Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/7c3c40-87a1-482b-97f3-37d2b032ba57/1/XAL5gb7nlSGjBLaPZn_q7YHqP_Y.mft
File: XAL5gb7nlSGjBLaPZn_q7YHqP_Y.mft (raw, json)
Hash identifier: HZH4Egjcrb6ZXnVlmdJXTd4UmKgrXZP2yVgpP1YTqhE=
Subject key identifier: 52:2F:A0:03:B8:15:2C:37:65:59:EF:5E:A3:AA:B0:11:55:8E:41:4F
Authority key identifier: 5C:02:F9:81:BE:E7:95:21:A3:04:B6:8F:66:7F:EA:ED:81:EA:3F:F6
Certificate issuer: /CN=5c02f981bee79521a304b68f667feaed81ea3ff6
Certificate serial: 019D28848655B69AAFB5DD1B6D0F2FBEB99D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XAL5gb7nlSGjBLaPZn_q7YHqP_Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/7c3c40-87a1-482b-97f3-37d2b032ba57/1/XAL5gb7nlSGjBLaPZn_q7YHqP_Y.mft
Manifest number: 12E0
Signing time: Thu 26 Mar 2026 05:01:06 +0000
Manifest this update: Thu 26 Mar 2026 05:01:06 +0000
Manifest next update: Fri 27 Mar 2026 05:01:06 +0000
Files and hashes: 1: PD1M6PtARbBp-MFE-_EKsQHkiUA.roa (hash: skJJkpTERxyYoCR/2Ty9oHhbHrSmVPhxCwzmUEM9AKQ=)
2: XAL5gb7nlSGjBLaPZn_q7YHqP_Y.crl (hash: sbOxXU6R0w8mKGbNVpv8cjQRwuVwTVYir08/lH+V7ys=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/7c3c40-87a1-482b-97f3-37d2b032ba57/1/XAL5gb7nlSGjBLaPZn_q7YHqP_Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/7c3c40-87a1-482b-97f3-37d2b032ba57/1/XAL5gb7nlSGjBLaPZn_q7YHqP_Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/XAL5gb7nlSGjBLaPZn_q7YHqP_Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:84:86:55:b6:9a:af:b5:dd:1b:6d:0f:2f:be:b9:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c02f981bee79521a304b68f667feaed81ea3ff6
Validity
Not Before: Mar 26 05:01:06 2026 GMT
Not After : Mar 27 05:01:06 2026 GMT
Subject: CN=522fa003b8152c376559ef5ea3aab011558e414f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:e7:f2:5f:22:39:37:25:69:ad:f2:da:5b:bb:
e1:4a:86:ca:8d:14:ec:e9:b8:77:8d:b1:5a:32:3a:
ac:0b:e0:94:e8:98:a7:45:cb:c6:e8:fb:db:66:d2:
b2:ad:19:33:3e:d4:d9:d2:f8:a8:2b:90:4c:50:54:
f4:e6:e5:08:e4:05:b4:c6:cc:af:4a:3a:58:4d:30:
c6:da:07:ed:29:e3:52:e0:20:54:19:66:a2:3c:a5:
a7:91:70:20:2d:89:1f:fd:41:69:7a:69:51:59:1d:
9c:4a:ec:86:ea:c0:a1:36:48:97:15:f8:6c:e1:77:
22:d7:4a:6d:9e:df:30:41:f7:14:e5:d5:f7:7a:90:
23:e0:fc:30:ad:05:47:af:a8:0f:83:3e:99:59:95:
9e:f6:d0:6c:36:40:d3:cc:18:0b:7f:e8:08:48:d1:
ef:d8:a0:80:bf:87:40:8e:6a:ce:f4:08:fc:c1:ed:
76:ce:eb:df:ce:ce:19:e1:63:19:b7:23:1c:ce:35:
59:2e:b1:82:7f:95:2b:81:7b:48:67:1a:b8:8d:25:
43:56:1c:c4:f7:f6:0b:3d:fe:13:c2:69:e7:c9:42:
24:04:24:c9:87:83:29:2d:e2:a2:35:c2:f6:2e:d9:
4c:fe:81:bb:b2:12:22:be:1b:bc:9b:8d:94:fe:f4:
2f:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:2F:A0:03:B8:15:2C:37:65:59:EF:5E:A3:AA:B0:11:55:8E:41:4F
X509v3 Authority Key Identifier:
keyid:5C:02:F9:81:BE:E7:95:21:A3:04:B6:8F:66:7F:EA:ED:81:EA:3F:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XAL5gb7nlSGjBLaPZn_q7YHqP_Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/7c3c40-87a1-482b-97f3-37d2b032ba57/1/XAL5gb7nlSGjBLaPZn_q7YHqP_Y.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/7c3c40-87a1-482b-97f3-37d2b032ba57/1/XAL5gb7nlSGjBLaPZn_q7YHqP_Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9c:8c:8c:93:b9:0b:03:3f:be:7f:2c:3d:8c:0d:f1:fd:7b:e6:
7c:60:81:23:ef:32:62:6a:ef:c1:81:18:fc:16:16:28:71:d7:
11:a9:3d:3c:7d:e4:36:ab:80:68:14:f0:bc:6b:43:03:e6:2c:
cc:6b:83:6a:6b:0b:a7:c4:9a:fa:73:1c:8d:93:1c:4c:9f:50:
e8:70:21:7d:ba:15:4d:b5:81:03:ed:24:6f:6b:04:37:bb:53:
97:1a:9c:4f:ba:f8:25:75:3d:3b:19:6c:da:04:12:89:fc:e6:
f7:a3:dc:32:25:a3:59:e6:6e:55:64:18:81:5b:72:c7:42:b3:
da:44:45:27:d5:48:d6:9c:2d:7d:f8:45:99:9b:21:1a:d0:82:
6d:12:6b:7b:d2:01:e4:d2:c7:7d:e2:03:be:28:d3:a1:7d:0c:
2a:7a:af:ed:09:db:d3:ac:8f:6e:74:99:c0:59:69:1b:64:73:
2d:5d:ac:37:4f:31:1f:00:b1:5c:54:d3:3d:d2:22:c1:9b:d9:
cf:ce:f5:2f:2a:ff:88:41:18:58:42:fb:8f:bb:41:45:b0:58:
9f:da:27:ee:b9:f7:d9:1f:dc:c4:4d:04:0f:1b:d9:76:ff:6e:
ec:59:f4:17:34:57:08:46:cd:21:c1:04:3f:79:67:87:b4:76:
0d:f4:62:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ohIZVtpqvtd0bbQ8vvrmdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjMDJmOTgxYmVlNzk1MjFhMzA0YjY4ZjY2N2ZlYWVkODFl
YTNmZjYwHhcNMjYwMzI2MDUwMTA2WhcNMjYwMzI3MDUwMTA2WjAzMTEwLwYDVQQD
Eyg1MjJmYTAwM2I4MTUyYzM3NjU1OWVmNWVhM2FhYjAxMTU1OGU0MTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOfyXyI5NyVprfLaW7vhSobKjRTs
6bh3jbFaMjqsC+CU6JinRcvG6PvbZtKyrRkzPtTZ0vioK5BMUFT05uUI5AW0xsyv
SjpYTTDG2gftKeNS4CBUGWaiPKWnkXAgLYkf/UFpemlRWR2cSuyG6sChNkiXFfhs
4Xci10ptnt8wQfcU5dX3epAj4PwwrQVHr6gPgz6ZWZWe9tBsNkDTzBgLf+gISNHv
2KCAv4dAjmrO9Aj8we12zuvfzs4Z4WMZtyMczjVZLrGCf5UrgXtIZxq4jSVDVhzE
9/YLPf4TwmnnyUIkBCTJh4MpLeKiNcL2LtlM/oG7shIivhu8m42U/vQvKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFIvoAO4FSw3ZVnvXqOqsBFVjkFPMB8GA1UdIwQY
MBaAFFwC+YG+55UhowS2j2Z/6u2B6j/2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEFMNWdiN25sU0dqQkxhUFpuX3E3WUhxUF9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi83YzNjNDAtODdhMS00ODJiLTk3ZjMt
MzdkMmIwMzJiYTU3LzEvWEFMNWdiN25sU0dqQkxhUFpuX3E3WUhxUF9ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi83YzNjNDAtODdhMS00ODJiLTk3ZjMtMzdkMmIwMzJiYTU3
LzEvWEFMNWdiN25sU0dqQkxhUFpuX3E3WUhxUF9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnIyMk7kL
Az++fyw9jA3x/XvmfGCBI+8yYmrvwYEY/BYWKHHXEak9PH3kNquAaBTwvGtDA+Ys
zGuDamsLp8Sa+nMcjZMcTJ9Q6HAhfboVTbWBA+0kb2sEN7tTlxqcT7r4JXU9Oxls
2gQSifzm96PcMiWjWeZuVWQYgVtyx0Kz2kRFJ9VI1pwtffhFmZshGtCCbRJre9IB
5NLHfeIDvijToX0MKnqv7Qnb06yPbnSZwFlpG2RzLV2sN08xHwCxXFTTPdIiwZvZ
z871Lyr/iEEYWEL7j7tBRbBYn9on7rn32R/cxE0EDxvZdv9u7Fn0FzRXCEbNIcEE
P3lnh7R2DfRiRQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:58:13 2026 by rpki-client