Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/54debb-d0b6-44d1-8e58-8cf9e6f8ab45/1/XM97P9h86bzpn5ALZBmdYGvxYGk.mft
File: XM97P9h86bzpn5ALZBmdYGvxYGk.mft (raw, json)
Hash identifier: cssEADAWVle0bflVUmizWAyyu2rvUbvgcRJeDLhbuPM=
Subject key identifier: C0:B9:AF:46:82:61:12:07:E7:3B:1D:38:0B:3E:08:CE:D1:8B:7D:32
Authority key identifier: 5C:CF:7B:3F:D8:7C:E9:BC:E9:9F:90:0B:64:19:9D:60:6B:F1:60:69
Certificate issuer: /CN=5ccf7b3fd87ce9bce99f900b64199d606bf16069
Certificate serial: 019CADC76E928B08F1498E96FE0B026A9D41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XM97P9h86bzpn5ALZBmdYGvxYGk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/54debb-d0b6-44d1-8e58-8cf9e6f8ab45/1/XM97P9h86bzpn5ALZBmdYGvxYGk.mft
Manifest number: 17DA
Signing time: Mon 02 Mar 2026 09:00:54 +0000
Manifest this update: Mon 02 Mar 2026 09:00:54 +0000
Manifest next update: Tue 03 Mar 2026 09:00:54 +0000
Files and hashes: 1: KhLnM9UHZFCOQul_YnhOlrlNWQg.roa (hash: F9XQk4xPu6hZHYNZKH9uTFT9zpakfltc+2j9WkGLNVk=)
2: XM97P9h86bzpn5ALZBmdYGvxYGk.crl (hash: /mqkPfAnKsQoR6VOa1uwDNoNYxloAfxvZERiJEkK9BM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/54debb-d0b6-44d1-8e58-8cf9e6f8ab45/1/XM97P9h86bzpn5ALZBmdYGvxYGk.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/54debb-d0b6-44d1-8e58-8cf9e6f8ab45/1/XM97P9h86bzpn5ALZBmdYGvxYGk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XM97P9h86bzpn5ALZBmdYGvxYGk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:c7:6e:92:8b:08:f1:49:8e:96:fe:0b:02:6a:9d:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ccf7b3fd87ce9bce99f900b64199d606bf16069
Validity
Not Before: Mar 2 09:00:54 2026 GMT
Not After : Mar 3 09:00:54 2026 GMT
Subject: CN=c0b9af4682611207e73b1d380b3e08ced18b7d32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:c7:bc:38:a0:6f:d8:7c:49:b2:8a:b9:14:17:
ee:8d:d3:4b:e8:16:2f:1a:2d:ea:ac:ad:20:35:db:
50:0e:30:be:6e:e8:5e:8b:ab:a5:e2:fa:19:d7:2a:
0c:6c:be:70:14:28:81:7d:b4:ba:04:95:18:12:62:
09:57:fa:53:54:6f:af:cf:ad:72:33:94:17:4e:cf:
e0:cb:be:53:17:db:7e:b2:97:41:8f:f6:73:59:5f:
9c:95:3f:a1:f5:b9:80:01:95:93:5c:52:ec:54:25:
4f:6d:4c:75:76:2d:6e:24:76:bb:d6:1e:83:09:21:
0a:9a:f3:9a:58:d5:42:f1:ce:c1:b7:c9:80:ce:1e:
58:9c:7d:82:57:df:0c:43:cd:5e:bd:84:03:3c:e0:
ed:2a:e5:ee:e9:4d:f2:4b:d4:3b:9a:dc:65:5b:a1:
3a:4e:d2:2a:ca:c6:ff:6b:6d:58:f3:3f:50:69:af:
6b:c0:e6:c5:44:97:a4:83:08:53:d5:df:9a:2b:58:
6c:79:82:f5:ea:bb:77:69:09:48:d1:95:33:15:ff:
f5:25:5a:40:6f:59:fa:d6:bc:93:65:32:15:20:c1:
62:17:25:ab:5c:1c:c2:0a:21:72:69:ea:8d:c6:6c:
92:0a:50:78:df:97:c1:df:cb:20:7a:30:52:cf:3d:
cd:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:B9:AF:46:82:61:12:07:E7:3B:1D:38:0B:3E:08:CE:D1:8B:7D:32
X509v3 Authority Key Identifier:
keyid:5C:CF:7B:3F:D8:7C:E9:BC:E9:9F:90:0B:64:19:9D:60:6B:F1:60:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XM97P9h86bzpn5ALZBmdYGvxYGk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/54debb-d0b6-44d1-8e58-8cf9e6f8ab45/1/XM97P9h86bzpn5ALZBmdYGvxYGk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/54debb-d0b6-44d1-8e58-8cf9e6f8ab45/1/XM97P9h86bzpn5ALZBmdYGvxYGk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3c:91:bd:07:77:03:ce:72:6a:54:09:c7:0e:c8:b3:d3:af:45:
d9:fc:72:9e:65:7e:33:60:32:8a:18:6f:f8:5e:91:b9:1c:37:
ad:6c:1f:e9:fa:ea:76:29:f0:8a:e7:ce:4c:da:9a:86:54:e3:
94:32:19:97:27:50:14:08:88:b1:6e:75:16:b6:95:d4:e8:d7:
c7:49:b7:9f:c4:5e:cd:16:89:62:73:7d:b9:89:d9:a5:4c:83:
c3:c4:34:9b:58:cb:d6:7f:7a:26:7c:ef:82:c3:99:11:79:93:
02:9e:47:ee:46:95:4d:20:73:a4:59:aa:23:66:36:d1:83:19:
83:99:67:61:bf:af:93:0b:6a:91:ca:ac:32:c7:13:43:20:b6:
ae:55:a5:f0:99:76:4d:57:62:cb:d6:44:1d:6b:37:54:58:10:
61:2c:c6:8c:8e:1a:f0:c2:7b:6d:37:56:09:a5:23:62:e7:2d:
f4:56:f1:f8:63:e5:5d:2b:87:d8:1c:ed:e8:43:85:c1:c4:ba:
70:dd:9e:2e:51:4c:36:98:85:58:94:af:d5:98:21:99:ec:12:
21:56:8d:c7:a0:f9:07:a4:9d:b3:3c:bf:31:15:44:0f:a4:1a:
27:cd:b3:44:4d:ef:7f:79:1d:d0:0c:de:33:c3:f0:dd:76:01:
f3:0a:78:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytx26SiwjxSY6W/gsCap1BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjY2Y3YjNmZDg3Y2U5YmNlOTlmOTAwYjY0MTk5ZDYwNmJm
MTYwNjkwHhcNMjYwMzAyMDkwMDU0WhcNMjYwMzAzMDkwMDU0WjAzMTEwLwYDVQQD
EyhjMGI5YWY0NjgyNjExMjA3ZTczYjFkMzgwYjNlMDhjZWQxOGI3ZDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ce8OKBv2HxJsoq5FBfujdNL6BYv
Gi3qrK0gNdtQDjC+buhei6ul4voZ1yoMbL5wFCiBfbS6BJUYEmIJV/pTVG+vz61y
M5QXTs/gy75TF9t+spdBj/ZzWV+clT+h9bmAAZWTXFLsVCVPbUx1di1uJHa71h6D
CSEKmvOaWNVC8c7Bt8mAzh5YnH2CV98MQ81evYQDPODtKuXu6U3yS9Q7mtxlW6E6
TtIqysb/a21Y8z9Qaa9rwObFRJekgwhT1d+aK1hseYL16rt3aQlI0ZUzFf/1JVpA
b1n61ryTZTIVIMFiFyWrXBzCCiFyaeqNxmySClB435fB38sgejBSzz3NTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMC5r0aCYRIH5zsdOAs+CM7Ri30yMB8GA1UdIwQY
MBaAFFzPez/YfOm86Z+QC2QZnWBr8WBpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE05N1A5aDg2YnpwbjVBTFpCbWRZR3Z4WUdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC81NGRlYmItZDBiNi00NGQxLThlNTgt
OGNmOWU2ZjhhYjQ1LzEvWE05N1A5aDg2YnpwbjVBTFpCbWRZR3Z4WUdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC81NGRlYmItZDBiNi00NGQxLThlNTgtOGNmOWU2ZjhhYjQ1
LzEvWE05N1A5aDg2YnpwbjVBTFpCbWRZR3Z4WUdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPJG9B3cD
znJqVAnHDsiz069F2fxynmV+M2Ayihhv+F6RuRw3rWwf6frqdinwiufOTNqahlTj
lDIZlydQFAiIsW51FraV1OjXx0m3n8RezRaJYnN9uYnZpUyDw8Q0m1jL1n96Jnzv
gsOZEXmTAp5H7kaVTSBzpFmqI2Y20YMZg5lnYb+vkwtqkcqsMscTQyC2rlWl8Jl2
TVdiy9ZEHWs3VFgQYSzGjI4a8MJ7bTdWCaUjYuct9Fbx+GPlXSuH2Bzt6EOFwcS6
cN2eLlFMNpiFWJSv1ZghmewSIVaNx6D5B6Sdszy/MRVED6QaJ82zRE3vf3kd0Aze
M8Pw3XYB8wp40w==
-----END CERTIFICATE-----
Generated at Mon Mar 2 18:26:41 2026 by rpki-client