Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/b4ecb1-a0f5-4261-bcde-096c9c07ae18/1/XGpfUrAC9ihsHV6yV7tehTNCooQ.mft
File: XGpfUrAC9ihsHV6yV7tehTNCooQ.mft (raw, json)
Hash identifier: gKvcC/dz6TNqXJHeTGvvzajfqGiin8kulLTr3n7XZRE=
Subject key identifier: 2C:8B:BA:F6:94:AD:D7:C9:4A:37:15:0E:B2:F0:76:70:05:8F:47:3C
Authority key identifier: 5C:6A:5F:52:B0:02:F6:28:6C:1D:5E:B2:57:BB:5E:85:33:42:A2:84
Certificate issuer: /CN=5c6a5f52b002f6286c1d5eb257bb5e853342a284
Certificate serial: 019D2A72859A6EF987990EE1298BB7FD11BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGpfUrAC9ihsHV6yV7tehTNCooQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/b4ecb1-a0f5-4261-bcde-096c9c07ae18/1/XGpfUrAC9ihsHV6yV7tehTNCooQ.mft
Manifest number: 153B
Signing time: Thu 26 Mar 2026 14:00:41 +0000
Manifest this update: Thu 26 Mar 2026 14:00:41 +0000
Manifest next update: Fri 27 Mar 2026 14:00:41 +0000
Files and hashes: 1: D4mNPYe_InC3dADZ__TafnXmCbA.roa (hash: 6g1alEqsAaujZY20/+cKTFN3EVqBFkIkRy8k+84+qhk=)
2: XGpfUrAC9ihsHV6yV7tehTNCooQ.crl (hash: WMOLnTdXQWNm+fsSbvMJPdFDJ9V9tO+D28WMxZhu+8g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/b4ecb1-a0f5-4261-bcde-096c9c07ae18/1/XGpfUrAC9ihsHV6yV7tehTNCooQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/b4ecb1-a0f5-4261-bcde-096c9c07ae18/1/XGpfUrAC9ihsHV6yV7tehTNCooQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/XGpfUrAC9ihsHV6yV7tehTNCooQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:72:85:9a:6e:f9:87:99:0e:e1:29:8b:b7:fd:11:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c6a5f52b002f6286c1d5eb257bb5e853342a284
Validity
Not Before: Mar 26 14:00:41 2026 GMT
Not After : Mar 27 14:00:41 2026 GMT
Subject: CN=2c8bbaf694add7c94a37150eb2f07670058f473c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:94:2d:0b:cd:d2:7f:62:6d:dc:6e:d7:a2:8d:
c2:b6:44:18:b5:92:c0:1c:3d:ba:6e:80:6f:61:46:
d2:21:a5:73:93:0d:04:44:e8:d1:75:e9:e2:b4:5d:
8f:f2:48:a7:59:c8:c3:e7:62:f3:cc:7d:4d:c7:5b:
12:ea:47:63:a6:95:80:12:34:a8:dd:ae:61:06:96:
a0:e5:2d:69:f8:f4:21:7b:c2:b6:f5:0b:0d:bf:c6:
7e:9f:90:dd:d8:74:73:5a:04:05:7b:48:f6:16:a7:
04:b1:32:92:9b:e2:9e:0e:2a:42:9b:9c:98:3d:53:
bb:c7:e4:39:51:76:37:67:16:4a:7a:90:1a:81:a0:
83:f9:bf:b1:43:d2:75:2e:65:29:85:bb:ee:d1:04:
d3:22:63:f6:d8:f0:7a:a0:d9:2c:82:aa:34:38:a5:
46:66:44:bc:49:13:35:cd:55:12:e6:ec:34:67:b6:
27:d6:17:d9:53:85:6a:7f:bd:0d:32:f0:a7:f4:22:
72:5c:83:22:c3:28:b8:d3:e6:da:fa:8d:9d:a5:77:
c7:a7:6d:d1:c5:c0:f0:d8:e1:b3:3f:13:77:d7:74:
3b:e9:4a:5a:d7:87:91:2c:ce:7d:eb:a9:12:a2:7d:
38:e7:5a:d9:31:6f:ac:3d:19:02:3b:07:b5:0f:83:
2a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:8B:BA:F6:94:AD:D7:C9:4A:37:15:0E:B2:F0:76:70:05:8F:47:3C
X509v3 Authority Key Identifier:
keyid:5C:6A:5F:52:B0:02:F6:28:6C:1D:5E:B2:57:BB:5E:85:33:42:A2:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGpfUrAC9ihsHV6yV7tehTNCooQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/b4ecb1-a0f5-4261-bcde-096c9c07ae18/1/XGpfUrAC9ihsHV6yV7tehTNCooQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/b4ecb1-a0f5-4261-bcde-096c9c07ae18/1/XGpfUrAC9ihsHV6yV7tehTNCooQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
82:f5:44:1d:87:0e:36:34:5a:e3:1a:0d:7f:65:6f:53:e6:74:
c9:6e:df:5d:0a:13:af:54:69:33:ec:42:67:a9:bf:a4:40:91:
af:1b:5b:02:a4:77:ad:42:22:bc:47:f3:f3:7a:7c:ed:a1:87:
dd:68:3a:94:b9:69:d0:ef:b4:7c:b3:89:28:db:4b:d6:6a:fe:
b5:da:e7:04:08:a9:d5:a3:1c:e8:db:e5:07:d2:11:ad:e8:c8:
1a:47:b7:06:14:97:4e:79:62:36:a1:17:79:34:b5:8f:d4:40:
89:2b:36:1a:98:3e:0b:51:f9:16:c6:c7:fd:09:7a:00:be:23:
86:47:c4:7c:fc:e9:68:f0:c4:bb:b3:e9:45:ad:20:92:d5:3e:
bc:9e:b5:9b:31:4d:1e:42:0b:14:5c:cb:9d:8d:4e:8f:a6:d4:
30:7d:c1:00:a8:53:9f:30:c6:f8:44:80:59:b6:40:87:79:31:
ed:c8:51:f3:9e:5a:14:68:b9:b6:f6:79:90:2d:1b:8b:0d:0e:
88:7c:01:e7:0d:c2:16:01:ea:f7:a9:ac:de:0f:4e:41:e9:7f:
18:65:bd:7e:ff:e5:0a:92:b8:75:a0:8c:20:4c:a9:04:10:5e:
fa:7c:6d:36:ce:4a:48:d7:10:29:af:4a:6d:45:4d:ed:59:17:
54:f8:69:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qcoWabvmHmQ7hKYu3/RG8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNmE1ZjUyYjAwMmY2Mjg2YzFkNWViMjU3YmI1ZTg1MzM0
MmEyODQwHhcNMjYwMzI2MTQwMDQxWhcNMjYwMzI3MTQwMDQxWjAzMTEwLwYDVQQD
EygyYzhiYmFmNjk0YWRkN2M5NGEzNzE1MGViMmYwNzY3MDA1OGY0NzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZQtC83Sf2Jt3G7Xoo3CtkQYtZLA
HD26boBvYUbSIaVzkw0EROjRdenitF2P8kinWcjD52LzzH1Nx1sS6kdjppWAEjSo
3a5hBpag5S1p+PQhe8K29QsNv8Z+n5Dd2HRzWgQFe0j2FqcEsTKSm+KeDipCm5yY
PVO7x+Q5UXY3ZxZKepAagaCD+b+xQ9J1LmUphbvu0QTTImP22PB6oNksgqo0OKVG
ZkS8SRM1zVUS5uw0Z7Yn1hfZU4Vqf70NMvCn9CJyXIMiwyi40+ba+o2dpXfHp23R
xcDw2OGzPxN313Q76Upa14eRLM5966kSon0451rZMW+sPRkCOwe1D4Mq4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCyLuvaUrdfJSjcVDrLwdnAFj0c8MB8GA1UdIwQY
MBaAFFxqX1KwAvYobB1esle7XoUzQqKEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEdwZlVyQUM5aWhzSFY2eVY3dGVoVE5Db29RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9iNGVjYjEtYTBmNS00MjYxLWJjZGUt
MDk2YzljMDdhZTE4LzEvWEdwZlVyQUM5aWhzSFY2eVY3dGVoVE5Db29RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9iNGVjYjEtYTBmNS00MjYxLWJjZGUtMDk2YzljMDdhZTE4
LzEvWEdwZlVyQUM5aWhzSFY2eVY3dGVoVE5Db29RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgvVEHYcO
NjRa4xoNf2VvU+Z0yW7fXQoTr1RpM+xCZ6m/pECRrxtbAqR3rUIivEfz83p87aGH
3Wg6lLlp0O+0fLOJKNtL1mr+tdrnBAip1aMc6NvlB9IRrejIGke3BhSXTnliNqEX
eTS1j9RAiSs2Gpg+C1H5FsbH/Ql6AL4jhkfEfPzpaPDEu7PpRa0gktU+vJ61mzFN
HkILFFzLnY1Oj6bUMH3BAKhTnzDG+ESAWbZAh3kx7chR855aFGi5tvZ5kC0biw0O
iHwB5w3CFgHq96ms3g9OQel/GGW9fv/lCpK4daCMIEypBBBe+nxtNs5KSNcQKa9K
bUVN7VkXVPhpTg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 19:14:30 2026 by rpki-client