Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/xaL0JAfyHJ12kPsw_YzbK_320DA.mft
File: xaL0JAfyHJ12kPsw_YzbK_320DA.mft (raw, json)
Hash identifier: Q17R1F1mSfFV8mZ4i3fGebwxt+tMraKprs+giVPVhqQ=
Subject key identifier: 82:AA:59:C6:4D:FF:5D:52:93:4F:EE:B0:47:D2:1E:66:4C:5D:5E:64
Authority key identifier: C5:A2:F4:24:07:F2:1C:9D:76:90:FB:30:FD:8C:DB:2B:FD:F6:D0:30
Certificate issuer: /CN=c5a2f42407f21c9d7690fb30fd8cdb2bfdf6d030
Certificate serial: 019DA30A0D68F9D21E248DC044B2CBDE4D20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xaL0JAfyHJ12kPsw_YzbK_320DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/xaL0JAfyHJ12kPsw_YzbK_320DA.mft
Manifest number: 18E3
Signing time: Sun 19 Apr 2026 00:00:38 +0000
Manifest this update: Sun 19 Apr 2026 00:00:38 +0000
Manifest next update: Mon 20 Apr 2026 00:00:38 +0000
Files and hashes: 1: vvOgIMkDpg0381NKvOJ6xEsVrhU.roa (hash: Ilfe2d/82ILTFX47xfIYllXXNOO6y9+T+nkxBpSb/2g=)
2: xaL0JAfyHJ12kPsw_YzbK_320DA.crl (hash: WsF4foJFhc4/GoVL9wFbLFgUkywqEZYAcxbESkkY7Tw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/xaL0JAfyHJ12kPsw_YzbK_320DA.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/xaL0JAfyHJ12kPsw_YzbK_320DA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xaL0JAfyHJ12kPsw_YzbK_320DA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a3:0a:0d:68:f9:d2:1e:24:8d:c0:44:b2:cb:de:4d:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5a2f42407f21c9d7690fb30fd8cdb2bfdf6d030
Validity
Not Before: Apr 19 00:00:38 2026 GMT
Not After : Apr 20 00:00:38 2026 GMT
Subject: CN=82aa59c64dff5d52934feeb047d21e664c5d5e64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:30:b3:6c:4e:74:9b:47:b1:92:73:2c:49:27:
06:46:55:38:6c:fd:88:78:b9:b3:cd:93:74:0a:cd:
7c:75:63:f4:2b:03:7d:3a:14:ce:55:26:2a:1d:54:
1a:b2:ee:ce:c0:cf:37:c4:57:c9:4c:15:5a:48:1a:
1b:88:d1:4f:24:e9:e0:69:e5:93:bc:29:78:12:fd:
13:94:38:3d:98:85:5f:aa:9d:13:0d:e5:26:d8:8f:
d8:28:a5:6f:dd:05:fd:38:fa:42:78:a1:10:3b:c4:
6d:78:f8:ab:3b:c1:21:77:66:77:f7:79:a3:1c:3a:
1d:9b:f8:e6:ab:9b:7b:7d:35:60:c5:b2:2b:73:ef:
4d:9f:df:53:43:32:7c:26:ee:c0:e8:c9:0d:28:c8:
aa:f0:f3:10:19:68:dc:45:4e:b9:7b:c5:60:93:93:
6a:95:41:dc:c9:0f:07:44:a0:ef:b4:84:a2:89:db:
03:23:f2:39:6a:d0:fb:c8:41:c0:a4:2b:92:6a:91:
7a:30:81:d0:22:87:b7:14:a6:70:45:2c:12:90:36:
52:b9:f2:2e:23:5d:82:19:ce:13:14:1c:2b:9d:2e:
be:ef:e6:7f:66:f2:39:da:4b:58:5e:59:8b:04:bf:
8e:c8:6d:b8:d9:49:26:33:1a:b2:4e:ee:b2:5b:85:
2e:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:AA:59:C6:4D:FF:5D:52:93:4F:EE:B0:47:D2:1E:66:4C:5D:5E:64
X509v3 Authority Key Identifier:
keyid:C5:A2:F4:24:07:F2:1C:9D:76:90:FB:30:FD:8C:DB:2B:FD:F6:D0:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xaL0JAfyHJ12kPsw_YzbK_320DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/xaL0JAfyHJ12kPsw_YzbK_320DA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/xaL0JAfyHJ12kPsw_YzbK_320DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
12:e4:53:23:08:80:d8:87:36:3a:48:1b:f5:a8:07:08:3f:b8:
be:90:ec:1f:a5:ef:25:02:a1:39:a1:1e:3a:b2:3e:a8:3b:5a:
a1:2c:d6:46:3a:50:0a:34:03:73:7b:fd:7a:93:e9:6b:e3:65:
92:58:fc:0d:88:7b:ba:13:c5:1f:61:d7:fe:ee:2b:0d:53:c2:
78:ef:cd:c6:85:d5:1a:90:25:0a:3c:09:60:58:30:ce:8e:d0:
99:26:e5:5d:80:77:3f:d1:b1:d1:8a:9b:d3:cc:85:8f:88:63:
58:55:be:55:83:1e:b2:5b:3c:99:8d:ed:16:94:bb:b5:d7:27:
c6:4e:ff:25:43:51:8e:2d:27:ba:1e:62:40:4d:79:36:89:a7:
e9:73:78:0e:2c:6c:fe:ea:ba:f1:6f:84:34:1d:9c:76:63:c1:
63:44:8a:14:a2:7f:08:1f:77:7b:0c:66:bb:30:fb:06:c5:17:
b9:27:39:3f:d0:e4:ad:d8:0d:a2:9b:aa:46:2a:ce:82:74:42:
63:d7:96:24:c4:d4:4f:ad:0d:18:3b:7e:2a:13:4b:b9:bb:11:
0d:8f:90:3c:ba:bf:25:07:31:d6:ff:8a:5a:a3:97:fb:d8:f9:
71:64:e6:6e:98:52:2a:56:b3:8a:fe:96:34:c4:5a:c1:e4:af:
e0:d6:ba:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2jCg1o+dIeJI3ARLLL3k0gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YTJmNDI0MDdmMjFjOWQ3NjkwZmIzMGZkOGNkYjJiZmRm
NmQwMzAwHhcNMjYwNDE5MDAwMDM4WhcNMjYwNDIwMDAwMDM4WjAzMTEwLwYDVQQD
Eyg4MmFhNTljNjRkZmY1ZDUyOTM0ZmVlYjA0N2QyMWU2NjRjNWQ1ZTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDCzbE50m0exknMsSScGRlU4bP2I
eLmzzZN0Cs18dWP0KwN9OhTOVSYqHVQasu7OwM83xFfJTBVaSBobiNFPJOngaeWT
vCl4Ev0TlDg9mIVfqp0TDeUm2I/YKKVv3QX9OPpCeKEQO8RtePirO8Ehd2Z393mj
HDodm/jmq5t7fTVgxbIrc+9Nn99TQzJ8Ju7A6MkNKMiq8PMQGWjcRU65e8Vgk5Nq
lUHcyQ8HRKDvtISiidsDI/I5atD7yEHApCuSapF6MIHQIoe3FKZwRSwSkDZSufIu
I12CGc4TFBwrnS6+7+Z/ZvI52ktYXlmLBL+OyG242UkmMxqyTu6yW4UuewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIKqWcZN/11Sk0/usEfSHmZMXV5kMB8GA1UdIwQY
MBaAFMWi9CQH8hyddpD7MP2M2yv99tAwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGFMMEpBZnlISjEya1Bzd19ZemJLXzMyMERBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8xYTE4ZTEtNjdjOC00OTJlLThmYmEt
ZmI1YzYyZTQyZjZiLzEveGFMMEpBZnlISjEya1Bzd19ZemJLXzMyMERBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8xYTE4ZTEtNjdjOC00OTJlLThmYmEtZmI1YzYyZTQyZjZi
LzEveGFMMEpBZnlISjEya1Bzd19ZemJLXzMyMERBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEuRTIwiA
2Ic2Okgb9agHCD+4vpDsH6XvJQKhOaEeOrI+qDtaoSzWRjpQCjQDc3v9epPpa+Nl
klj8DYh7uhPFH2HX/u4rDVPCeO/NxoXVGpAlCjwJYFgwzo7QmSblXYB3P9Gx0Yqb
08yFj4hjWFW+VYMesls8mY3tFpS7tdcnxk7/JUNRji0nuh5iQE15Nomn6XN4Dixs
/uq68W+ENB2cdmPBY0SKFKJ/CB93ewxmuzD7BsUXuSc5P9DkrdgNopuqRirOgnRC
Y9eWJMTUT60NGDt+KhNLubsRDY+QPLq/JQcx1v+KWqOX+9j5cWTmbphSKlaziv6W
NMRaweSv4Na6AQ==
-----END CERTIFICATE-----
Generated at Sun Apr 19 10:18:50 2026 by rpki-client