Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/105433-83d9-412c-9fc4-1d51c468d556/1/XKn3Xcos07OTU-AwCzC6W2KXais.mft
File: XKn3Xcos07OTU-AwCzC6W2KXais.mft (raw, json)
Hash identifier: Sb8/wE2RHbxBdY/KVNe0mnsvyJ4GEEqjt5T9g+g32zM=
Subject key identifier: 69:35:8B:C6:9D:B0:C4:43:4D:BA:92:7B:2B:2E:72:3D:1C:B0:B0:B5
Authority key identifier: 5C:A9:F7:5D:CA:2C:D3:B3:93:53:E0:30:0B:30:BA:5B:62:97:6A:2B
Certificate issuer: /CN=5ca9f75dca2cd3b39353e0300b30ba5b62976a2b
Certificate serial: 019D2960DA0026B6D61A14CB163DF0F37D5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XKn3Xcos07OTU-AwCzC6W2KXais.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/105433-83d9-412c-9fc4-1d51c468d556/1/XKn3Xcos07OTU-AwCzC6W2KXais.mft
Manifest number: 0C11
Signing time: Thu 26 Mar 2026 09:01:46 +0000
Manifest this update: Thu 26 Mar 2026 09:01:46 +0000
Manifest next update: Fri 27 Mar 2026 09:01:46 +0000
Files and hashes: 1: O93rUG0ldryuh9-LYis7w6UfO1w.roa (hash: ojZEmISFm5RdmO2THEEsy3HBhCvY1rlDIunZCRL5byg=)
2: XKn3Xcos07OTU-AwCzC6W2KXais.crl (hash: XFU9f4tGX9zOWpfrUs1BKiNHidN1OL39o2uy49FWwSE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/105433-83d9-412c-9fc4-1d51c468d556/1/XKn3Xcos07OTU-AwCzC6W2KXais.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/105433-83d9-412c-9fc4-1d51c468d556/1/XKn3Xcos07OTU-AwCzC6W2KXais.mft
rsync://rpki.ripe.net/repository/DEFAULT/XKn3Xcos07OTU-AwCzC6W2KXais.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:60:da:00:26:b6:d6:1a:14:cb:16:3d:f0:f3:7d:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ca9f75dca2cd3b39353e0300b30ba5b62976a2b
Validity
Not Before: Mar 26 09:01:46 2026 GMT
Not After : Mar 27 09:01:46 2026 GMT
Subject: CN=69358bc69db0c4434dba927b2b2e723d1cb0b0b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a6:d9:d0:39:4e:eb:46:f8:e5:86:d3:c5:a9:
14:51:75:9a:b7:88:6e:5f:71:36:3f:a4:f9:e6:53:
82:fd:19:fd:ad:73:e9:be:e1:f3:ba:8a:8d:ad:bd:
a8:d1:98:f8:7c:0b:43:19:71:f0:c5:86:1f:25:de:
2c:50:d9:a3:21:33:df:e8:82:4e:f0:f1:88:f4:aa:
ee:2a:e1:9d:6c:71:4e:68:9b:d0:5d:c4:64:cf:53:
f8:25:b8:c7:33:bd:9b:53:45:00:c1:5c:22:38:79:
75:20:05:05:32:35:8a:9c:5a:7d:05:13:86:ca:84:
7a:9a:29:30:d7:17:c0:80:15:ee:3d:92:e4:2a:c9:
ed:5f:b5:af:88:5f:77:30:0a:35:40:55:d3:e0:54:
57:32:ac:28:fb:5d:9a:70:1a:7c:db:62:5c:a9:3a:
75:bb:8a:d7:9e:1b:e2:8b:ec:d9:55:d7:a6:13:2c:
68:6b:a5:4f:d5:db:28:32:5c:af:30:bc:87:0e:f7:
60:fb:69:c9:85:f9:00:d8:68:cc:da:4a:01:48:4a:
85:a1:ac:54:5b:c8:1a:b6:7a:49:8c:b5:c9:96:1f:
26:5e:4f:e6:69:36:fd:86:b3:bd:dc:65:86:68:e2:
69:7b:5d:a6:97:11:16:66:34:3d:27:ce:3e:ff:a5:
df:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:35:8B:C6:9D:B0:C4:43:4D:BA:92:7B:2B:2E:72:3D:1C:B0:B0:B5
X509v3 Authority Key Identifier:
keyid:5C:A9:F7:5D:CA:2C:D3:B3:93:53:E0:30:0B:30:BA:5B:62:97:6A:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XKn3Xcos07OTU-AwCzC6W2KXais.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/105433-83d9-412c-9fc4-1d51c468d556/1/XKn3Xcos07OTU-AwCzC6W2KXais.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/105433-83d9-412c-9fc4-1d51c468d556/1/XKn3Xcos07OTU-AwCzC6W2KXais.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a4:93:50:bc:53:ad:8e:8f:71:c2:2a:88:a2:3b:04:95:56:6f:
80:ef:b7:53:bb:b9:2e:6e:72:46:d4:4f:3e:0a:17:df:46:33:
9a:d3:22:a3:44:e1:10:eb:d6:82:a3:bd:91:0b:c6:75:81:9f:
ef:2d:ec:68:89:6d:ac:dd:09:96:d7:70:d8:52:a7:9b:84:51:
60:dc:e7:74:e3:61:53:70:53:f0:91:c6:c8:64:2f:dc:10:f0:
22:1d:4d:d4:88:d0:6b:b8:9f:1e:19:d4:70:44:d2:80:14:f8:
76:9b:1a:58:db:47:a1:21:34:d0:3a:7f:57:1c:99:1b:98:37:
6e:60:c3:98:b4:d0:ff:1e:b0:a2:40:d1:98:73:88:92:04:56:
f1:e4:a8:59:46:fa:d9:24:71:0c:6e:24:6f:fb:20:7b:dd:28:
2a:55:26:cf:69:8d:0d:7d:ce:28:8c:66:ee:d5:5a:a5:0a:01:
02:77:43:a1:11:07:6c:8c:f2:50:21:d5:8e:22:98:c0:80:af:
b2:78:e5:18:47:67:62:e8:b9:6e:29:3e:4f:ed:8f:8f:9c:42:
a5:9a:1e:32:86:13:45:ea:44:cc:c5:ec:22:6e:6a:ef:8d:9e:
4e:9e:b7:63:a1:f5:e8:65:f7:7d:dc:63:76:47:da:a4:53:95:
a1:37:b8:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYNoAJrbWGhTLFj3w831bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjYTlmNzVkY2EyY2QzYjM5MzUzZTAzMDBiMzBiYTViNjI5
NzZhMmIwHhcNMjYwMzI2MDkwMTQ2WhcNMjYwMzI3MDkwMTQ2WjAzMTEwLwYDVQQD
Eyg2OTM1OGJjNjlkYjBjNDQzNGRiYTkyN2IyYjJlNzIzZDFjYjBiMGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtabZ0DlO60b45YbTxakUUXWat4hu
X3E2P6T55lOC/Rn9rXPpvuHzuoqNrb2o0Zj4fAtDGXHwxYYfJd4sUNmjITPf6IJO
8PGI9KruKuGdbHFOaJvQXcRkz1P4JbjHM72bU0UAwVwiOHl1IAUFMjWKnFp9BROG
yoR6mikw1xfAgBXuPZLkKsntX7WviF93MAo1QFXT4FRXMqwo+12acBp822JcqTp1
u4rXnhvii+zZVdemEyxoa6VP1dsoMlyvMLyHDvdg+2nJhfkA2GjM2koBSEqFoaxU
W8gatnpJjLXJlh8mXk/maTb9hrO93GWGaOJpe12mlxEWZjQ9J84+/6XfkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGk1i8adsMRDTbqSeysucj0csLC1MB8GA1UdIwQY
MBaAFFyp913KLNOzk1PgMAswultil2orMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEtuM1hjb3MwN09UVS1Bd0N6QzZXMktYYWlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8xMDU0MzMtODNkOS00MTJjLTlmYzQt
MWQ1MWM0NjhkNTU2LzEvWEtuM1hjb3MwN09UVS1Bd0N6QzZXMktYYWlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS8xMDU0MzMtODNkOS00MTJjLTlmYzQtMWQ1MWM0NjhkNTU2
LzEvWEtuM1hjb3MwN09UVS1Bd0N6QzZXMktYYWlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApJNQvFOt
jo9xwiqIojsElVZvgO+3U7u5Lm5yRtRPPgoX30YzmtMio0ThEOvWgqO9kQvGdYGf
7y3saIltrN0Jltdw2FKnm4RRYNzndONhU3BT8JHGyGQv3BDwIh1N1IjQa7ifHhnU
cETSgBT4dpsaWNtHoSE00Dp/VxyZG5g3bmDDmLTQ/x6wokDRmHOIkgRW8eSoWUb6
2SRxDG4kb/sge90oKlUmz2mNDX3OKIxm7tVapQoBAndDoREHbIzyUCHVjiKYwICv
snjlGEdnYui5bik+T+2Pj5xCpZoeMoYTRepEzMXsIm5q742eTp63Y6H16GX3fdxj
dkfapFOVoTe4Ew==
-----END CERTIFICATE-----
Generated at Thu Mar 26 16:37:18 2026 by rpki-client