Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/14f367-3b9e-49d4-9686-2ea8ace5b95e/1/xU9qEXeCbFq2S9OvATiptXpLkeU.mft
File: xU9qEXeCbFq2S9OvATiptXpLkeU.mft (raw, json)
Hash identifier: KmLvKRCzA4vZaHM0VqyRX8v3a4HGDrOXDYRH2KzSsOY=
Subject key identifier: F5:A4:45:7E:4F:EA:80:3A:7A:5C:35:80:72:AC:E1:D5:EF:EA:9C:DF
Authority key identifier: C5:4F:6A:11:77:82:6C:5A:B6:4B:D3:AF:01:38:A9:B5:7A:4B:91:E5
Certificate issuer: /CN=c54f6a1177826c5ab64bd3af0138a9b57a4b91e5
Certificate serial: 019D2704C0B8EC77189BDDA710F4B8674331
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xU9qEXeCbFq2S9OvATiptXpLkeU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/14f367-3b9e-49d4-9686-2ea8ace5b95e/1/xU9qEXeCbFq2S9OvATiptXpLkeU.mft
Manifest number: 0118
Signing time: Wed 25 Mar 2026 22:01:56 +0000
Manifest this update: Wed 25 Mar 2026 22:01:56 +0000
Manifest next update: Thu 26 Mar 2026 22:01:56 +0000
Files and hashes: 1: AAL-YY9GVuWqbLX5GG1k3ImctWA.roa (hash: dOcDqpARrTucPUNtlVinnlKcwBaTZo2MLnDCrG84YIw=)
2: xU9qEXeCbFq2S9OvATiptXpLkeU.crl (hash: gjj03x39sYVdywUtZpBkjw3y7O/sePKupFi261ojKo4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/14f367-3b9e-49d4-9686-2ea8ace5b95e/1/xU9qEXeCbFq2S9OvATiptXpLkeU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/14f367-3b9e-49d4-9686-2ea8ace5b95e/1/xU9qEXeCbFq2S9OvATiptXpLkeU.mft
rsync://rpki.ripe.net/repository/DEFAULT/xU9qEXeCbFq2S9OvATiptXpLkeU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 22:01:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:04:c0:b8:ec:77:18:9b:dd:a7:10:f4:b8:67:43:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c54f6a1177826c5ab64bd3af0138a9b57a4b91e5
Validity
Not Before: Mar 25 22:01:56 2026 GMT
Not After : Mar 26 22:01:56 2026 GMT
Subject: CN=f5a4457e4fea803a7a5c358072ace1d5efea9cdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:b2:24:1b:d2:db:d2:73:0a:90:0d:06:33:f3:
13:84:c8:ec:be:94:8b:b4:05:68:fb:6f:7e:fc:66:
70:a7:a8:e4:62:0e:09:d3:6e:0b:0c:a0:56:9d:39:
23:86:08:3e:ad:21:79:69:55:76:29:7b:67:d2:b3:
d3:28:b2:20:53:4e:4b:ce:d6:68:a4:ef:7c:8b:2c:
47:09:e8:b5:92:3d:6f:39:6d:99:26:6b:f1:ad:0a:
3c:41:46:d8:da:a4:61:46:91:a3:35:fc:24:29:2b:
42:1b:48:35:c8:66:e2:56:74:25:48:5b:59:7a:d9:
8a:eb:a1:49:e2:9d:05:54:82:53:98:0c:b1:fd:71:
32:03:c1:71:2d:e2:68:f2:ef:80:67:97:d3:57:e4:
16:48:69:04:e9:57:c7:3c:5e:07:1f:a6:b9:d4:7c:
df:34:90:62:62:3f:b6:68:fb:e2:8c:41:4d:18:8a:
cb:5d:37:1d:9e:70:1b:1f:f0:fa:fe:56:0b:78:63:
e7:65:c2:0f:33:68:a2:59:62:59:c2:0a:f8:43:50:
ea:eb:d3:5d:0c:b6:cb:3f:90:24:94:82:21:38:7c:
40:de:af:f9:e3:ab:04:ef:d6:2b:ca:1f:45:81:63:
51:d4:0a:18:19:ac:6b:ff:f7:d4:1e:0b:59:5b:33:
c7:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:A4:45:7E:4F:EA:80:3A:7A:5C:35:80:72:AC:E1:D5:EF:EA:9C:DF
X509v3 Authority Key Identifier:
keyid:C5:4F:6A:11:77:82:6C:5A:B6:4B:D3:AF:01:38:A9:B5:7A:4B:91:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xU9qEXeCbFq2S9OvATiptXpLkeU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/14f367-3b9e-49d4-9686-2ea8ace5b95e/1/xU9qEXeCbFq2S9OvATiptXpLkeU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/14f367-3b9e-49d4-9686-2ea8ace5b95e/1/xU9qEXeCbFq2S9OvATiptXpLkeU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
95:7a:3a:ed:80:68:4e:2d:43:05:01:0b:fc:e5:a0:f8:da:4f:
31:c5:24:1d:fe:e9:de:e9:7e:dc:ca:51:96:b5:00:ea:0c:8e:
e2:65:2b:be:c6:4b:d6:85:61:54:1f:60:04:fe:9e:a3:7d:ef:
da:36:aa:a4:89:27:ef:dd:a7:f7:be:40:6e:21:db:45:6a:64:
db:4c:19:3b:a2:61:fb:5e:78:90:42:b9:f6:9f:40:24:fa:d0:
37:f9:8a:8e:d2:88:78:ff:f9:0f:f8:f3:28:4b:c1:17:e0:08:
b4:f6:d3:ce:ab:8d:a8:c4:52:c5:ec:f6:18:cc:c7:06:46:72:
cf:61:a3:23:52:74:cb:b8:c4:cf:b9:ff:cc:85:d7:af:0f:bb:
cf:6d:bb:23:7a:67:b1:18:f6:2f:9a:e8:f0:42:9c:f6:02:ae:
02:f1:96:40:dd:6a:38:4c:58:bd:32:fe:d4:52:ae:b6:34:03:
a4:f3:5d:f7:79:22:0e:95:ac:13:8a:e1:a3:05:e3:cc:82:f8:
60:98:a2:92:94:e8:df:c0:f1:ce:22:dd:9a:dc:19:56:c3:fd:
d8:ff:9f:1d:ec:87:51:24:a4:36:ba:51:5e:ff:d8:34:05:a7:
f1:67:8a:b9:e8:26:34:f9:72:1c:b1:d9:15:36:de:8f:7a:94:
fb:39:9a:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBMC47HcYm92nEPS4Z0MxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1NGY2YTExNzc4MjZjNWFiNjRiZDNhZjAxMzhhOWI1N2E0
YjkxZTUwHhcNMjYwMzI1MjIwMTU2WhcNMjYwMzI2MjIwMTU2WjAzMTEwLwYDVQQD
EyhmNWE0NDU3ZTRmZWE4MDNhN2E1YzM1ODA3MmFjZTFkNWVmZWE5Y2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5rIkG9Lb0nMKkA0GM/MThMjsvpSL
tAVo+29+/GZwp6jkYg4J024LDKBWnTkjhgg+rSF5aVV2KXtn0rPTKLIgU05LztZo
pO98iyxHCei1kj1vOW2ZJmvxrQo8QUbY2qRhRpGjNfwkKStCG0g1yGbiVnQlSFtZ
etmK66FJ4p0FVIJTmAyx/XEyA8FxLeJo8u+AZ5fTV+QWSGkE6VfHPF4HH6a51Hzf
NJBiYj+2aPvijEFNGIrLXTcdnnAbH/D6/lYLeGPnZcIPM2iiWWJZwgr4Q1Dq69Nd
DLbLP5AklIIhOHxA3q/546sE79Yryh9FgWNR1AoYGaxr//fUHgtZWzPHbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPWkRX5P6oA6elw1gHKs4dXv6pzfMB8GA1UdIwQY
MBaAFMVPahF3gmxatkvTrwE4qbV6S5HlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFU5cUVYZUNiRnEyUzlPdkFUaXB0WHBMa2VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8xNGYzNjctM2I5ZS00OWQ0LTk2ODYt
MmVhOGFjZTViOTVlLzEveFU5cUVYZUNiRnEyUzlPdkFUaXB0WHBMa2VVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8xNGYzNjctM2I5ZS00OWQ0LTk2ODYtMmVhOGFjZTViOTVl
LzEveFU5cUVYZUNiRnEyUzlPdkFUaXB0WHBMa2VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlXo67YBo
Ti1DBQEL/OWg+NpPMcUkHf7p3ul+3MpRlrUA6gyO4mUrvsZL1oVhVB9gBP6eo33v
2jaqpIkn792n975AbiHbRWpk20wZO6Jh+154kEK59p9AJPrQN/mKjtKIeP/5D/jz
KEvBF+AItPbTzquNqMRSxez2GMzHBkZyz2GjI1J0y7jEz7n/zIXXrw+7z227I3pn
sRj2L5ro8EKc9gKuAvGWQN1qOExYvTL+1FKutjQDpPNd93kiDpWsE4rhowXjzIL4
YJiikpTo38DxziLdmtwZVsP92P+fHeyHUSSkNrpRXv/YNAWn8WeKuegmNPlyHLHZ
FTbej3qU+zmaWA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:25:21 2026 by rpki-client