Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/ed5d3a-b869-4cda-9d32-250e55b9d4a9/1/xDx0Aiy78LPP_2Ax1tLeA2nJnk4.mft
File: xDx0Aiy78LPP_2Ax1tLeA2nJnk4.mft (raw, json)
Hash identifier: VtuK/ExzEWsc8WNwgUC11rXfZ0Vx1V8xyNnYVYAtR38=
Subject key identifier: 63:10:11:CA:1B:F6:E4:D3:4C:4B:3B:1C:7B:56:FF:D4:3F:3F:F7:91
Authority key identifier: C4:3C:74:02:2C:BB:F0:B3:CF:FF:60:31:D6:D2:DE:03:69:C9:9E:4E
Certificate issuer: /CN=c43c74022cbbf0b3cfff6031d6d2de0369c99e4e
Certificate serial: 019D284D826FD240A923D6BA078341C416D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xDx0Aiy78LPP_2Ax1tLeA2nJnk4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/ed5d3a-b869-4cda-9d32-250e55b9d4a9/1/xDx0Aiy78LPP_2Ax1tLeA2nJnk4.mft
Manifest number: 0A25
Signing time: Thu 26 Mar 2026 04:01:01 +0000
Manifest this update: Thu 26 Mar 2026 04:01:01 +0000
Manifest next update: Fri 27 Mar 2026 04:01:01 +0000
Files and hashes: 1: bkpFrc_6laoYbGdkqTlHlW-Qe80.roa (hash: p/3gwRkkBDXycKoUYkEzWpJbWT3T+RMybdZ5AMyzIgo=)
2: xDx0Aiy78LPP_2Ax1tLeA2nJnk4.crl (hash: 7uTaBP/oMFgHD1AZNHzEUvuOGROt/2IAgpIefg7pRnI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/ed5d3a-b869-4cda-9d32-250e55b9d4a9/1/xDx0Aiy78LPP_2Ax1tLeA2nJnk4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/ed5d3a-b869-4cda-9d32-250e55b9d4a9/1/xDx0Aiy78LPP_2Ax1tLeA2nJnk4.mft
rsync://rpki.ripe.net/repository/DEFAULT/xDx0Aiy78LPP_2Ax1tLeA2nJnk4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 04:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:4d:82:6f:d2:40:a9:23:d6:ba:07:83:41:c4:16:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c43c74022cbbf0b3cfff6031d6d2de0369c99e4e
Validity
Not Before: Mar 26 04:01:01 2026 GMT
Not After : Mar 27 04:01:01 2026 GMT
Subject: CN=631011ca1bf6e4d34c4b3b1c7b56ffd43f3ff791
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:55:39:83:44:eb:53:8a:e0:bc:42:c0:d9:61:
d8:94:88:a8:39:dd:fe:6d:4d:1a:56:55:50:ed:8f:
3e:59:86:28:6c:67:75:1e:e5:e6:0d:9b:bf:c8:f8:
8f:a8:24:7f:a8:01:b1:7e:de:9b:90:73:29:c6:45:
ea:b1:a0:29:f5:2c:69:15:e3:e1:bc:aa:be:ed:a8:
24:45:de:0d:66:5d:4e:79:32:a4:fc:38:02:f3:ad:
22:fa:61:b0:5f:62:48:59:46:5c:e1:ad:d2:26:04:
59:ad:e6:c9:49:3e:43:dd:d6:eb:25:98:06:78:84:
c0:65:50:09:ca:c5:ca:09:0c:89:ca:a0:16:fd:06:
4c:20:61:67:d9:71:65:7b:67:50:49:4f:7c:d5:68:
77:77:64:71:1c:aa:d7:b1:5e:d3:b5:9c:ad:e7:e4:
21:55:7e:33:62:24:6c:14:96:c0:48:46:ea:66:2e:
fe:d7:34:d3:fd:a3:c7:92:2e:26:26:83:e6:7d:04:
57:f9:d4:14:49:fd:20:31:ea:e1:05:51:26:20:66:
50:e0:a1:55:1c:e6:28:af:c2:dd:59:52:3a:e7:3d:
00:a1:6c:76:49:87:a1:22:6c:68:4f:31:c8:e6:ff:
82:86:4d:d9:74:58:4f:f3:db:58:69:b3:13:1d:62:
9e:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:10:11:CA:1B:F6:E4:D3:4C:4B:3B:1C:7B:56:FF:D4:3F:3F:F7:91
X509v3 Authority Key Identifier:
keyid:C4:3C:74:02:2C:BB:F0:B3:CF:FF:60:31:D6:D2:DE:03:69:C9:9E:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xDx0Aiy78LPP_2Ax1tLeA2nJnk4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/ed5d3a-b869-4cda-9d32-250e55b9d4a9/1/xDx0Aiy78LPP_2Ax1tLeA2nJnk4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/ed5d3a-b869-4cda-9d32-250e55b9d4a9/1/xDx0Aiy78LPP_2Ax1tLeA2nJnk4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a4:bc:b8:b6:81:80:98:42:d8:e5:22:60:df:c1:83:8f:a2:ce:
95:2a:2a:4b:c8:de:7b:c1:c8:2d:25:6e:a9:65:01:83:cd:7f:
ae:b9:f5:7d:02:8d:98:7f:f8:f6:b7:4f:e2:64:86:f6:af:02:
a7:3b:de:da:4a:0f:ab:30:86:42:df:64:fb:fe:b4:e2:1f:f3:
95:78:e1:0f:dd:c8:a5:30:67:cf:4c:be:21:28:0c:f0:63:ce:
ef:c6:1a:f0:ea:fd:a1:7b:49:39:58:58:8c:f7:63:79:d4:51:
f1:a3:90:21:55:d4:85:46:62:dc:5a:e9:84:05:66:64:5d:23:
36:8b:e1:fe:68:c3:13:39:9c:49:ef:28:2e:6a:74:0d:a2:bc:
0a:a8:16:52:c1:fc:81:9e:6a:f6:8d:56:28:6e:05:7e:1a:3b:
16:a1:aa:7c:9e:c4:b0:0d:67:fb:86:e0:9b:93:7a:91:b5:6c:
b4:0d:53:28:26:b1:46:4b:df:5d:ff:02:81:77:f3:cb:b7:55:
1d:ba:0f:76:aa:e3:d0:f7:c4:00:41:2b:02:b8:1e:bd:c6:3f:
13:40:7f:b2:6d:ea:37:02:56:e6:61:49:fc:a0:15:a7:f7:bd:
74:b1:af:d4:fb:7a:8d:bd:0d:06:c7:64:50:a1:57:d6:8c:59:
57:52:5f:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oTYJv0kCpI9a6B4NBxBbVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0M2M3NDAyMmNiYmYwYjNjZmZmNjAzMWQ2ZDJkZTAzNjlj
OTllNGUwHhcNMjYwMzI2MDQwMTAxWhcNMjYwMzI3MDQwMTAxWjAzMTEwLwYDVQQD
Eyg2MzEwMTFjYTFiZjZlNGQzNGM0YjNiMWM3YjU2ZmZkNDNmM2ZmNzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylU5g0TrU4rgvELA2WHYlIioOd3+
bU0aVlVQ7Y8+WYYobGd1HuXmDZu/yPiPqCR/qAGxft6bkHMpxkXqsaAp9SxpFePh
vKq+7agkRd4NZl1OeTKk/DgC860i+mGwX2JIWUZc4a3SJgRZrebJST5D3dbrJZgG
eITAZVAJysXKCQyJyqAW/QZMIGFn2XFle2dQSU981Wh3d2RxHKrXsV7TtZyt5+Qh
VX4zYiRsFJbASEbqZi7+1zTT/aPHki4mJoPmfQRX+dQUSf0gMerhBVEmIGZQ4KFV
HOYor8LdWVI65z0AoWx2SYehImxoTzHI5v+Chk3ZdFhP89tYabMTHWKeowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGMQEcob9uTTTEs7HHtW/9Q/P/eRMB8GA1UdIwQY
MBaAFMQ8dAIsu/Czz/9gMdbS3gNpyZ5OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveER4MEFpeTc4TFBQXzJBeDF0TGVBMm5Kbms0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9lZDVkM2EtYjg2OS00Y2RhLTlkMzIt
MjUwZTU1YjlkNGE5LzEveER4MEFpeTc4TFBQXzJBeDF0TGVBMm5Kbms0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9lZDVkM2EtYjg2OS00Y2RhLTlkMzItMjUwZTU1YjlkNGE5
LzEveER4MEFpeTc4TFBQXzJBeDF0TGVBMm5Kbms0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApLy4toGA
mELY5SJg38GDj6LOlSoqS8jee8HILSVuqWUBg81/rrn1fQKNmH/49rdP4mSG9q8C
pzve2koPqzCGQt9k+/604h/zlXjhD93IpTBnz0y+ISgM8GPO78Ya8Or9oXtJOVhY
jPdjedRR8aOQIVXUhUZi3FrphAVmZF0jNovh/mjDEzmcSe8oLmp0DaK8CqgWUsH8
gZ5q9o1WKG4Ffho7FqGqfJ7EsA1n+4bgm5N6kbVstA1TKCaxRkvfXf8CgXfzy7dV
HboPdqrj0PfEAEErArgevcY/E0B/sm3qNwJW5mFJ/KAVp/e9dLGv1Pt6jb0NBsdk
UKFX1oxZV1JfRA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 16:14:03 2026 by rpki-client