Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/f42a5e-70d6-44a0-840f-2ca905fd04de/1/XZyGd-_WExtOuEtCzl88VHt1eJI.mft
File: XZyGd-_WExtOuEtCzl88VHt1eJI.mft (raw, json)
Hash identifier: DtEyyWi5NUBMMwUBKSHM5ljBEM0Pd5RX6CvhdKP7w8c=
Subject key identifier: 8E:D5:1A:10:9F:EB:41:DA:83:CF:B3:A1:51:3A:5C:A6:A6:F0:AD:F5
Authority key identifier: 5D:9C:86:77:EF:D6:13:1B:4E:B8:4B:42:CE:5F:3C:54:7B:75:78:92
Certificate issuer: /CN=5d9c8677efd6131b4eb84b42ce5f3c547b757892
Certificate serial: 019D2816CB42B16E0A08AC43F8A4ADEB3D0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XZyGd-_WExtOuEtCzl88VHt1eJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/f42a5e-70d6-44a0-840f-2ca905fd04de/1/XZyGd-_WExtOuEtCzl88VHt1eJI.mft
Manifest number: 23
Signing time: Thu 26 Mar 2026 03:01:15 +0000
Manifest this update: Thu 26 Mar 2026 03:01:15 +0000
Manifest next update: Fri 27 Mar 2026 03:01:15 +0000
Files and hashes: 1: XZyGd-_WExtOuEtCzl88VHt1eJI.crl (hash: eRtVuPNRGi3rPqwsY5Dx2Vari2oW7W7mADLON4sNngY=)
2: nOzHdVSVFT8iIJGyLic0u7u7NaE.roa (hash: t+CYzdrBmRUf/7FA3kXnfrrXfCtsfJ6AG3z7TQG7WKE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/f42a5e-70d6-44a0-840f-2ca905fd04de/1/XZyGd-_WExtOuEtCzl88VHt1eJI.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/f42a5e-70d6-44a0-840f-2ca905fd04de/1/XZyGd-_WExtOuEtCzl88VHt1eJI.mft
rsync://rpki.ripe.net/repository/DEFAULT/XZyGd-_WExtOuEtCzl88VHt1eJI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:16:cb:42:b1:6e:0a:08:ac:43:f8:a4:ad:eb:3d:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d9c8677efd6131b4eb84b42ce5f3c547b757892
Validity
Not Before: Mar 26 03:01:15 2026 GMT
Not After : Mar 27 03:01:15 2026 GMT
Subject: CN=8ed51a109feb41da83cfb3a1513a5ca6a6f0adf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:74:ad:4b:91:e8:59:87:91:ee:92:dd:23:d8:
01:b7:82:58:a5:c1:eb:b1:f7:1f:96:73:8c:31:1f:
18:8d:38:f3:56:f3:9f:b9:14:04:63:1d:6c:81:79:
5b:dd:5d:b5:da:cf:47:d2:d8:27:0b:7c:1f:7a:55:
9e:46:93:38:e7:f2:11:20:9b:01:47:b1:49:31:49:
c0:d6:ce:81:e4:cf:34:1f:48:02:00:b5:bb:7d:a2:
db:f6:4c:7e:6b:02:79:74:2a:93:9d:d2:64:fa:29:
90:f6:eb:a4:eb:a1:f7:70:37:91:f3:a0:5c:29:f2:
1e:07:76:e1:16:ae:50:7a:2f:97:b5:8a:26:a0:69:
47:43:65:15:de:70:a0:42:e8:3c:30:24:d8:12:5b:
47:b2:f0:2b:cd:f0:ec:50:e2:3c:80:13:52:de:c4:
c6:86:65:4b:68:b0:ca:1d:b8:ca:84:67:07:f8:08:
fd:50:9e:47:38:7c:96:89:d4:8b:6c:da:d7:16:ee:
09:bd:3c:0e:13:7d:41:1c:ab:62:71:03:03:01:e5:
2d:0c:93:aa:17:94:27:ab:29:bb:2d:67:04:bd:cd:
1f:0e:21:b1:de:1d:f1:98:05:91:70:12:30:f5:1e:
1a:a9:17:4a:79:8f:6d:4f:a1:7f:a4:45:65:34:b8:
d0:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:D5:1A:10:9F:EB:41:DA:83:CF:B3:A1:51:3A:5C:A6:A6:F0:AD:F5
X509v3 Authority Key Identifier:
keyid:5D:9C:86:77:EF:D6:13:1B:4E:B8:4B:42:CE:5F:3C:54:7B:75:78:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XZyGd-_WExtOuEtCzl88VHt1eJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f42a5e-70d6-44a0-840f-2ca905fd04de/1/XZyGd-_WExtOuEtCzl88VHt1eJI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f42a5e-70d6-44a0-840f-2ca905fd04de/1/XZyGd-_WExtOuEtCzl88VHt1eJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1b:3a:cf:fa:c2:d1:65:23:ca:d8:b1:e3:e1:3d:30:ac:a1:15:
71:7a:4b:fa:a3:1d:a8:62:6a:9f:bd:f5:f1:a3:21:bd:64:86:
35:42:17:6b:5c:82:c8:8c:f1:8f:a0:42:bb:aa:a6:15:b1:53:
11:ba:8a:42:8a:09:8d:c2:60:de:4c:1c:68:ad:9d:51:04:9b:
59:26:a4:ee:4b:32:68:ff:99:a7:95:d4:c0:30:98:13:a7:d7:
2b:c8:ed:fc:6f:35:d1:94:f3:61:c8:f1:0a:bc:f7:87:d8:30:
a3:9a:c2:48:8d:1f:01:f6:2a:c9:fc:ff:77:29:81:e5:d0:23:
41:11:e9:25:47:02:4a:52:e5:30:37:7b:09:5b:d2:fd:f8:b6:
94:42:6b:82:2c:0e:b9:1e:14:d5:b6:6d:75:53:97:09:29:a6:
56:4c:04:c6:88:a9:fa:d5:7b:b2:d4:da:e7:c9:3e:ef:f8:64:
c3:9d:16:bc:c6:91:5c:83:e0:e2:03:03:e5:ed:81:b0:be:80:
20:71:53:52:97:79:ba:6b:96:8f:d6:f9:98:f9:07:b9:cf:a9:
36:3d:fc:f1:5f:d9:a8:b0:ee:e5:07:a0:a3:44:57:c0:2b:f4:
78:13:83:07:70:2c:4c:37:83:4b:33:f1:41:ec:82:06:33:d7:
07:77:a3:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oFstCsW4KCKxD+KSt6z0OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkOWM4Njc3ZWZkNjEzMWI0ZWI4NGI0MmNlNWYzYzU0N2I3
NTc4OTIwHhcNMjYwMzI2MDMwMTE1WhcNMjYwMzI3MDMwMTE1WjAzMTEwLwYDVQQD
Eyg4ZWQ1MWExMDlmZWI0MWRhODNjZmIzYTE1MTNhNWNhNmE2ZjBhZGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3StS5HoWYeR7pLdI9gBt4JYpcHr
sfcflnOMMR8YjTjzVvOfuRQEYx1sgXlb3V212s9H0tgnC3wfelWeRpM45/IRIJsB
R7FJMUnA1s6B5M80H0gCALW7faLb9kx+awJ5dCqTndJk+imQ9uuk66H3cDeR86Bc
KfIeB3bhFq5Qei+XtYomoGlHQ2UV3nCgQug8MCTYEltHsvArzfDsUOI8gBNS3sTG
hmVLaLDKHbjKhGcH+Aj9UJ5HOHyWidSLbNrXFu4JvTwOE31BHKticQMDAeUtDJOq
F5Qnqym7LWcEvc0fDiGx3h3xmAWRcBIw9R4aqRdKeY9tT6F/pEVlNLjQxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI7VGhCf60Hag8+zoVE6XKam8K31MB8GA1UdIwQY
MBaAFF2chnfv1hMbTrhLQs5fPFR7dXiSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFp5R2QtX1dFeHRPdUV0Q3psODhWSHQxZUpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9mNDJhNWUtNzBkNi00NGEwLTg0MGYt
MmNhOTA1ZmQwNGRlLzEvWFp5R2QtX1dFeHRPdUV0Q3psODhWSHQxZUpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9mNDJhNWUtNzBkNi00NGEwLTg0MGYtMmNhOTA1ZmQwNGRl
LzEvWFp5R2QtX1dFeHRPdUV0Q3psODhWSHQxZUpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGzrP+sLR
ZSPK2LHj4T0wrKEVcXpL+qMdqGJqn7318aMhvWSGNUIXa1yCyIzxj6BCu6qmFbFT
EbqKQooJjcJg3kwcaK2dUQSbWSak7ksyaP+Zp5XUwDCYE6fXK8jt/G810ZTzYcjx
Crz3h9gwo5rCSI0fAfYqyfz/dymB5dAjQRHpJUcCSlLlMDd7CVvS/fi2lEJrgiwO
uR4U1bZtdVOXCSmmVkwExoip+tV7stTa58k+7/hkw50WvMaRXIPg4gMD5e2BsL6A
IHFTUpd5umuWj9b5mPkHuc+pNj388V/ZqLDu5Qego0RXwCv0eBODB3AsTDeDSzPx
QeyCBjPXB3ej6Q==
-----END CERTIFICATE-----
Generated at Thu Mar 26 12:14:06 2026 by rpki-client