Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/02bdf0-bf29-4dae-b19b-86a5518e2d52/1/Xd5LO4LyCbcBrjQM9TuXQHjxap8.mft
File: Xd5LO4LyCbcBrjQM9TuXQHjxap8.mft (raw, json)
Hash identifier: 5hg7ScdHY/Y4HTIKVZOpIcCsoaa6C6f8uwY/uyf3wPI=
Subject key identifier: D2:8C:42:39:84:E6:63:03:2E:B0:9E:6B:5B:21:72:EB:51:F1:EA:10
Authority key identifier: 5D:DE:4B:3B:82:F2:09:B7:01:AE:34:0C:F5:3B:97:40:78:F1:6A:9F
Certificate issuer: /CN=5dde4b3b82f209b701ae340cf53b974078f16a9f
Certificate serial: 019D265F62D74CF8769ABF15D0731B1A0134
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xd5LO4LyCbcBrjQM9TuXQHjxap8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/02bdf0-bf29-4dae-b19b-86a5518e2d52/1/Xd5LO4LyCbcBrjQM9TuXQHjxap8.mft
Manifest number: 189D
Signing time: Wed 25 Mar 2026 19:01:18 +0000
Manifest this update: Wed 25 Mar 2026 19:01:18 +0000
Manifest next update: Thu 26 Mar 2026 19:01:18 +0000
Files and hashes: 1: 3M28JHI7FacsIOAJQWmxce2Slr8.roa (hash: YkTIvgr/OPBfSq7cSMGcukiH55SIyz1JhUaAuApclZY=)
2: C28DWNXDejdL7MAcc4Gi6FPgeMM.roa (hash: IsJNEkpniLV6uLgZ6ioRBU52pmL/v472ljfJA8Ci5sE=)
3: Gk3x3dMvMywr2S8J1gmXYe0hnoU.roa (hash: /bwOAvbGES0zjJv2PTCP3py4NDDoCXEMIJubC3y4gDQ=)
4: IK5t8ZtR9FmBC9B2Oc1q_FzsZ60.roa (hash: 99eWXzzKhZzYTyaPK2nn6KPekh7aMTWJKB401rZwNvg=)
5: Xd5LO4LyCbcBrjQM9TuXQHjxap8.crl (hash: qv/ZEO952+MluVu3r6W3verqBPEd/40r7046KiQfQyI=)
6: jXdcvBqCE8rVio9YNuEiuZYnuIo.roa (hash: ZtkqLvQ4ehKRiTxaMSbbV1v3/KL7Hxac2TJ9AgS/V8k=)
7: khD-5GIOCtdSW94SprlTc6aKDCw.roa (hash: 9g8S387WfYIRLJ6x0iTubqGcDstg4uHac2ZeVMN70tA=)
8: qH5fLLWJkV1VZnXKxFAToZGD4BA.roa (hash: gujwjiPUnMht5bxbQJ8geZbpehgQ8vnJKIXcFg1nhbI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/02bdf0-bf29-4dae-b19b-86a5518e2d52/1/Xd5LO4LyCbcBrjQM9TuXQHjxap8.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/02bdf0-bf29-4dae-b19b-86a5518e2d52/1/Xd5LO4LyCbcBrjQM9TuXQHjxap8.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xd5LO4LyCbcBrjQM9TuXQHjxap8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:5f:62:d7:4c:f8:76:9a:bf:15:d0:73:1b:1a:01:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dde4b3b82f209b701ae340cf53b974078f16a9f
Validity
Not Before: Mar 25 19:01:18 2026 GMT
Not After : Mar 26 19:01:18 2026 GMT
Subject: CN=d28c423984e663032eb09e6b5b2172eb51f1ea10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:dd:4c:40:02:04:6a:0a:df:75:a8:3e:df:d3:
d9:ca:65:e2:cf:b0:24:3a:00:20:37:75:42:50:70:
8c:bb:14:73:cc:1e:7d:d8:a0:6d:4d:38:1a:4f:e1:
f4:c4:ec:d2:bc:6d:65:41:ea:89:f9:d8:a6:49:bc:
28:3f:da:22:c5:6c:cd:cd:9a:06:ce:37:f1:7a:e3:
a9:1c:6a:5a:db:ea:9b:69:df:ba:7c:1d:f7:2e:fa:
d7:e7:cd:e5:c5:c3:6f:fa:e6:97:cd:1d:77:0a:86:
79:82:30:9f:e5:f4:ad:c4:3a:cf:38:26:07:41:0b:
ce:fe:f6:d5:a0:a0:72:50:9a:99:31:52:e7:3e:67:
ca:68:4d:1b:df:36:2c:2d:e6:cc:90:61:78:e9:ea:
09:83:e0:b9:33:16:5c:b3:50:3a:b0:b7:d3:1f:02:
43:5d:c1:6a:c9:fe:ae:dd:6e:67:cc:0b:06:dd:d6:
68:11:e0:64:7e:01:2a:18:99:52:c8:b5:b7:eb:cd:
46:d2:27:a3:b6:5e:61:df:70:5e:62:60:24:c9:af:
f0:28:1f:f2:02:dc:13:4a:91:6f:10:bf:92:55:4c:
1c:fc:cf:52:d1:77:5a:60:a1:1c:8f:fd:5d:0a:8c:
72:d5:48:d3:46:09:0a:a2:c3:49:7a:b7:1e:37:6e:
f7:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:8C:42:39:84:E6:63:03:2E:B0:9E:6B:5B:21:72:EB:51:F1:EA:10
X509v3 Authority Key Identifier:
keyid:5D:DE:4B:3B:82:F2:09:B7:01:AE:34:0C:F5:3B:97:40:78:F1:6A:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xd5LO4LyCbcBrjQM9TuXQHjxap8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/02bdf0-bf29-4dae-b19b-86a5518e2d52/1/Xd5LO4LyCbcBrjQM9TuXQHjxap8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/02bdf0-bf29-4dae-b19b-86a5518e2d52/1/Xd5LO4LyCbcBrjQM9TuXQHjxap8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
33:e8:6c:2b:54:96:65:ff:2d:bb:ee:75:6a:bd:8b:a9:ef:ae:
a9:89:e2:62:19:4c:68:55:f8:53:dc:14:6c:66:6d:10:42:49:
a0:64:3e:55:62:23:d1:3b:4e:3e:fc:4e:1c:dc:aa:21:b8:43:
0e:3d:82:d6:b7:24:a5:14:60:8b:57:5b:77:c7:b5:fa:84:b9:
5c:39:e3:58:2b:72:d1:d9:b9:20:cb:4b:e3:1e:96:76:9b:9c:
84:fa:c3:0d:9e:ed:2d:4e:f2:b6:74:0a:30:05:66:5c:be:f0:
12:f9:01:37:63:af:cc:97:ef:5e:00:ce:b3:1f:55:38:19:00:
56:6d:04:87:a7:d5:11:e6:c7:31:bf:21:99:a2:af:2c:cf:f8:
59:26:cc:a2:6e:ad:51:60:d6:96:c8:63:1b:37:99:1f:d1:f6:
35:b0:f8:13:f0:14:4c:80:e9:6d:df:9a:86:c1:20:aa:9b:85:
b5:64:e8:9d:82:10:bb:f0:25:e8:61:c8:d6:79:f1:60:db:7c:
c0:14:9e:13:e4:cd:af:c2:c1:d5:d4:cc:05:37:7a:65:94:8f:
d0:4c:68:d7:0a:47:0b:f2:06:80:38:cd:bd:5e:e7:c5:5d:49:
47:d0:9d:53:95:a2:63:58:9d:be:3b:4d:eb:30:3a:04:55:05:
7a:5d:93:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mX2LXTPh2mr8V0HMbGgE0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZGU0YjNiODJmMjA5YjcwMWFlMzQwY2Y1M2I5NzQwNzhm
MTZhOWYwHhcNMjYwMzI1MTkwMTE4WhcNMjYwMzI2MTkwMTE4WjAzMTEwLwYDVQQD
EyhkMjhjNDIzOTg0ZTY2MzAzMmViMDllNmI1YjIxNzJlYjUxZjFlYTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwN1MQAIEagrfdag+39PZymXiz7Ak
OgAgN3VCUHCMuxRzzB592KBtTTgaT+H0xOzSvG1lQeqJ+dimSbwoP9oixWzNzZoG
zjfxeuOpHGpa2+qbad+6fB33LvrX583lxcNv+uaXzR13CoZ5gjCf5fStxDrPOCYH
QQvO/vbVoKByUJqZMVLnPmfKaE0b3zYsLebMkGF46eoJg+C5MxZcs1A6sLfTHwJD
XcFqyf6u3W5nzAsG3dZoEeBkfgEqGJlSyLW3681G0iejtl5h33BeYmAkya/wKB/y
AtwTSpFvEL+SVUwc/M9S0XdaYKEcj/1dCoxy1UjTRgkKosNJerceN273EQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNKMQjmE5mMDLrCea1shcutR8eoQMB8GA1UdIwQY
MBaAFF3eSzuC8gm3Aa40DPU7l0B48WqfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGQ1TE80THlDYmNCcmpRTTlUdVhRSGp4YXA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8wMmJkZjAtYmYyOS00ZGFlLWIxOWIt
ODZhNTUxOGUyZDUyLzEvWGQ1TE80THlDYmNCcmpRTTlUdVhRSGp4YXA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8wMmJkZjAtYmYyOS00ZGFlLWIxOWItODZhNTUxOGUyZDUy
LzEvWGQ1TE80THlDYmNCcmpRTTlUdVhRSGp4YXA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM+hsK1SW
Zf8tu+51ar2Lqe+uqYniYhlMaFX4U9wUbGZtEEJJoGQ+VWIj0TtOPvxOHNyqIbhD
Dj2C1rckpRRgi1dbd8e1+oS5XDnjWCty0dm5IMtL4x6WdpuchPrDDZ7tLU7ytnQK
MAVmXL7wEvkBN2OvzJfvXgDOsx9VOBkAVm0Eh6fVEebHMb8hmaKvLM/4WSbMom6t
UWDWlshjGzeZH9H2NbD4E/AUTIDpbd+ahsEgqpuFtWTonYIQu/Al6GHI1nnxYNt8
wBSeE+TNr8LB1dTMBTd6ZZSP0Exo1wpHC/IGgDjNvV7nxV1JR9CdU5WiY1idvjtN
6zA6BFUFel2Tfg==
-----END CERTIFICATE-----
Generated at Wed Mar 25 23:18:48 2026 by rpki-client