Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/xaL0JAfyHJ12kPsw_YzbK_320DA.mft
File: xaL0JAfyHJ12kPsw_YzbK_320DA.mft (raw, json)
Hash identifier: sJGOujJF9K+EtRTdDUSHLMbyVuaCgq+R8LCAaKQFVzY=
Subject key identifier: FD:1C:63:E4:77:22:09:79:70:4D:66:C4:16:1B:F0:EC:8B:6F:00:6D
Authority key identifier: C5:A2:F4:24:07:F2:1C:9D:76:90:FB:30:FD:8C:DB:2B:FD:F6:D0:30
Certificate issuer: /CN=c5a2f42407f21c9d7690fb30fd8cdb2bfdf6d030
Certificate serial: 019DA4F85D603E8029E6FCEA7339A57206BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xaL0JAfyHJ12kPsw_YzbK_320DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/xaL0JAfyHJ12kPsw_YzbK_320DA.mft
Manifest number: 18E4
Signing time: Sun 19 Apr 2026 09:00:33 +0000
Manifest this update: Sun 19 Apr 2026 09:00:33 +0000
Manifest next update: Mon 20 Apr 2026 09:00:33 +0000
Files and hashes: 1: vvOgIMkDpg0381NKvOJ6xEsVrhU.roa (hash: Ilfe2d/82ILTFX47xfIYllXXNOO6y9+T+nkxBpSb/2g=)
2: xaL0JAfyHJ12kPsw_YzbK_320DA.crl (hash: q1iTkWRjkvCfTB2Sf9KBSSv3KMJjw6EXPbWw55byykI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/xaL0JAfyHJ12kPsw_YzbK_320DA.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/xaL0JAfyHJ12kPsw_YzbK_320DA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xaL0JAfyHJ12kPsw_YzbK_320DA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a4:f8:5d:60:3e:80:29:e6:fc:ea:73:39:a5:72:06:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5a2f42407f21c9d7690fb30fd8cdb2bfdf6d030
Validity
Not Before: Apr 19 09:00:33 2026 GMT
Not After : Apr 20 09:00:33 2026 GMT
Subject: CN=fd1c63e477220979704d66c4161bf0ec8b6f006d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c6:1b:43:f4:cb:a7:44:84:e7:c2:bd:af:ca:
a4:5e:67:dd:e7:d9:99:3d:ec:9a:77:f4:26:dd:88:
4c:9b:23:25:9c:4d:c1:ab:97:70:83:a3:0b:9a:07:
78:cc:4b:d0:72:44:48:0a:ae:71:f0:a0:36:b8:51:
ce:70:55:19:fd:da:69:de:79:40:f6:30:8e:2f:65:
55:74:b4:7a:0b:fa:71:65:6b:22:ed:8c:77:6b:e3:
a2:6a:1e:08:d0:15:2d:40:80:82:26:76:7c:18:95:
01:39:d2:6d:b7:48:ce:dd:ff:7f:4f:1c:39:3d:da:
4f:42:83:55:6d:b0:0b:57:8f:fe:6b:a3:3a:17:17:
a9:8b:c6:76:ec:91:ee:be:01:6c:8f:9b:55:fa:5d:
a3:23:12:06:bc:03:15:07:87:cc:61:c4:04:e0:74:
0f:62:41:c0:4d:c4:0f:c3:0f:b3:d7:2c:6c:bc:65:
50:ce:ac:ab:a8:12:33:aa:20:d9:20:65:cf:49:ff:
bd:85:ac:c9:d9:aa:36:97:bd:4b:1d:0f:3b:eb:a0:
db:51:df:1c:35:e0:a9:94:d9:41:a0:43:1e:8e:14:
de:a7:4d:71:81:19:c1:12:2d:80:93:fc:4d:4f:f5:
a2:e6:76:50:65:fa:be:62:b5:42:41:e1:75:0d:41:
5b:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:1C:63:E4:77:22:09:79:70:4D:66:C4:16:1B:F0:EC:8B:6F:00:6D
X509v3 Authority Key Identifier:
keyid:C5:A2:F4:24:07:F2:1C:9D:76:90:FB:30:FD:8C:DB:2B:FD:F6:D0:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xaL0JAfyHJ12kPsw_YzbK_320DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/xaL0JAfyHJ12kPsw_YzbK_320DA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/xaL0JAfyHJ12kPsw_YzbK_320DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
66:f3:99:7d:d5:08:90:22:03:b6:50:cf:26:e8:5a:e0:31:59:
83:24:ed:c7:5b:28:cb:1f:82:6d:3c:37:cd:be:4a:37:44:4d:
bf:61:a2:0f:68:2c:42:5c:7f:01:86:7c:72:db:57:7a:2e:6f:
0f:2a:fd:64:bb:95:a0:3b:d3:71:70:93:a8:6b:28:00:d7:7e:
88:2a:3d:12:72:9f:ba:7c:fd:5d:cd:76:48:14:c2:35:2a:45:
14:81:c1:42:31:59:70:77:42:47:92:b3:9e:6d:1f:01:cc:c3:
f0:22:13:5a:fa:5f:f6:60:65:9b:3a:aa:36:91:40:94:cb:6a:
4f:35:2f:77:c4:72:f1:ca:d3:d9:49:30:d5:41:38:0a:e8:10:
39:46:16:2d:43:ca:8b:16:d7:06:d9:2b:9b:9d:40:39:01:c3:
4c:d7:0f:55:15:96:db:d3:d7:98:71:76:57:34:d9:5b:2b:4b:
54:34:61:da:d2:e6:27:10:c9:25:39:08:53:8f:0c:25:13:a1:
96:cc:c7:96:f9:da:b8:9a:06:ed:af:63:e4:57:17:78:db:f9:
76:8d:9d:7a:85:31:2c:80:d3:09:77:55:35:3a:41:5b:81:c3:
4e:d2:5c:5a:a4:ed:09:fa:53:4e:4c:4e:b1:11:ce:57:e1:bf:
39:e4:36:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2k+F1gPoAp5vzqczmlcga8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YTJmNDI0MDdmMjFjOWQ3NjkwZmIzMGZkOGNkYjJiZmRm
NmQwMzAwHhcNMjYwNDE5MDkwMDMzWhcNMjYwNDIwMDkwMDMzWjAzMTEwLwYDVQQD
EyhmZDFjNjNlNDc3MjIwOTc5NzA0ZDY2YzQxNjFiZjBlYzhiNmYwMDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMYbQ/TLp0SE58K9r8qkXmfd59mZ
Peyad/Qm3YhMmyMlnE3Bq5dwg6MLmgd4zEvQckRICq5x8KA2uFHOcFUZ/dpp3nlA
9jCOL2VVdLR6C/pxZWsi7Yx3a+Oiah4I0BUtQICCJnZ8GJUBOdJtt0jO3f9/Txw5
PdpPQoNVbbALV4/+a6M6Fxepi8Z27JHuvgFsj5tV+l2jIxIGvAMVB4fMYcQE4HQP
YkHATcQPww+z1yxsvGVQzqyrqBIzqiDZIGXPSf+9hazJ2ao2l71LHQ8766DbUd8c
NeCplNlBoEMejhTep01xgRnBEi2Ak/xNT/Wi5nZQZfq+YrVCQeF1DUFbwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP0cY+R3Igl5cE1mxBYb8OyLbwBtMB8GA1UdIwQY
MBaAFMWi9CQH8hyddpD7MP2M2yv99tAwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGFMMEpBZnlISjEya1Bzd19ZemJLXzMyMERBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8xYTE4ZTEtNjdjOC00OTJlLThmYmEt
ZmI1YzYyZTQyZjZiLzEveGFMMEpBZnlISjEya1Bzd19ZemJLXzMyMERBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8xYTE4ZTEtNjdjOC00OTJlLThmYmEtZmI1YzYyZTQyZjZi
LzEveGFMMEpBZnlISjEya1Bzd19ZemJLXzMyMERBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZvOZfdUI
kCIDtlDPJuha4DFZgyTtx1soyx+CbTw3zb5KN0RNv2GiD2gsQlx/AYZ8cttXei5v
Dyr9ZLuVoDvTcXCTqGsoANd+iCo9EnKfunz9Xc12SBTCNSpFFIHBQjFZcHdCR5Kz
nm0fAczD8CITWvpf9mBlmzqqNpFAlMtqTzUvd8Ry8crT2Ukw1UE4CugQOUYWLUPK
ixbXBtkrm51AOQHDTNcPVRWW29PXmHF2VzTZWytLVDRh2tLmJxDJJTkIU48MJROh
lszHlvnauJoG7a9j5FcXeNv5do2deoUxLIDTCXdVNTpBW4HDTtJcWqTtCfpTTkxO
sRHOV+G/OeQ2Pw==
-----END CERTIFICATE-----
Generated at Sun Apr 19 12:19:14 2026 by rpki-client