Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.mft
File: xafD9LFGk1EiAllaik-VsNa3oQE.mft (raw, json)
Hash identifier: vcW6kX32Ro1pZy2E56dFOcYY0Im1aAvbtQiA5Lk1pgA=
Subject key identifier: 58:D6:A2:72:36:BF:BA:3E:07:94:F5:AE:28:30:84:A7:6E:93:2A:75
Authority key identifier: C5:A7:C3:F4:B1:46:93:51:22:02:59:5A:8A:4F:95:B0:D6:B7:A1:01
Certificate issuer: /CN=c5a7c3f4b14693512202595a8a4f95b0d6b7a101
Certificate serial: 019CAD597D5AA7839D4C9C4BCF4DA5257C77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xafD9LFGk1EiAllaik-VsNa3oQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.mft
Manifest number: 17DB
Signing time: Mon 02 Mar 2026 07:00:48 +0000
Manifest this update: Mon 02 Mar 2026 07:00:48 +0000
Manifest next update: Tue 03 Mar 2026 07:00:48 +0000
Files and hashes: 1: 2hbC2fRcwVVGLuxr3y8s9IdUqJ0.roa (hash: WENyhbzOdCYh/WeleDC3Eb7ZL7vwxD85NmDsUD+Ca/o=)
2: rJ0B3_PG0rjHq-_hS6K9nBrn-PY.roa (hash: m7Zi/TNYib5gTH6m2mPeaQUI4WRQNMe1ierjcvG2bOc=)
3: xOCpqHIGWYpMZiK0D_GduGL-xNY.roa (hash: EH/6F7DAxWGzLP0f7IyWGiPlk48ND1XykF58xtVXDcQ=)
4: xafD9LFGk1EiAllaik-VsNa3oQE.crl (hash: PtbjcBnz4leb8Knud1/ZNbdsnRLwm4cxYy9a8sSYIM0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.mft
rsync://rpki.ripe.net/repository/DEFAULT/xafD9LFGk1EiAllaik-VsNa3oQE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 07:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:59:7d:5a:a7:83:9d:4c:9c:4b:cf:4d:a5:25:7c:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5a7c3f4b14693512202595a8a4f95b0d6b7a101
Validity
Not Before: Mar 2 07:00:48 2026 GMT
Not After : Mar 3 07:00:48 2026 GMT
Subject: CN=58d6a27236bfba3e0794f5ae283084a76e932a75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:12:ff:a9:86:bb:9b:7e:c7:41:cf:a6:92:db:
57:e4:ae:fc:d9:5d:f4:68:7d:13:f9:56:f5:4a:56:
9f:c2:9e:80:c3:c5:0d:84:d8:5b:07:3e:9e:c3:d4:
02:5b:35:aa:4e:9e:2a:3b:19:8e:54:3c:a2:21:05:
02:68:df:77:33:9b:8a:b8:14:45:17:f8:b5:2c:38:
83:bb:51:1a:e2:f3:c5:e9:93:76:78:81:09:39:42:
72:08:49:da:cb:df:75:d0:d8:26:68:da:cf:25:65:
39:91:81:0c:0c:73:ee:d7:06:ce:ec:76:3f:e1:3d:
a7:26:14:7c:26:06:d6:1b:cd:df:9c:c6:46:28:c2:
ed:8a:1e:f6:b8:c3:b8:75:0a:c0:d2:3e:11:94:6d:
12:a6:bb:2f:41:7e:60:ca:86:48:24:a7:97:69:60:
30:93:a9:83:49:9e:6f:51:26:bc:2e:b4:d3:20:3b:
11:5d:8a:b6:39:40:1d:39:56:55:a5:8d:d5:ea:5f:
cb:af:9e:25:cc:7e:10:21:e2:bc:0e:e1:4b:27:b3:
87:b7:2a:73:70:b7:7d:32:ff:62:6c:f9:a2:df:11:
d9:e4:a3:82:69:f6:c3:58:c0:22:34:e7:91:b8:cf:
05:44:a4:66:b8:e2:89:e2:39:31:76:d2:87:a6:c2:
8c:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:D6:A2:72:36:BF:BA:3E:07:94:F5:AE:28:30:84:A7:6E:93:2A:75
X509v3 Authority Key Identifier:
keyid:C5:A7:C3:F4:B1:46:93:51:22:02:59:5A:8A:4F:95:B0:D6:B7:A1:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xafD9LFGk1EiAllaik-VsNa3oQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
17:59:4e:5b:a1:1f:fa:0e:48:57:ab:37:07:2d:c7:6d:53:25:
c5:57:6d:de:4c:6c:f8:d1:25:8a:77:b0:5b:7f:8f:db:4a:83:
3f:2d:77:e5:ab:af:bc:e1:fc:4f:45:2b:b3:02:a1:92:1f:48:
74:70:56:28:ce:91:01:ed:ec:4d:14:86:29:77:c1:d9:bc:d9:
f7:ca:c7:85:9b:34:34:22:78:3c:5a:91:1e:ce:ae:fe:45:f9:
8c:97:d9:48:64:8a:8a:07:80:50:b2:43:2a:8a:77:bd:45:e0:
74:85:50:fa:cd:ad:64:3f:ea:a7:8c:e5:3f:77:76:b9:7d:c1:
28:9e:c4:07:c8:ee:b2:a9:2d:b3:1c:36:95:02:df:b2:63:64:
df:c3:a2:81:c4:19:b3:4f:49:2f:bc:c8:e1:a7:c2:da:0a:0d:
c8:99:18:51:38:b9:86:41:48:de:3a:b5:66:94:f7:7a:40:ca:
f8:82:59:2f:fa:b3:df:6c:9b:37:44:25:9a:d2:a5:84:a4:c9:
fe:54:47:82:a4:90:b0:c6:8e:69:b2:dd:ac:02:92:da:5e:67:
6d:c5:5a:9d:56:08:ee:a4:6a:cf:0e:86:75:13:8f:e3:89:50:
17:1b:09:8a:d2:fa:6a:cf:a2:7a:29:af:cb:d0:6e:11:1b:9b:
f3:c0:27:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWX1ap4OdTJxLz02lJXx3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YTdjM2Y0YjE0NjkzNTEyMjAyNTk1YThhNGY5NWIwZDZi
N2ExMDEwHhcNMjYwMzAyMDcwMDQ4WhcNMjYwMzAzMDcwMDQ4WjAzMTEwLwYDVQQD
Eyg1OGQ2YTI3MjM2YmZiYTNlMDc5NGY1YWUyODMwODRhNzZlOTMyYTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzBL/qYa7m37HQc+mkttX5K782V30
aH0T+Vb1Slafwp6Aw8UNhNhbBz6ew9QCWzWqTp4qOxmOVDyiIQUCaN93M5uKuBRF
F/i1LDiDu1Ea4vPF6ZN2eIEJOUJyCEnay9910NgmaNrPJWU5kYEMDHPu1wbO7HY/
4T2nJhR8JgbWG83fnMZGKMLtih72uMO4dQrA0j4RlG0SprsvQX5gyoZIJKeXaWAw
k6mDSZ5vUSa8LrTTIDsRXYq2OUAdOVZVpY3V6l/Lr54lzH4QIeK8DuFLJ7OHtypz
cLd9Mv9ibPmi3xHZ5KOCafbDWMAiNOeRuM8FRKRmuOKJ4jkxdtKHpsKMyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFjWonI2v7o+B5T1rigwhKdukyp1MB8GA1UdIwQY
MBaAFMWnw/SxRpNRIgJZWopPlbDWt6EBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGFmRDlMRkdrMUVpQWxsYWlrLVZzTmEzb1FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8zYTNiMmMtNzZiOS00OWI0LTgyMTgt
ZDEyZjFlMjQ1NmJhLzEveGFmRDlMRkdrMUVpQWxsYWlrLVZzTmEzb1FFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8zYTNiMmMtNzZiOS00OWI0LTgyMTgtZDEyZjFlMjQ1NmJh
LzEveGFmRDlMRkdrMUVpQWxsYWlrLVZzTmEzb1FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF1lOW6Ef
+g5IV6s3By3HbVMlxVdt3kxs+NElinewW3+P20qDPy135auvvOH8T0UrswKhkh9I
dHBWKM6RAe3sTRSGKXfB2bzZ98rHhZs0NCJ4PFqRHs6u/kX5jJfZSGSKigeAULJD
Kop3vUXgdIVQ+s2tZD/qp4zlP3d2uX3BKJ7EB8jusqktsxw2lQLfsmNk38OigcQZ
s09JL7zI4afC2goNyJkYUTi5hkFI3jq1ZpT3ekDK+IJZL/qz32ybN0QlmtKlhKTJ
/lRHgqSQsMaOabLdrAKS2l5nbcVanVYI7qRqzw6GdROP44lQFxsJitL6as+ieimv
y9BuERub88AnBg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:49:38 2026 by rpki-client