Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/ee09f1-7d0b-431f-aaee-bb8debc00388/1/xhhQFzyNKNWvv5EJHKY-XaPHXtQ.mft
File: xhhQFzyNKNWvv5EJHKY-XaPHXtQ.mft (raw, json)
Hash identifier: KB4G8HRh2u9YR6SVLsSsfI2FPBGBG3xxUVf9vJkhiqI=
Subject key identifier: CD:A9:1A:55:84:85:79:AA:59:F8:4D:CB:24:74:04:5B:D3:89:B1:4C
Authority key identifier: C6:18:50:17:3C:8D:28:D5:AF:BF:91:09:1C:A6:3E:5D:A3:C7:5E:D4
Certificate issuer: /CN=c61850173c8d28d5afbf91091ca63e5da3c75ed4
Certificate serial: 019E1DFDE8B354FD4AA2017B3220A3554FF8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhhQFzyNKNWvv5EJHKY-XaPHXtQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/ee09f1-7d0b-431f-aaee-bb8debc00388/1/xhhQFzyNKNWvv5EJHKY-XaPHXtQ.mft
Manifest number: 0959
Signing time: Tue 12 May 2026 21:00:39 +0000
Manifest this update: Tue 12 May 2026 21:00:39 +0000
Manifest next update: Wed 13 May 2026 21:00:39 +0000
Files and hashes: 1: 5Qm3w6W4KV4G70UEua6vpofuK3w.roa (hash: 7gjCA6HtXiqMWysrEHmsQXBLEFr30GX2eXmg9EbiYCA=)
2: mI3qnrq6SLm_VsmkKACilXewKTo.roa (hash: Q4wc/dtQ8g68gQZvC3Ka6nudxiroE6HA9EnDTB3krUA=)
3: xhhQFzyNKNWvv5EJHKY-XaPHXtQ.crl (hash: e5SayYihWZavzljn0pqKWM7YW5UFBj5vu8AKtYWJZpA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/ee09f1-7d0b-431f-aaee-bb8debc00388/1/xhhQFzyNKNWvv5EJHKY-XaPHXtQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/ee09f1-7d0b-431f-aaee-bb8debc00388/1/xhhQFzyNKNWvv5EJHKY-XaPHXtQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhhQFzyNKNWvv5EJHKY-XaPHXtQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 21:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1d:fd:e8:b3:54:fd:4a:a2:01:7b:32:20:a3:55:4f:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c61850173c8d28d5afbf91091ca63e5da3c75ed4
Validity
Not Before: May 12 21:00:39 2026 GMT
Not After : May 13 21:00:39 2026 GMT
Subject: CN=cda91a55848579aa59f84dcb2474045bd389b14c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:54:47:6c:a8:1d:73:de:69:21:45:54:1d:5b:
1f:cb:a8:38:d7:07:91:93:69:7a:13:59:0e:b6:cb:
75:82:08:7c:1a:bb:d4:50:23:29:b2:9e:d5:12:b3:
97:26:ec:d1:cc:a0:1c:b2:d0:ad:a3:98:17:49:f1:
8e:be:5d:91:d6:95:50:2e:bb:92:e0:60:0b:ae:ed:
22:3f:82:50:01:71:bd:c0:00:0f:7e:18:22:ae:99:
21:80:56:31:ef:eb:30:c0:82:bd:11:83:48:69:29:
04:fc:8f:6a:34:0b:a9:2d:ef:12:44:85:d2:31:44:
60:f4:c4:82:65:fb:39:b0:54:5e:df:b7:4d:13:97:
2b:6d:e5:62:02:4b:92:51:83:ab:6d:15:85:4a:c5:
81:f6:86:c0:e4:a6:3a:c9:4d:c7:8d:b1:3d:fd:79:
34:6e:b2:24:1c:bf:48:a0:85:fc:4f:85:08:66:9a:
7a:df:87:f6:37:73:34:4a:80:2b:3c:db:03:30:c7:
61:d9:a7:5c:3c:24:48:9b:8a:4a:ce:de:a3:e1:6d:
43:b4:29:27:f7:19:c6:a4:85:b2:fb:20:56:cc:b1:
29:ac:7e:2e:d7:2a:bd:5d:1a:8d:f0:f6:f0:1a:28:
a3:58:93:ff:89:13:d1:5c:b6:a0:53:9d:35:5e:3c:
dc:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:A9:1A:55:84:85:79:AA:59:F8:4D:CB:24:74:04:5B:D3:89:B1:4C
X509v3 Authority Key Identifier:
keyid:C6:18:50:17:3C:8D:28:D5:AF:BF:91:09:1C:A6:3E:5D:A3:C7:5E:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhhQFzyNKNWvv5EJHKY-XaPHXtQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/ee09f1-7d0b-431f-aaee-bb8debc00388/1/xhhQFzyNKNWvv5EJHKY-XaPHXtQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/ee09f1-7d0b-431f-aaee-bb8debc00388/1/xhhQFzyNKNWvv5EJHKY-XaPHXtQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
47:d4:52:02:84:ec:77:0c:5b:87:37:f7:09:cf:c8:f3:74:6f:
fc:b7:e9:2e:28:6d:c7:76:ca:cd:5e:52:b4:00:8f:02:11:c6:
df:52:05:23:20:54:cb:b8:03:88:0e:19:75:40:77:05:d9:42:
0f:2e:33:61:b6:1a:a9:8e:6a:59:f0:78:eb:26:a9:7f:c1:e8:
87:37:42:e4:7d:7e:31:bf:84:66:59:6c:cf:3a:21:f3:66:c2:
58:79:3c:fe:87:b3:0f:de:67:0e:0e:03:26:75:bb:9d:19:22:
8f:a8:36:ff:e0:09:65:b7:5d:99:24:c0:45:ac:00:5f:5a:99:
05:31:d3:9c:f5:75:26:b6:be:a8:0e:9d:b9:44:a8:dd:23:ad:
2a:39:12:cb:36:09:7e:33:a6:8c:1e:25:7a:f1:0f:dc:12:df:
67:2a:3f:44:c5:a6:68:e7:82:a9:87:60:8a:7f:50:2e:99:e8:
61:1a:c6:3b:08:03:e0:c7:83:ee:b3:a6:37:80:c2:d6:67:7f:
be:1b:38:f1:23:dd:33:aa:9b:16:29:44:1d:1d:7d:6a:a8:d7:
90:21:34:42:eb:bd:79:6b:1a:c2:b7:05:04:93:cf:34:64:9c:
57:0b:bc:4f:e8:4c:85:da:ef:94:62:1f:af:fa:ac:02:06:83:
62:a5:19:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4d/eizVP1KogF7MiCjVU/4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTg1MDE3M2M4ZDI4ZDVhZmJmOTEwOTFjYTYzZTVkYTNj
NzVlZDQwHhcNMjYwNTEyMjEwMDM5WhcNMjYwNTEzMjEwMDM5WjAzMTEwLwYDVQQD
EyhjZGE5MWE1NTg0ODU3OWFhNTlmODRkY2IyNDc0MDQ1YmQzODliMTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFRHbKgdc95pIUVUHVsfy6g41weR
k2l6E1kOtst1ggh8GrvUUCMpsp7VErOXJuzRzKAcstCto5gXSfGOvl2R1pVQLruS
4GALru0iP4JQAXG9wAAPfhgirpkhgFYx7+swwIK9EYNIaSkE/I9qNAupLe8SRIXS
MURg9MSCZfs5sFRe37dNE5crbeViAkuSUYOrbRWFSsWB9obA5KY6yU3HjbE9/Xk0
brIkHL9IoIX8T4UIZpp634f2N3M0SoArPNsDMMdh2adcPCRIm4pKzt6j4W1DtCkn
9xnGpIWy+yBWzLEprH4u1yq9XRqN8PbwGiijWJP/iRPRXLagU501XjzcNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM2pGlWEhXmqWfhNyyR0BFvTibFMMB8GA1UdIwQY
MBaAFMYYUBc8jSjVr7+RCRymPl2jx17UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhoUUZ6eU5LTld2djVFSkhLWS1YYVBIWHRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9lZTA5ZjEtN2QwYi00MzFmLWFhZWUt
YmI4ZGViYzAwMzg4LzEveGhoUUZ6eU5LTld2djVFSkhLWS1YYVBIWHRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9lZTA5ZjEtN2QwYi00MzFmLWFhZWUtYmI4ZGViYzAwMzg4
LzEveGhoUUZ6eU5LTld2djVFSkhLWS1YYVBIWHRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR9RSAoTs
dwxbhzf3Cc/I83Rv/LfpLihtx3bKzV5StACPAhHG31IFIyBUy7gDiA4ZdUB3BdlC
Dy4zYbYaqY5qWfB46yapf8HohzdC5H1+Mb+EZllszzoh82bCWHk8/oezD95nDg4D
JnW7nRkij6g2/+AJZbddmSTARawAX1qZBTHTnPV1Jra+qA6duUSo3SOtKjkSyzYJ
fjOmjB4levEP3BLfZyo/RMWmaOeCqYdgin9QLpnoYRrGOwgD4MeD7rOmN4DC1md/
vhs48SPdM6qbFilEHR19aqjXkCE0Quu9eWsawrcFBJPPNGScVwu8T+hMhdrvlGIf
r/qsAgaDYqUZYg==
-----END CERTIFICATE-----
Generated at Wed May 13 07:29:11 2026 by rpki-client