Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft
File: XNhYOyEXQQSea7GalG2DGqvxGtM.mft (raw, json)
Hash identifier: ld5oA6YDvNJgOU0MS9h5rHS5j+cu8EVY9H2wQUGWNF8=
Subject key identifier: 68:B2:50:A0:46:9B:06:2A:D7:23:F2:ED:A6:F0:A6:73:72:DC:93:94
Authority key identifier: 5C:D8:58:3B:21:17:41:04:9E:6B:B1:9A:94:6D:83:1A:AB:F1:1A:D3
Certificate issuer: /CN=5cd8583b211741049e6bb19a946d831aabf11ad3
Certificate serial: 019D29615E45F2C39B4265A545726F5C9B96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft
Manifest number: 17C9
Signing time: Thu 26 Mar 2026 09:02:20 +0000
Manifest this update: Thu 26 Mar 2026 09:02:20 +0000
Manifest next update: Fri 27 Mar 2026 09:02:20 +0000
Files and hashes: 1: S2GzX7bjyNfk8zuc_J7yDO8r8_A.roa (hash: 9cgwTQAZVGZH9VKGn5dJT7UJ2jaArnzhzVtmHDdrHjU=)
2: XNhYOyEXQQSea7GalG2DGqvxGtM.crl (hash: 4l/HNmHwhb88WFZ1SI5JGELh9wNBPq2tofMwynIx+7M=)
3: rSchH_WpkAQtklBw4R5ArVw7Etg.roa (hash: FQrYCtK1inx5vQ38kiI4C/z5+zK3xo4th9Fjypdt9nc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft
rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:61:5e:45:f2:c3:9b:42:65:a5:45:72:6f:5c:9b:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cd8583b211741049e6bb19a946d831aabf11ad3
Validity
Not Before: Mar 26 09:02:20 2026 GMT
Not After : Mar 27 09:02:20 2026 GMT
Subject: CN=68b250a0469b062ad723f2eda6f0a67372dc9394
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a1:ca:14:bd:e7:31:23:32:b5:c4:b3:66:ff:
53:19:38:a2:8e:75:75:42:7c:df:5d:bd:99:a9:cc:
4c:a3:68:66:d6:89:1f:02:8d:2a:67:cd:ee:ce:0c:
de:a5:07:26:21:20:1f:e6:61:e1:9a:e5:c8:c6:7a:
4f:bf:2d:3d:27:4b:73:33:a1:3e:84:76:47:77:4c:
c0:e9:88:72:9e:76:c5:21:ca:0e:6e:d0:b8:10:ba:
b9:06:31:1a:b9:96:59:c9:03:c2:e6:81:95:b1:44:
04:7b:44:b5:d6:32:01:a6:6d:dd:11:42:65:2c:7d:
32:86:4a:12:4f:8b:c8:8f:ae:65:41:2b:4c:26:59:
3f:82:7e:1e:d1:aa:13:bb:c9:2b:4c:39:4d:2c:d7:
2b:43:54:09:fd:e8:3d:42:4e:99:f6:bb:a0:41:30:
90:20:0e:f2:74:d7:7f:64:df:94:5f:42:5b:43:12:
d2:17:fc:8b:b6:b2:ab:30:68:bd:1c:12:18:b4:4b:
f5:27:90:d2:59:83:b7:89:de:c1:c2:2d:9f:d9:bc:
1c:eb:bf:ef:93:67:d9:6c:43:49:cf:e5:7f:e0:c2:
1f:26:a2:4d:9f:14:72:10:cf:ad:95:dc:27:6e:ce:
87:c9:39:cc:aa:9f:0b:c8:06:d1:2c:4a:c1:3f:f3:
10:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:B2:50:A0:46:9B:06:2A:D7:23:F2:ED:A6:F0:A6:73:72:DC:93:94
X509v3 Authority Key Identifier:
keyid:5C:D8:58:3B:21:17:41:04:9E:6B:B1:9A:94:6D:83:1A:AB:F1:1A:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7d:5f:f9:a6:be:06:d6:2f:65:f6:a8:44:2d:d8:9e:52:79:5c:
05:7a:1a:54:42:b1:1e:a6:5a:03:dd:a6:8b:68:0e:4f:df:e4:
4c:22:8d:71:3b:a0:5b:e7:18:0b:86:6b:69:da:b2:ac:57:2a:
dd:30:0a:0f:70:f2:3c:a2:aa:8c:81:44:90:17:33:c1:88:14:
ec:a2:49:46:58:27:c3:a9:fe:14:f9:1a:dd:0c:ba:01:d2:8c:
d2:1e:ee:84:ae:19:20:12:b3:07:75:28:dc:3b:41:c0:22:94:
77:98:f3:df:16:10:32:89:a2:34:9e:83:30:2b:ed:33:f0:af:
00:d9:cb:38:76:f9:87:aa:f1:6f:16:c6:bb:64:d9:c6:48:20:
a7:3d:44:77:60:d0:7c:eb:09:f3:17:84:94:a0:15:2f:71:8c:
88:30:34:10:f2:4b:28:18:3b:ca:cd:79:7f:20:5c:04:91:cb:
62:d0:3a:6e:92:90:04:14:1c:fc:93:5c:0e:f2:71:d7:b7:9c:
81:3e:6f:96:78:b0:d6:88:f6:90:cb:10:ea:cc:df:44:32:75:
a0:4a:03:3c:55:6a:ef:72:11:7d:cc:4f:9a:00:38:7e:87:20:
c6:3b:b2:d5:5b:32:89:e4:6c:9b:cc:d6:df:25:ef:65:8b:42:
58:0b:95:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYV5F8sObQmWlRXJvXJuWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZDg1ODNiMjExNzQxMDQ5ZTZiYjE5YTk0NmQ4MzFhYWJm
MTFhZDMwHhcNMjYwMzI2MDkwMjIwWhcNMjYwMzI3MDkwMjIwWjAzMTEwLwYDVQQD
Eyg2OGIyNTBhMDQ2OWIwNjJhZDcyM2YyZWRhNmYwYTY3MzcyZGM5Mzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKHKFL3nMSMytcSzZv9TGTiijnV1
QnzfXb2ZqcxMo2hm1okfAo0qZ83uzgzepQcmISAf5mHhmuXIxnpPvy09J0tzM6E+
hHZHd0zA6YhynnbFIcoObtC4ELq5BjEauZZZyQPC5oGVsUQEe0S11jIBpm3dEUJl
LH0yhkoST4vIj65lQStMJlk/gn4e0aoTu8krTDlNLNcrQ1QJ/eg9Qk6Z9rugQTCQ
IA7ydNd/ZN+UX0JbQxLSF/yLtrKrMGi9HBIYtEv1J5DSWYO3id7Bwi2f2bwc67/v
k2fZbENJz+V/4MIfJqJNnxRyEM+tldwnbs6HyTnMqp8LyAbRLErBP/MQqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGiyUKBGmwYq1yPy7abwpnNy3JOUMB8GA1UdIwQY
MBaAFFzYWDshF0EEnmuxmpRtgxqr8RrTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC83Mjk4YWItN2I5Yy00N2FkLTkwODUt
NTA5NzRiY2RjMjQ4LzEvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC83Mjk4YWItN2I5Yy00N2FkLTkwODUtNTA5NzRiY2RjMjQ4
LzEvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfV/5pr4G
1i9l9qhELdieUnlcBXoaVEKxHqZaA92mi2gOT9/kTCKNcTugW+cYC4ZradqyrFcq
3TAKD3DyPKKqjIFEkBczwYgU7KJJRlgnw6n+FPka3Qy6AdKM0h7uhK4ZIBKzB3Uo
3DtBwCKUd5jz3xYQMomiNJ6DMCvtM/CvANnLOHb5h6rxbxbGu2TZxkggpz1Ed2DQ
fOsJ8xeElKAVL3GMiDA0EPJLKBg7ys15fyBcBJHLYtA6bpKQBBQc/JNcDvJx17ec
gT5vlniw1oj2kMsQ6szfRDJ1oEoDPFVq73IRfcxPmgA4focgxjuy1VsyieRsm8zW
3yXvZYtCWAuVNQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 19:08:18 2026 by rpki-client