Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.mft
File: XGGrSm35u5XP3orwdmaKWVs0HeE.mft (raw, json)
Hash identifier: nLBnqsP6wKpu6Xy3VnPFpME58wuMsIYE3UgobMQnIIo=
Subject key identifier: 85:E3:DD:54:38:AA:02:AA:0E:2C:C0:A9:EC:F0:4C:A9:6B:7B:A9:3D
Authority key identifier: 5C:61:AB:4A:6D:F9:BB:95:CF:DE:8A:F0:76:66:8A:59:5B:34:1D:E1
Certificate issuer: /CN=5c61ab4a6df9bb95cfde8af076668a595b341de1
Certificate serial: 019D27A8749CC85D63472656F8012EC3CA1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGGrSm35u5XP3orwdmaKWVs0HeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.mft
Manifest number: 056E
Signing time: Thu 26 Mar 2026 01:00:44 +0000
Manifest this update: Thu 26 Mar 2026 01:00:44 +0000
Manifest next update: Fri 27 Mar 2026 01:00:44 +0000
Files and hashes: 1: XGGrSm35u5XP3orwdmaKWVs0HeE.crl (hash: IJ+V/oH2LB+0RA21JzXMxdqY0wfSCI527/SJlppdIEI=)
2: d9ad6eSfGOCAtJCyfx5T80LXc84.roa (hash: l8TnxH7nYsbi9OkxC5kgX4fiX1lQ108inFjyeEj/BH0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.mft
rsync://rpki.ripe.net/repository/DEFAULT/XGGrSm35u5XP3orwdmaKWVs0HeE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:a8:74:9c:c8:5d:63:47:26:56:f8:01:2e:c3:ca:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c61ab4a6df9bb95cfde8af076668a595b341de1
Validity
Not Before: Mar 26 01:00:44 2026 GMT
Not After : Mar 27 01:00:44 2026 GMT
Subject: CN=85e3dd5438aa02aa0e2cc0a9ecf04ca96b7ba93d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:f6:29:16:87:56:eb:a8:1e:77:77:3b:6f:ff:
42:93:49:52:fe:d8:8a:f7:6c:f3:c0:e6:07:91:f6:
45:1d:87:fd:67:82:3c:42:b1:d4:3b:9a:bc:40:1b:
d5:fe:72:f3:34:b8:59:a6:11:a8:e8:61:27:8f:6d:
49:0c:ae:62:4a:59:0b:70:06:7c:d2:b1:71:24:6e:
0f:af:e7:61:c3:75:24:2a:71:a1:03:cf:be:90:d1:
38:5b:04:c3:ea:5b:10:97:b3:e6:33:40:53:95:56:
5a:97:e4:1d:50:0e:b0:68:2b:6c:3c:06:28:1c:ac:
54:e4:bb:e9:0c:a8:78:b6:35:0d:ce:21:fb:c3:fb:
2f:15:7d:94:ba:ec:f9:ef:32:6f:7b:8a:e2:77:19:
2e:a0:38:86:b8:39:4f:f8:3c:50:b3:eb:a0:43:d0:
7f:3c:12:81:00:0b:3f:2c:51:93:e4:a6:fd:4f:bd:
43:22:1a:ba:25:0c:52:85:af:1e:66:ca:ff:79:1f:
7e:23:5b:67:c2:77:7f:1e:73:13:94:e1:d2:b4:33:
bb:7a:b4:62:cc:92:6e:81:97:f6:93:73:14:1e:2c:
96:d3:ec:e3:e6:e0:ab:cc:2e:9c:f5:db:76:ae:83:
4c:19:55:cf:4f:c1:a7:9a:a0:92:8a:49:cb:1f:d5:
79:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:E3:DD:54:38:AA:02:AA:0E:2C:C0:A9:EC:F0:4C:A9:6B:7B:A9:3D
X509v3 Authority Key Identifier:
keyid:5C:61:AB:4A:6D:F9:BB:95:CF:DE:8A:F0:76:66:8A:59:5B:34:1D:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGGrSm35u5XP3orwdmaKWVs0HeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7d:a7:b6:8c:95:84:8b:0e:9b:9c:86:cb:65:aa:33:38:be:dc:
a0:37:e7:15:ec:70:ee:0f:83:d0:6a:e1:ce:6e:50:c3:5d:10:
c2:7e:e7:f0:0b:61:d2:4e:eb:44:16:98:6e:5f:03:eb:3c:35:
6c:59:d6:fc:c7:d0:ad:e3:54:89:be:d9:38:e7:b5:b4:ff:59:
21:aa:5d:47:61:a1:85:72:bd:41:7a:de:b2:97:92:e7:aa:0d:
be:3d:a8:4c:2f:33:20:e6:d9:48:77:85:c4:ac:66:15:7c:63:
0e:ae:76:26:e9:ee:9f:4f:2b:9b:da:69:c2:07:7e:2f:c2:8b:
70:26:86:f7:59:87:ce:d5:98:b7:dd:27:ec:ef:29:7f:ef:62:
26:c2:42:1a:0b:0b:59:43:34:cf:27:42:39:65:80:3d:3b:fe:
95:95:f0:5a:02:7c:db:45:ee:19:bc:d9:a0:b7:d0:e9:b4:02:
de:dc:7b:b8:10:8f:95:f4:6e:33:73:18:d5:6d:4a:c8:60:42:
d0:ca:75:6c:1f:1a:77:db:ec:7a:0e:2b:0f:0d:30:50:cf:f0:
05:96:8e:7b:3b:f3:69:59:f0:94:81:15:cc:c2:58:93:d9:e7:
32:1e:1e:95:e9:89:af:38:87:1b:3f:e0:60:b1:a8:42:d9:c9:
d0:2e:20:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nqHScyF1jRyZW+AEuw8oaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNjFhYjRhNmRmOWJiOTVjZmRlOGFmMDc2NjY4YTU5NWIz
NDFkZTEwHhcNMjYwMzI2MDEwMDQ0WhcNMjYwMzI3MDEwMDQ0WjAzMTEwLwYDVQQD
Eyg4NWUzZGQ1NDM4YWEwMmFhMGUyY2MwYTllY2YwNGNhOTZiN2JhOTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPYpFodW66ged3c7b/9Ck0lS/tiK
92zzwOYHkfZFHYf9Z4I8QrHUO5q8QBvV/nLzNLhZphGo6GEnj21JDK5iSlkLcAZ8
0rFxJG4Pr+dhw3UkKnGhA8++kNE4WwTD6lsQl7PmM0BTlVZal+QdUA6waCtsPAYo
HKxU5LvpDKh4tjUNziH7w/svFX2Uuuz57zJve4ridxkuoDiGuDlP+DxQs+ugQ9B/
PBKBAAs/LFGT5Kb9T71DIhq6JQxSha8eZsr/eR9+I1tnwnd/HnMTlOHStDO7erRi
zJJugZf2k3MUHiyW0+zj5uCrzC6c9dt2roNMGVXPT8GnmqCSiknLH9V5twIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIXj3VQ4qgKqDizAqezwTKlre6k9MB8GA1UdIwQY
MBaAFFxhq0pt+buVz96K8HZmillbNB3hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEdHclNtMzV1NVhQM29yd2RtYUtXVnMwSGVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9mZDVhOTgtMjcyZi00MDc4LTk0OGQt
NmZhODY4OTIxZGZiLzEvWEdHclNtMzV1NVhQM29yd2RtYUtXVnMwSGVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9mZDVhOTgtMjcyZi00MDc4LTk0OGQtNmZhODY4OTIxZGZi
LzEvWEdHclNtMzV1NVhQM29yd2RtYUtXVnMwSGVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfae2jJWE
iw6bnIbLZaozOL7coDfnFexw7g+D0Grhzm5Qw10Qwn7n8Ath0k7rRBaYbl8D6zw1
bFnW/MfQreNUib7ZOOe1tP9ZIapdR2GhhXK9QXrespeS56oNvj2oTC8zIObZSHeF
xKxmFXxjDq52Junun08rm9ppwgd+L8KLcCaG91mHztWYt90n7O8pf+9iJsJCGgsL
WUM0zydCOWWAPTv+lZXwWgJ820XuGbzZoLfQ6bQC3tx7uBCPlfRuM3MY1W1KyGBC
0Mp1bB8ad9vseg4rDw0wUM/wBZaOezvzaVnwlIEVzMJYk9nnMh4elemJrziHGz/g
YLGoQtnJ0C4gZQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 07:19:03 2026 by rpki-client