Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft
File: XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft (raw, json)
Hash identifier: mKuvi4cYxSpzJ7YMKadvpdA9yXrJ/Lu073kin9lUgtc=
Subject key identifier: 48:21:4F:1E:11:1B:2B:63:B4:F9:CF:F2:83:9F:E6:7C:81:A8:BA:86
Authority key identifier: 5D:D6:C1:38:4B:4A:4C:A5:01:DD:33:C5:F0:D8:58:0D:44:16:EB:3A
Certificate issuer: /CN=5dd6c1384b4a4ca501dd33c5f0d8580d4416eb3a
Certificate serial: 019D2816BDE5698FBFF3CF8D8F8A3829279F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XdbBOEtKTKUB3TPF8NhYDUQW6zo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft
Manifest number: 0581
Signing time: Thu 26 Mar 2026 03:01:12 +0000
Manifest this update: Thu 26 Mar 2026 03:01:12 +0000
Manifest next update: Fri 27 Mar 2026 03:01:12 +0000
Files and hashes: 1: XdbBOEtKTKUB3TPF8NhYDUQW6zo.crl (hash: fi8dWdiB3fYjS4yO4Cg1wrl25J5L4sDIKeanQ1lSXz0=)
2: x90dPkWW8REhzconoQULUI7Rl80.roa (hash: IZPztQukbhq4U8uDrkKMf9ofAgLjzhebtlSwoKIMZXM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft
rsync://rpki.ripe.net/repository/DEFAULT/XdbBOEtKTKUB3TPF8NhYDUQW6zo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:16:bd:e5:69:8f:bf:f3:cf:8d:8f:8a:38:29:27:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dd6c1384b4a4ca501dd33c5f0d8580d4416eb3a
Validity
Not Before: Mar 26 03:01:12 2026 GMT
Not After : Mar 27 03:01:12 2026 GMT
Subject: CN=48214f1e111b2b63b4f9cff2839fe67c81a8ba86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:47:0f:b4:c4:86:43:bf:47:64:ef:41:47:dd:
1d:ff:23:74:65:14:da:67:44:ec:5d:07:28:62:ab:
fd:26:b0:e4:36:2e:b9:40:d1:c9:0e:b3:0e:a9:31:
49:ce:77:21:41:9c:11:25:ad:b8:d4:1a:a1:c5:7a:
94:4d:af:38:34:05:9a:f2:b7:47:79:f3:15:33:62:
ca:0e:62:ed:e7:38:1a:7a:05:bf:c3:1e:81:64:a0:
89:fc:ea:23:d2:f3:f4:b6:cf:23:51:cb:4c:4d:9a:
b1:e1:e7:17:59:96:be:d6:f5:cf:52:e9:f2:30:ed:
1d:f5:fa:97:9e:e9:83:3d:28:f9:3e:01:83:db:ae:
7c:95:e0:59:cc:b9:2c:32:9e:d3:11:99:ac:ee:ba:
51:79:68:54:ae:4a:e1:99:1c:dd:1d:2d:06:07:11:
59:5d:79:22:fd:4f:9c:1c:72:42:e8:fe:5a:e1:24:
59:aa:8d:f8:be:80:b1:3a:0a:aa:90:f3:aa:8a:05:
7d:0d:5f:dc:17:c7:2c:a0:4d:40:ff:7d:05:f2:fc:
9e:53:71:52:ba:8e:18:ff:c3:c2:9c:5d:16:34:d1:
c0:47:9f:64:eb:bb:4d:c7:f2:57:4e:b0:a2:da:02:
d0:30:6d:e0:41:d1:6a:05:72:ec:a4:40:1e:d3:31:
ef:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:21:4F:1E:11:1B:2B:63:B4:F9:CF:F2:83:9F:E6:7C:81:A8:BA:86
X509v3 Authority Key Identifier:
keyid:5D:D6:C1:38:4B:4A:4C:A5:01:DD:33:C5:F0:D8:58:0D:44:16:EB:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XdbBOEtKTKUB3TPF8NhYDUQW6zo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
37:99:ea:4f:18:52:31:81:a0:e7:ea:77:15:d3:9a:78:10:e3:
43:2e:a5:c5:8b:e9:30:48:df:6f:f1:1e:4b:5f:9a:5f:c3:ef:
d0:9f:2d:63:b2:d6:3f:4b:ea:ac:2a:e2:85:fa:8d:84:1d:ad:
a9:c5:74:22:1f:e3:05:78:8c:47:1c:38:ca:e0:97:3f:72:09:
69:e4:ec:e9:31:ac:c6:5d:de:f5:5b:66:cf:45:68:f7:62:44:
97:d7:65:89:6a:91:45:88:7e:7f:65:45:ea:6a:f1:a0:02:06:
fc:8f:34:8b:73:ef:cc:48:6d:e2:1b:df:98:c0:79:fa:44:6b:
83:6d:8d:5e:a8:85:89:c6:fa:02:de:35:c6:00:c2:e4:4c:69:
97:68:7c:b5:66:cf:28:40:91:70:14:5e:4a:c2:ac:97:ca:71:
13:47:22:ca:00:09:70:fe:33:03:e6:c5:fe:61:24:65:98:04:
ce:03:7a:aa:9f:db:54:3c:59:dd:97:a2:e1:11:f4:44:29:59:
e2:e2:05:70:2a:4e:33:99:df:dd:a6:70:f4:88:55:e3:85:af:
29:45:6f:b2:90:9d:8d:6d:86:f2:00:df:a4:f4:aa:1d:97:71:
30:b6:3e:7a:c4:78:dd:43:4b:a1:64:95:10:67:e3:c3:d1:1e:
6c:be:b6:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oFr3laY+/88+Nj4o4KSefMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZDZjMTM4NGI0YTRjYTUwMWRkMzNjNWYwZDg1ODBkNDQx
NmViM2EwHhcNMjYwMzI2MDMwMTEyWhcNMjYwMzI3MDMwMTEyWjAzMTEwLwYDVQQD
Eyg0ODIxNGYxZTExMWIyYjYzYjRmOWNmZjI4MzlmZTY3YzgxYThiYTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEcPtMSGQ79HZO9BR90d/yN0ZRTa
Z0TsXQcoYqv9JrDkNi65QNHJDrMOqTFJznchQZwRJa241BqhxXqUTa84NAWa8rdH
efMVM2LKDmLt5zgaegW/wx6BZKCJ/Ooj0vP0ts8jUctMTZqx4ecXWZa+1vXPUuny
MO0d9fqXnumDPSj5PgGD2658leBZzLksMp7TEZms7rpReWhUrkrhmRzdHS0GBxFZ
XXki/U+cHHJC6P5a4SRZqo34voCxOgqqkPOqigV9DV/cF8csoE1A/30F8vyeU3FS
uo4Y/8PCnF0WNNHAR59k67tNx/JXTrCi2gLQMG3gQdFqBXLspEAe0zHvNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEghTx4RGytjtPnP8oOf5nyBqLqGMB8GA1UdIwQY
MBaAFF3WwThLSkylAd0zxfDYWA1EFus6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGRiQk9FdEtUS1VCM1RQRjhOaFlEVVFXNnpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi85MTU3YTktMDRiMC00MWJlLTljMjQt
ZDgyZDA2YTg3YmZlLzEvWGRiQk9FdEtUS1VCM1RQRjhOaFlEVVFXNnpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi85MTU3YTktMDRiMC00MWJlLTljMjQtZDgyZDA2YTg3YmZl
LzEvWGRiQk9FdEtUS1VCM1RQRjhOaFlEVVFXNnpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN5nqTxhS
MYGg5+p3FdOaeBDjQy6lxYvpMEjfb/EeS1+aX8Pv0J8tY7LWP0vqrCrihfqNhB2t
qcV0Ih/jBXiMRxw4yuCXP3IJaeTs6TGsxl3e9Vtmz0Vo92JEl9dliWqRRYh+f2VF
6mrxoAIG/I80i3PvzEht4hvfmMB5+kRrg22NXqiFicb6At41xgDC5Expl2h8tWbP
KECRcBReSsKsl8pxE0ciygAJcP4zA+bF/mEkZZgEzgN6qp/bVDxZ3Zei4RH0RClZ
4uIFcCpOM5nf3aZw9IhV44WvKUVvspCdjW2G8gDfpPSqHZdxMLY+esR43UNLoWSV
EGfjw9EebL62Pg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:52:33 2026 by rpki-client