Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft
File: XasLCOUfgYIkYp-zohHYPVvjVEA.mft (raw, json)
Hash identifier: YXRhPw2zovj1xLFYxVa1Oilzd5jCmS0t9K6WGZ7KdUk=
Subject key identifier: 2A:CC:3B:3E:7D:20:FE:9A:A2:55:F6:CD:AC:C8:BA:2B:52:B8:D6:26
Authority key identifier: 5D:AB:0B:08:E5:1F:81:82:24:62:9F:B3:A2:11:D8:3D:5B:E3:54:40
Certificate issuer: /CN=5dab0b08e51f818224629fb3a211d83d5be35440
Certificate serial: 019D26CD83C34AAED9CC7A3CB5A54510AA59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft
Manifest number: 1694
Signing time: Wed 25 Mar 2026 21:01:35 +0000
Manifest this update: Wed 25 Mar 2026 21:01:35 +0000
Manifest next update: Thu 26 Mar 2026 21:01:35 +0000
Files and hashes: 1: HdxQx8q8ZBcZded3E8nmTrSkgmE.roa (hash: me4VXnxn0oOOrXZ4tjj+/iKQpTq2YIw30gSY0JjN42A=)
2: XasLCOUfgYIkYp-zohHYPVvjVEA.crl (hash: ItTG2e5quM4xiilYPK8oPDiQ6lLIDDeu9CEt6dbSVoI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft
rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 21:01:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:cd:83:c3:4a:ae:d9:cc:7a:3c:b5:a5:45:10:aa:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dab0b08e51f818224629fb3a211d83d5be35440
Validity
Not Before: Mar 25 21:01:35 2026 GMT
Not After : Mar 26 21:01:35 2026 GMT
Subject: CN=2acc3b3e7d20fe9aa255f6cdacc8ba2b52b8d626
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:01:6c:6e:24:4d:35:30:42:2a:7e:40:f7:78:
a2:a3:5e:78:95:31:b5:ff:0e:bb:50:d2:22:01:8b:
d6:e3:40:99:b0:63:d5:25:20:e0:8e:73:11:83:a5:
b0:1d:d8:60:a9:3d:25:31:2a:c5:88:24:7d:72:f8:
da:53:cb:f5:28:04:d3:c8:d9:7f:c6:ae:ad:88:1b:
74:de:6d:f1:79:9e:a4:2e:78:6f:28:ba:96:70:96:
7d:26:0c:c4:d2:17:ab:58:d3:16:e2:ca:ee:8a:31:
36:48:d3:57:24:f0:b0:7b:3b:a4:40:59:79:70:5a:
4a:0e:0c:29:39:42:3e:f1:77:21:59:f2:86:e1:b8:
08:dc:cc:2c:13:f5:7b:73:d1:e1:12:35:6e:66:bb:
ca:c1:58:01:fe:43:7c:69:96:a1:5f:7e:82:26:84:
5f:44:a3:b4:34:e1:ac:69:75:a8:33:e8:e5:8d:d0:
38:9d:c6:e0:96:fd:d1:27:5a:17:19:3b:26:c9:63:
be:a3:e2:3b:98:1c:1e:06:a9:7c:81:6f:54:cb:23:
ea:32:2b:dc:92:14:52:6c:3a:e1:47:7c:60:99:83:
ca:35:61:bc:73:67:4e:37:ab:80:41:25:72:39:0b:
4b:13:43:00:d8:d1:a1:ee:9e:21:93:70:c5:12:e6:
50:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:CC:3B:3E:7D:20:FE:9A:A2:55:F6:CD:AC:C8:BA:2B:52:B8:D6:26
X509v3 Authority Key Identifier:
keyid:5D:AB:0B:08:E5:1F:81:82:24:62:9F:B3:A2:11:D8:3D:5B:E3:54:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
89:8b:d8:80:80:a4:74:10:31:4d:41:5d:8a:99:e5:2b:00:6a:
0d:fb:bd:78:a6:e3:e2:d5:97:10:b0:a8:2a:c9:3d:09:34:ad:
a4:9f:50:a9:9e:6b:e8:e5:90:6e:f4:70:0e:b5:c9:b0:bd:8b:
c9:2d:07:36:c5:11:c8:65:b0:bb:8a:4a:cf:3f:2e:6a:fc:30:
2e:e5:c0:08:bf:21:46:76:89:6c:c2:07:ec:a6:e7:09:f7:9d:
a6:93:c0:65:f4:a5:04:c4:2d:61:48:4e:b0:77:1e:62:20:37:
46:a3:be:c5:ee:15:51:98:e0:73:b0:1f:9e:83:4d:16:3e:d0:
48:15:ae:46:68:8b:8e:60:1a:1f:07:d9:c3:44:37:00:a8:54:
e8:7a:55:47:c7:4f:23:49:4d:2a:72:fb:69:9c:d7:85:38:85:
63:8b:5c:6b:e0:aa:f5:d2:10:9c:49:03:d4:24:75:e1:55:09:
5a:fc:4a:37:75:4d:1e:e4:8e:52:b3:6f:2a:d3:32:26:a2:75:
01:eb:2e:a7:94:28:59:0c:8f:8a:65:25:c0:93:7a:87:4a:8c:
45:2b:0d:e3:52:06:8f:69:99:93:64:dc:c1:18:fc:45:85:a7:
e7:8d:7c:58:e6:f4:c7:cf:52:2d:34:d2:0d:79:d6:27:27:ce:
4d:37:34:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mzYPDSq7ZzHo8taVFEKpZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYWIwYjA4ZTUxZjgxODIyNDYyOWZiM2EyMTFkODNkNWJl
MzU0NDAwHhcNMjYwMzI1MjEwMTM1WhcNMjYwMzI2MjEwMTM1WjAzMTEwLwYDVQQD
EygyYWNjM2IzZTdkMjBmZTlhYTI1NWY2Y2RhY2M4YmEyYjUyYjhkNjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQFsbiRNNTBCKn5A93iio154lTG1
/w67UNIiAYvW40CZsGPVJSDgjnMRg6WwHdhgqT0lMSrFiCR9cvjaU8v1KATTyNl/
xq6tiBt03m3xeZ6kLnhvKLqWcJZ9JgzE0herWNMW4sruijE2SNNXJPCwezukQFl5
cFpKDgwpOUI+8XchWfKG4bgI3MwsE/V7c9HhEjVuZrvKwVgB/kN8aZahX36CJoRf
RKO0NOGsaXWoM+jljdA4ncbglv3RJ1oXGTsmyWO+o+I7mBweBql8gW9UyyPqMivc
khRSbDrhR3xgmYPKNWG8c2dON6uAQSVyOQtLE0MA2NGh7p4hk3DFEuZQvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCrMOz59IP6aolX2zazIuitSuNYmMB8GA1UdIwQY
MBaAFF2rCwjlH4GCJGKfs6IR2D1b41RAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9lNjIwODktYjk4YS00ZmRkLTljNGUt
NjI3ODkxODJhMGYzLzEvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9lNjIwODktYjk4YS00ZmRkLTljNGUtNjI3ODkxODJhMGYz
LzEvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiYvYgICk
dBAxTUFdipnlKwBqDfu9eKbj4tWXELCoKsk9CTStpJ9QqZ5r6OWQbvRwDrXJsL2L
yS0HNsURyGWwu4pKzz8uavwwLuXACL8hRnaJbMIH7KbnCfedppPAZfSlBMQtYUhO
sHceYiA3RqO+xe4VUZjgc7AfnoNNFj7QSBWuRmiLjmAaHwfZw0Q3AKhU6HpVR8dP
I0lNKnL7aZzXhTiFY4tca+Cq9dIQnEkD1CR14VUJWvxKN3VNHuSOUrNvKtMyJqJ1
Aesup5QoWQyPimUlwJN6h0qMRSsN41IGj2mZk2TcwRj8RYWn5418WOb0x89SLTTS
DXnWJyfOTTc0yg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 03:34:08 2026 by rpki-client