Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/2f0a66-1634-40fb-99b0-931505ff41c5/1/_XF_OrY5RaG-c5wrOiWJvqVd224.mft
File: _XF_OrY5RaG-c5wrOiWJvqVd224.mft (raw, json)
Hash identifier: 2bQx3t91IGfYzcqlTSUASxt0tlpavawJJCF6QM3+7uM=
Subject key identifier: 9D:F6:43:B5:79:DB:E9:25:5C:B9:F7:2A:15:67:1A:94:BA:11:90:9A
Authority key identifier: FD:71:7F:3A:B6:39:45:A1:BE:73:9C:2B:3A:25:89:BE:A5:5D:DB:6E
Certificate issuer: /CN=fd717f3ab63945a1be739c2b3a2589bea55ddb6e
Certificate serial: 019D2772417F9F9AFA1A6726C3A80C1662DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_XF_OrY5RaG-c5wrOiWJvqVd224.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/2f0a66-1634-40fb-99b0-931505ff41c5/1/_XF_OrY5RaG-c5wrOiWJvqVd224.mft
Manifest number: 0E38
Signing time: Thu 26 Mar 2026 00:01:32 +0000
Manifest this update: Thu 26 Mar 2026 00:01:32 +0000
Manifest next update: Fri 27 Mar 2026 00:01:32 +0000
Files and hashes: 1: 0k0SMXdBc9F-S0u5frPj7VZDATI.roa (hash: fH1r/M4QH7i4V9CfzqHbwrIzNmtm+Dkd+L50E5BaVjo=)
2: _XF_OrY5RaG-c5wrOiWJvqVd224.crl (hash: Z3Ca734pu/4uEhYPxw4ETLLo19Y0Tv0ZUIUv81rLUyg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/2f0a66-1634-40fb-99b0-931505ff41c5/1/_XF_OrY5RaG-c5wrOiWJvqVd224.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/2f0a66-1634-40fb-99b0-931505ff41c5/1/_XF_OrY5RaG-c5wrOiWJvqVd224.mft
rsync://rpki.ripe.net/repository/DEFAULT/_XF_OrY5RaG-c5wrOiWJvqVd224.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:72:41:7f:9f:9a:fa:1a:67:26:c3:a8:0c:16:62:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd717f3ab63945a1be739c2b3a2589bea55ddb6e
Validity
Not Before: Mar 26 00:01:32 2026 GMT
Not After : Mar 27 00:01:32 2026 GMT
Subject: CN=9df643b579dbe9255cb9f72a15671a94ba11909a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:63:da:92:fe:80:b0:2f:f2:e9:9a:11:a8:5f:
77:8c:35:3d:4e:66:35:91:e4:93:d9:63:65:f9:53:
03:9e:97:51:ef:cc:58:0c:1e:04:99:cf:dd:cd:2d:
bf:31:ee:5a:93:d3:d4:ed:51:28:ab:c9:81:09:85:
15:43:46:07:5d:32:f9:d3:2d:79:64:7c:69:99:ca:
ce:81:24:d9:ba:d8:84:ac:2e:05:1b:49:3b:cb:f1:
d3:83:c7:9d:b2:0a:28:6d:5f:23:17:4f:27:1c:94:
95:e5:ca:97:af:4f:65:83:61:a6:35:6a:78:58:ce:
6f:f1:4f:30:fc:1c:da:d7:fc:ec:ae:c7:97:ac:40:
26:f3:25:d8:16:fb:af:f8:3d:67:b9:62:ef:06:25:
07:a3:5e:af:cb:0f:0c:e5:b2:27:36:40:15:88:e3:
a6:b7:12:f2:47:18:b9:a0:4c:01:2f:f1:54:6f:e4:
a3:b5:b5:5a:0c:15:aa:0d:1d:80:95:93:45:ee:70:
92:4a:35:b2:9b:c5:aa:f3:21:7a:45:bc:21:9d:f1:
58:89:cd:e5:f3:82:fc:ca:6f:1f:38:eb:84:cd:2e:
58:e7:77:8a:14:44:20:96:52:66:55:60:95:b4:c8:
5d:24:34:7b:24:75:c6:31:29:f7:81:38:ac:21:8f:
6a:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:F6:43:B5:79:DB:E9:25:5C:B9:F7:2A:15:67:1A:94:BA:11:90:9A
X509v3 Authority Key Identifier:
keyid:FD:71:7F:3A:B6:39:45:A1:BE:73:9C:2B:3A:25:89:BE:A5:5D:DB:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_XF_OrY5RaG-c5wrOiWJvqVd224.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/2f0a66-1634-40fb-99b0-931505ff41c5/1/_XF_OrY5RaG-c5wrOiWJvqVd224.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/2f0a66-1634-40fb-99b0-931505ff41c5/1/_XF_OrY5RaG-c5wrOiWJvqVd224.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
22:0e:7c:b5:d4:9f:c1:3d:b9:33:02:f6:9b:c6:76:3f:ab:54:
92:d5:e2:15:d4:a7:67:1d:6b:f5:01:87:d2:e1:9a:c4:10:bb:
ec:d4:51:97:fe:5e:03:86:21:0a:2c:95:2c:00:f6:fa:f3:22:
87:29:1a:10:76:8f:91:a9:ed:be:f9:25:a2:7d:2f:79:7b:06:
99:64:a5:08:14:d5:65:64:87:10:3e:a7:af:b8:52:a5:05:61:
2c:1e:1c:88:0e:4e:f3:16:0c:e4:9d:bc:fa:24:60:1e:4a:1e:
e2:bd:3b:62:e5:3f:92:11:ec:2b:d7:76:1e:9a:1f:6d:6e:ee:
80:26:33:28:fd:db:4e:43:5a:b2:a1:2b:58:57:1b:23:88:10:
44:61:23:f5:05:23:c2:87:d3:cb:cc:88:25:a0:df:98:0a:6f:
e3:d6:37:86:8c:c3:d9:da:db:8f:b5:57:5c:d1:3a:e9:df:17:
89:f0:85:87:a8:8b:f9:fd:6f:28:7b:4a:66:c4:4f:44:68:1b:
42:54:e2:20:76:f9:17:8c:4d:6b:96:a1:bf:e3:b5:1c:23:34:
8d:0d:08:2c:60:4d:c6:00:c3:d4:00:b2:a7:3b:58:9b:6e:5c:
2a:0c:34:c8:cf:01:ba:16:f0:96:a7:0d:67:11:b6:76:d5:95:
d3:93:3f:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nckF/n5r6Gmcmw6gMFmLbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkNzE3ZjNhYjYzOTQ1YTFiZTczOWMyYjNhMjU4OWJlYTU1
ZGRiNmUwHhcNMjYwMzI2MDAwMTMyWhcNMjYwMzI3MDAwMTMyWjAzMTEwLwYDVQQD
Eyg5ZGY2NDNiNTc5ZGJlOTI1NWNiOWY3MmExNTY3MWE5NGJhMTE5MDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0GPakv6AsC/y6ZoRqF93jDU9TmY1
keST2WNl+VMDnpdR78xYDB4Emc/dzS2/Me5ak9PU7VEoq8mBCYUVQ0YHXTL50y15
ZHxpmcrOgSTZutiErC4FG0k7y/HTg8edsgoobV8jF08nHJSV5cqXr09lg2GmNWp4
WM5v8U8w/Bza1/zsrseXrEAm8yXYFvuv+D1nuWLvBiUHo16vyw8M5bInNkAViOOm
txLyRxi5oEwBL/FUb+SjtbVaDBWqDR2AlZNF7nCSSjWym8Wq8yF6RbwhnfFYic3l
84L8ym8fOOuEzS5Y53eKFEQgllJmVWCVtMhdJDR7JHXGMSn3gTisIY9q8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ32Q7V52+klXLn3KhVnGpS6EZCaMB8GA1UdIwQY
MBaAFP1xfzq2OUWhvnOcKzolib6lXdtuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1hGX09yWTVSYUctYzV3ck9pV0p2cVZkMjI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8yZjBhNjYtMTYzNC00MGZiLTk5YjAt
OTMxNTA1ZmY0MWM1LzEvX1hGX09yWTVSYUctYzV3ck9pV0p2cVZkMjI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8yZjBhNjYtMTYzNC00MGZiLTk5YjAtOTMxNTA1ZmY0MWM1
LzEvX1hGX09yWTVSYUctYzV3ck9pV0p2cVZkMjI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIg58tdSf
wT25MwL2m8Z2P6tUktXiFdSnZx1r9QGH0uGaxBC77NRRl/5eA4YhCiyVLAD2+vMi
hykaEHaPkantvvklon0veXsGmWSlCBTVZWSHED6nr7hSpQVhLB4ciA5O8xYM5J28
+iRgHkoe4r07YuU/khHsK9d2HpofbW7ugCYzKP3bTkNasqErWFcbI4gQRGEj9QUj
wofTy8yIJaDfmApv49Y3hozD2drbj7VXXNE66d8XifCFh6iL+f1vKHtKZsRPRGgb
QlTiIHb5F4xNa5ahv+O1HCM0jQ0ILGBNxgDD1ACypztYm25cKgw0yM8BuhbwlqcN
ZxG2dtWV05M/yQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:21:13 2026 by rpki-client