Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/ee09f1-7d0b-431f-aaee-bb8debc00388/1/xhhQFzyNKNWvv5EJHKY-XaPHXtQ.mft
File: xhhQFzyNKNWvv5EJHKY-XaPHXtQ.mft (raw, json)
Hash identifier: HJ8IttLKeNy5M6tNj1FltmcfSstb0QZhdikyb/vVgZU=
Subject key identifier: DE:AF:02:AA:F0:07:2D:F7:EE:A5:01:D8:99:3E:91:84:AE:90:17:43
Authority key identifier: C6:18:50:17:3C:8D:28:D5:AF:BF:91:09:1C:A6:3E:5D:A3:C7:5E:D4
Certificate issuer: /CN=c61850173c8d28d5afbf91091ca63e5da3c75ed4
Certificate serial: 019D26CD01D6D6615C3433E1BBDF13DEE1AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhhQFzyNKNWvv5EJHKY-XaPHXtQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/ee09f1-7d0b-431f-aaee-bb8debc00388/1/xhhQFzyNKNWvv5EJHKY-XaPHXtQ.mft
Manifest number: 08D9
Signing time: Wed 25 Mar 2026 21:01:02 +0000
Manifest this update: Wed 25 Mar 2026 21:01:02 +0000
Manifest next update: Thu 26 Mar 2026 21:01:02 +0000
Files and hashes: 1: 5Qm3w6W4KV4G70UEua6vpofuK3w.roa (hash: 7gjCA6HtXiqMWysrEHmsQXBLEFr30GX2eXmg9EbiYCA=)
2: mI3qnrq6SLm_VsmkKACilXewKTo.roa (hash: Q4wc/dtQ8g68gQZvC3Ka6nudxiroE6HA9EnDTB3krUA=)
3: xhhQFzyNKNWvv5EJHKY-XaPHXtQ.crl (hash: Loyy8oMPQzf+GREJKvFnd0VSJvnKPd6nLDWOjyodQWc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/ee09f1-7d0b-431f-aaee-bb8debc00388/1/xhhQFzyNKNWvv5EJHKY-XaPHXtQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/ee09f1-7d0b-431f-aaee-bb8debc00388/1/xhhQFzyNKNWvv5EJHKY-XaPHXtQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhhQFzyNKNWvv5EJHKY-XaPHXtQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 21:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:cd:01:d6:d6:61:5c:34:33:e1:bb:df:13:de:e1:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c61850173c8d28d5afbf91091ca63e5da3c75ed4
Validity
Not Before: Mar 25 21:01:02 2026 GMT
Not After : Mar 26 21:01:02 2026 GMT
Subject: CN=deaf02aaf0072df7eea501d8993e9184ae901743
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:72:94:8d:7f:01:0f:ec:68:75:84:90:c5:df:
b0:1e:6e:9c:42:c1:90:ea:ab:1e:15:d7:7f:66:ae:
2c:52:37:05:e3:9b:eb:14:ac:f1:37:e1:e3:fe:8f:
8c:70:43:93:23:b9:73:18:ca:f8:44:75:c5:62:d9:
b9:bb:f2:86:bb:6c:37:d6:7c:63:d3:1d:92:13:4c:
8c:bb:5a:e4:40:51:8e:12:70:f5:aa:88:dc:dd:9a:
1f:61:15:73:df:9e:99:95:18:a9:fd:bb:a1:1d:50:
d3:70:68:6a:48:f8:c2:3a:43:79:2d:15:cc:75:29:
a6:e6:d6:40:e3:28:5a:31:0c:83:e4:38:b4:48:61:
78:be:4c:12:03:e4:35:00:96:dd:af:ec:bb:55:e3:
8b:1a:c5:bc:a0:66:4a:99:22:e3:7b:00:2e:65:6b:
e0:13:dd:c5:7b:30:c0:09:ac:17:42:d9:be:d4:95:
20:a8:bb:fb:7a:bd:48:4f:6c:43:59:2f:8f:aa:32:
be:d8:a5:b2:4d:f1:49:81:2b:cd:67:23:2d:a0:fe:
c4:a9:08:5b:fd:24:32:b7:f7:42:d3:78:1e:5f:a7:
8a:83:f3:3e:1c:6b:cc:b6:1d:7b:ba:ea:2f:06:7d:
a6:b4:20:56:67:79:f5:b9:84:cb:4d:58:c9:4f:38:
5e:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:AF:02:AA:F0:07:2D:F7:EE:A5:01:D8:99:3E:91:84:AE:90:17:43
X509v3 Authority Key Identifier:
keyid:C6:18:50:17:3C:8D:28:D5:AF:BF:91:09:1C:A6:3E:5D:A3:C7:5E:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhhQFzyNKNWvv5EJHKY-XaPHXtQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/ee09f1-7d0b-431f-aaee-bb8debc00388/1/xhhQFzyNKNWvv5EJHKY-XaPHXtQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/ee09f1-7d0b-431f-aaee-bb8debc00388/1/xhhQFzyNKNWvv5EJHKY-XaPHXtQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8a:85:cf:73:b1:ca:a2:c6:05:eb:5b:65:c7:ce:81:2e:9e:32:
79:2e:46:c3:11:83:89:35:44:27:fd:f4:8d:55:a4:18:17:7e:
8e:1c:68:70:d6:e0:71:dc:55:51:9d:83:49:08:5b:bc:74:99:
dc:28:b1:10:17:79:47:90:3e:fc:44:12:15:22:72:23:7c:6a:
26:a3:f8:59:01:a4:84:d3:4c:ae:1b:b3:3c:e3:82:e2:b3:92:
33:d7:c7:1a:59:dc:9b:e6:28:18:0b:cb:01:7e:83:d1:e1:b5:
81:d4:5e:34:e1:30:c6:19:6b:ac:2a:b9:bc:01:8e:04:36:e8:
ee:20:6a:af:97:29:e6:43:99:51:75:13:47:55:6b:bd:04:e4:
27:e1:cb:e9:73:5c:1c:a9:3d:e3:c5:5f:ec:3b:fc:5c:4e:5e:
4d:65:18:04:f1:92:b6:b6:e7:40:36:4b:11:51:f8:ea:91:57:
46:39:95:ce:d1:e3:66:a0:70:aa:20:2e:8a:95:01:62:56:3c:
da:07:81:c3:3f:aa:2c:5e:10:56:98:9d:95:d9:d0:3b:ea:1e:
df:f5:6b:88:d0:68:a9:1f:e7:18:79:0a:bd:4d:e4:9f:59:26:
e8:7a:00:6d:e5:8a:95:fa:be:1c:9a:a9:d6:02:0f:96:92:4d:
64:b4:87:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mzQHW1mFcNDPhu98T3uGvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTg1MDE3M2M4ZDI4ZDVhZmJmOTEwOTFjYTYzZTVkYTNj
NzVlZDQwHhcNMjYwMzI1MjEwMTAyWhcNMjYwMzI2MjEwMTAyWjAzMTEwLwYDVQQD
EyhkZWFmMDJhYWYwMDcyZGY3ZWVhNTAxZDg5OTNlOTE4NGFlOTAxNzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3KUjX8BD+xodYSQxd+wHm6cQsGQ
6qseFdd/Zq4sUjcF45vrFKzxN+Hj/o+McEOTI7lzGMr4RHXFYtm5u/KGu2w31nxj
0x2SE0yMu1rkQFGOEnD1qojc3ZofYRVz356ZlRip/buhHVDTcGhqSPjCOkN5LRXM
dSmm5tZA4yhaMQyD5Di0SGF4vkwSA+Q1AJbdr+y7VeOLGsW8oGZKmSLjewAuZWvg
E93FezDACawXQtm+1JUgqLv7er1IT2xDWS+PqjK+2KWyTfFJgSvNZyMtoP7EqQhb
/SQyt/dC03geX6eKg/M+HGvMth17uuovBn2mtCBWZ3n1uYTLTVjJTzhewQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN6vAqrwBy337qUB2Jk+kYSukBdDMB8GA1UdIwQY
MBaAFMYYUBc8jSjVr7+RCRymPl2jx17UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhoUUZ6eU5LTld2djVFSkhLWS1YYVBIWHRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9lZTA5ZjEtN2QwYi00MzFmLWFhZWUt
YmI4ZGViYzAwMzg4LzEveGhoUUZ6eU5LTld2djVFSkhLWS1YYVBIWHRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9lZTA5ZjEtN2QwYi00MzFmLWFhZWUtYmI4ZGViYzAwMzg4
LzEveGhoUUZ6eU5LTld2djVFSkhLWS1YYVBIWHRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAioXPc7HK
osYF61tlx86BLp4yeS5GwxGDiTVEJ/30jVWkGBd+jhxocNbgcdxVUZ2DSQhbvHSZ
3CixEBd5R5A+/EQSFSJyI3xqJqP4WQGkhNNMrhuzPOOC4rOSM9fHGlncm+YoGAvL
AX6D0eG1gdReNOEwxhlrrCq5vAGOBDbo7iBqr5cp5kOZUXUTR1VrvQTkJ+HL6XNc
HKk948Vf7Dv8XE5eTWUYBPGStrbnQDZLEVH46pFXRjmVztHjZqBwqiAuipUBYlY8
2geBwz+qLF4QVpidldnQO+oe3/VriNBoqR/nGHkKvU3kn1km6HoAbeWKlfq+HJqp
1gIPlpJNZLSH5g==
-----END CERTIFICATE-----
Generated at Thu Mar 26 05:42:47 2026 by rpki-client