Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/64879b-6c68-4597-9fab-6fbe293171fe/1/xU3YgoUsxFhrH-40wFAdXbfWDws.mft
File: xU3YgoUsxFhrH-40wFAdXbfWDws.mft (raw, json)
Hash identifier: F2ClZDUhyKSZZEMQWkOycxxlV0/4ugpiPoBibzxTuoU=
Subject key identifier: BE:C0:91:11:AC:72:2F:1B:AC:59:0A:CB:4A:9A:2E:AE:F2:BC:E8:E8
Authority key identifier: C5:4D:D8:82:85:2C:C4:58:6B:1F:EE:34:C0:50:1D:5D:B7:D6:0F:0B
Certificate issuer: /CN=c54dd882852cc4586b1fee34c0501d5db7d60f0b
Certificate serial: 019D2627E490779F052792DC89862998313D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xU3YgoUsxFhrH-40wFAdXbfWDws.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/64879b-6c68-4597-9fab-6fbe293171fe/1/xU3YgoUsxFhrH-40wFAdXbfWDws.mft
Manifest number: 0A4A
Signing time: Wed 25 Mar 2026 18:00:41 +0000
Manifest this update: Wed 25 Mar 2026 18:00:41 +0000
Manifest next update: Thu 26 Mar 2026 18:00:41 +0000
Files and hashes: 1: 73qIjcwhVoNUSh6y8S9vmR-78LI.roa (hash: W2dcEwkCBgOixH5r0yINyyX7ud/0OMWWSsCwZ1EhRwo=)
2: xU3YgoUsxFhrH-40wFAdXbfWDws.crl (hash: HIgVB8ezWbddeHJilJrE6TPvRSYBd1yquDSpZ6YYA48=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/64879b-6c68-4597-9fab-6fbe293171fe/1/xU3YgoUsxFhrH-40wFAdXbfWDws.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/64879b-6c68-4597-9fab-6fbe293171fe/1/xU3YgoUsxFhrH-40wFAdXbfWDws.mft
rsync://rpki.ripe.net/repository/DEFAULT/xU3YgoUsxFhrH-40wFAdXbfWDws.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:27:e4:90:77:9f:05:27:92:dc:89:86:29:98:31:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c54dd882852cc4586b1fee34c0501d5db7d60f0b
Validity
Not Before: Mar 25 18:00:41 2026 GMT
Not After : Mar 26 18:00:41 2026 GMT
Subject: CN=bec09111ac722f1bac590acb4a9a2eaef2bce8e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a8:c5:97:33:26:20:25:40:94:ae:bc:d1:fb:
00:7f:61:7d:c6:d9:c4:fa:57:68:b5:b6:6b:05:ad:
54:54:90:69:43:f7:18:c4:8c:0d:46:55:f9:13:dd:
5c:ae:77:1b:14:ac:35:2c:99:0b:4c:be:98:8c:3c:
e2:5d:5f:0f:1e:10:ff:12:ef:52:60:0b:89:cc:ee:
4a:ef:93:29:98:b1:f2:6b:e3:bf:cd:af:46:55:12:
af:0c:6c:95:1c:dc:a8:fd:4d:78:e3:02:c9:24:4b:
5f:db:cd:b8:38:ad:13:20:f4:53:d2:63:87:28:00:
9d:ac:0b:9f:ad:28:c4:bb:58:6a:69:2a:f9:d5:e9:
7f:e4:d1:6e:f2:a8:e0:a2:96:b0:64:94:98:9d:be:
1d:9f:03:60:f0:0f:77:9a:11:4f:a0:3e:27:e4:c0:
be:ca:e4:0a:fa:b1:50:6f:33:a8:d3:36:8b:39:61:
c9:36:34:e2:dc:f3:23:ab:14:ad:8d:6f:03:df:69:
bf:96:a3:33:23:5e:21:51:20:01:e7:1d:92:1b:2c:
4a:64:b0:9f:2e:ca:c3:dc:12:ad:08:9a:51:4f:fe:
a8:bf:cd:5a:bf:e1:b9:b6:bf:30:fb:47:e5:35:21:
e6:01:0a:d3:9e:a5:cd:06:37:97:72:8a:30:a0:dc:
aa:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:C0:91:11:AC:72:2F:1B:AC:59:0A:CB:4A:9A:2E:AE:F2:BC:E8:E8
X509v3 Authority Key Identifier:
keyid:C5:4D:D8:82:85:2C:C4:58:6B:1F:EE:34:C0:50:1D:5D:B7:D6:0F:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xU3YgoUsxFhrH-40wFAdXbfWDws.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/64879b-6c68-4597-9fab-6fbe293171fe/1/xU3YgoUsxFhrH-40wFAdXbfWDws.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/64879b-6c68-4597-9fab-6fbe293171fe/1/xU3YgoUsxFhrH-40wFAdXbfWDws.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9d:43:ba:ac:32:08:c7:54:c5:c6:89:92:04:b2:f8:db:79:28:
3d:b9:f6:28:be:1e:61:c8:a2:46:ca:d8:bf:af:58:af:90:83:
b2:b5:3a:06:0f:ad:38:15:59:d5:4a:df:61:44:5b:42:88:d1:
a8:26:52:36:0a:05:06:be:6f:12:b0:cf:93:31:65:77:c1:f4:
09:b3:75:58:a9:88:07:17:82:5e:ac:44:14:6c:d7:7e:45:1e:
ec:3e:92:42:34:2d:d9:12:63:f4:ce:03:5f:28:47:59:99:fd:
f3:8d:41:15:8f:56:00:c3:0b:4e:bd:1a:36:cf:80:12:84:b2:
26:a3:a9:5d:bd:7c:ea:27:33:da:b4:47:d9:5c:71:6f:7f:73:
ce:04:4f:e4:78:bf:7e:70:bc:16:be:2c:41:dc:7b:ea:aa:30:
86:89:f5:27:a4:51:80:bb:91:74:87:31:8a:ae:1a:4d:11:4e:
b6:2d:24:c8:9f:fd:0a:1d:a1:da:3c:6a:95:cc:56:f5:b5:96:
a7:28:36:fa:53:ee:0a:ce:a6:13:91:fe:09:09:c9:2b:13:3b:
c8:e8:59:9f:87:ad:33:ab:37:76:7c:41:ed:48:b6:46:d7:50:
ac:b4:46:5f:d8:e9:bf:5d:0c:0f:25:5e:8b:51:4f:5a:6c:84:
8d:7b:b6:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mJ+SQd58FJ5LciYYpmDE9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1NGRkODgyODUyY2M0NTg2YjFmZWUzNGMwNTAxZDVkYjdk
NjBmMGIwHhcNMjYwMzI1MTgwMDQxWhcNMjYwMzI2MTgwMDQxWjAzMTEwLwYDVQQD
EyhiZWMwOTExMWFjNzIyZjFiYWM1OTBhY2I0YTlhMmVhZWYyYmNlOGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6jFlzMmICVAlK680fsAf2F9xtnE
+ldotbZrBa1UVJBpQ/cYxIwNRlX5E91crncbFKw1LJkLTL6YjDziXV8PHhD/Eu9S
YAuJzO5K75MpmLHya+O/za9GVRKvDGyVHNyo/U144wLJJEtf2824OK0TIPRT0mOH
KACdrAufrSjEu1hqaSr51el/5NFu8qjgopawZJSYnb4dnwNg8A93mhFPoD4n5MC+
yuQK+rFQbzOo0zaLOWHJNjTi3PMjqxStjW8D32m/lqMzI14hUSAB5x2SGyxKZLCf
LsrD3BKtCJpRT/6ov81av+G5tr8w+0flNSHmAQrTnqXNBjeXcoowoNyq7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL7AkRGsci8brFkKy0qaLq7yvOjoMB8GA1UdIwQY
MBaAFMVN2IKFLMRYax/uNMBQHV231g8LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFUzWWdvVXN4RmhySC00MHdGQWRYYmZXRHdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny82NDg3OWItNmM2OC00NTk3LTlmYWIt
NmZiZTI5MzE3MWZlLzEveFUzWWdvVXN4RmhySC00MHdGQWRYYmZXRHdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny82NDg3OWItNmM2OC00NTk3LTlmYWItNmZiZTI5MzE3MWZl
LzEveFUzWWdvVXN4RmhySC00MHdGQWRYYmZXRHdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnUO6rDII
x1TFxomSBLL423koPbn2KL4eYciiRsrYv69Yr5CDsrU6Bg+tOBVZ1UrfYURbQojR
qCZSNgoFBr5vErDPkzFld8H0CbN1WKmIBxeCXqxEFGzXfkUe7D6SQjQt2RJj9M4D
XyhHWZn9841BFY9WAMMLTr0aNs+AEoSyJqOpXb186icz2rRH2Vxxb39zzgRP5Hi/
fnC8Fr4sQdx76qowhon1J6RRgLuRdIcxiq4aTRFOti0kyJ/9Ch2h2jxqlcxW9bWW
pyg2+lPuCs6mE5H+CQnJKxM7yOhZn4etM6s3dnxB7Ui2RtdQrLRGX9jpv10MDyVe
i1FPWmyEjXu23A==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:06:12 2026 by rpki-client