Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/73d145-eb99-4bd8-a817-6bce7799cbea/1/XfEaGA3xeZTkitMxhyz9AK2augQ.mft
File: XfEaGA3xeZTkitMxhyz9AK2augQ.mft (raw, json)
Hash identifier: Cz64dPOr6HtaqEG4Y2IRM5KCu2q0T2vPIMyqXVOoQsk=
Subject key identifier: E5:28:D1:16:72:5B:AA:96:57:42:D6:5C:F6:4E:02:69:35:6C:AD:37
Authority key identifier: 5D:F1:1A:18:0D:F1:79:94:E4:8A:D3:31:87:2C:FD:00:AD:9A:BA:04
Certificate issuer: /CN=5df11a180df17994e48ad331872cfd00ad9aba04
Certificate serial: 019CAAC71FF79740ED3C60A3A386DEB37A61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XfEaGA3xeZTkitMxhyz9AK2augQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/73d145-eb99-4bd8-a817-6bce7799cbea/1/XfEaGA3xeZTkitMxhyz9AK2augQ.mft
Manifest number: 1846
Signing time: Sun 01 Mar 2026 19:01:42 +0000
Manifest this update: Sun 01 Mar 2026 19:01:42 +0000
Manifest next update: Mon 02 Mar 2026 19:01:42 +0000
Files and hashes: 1: XfEaGA3xeZTkitMxhyz9AK2augQ.crl (hash: GG0n1QBcfjflsa/jjMx+IktDHrmKyrLa5Gm1IthMK78=)
2: vOvUH4QL3euA8n5Zs-p3s8pu5OU.roa (hash: qqJCGshMa7lPJa7oCp0UWM6NmrUrD8W4y4uDd4fxLLU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/73d145-eb99-4bd8-a817-6bce7799cbea/1/XfEaGA3xeZTkitMxhyz9AK2augQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/73d145-eb99-4bd8-a817-6bce7799cbea/1/XfEaGA3xeZTkitMxhyz9AK2augQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/XfEaGA3xeZTkitMxhyz9AK2augQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:c7:1f:f7:97:40:ed:3c:60:a3:a3:86:de:b3:7a:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5df11a180df17994e48ad331872cfd00ad9aba04
Validity
Not Before: Mar 1 19:01:42 2026 GMT
Not After : Mar 2 19:01:42 2026 GMT
Subject: CN=e528d116725baa965742d65cf64e0269356cad37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:2d:29:da:11:c4:6b:75:67:59:be:2b:b7:d9:
2b:3c:1e:77:66:66:dd:67:54:2f:42:59:2f:b8:b2:
08:55:50:60:77:26:05:ec:37:5d:17:67:08:52:11:
9e:b2:e5:b4:b9:76:34:a0:ce:2f:89:25:c5:a6:c6:
11:77:93:7e:72:ed:bb:44:e1:9f:34:cc:af:8d:84:
4a:25:74:45:6c:c6:42:a6:e1:9c:ab:9f:0f:08:33:
29:f0:ae:89:ea:c6:d0:d9:01:e5:72:71:54:d6:b9:
58:ee:ed:9e:de:47:54:e6:59:0b:ea:45:03:01:24:
d3:24:2b:11:26:e9:2c:24:a7:db:fe:ab:15:8a:34:
77:be:8d:ea:44:bf:ef:34:e9:73:0d:a9:ce:fc:e0:
27:b0:cb:02:0c:6e:30:c2:2f:b3:77:3f:df:3e:ce:
a0:f2:6c:59:44:e7:ad:59:18:ed:77:5b:d3:45:38:
a3:3e:22:cd:f3:bf:4e:94:b6:10:8e:8a:39:40:09:
2a:fc:f3:c3:97:66:18:49:a1:66:04:01:3f:a0:74:
e6:f3:57:1c:b1:7f:b1:16:bb:f3:c9:e8:31:01:36:
8c:d6:b6:f3:ee:15:5a:fd:0c:e0:d9:5e:30:15:c9:
0e:11:17:ea:f7:0c:6e:6b:d1:45:02:ab:ee:22:3b:
0e:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:28:D1:16:72:5B:AA:96:57:42:D6:5C:F6:4E:02:69:35:6C:AD:37
X509v3 Authority Key Identifier:
keyid:5D:F1:1A:18:0D:F1:79:94:E4:8A:D3:31:87:2C:FD:00:AD:9A:BA:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XfEaGA3xeZTkitMxhyz9AK2augQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/73d145-eb99-4bd8-a817-6bce7799cbea/1/XfEaGA3xeZTkitMxhyz9AK2augQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/73d145-eb99-4bd8-a817-6bce7799cbea/1/XfEaGA3xeZTkitMxhyz9AK2augQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
57:d4:e5:33:dc:ab:78:46:25:f4:17:05:08:ea:a4:96:21:55:
0b:33:b9:34:0c:e7:53:bb:99:4a:ba:72:5a:c5:b0:e4:3f:8d:
c5:a2:77:14:65:11:ee:9d:2f:e0:8c:05:cf:e9:c2:9f:a0:f2:
18:ac:02:b0:c3:19:ca:dd:3d:6e:40:42:38:86:57:57:7c:f8:
a3:b0:19:ad:5f:b8:6f:5e:28:3a:30:95:4a:a8:04:e4:c7:e8:
15:81:be:53:e3:3e:41:f6:a2:c1:f2:57:d1:0b:4e:55:1f:56:
c4:6b:1c:f6:09:4f:c4:d2:c9:8b:41:f8:4a:f3:88:80:fe:ac:
dc:6f:a8:f2:a0:14:b1:0d:80:a9:02:a9:76:09:a9:b2:fb:ae:
11:8a:e6:72:19:9d:9d:a7:47:19:ad:06:5f:ed:08:ea:4f:f6:
9c:4a:4a:4e:9e:b7:32:2a:ff:98:4f:89:9a:61:41:1c:78:54:
3b:a0:b6:b1:5f:35:97:ba:41:51:d0:8a:64:5a:20:e3:84:03:
18:a9:2d:9c:0f:0b:b3:8f:26:c3:72:61:91:4d:0c:78:d2:cb:
59:a1:d5:7f:65:27:e2:d7:66:1b:52:38:02:91:38:c3:b2:a1:
98:65:92:ef:ed:ae:46:96:08:75:56:db:ba:c5:31:5d:be:24:
46:6d:d2:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxx/3l0DtPGCjo4bes3phMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZjExYTE4MGRmMTc5OTRlNDhhZDMzMTg3MmNmZDAwYWQ5
YWJhMDQwHhcNMjYwMzAxMTkwMTQyWhcNMjYwMzAyMTkwMTQyWjAzMTEwLwYDVQQD
EyhlNTI4ZDExNjcyNWJhYTk2NTc0MmQ2NWNmNjRlMDI2OTM1NmNhZDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiS0p2hHEa3VnWb4rt9krPB53Zmbd
Z1QvQlkvuLIIVVBgdyYF7DddF2cIUhGesuW0uXY0oM4viSXFpsYRd5N+cu27ROGf
NMyvjYRKJXRFbMZCpuGcq58PCDMp8K6J6sbQ2QHlcnFU1rlY7u2e3kdU5lkL6kUD
ASTTJCsRJuksJKfb/qsVijR3vo3qRL/vNOlzDanO/OAnsMsCDG4wwi+zdz/fPs6g
8mxZROetWRjtd1vTRTijPiLN879OlLYQjoo5QAkq/PPDl2YYSaFmBAE/oHTm81cc
sX+xFrvzyegxATaM1rbz7hVa/Qzg2V4wFckOERfq9wxua9FFAqvuIjsOAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOUo0RZyW6qWV0LWXPZOAmk1bK03MB8GA1UdIwQY
MBaAFF3xGhgN8XmU5IrTMYcs/QCtmroEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGZFYUdBM3hlWlRraXRNeGh5ejlBSzJhdWdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy83M2QxNDUtZWI5OS00YmQ4LWE4MTct
NmJjZTc3OTljYmVhLzEvWGZFYUdBM3hlWlRraXRNeGh5ejlBSzJhdWdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy83M2QxNDUtZWI5OS00YmQ4LWE4MTctNmJjZTc3OTljYmVh
LzEvWGZFYUdBM3hlWlRraXRNeGh5ejlBSzJhdWdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV9TlM9yr
eEYl9BcFCOqkliFVCzO5NAznU7uZSrpyWsWw5D+NxaJ3FGUR7p0v4IwFz+nCn6Dy
GKwCsMMZyt09bkBCOIZXV3z4o7AZrV+4b14oOjCVSqgE5MfoFYG+U+M+QfaiwfJX
0QtOVR9WxGsc9glPxNLJi0H4SvOIgP6s3G+o8qAUsQ2AqQKpdgmpsvuuEYrmchmd
nadHGa0GX+0I6k/2nEpKTp63Mir/mE+JmmFBHHhUO6C2sV81l7pBUdCKZFog44QD
GKktnA8Ls48mw3JhkU0MeNLLWaHVf2Un4tdmG1I4ApE4w7KhmGWS7+2uRpYIdVbb
usUxXb4kRm3SiA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:26:43 2026 by rpki-client