e3a38
Validity
Not Before: Mar 28 10:01:19 2026 GMT
Not After : Mar 29 10:01:19 2026 GMT
Subject: CN=08f9ed5b52af5c2ff12538218671f8ab754617ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:72:60:57:bc:68:10:d1:fd:9c:d2:36:c2:2c:
48:c0:23:6e:75:8d:17:51:e9:82:32:8c:e4:ca:f9:
60:bd:7b:05:9d:08:d7:08:d0:71:be:c0:d9:ab:3b:
b0:bb:18:c9:75:3e:f1:a8:8c:e1:f4:ce:2e:fa:34:
e6:6e:06:c9:4a:35:15:22:9a:55:3c:36:7f:71:56:
24:7e:79:fb:16:93:b3:8e:2a:1c:28:20:95:18:ab:
e8:09:c7:ce:0f:e5:2c:1d:00:9d:51:db:83:b5:1f:
62:71:d2:3b:51:30:ed:ae:57:10:e2:25:9c:4f:0f:
19:00:13:82:50:9d:73:91:93:97:f7:e4:d1:2c:61:
ba:c9:92:57:89:4e:65:54:39:e4:fb:ac:2c:cc:cd:
ec:8c:7f:79:aa:ed:ee:83:77:e9:6e:f3:82:29:90:
0d:23:3c:3a:fd:2e:bb:4e:e0:df:be:de:da:4b:d7:
3c:8a:8e:1a:8a:12:dd:7c:12:4f:d6:f6:ef:be:26:
1c:91:45:9a:77:b4:4e:98:78:1b:72:27:45:de:af:
d3:04:38:f6:9d:e5:4a:0f:27:c1:1c:3a:52:7e:78:
0b:58:f5:9f:a1:3f:95:f5:df:f2:50:03:d7:fe:73:
36:33:8c:31:ef:ef:31:80:48:09:74:fc:a9:7d:90:
14:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:F9:ED:5B:52:AF:5C:2F:F1:25:38:21:86:71:F8:AB:75:46:17:BA
X509v3 Authority Key Identifier:
keyid:5E:4F:1A:32:A3:7E:08:39:00:AB:A5:61:70:8E:52:AB:23:4E:3A:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xk8aMqN-CDkAq6VhcI5SqyNOOjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/3ef921-29ed-40cf-b454-4c2acb78309e/1/Xk8aMqN-CDkAq6VhcI5SqyNOOjg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/3ef921-29ed-40cf-b454-4c2acb78309e/1/Xk8aMqN-CDkAq6VhcI5SqyNOOjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1f:c9:52:e8:38:f3:b2:56:3e:41:de:6b:52:a3:7b:77:9e:1d:
2d:88:51:59:7f:0b:f5:c7:21:f9:a8:01:99:f8:28:9f:8b:21:
fe:84:d3:92:36:f0:ac:6a:31:8f:c9:3f:d0:42:64:31:09:1c:
c6:24:35:e1:6c:04:b6:1e:bc:1d:aa:ef:3f:13:18:9b:df:f5:
55:f2:6b:9c:9a:62:d6:90:e2:06:8a:57:b1:b1:44:4b:f0:4f:
22:0f:60:36:3f:90:35:82:d3:26:2e:30:06:cc:76:41:a1:4d:
82:69:2f:7f:d9:a5:e6:3b:f4:1c:c1:01:31:2a:a3:cc:36:c5:
87:f7:f3:be:d9:ff:57:35:ce:3b:f9:d6:5f:d4:3b:19:2d:75:
0a:7e:f3:61:1c:63:42:8b:50:3f:5d:39:45:dc:f7:55:2c:c8:
e5:65:6e:59:70:8d:e6:a5:b3:64:7b:a9:d3:f1:d8:0f:47:32:
98:18:df:23:dc:36:1a:8c:1c:73:79:e4:75:76:1f:a0:56:c5:
07:bb:f7:6b:94:98:09:1b:01:32:37:2c:e3:cc:29:b1:36:97:
3a:aa:b7:b9:35:60:e3:61:65:26:1e:a1:7a:3a:e4:84:fa:ca:
e5:1d:f5:da:71:25:99:75:29:c4:cb:e7:1d:0e:64:64:b4:51:
de:d8:c7:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0z5BffY5DsmnncQ1VRUvIdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNGYxYTMyYTM3ZTA4MzkwMGFiYTU2MTcwOGU1MmFiMjM0
ZTNhMzgwHhcNMjYwMzI4MTAwMTE5WhcNMjYwMzI5MTAwMTE5WjAzMTEwLwYDVQQD
EygwOGY5ZWQ1YjUyYWY1YzJmZjEyNTM4MjE4NjcxZjhhYjc1NDYxN2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXJgV7xoENH9nNI2wixIwCNudY0X
UemCMozkyvlgvXsFnQjXCNBxvsDZqzuwuxjJdT7xqIzh9M4u+jTmbgbJSjUVIppV
PDZ/cVYkfnn7FpOzjiocKCCVGKvoCcfOD+UsHQCdUduDtR9icdI7UTDtrlcQ4iWc
Tw8ZABOCUJ1zkZOX9+TRLGG6yZJXiU5lVDnk+6wszM3sjH95qu3ug3fpbvOCKZAN
Izw6/S67TuDfvt7aS9c8io4aihLdfBJP1vbvviYckUWad7ROmHgbcidF3q/TBDj2
neVKDyfBHDpSfngLWPWfoT+V9d/yUAPX/nM2M4wx7+8xgEgJdPypfZAUlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAj57VtSr1wv8SU4IYZx+Kt1Rhe6MB8GA1UdIwQY
MBaAFF5PGjKjfgg5AKulYXCOUqsjTjo4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGs4YU1xTi1DRGtBcTZWaGNJNVNxeU5PT2pnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8zZWY5MjEtMjllZC00MGNmLWI0NTQt
NGMyYWNiNzgzMDllLzEvWGs4YU1xTi1DRGtBcTZWaGNJNVNxeU5PT2pnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8zZWY5MjEtMjllZC00MGNmLWI0NTQtNGMyYWNiNzgzMDll
LzEvWGs4YU1xTi1DRGtBcTZWaGNJNVNxeU5PT2pnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH8lS6Djz
slY+Qd5rUqN7d54dLYhRWX8L9cch+agBmfgon4sh/oTTkjbwrGoxj8k/0EJkMQkc
xiQ14WwEth68HarvPxMYm9/1VfJrnJpi1pDiBopXsbFES/BPIg9gNj+QNYLTJi4w
Bsx2QaFNgmkvf9ml5jv0HMEBMSqjzDbFh/fzvtn/VzXOO/nWX9Q7GS11Cn7zYRxj
QotQP105Rdz3VSzI5WVuWXCN5qWzZHup0/HYD0cymBjfI9w2Gowcc3nkdXYfoFbF
B7v3a5SYCRsBMjcs48wpsTaXOqq3uTVg42FlJh6hejrkhPrK5R312nElmXUpxMvn
HQ5kZLRR3tjHCg==
-----END CERTIFICATE-----
Generated at Sat Mar 28 17:35:01 2026 by rpki-client