Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/95e060-fa2a-4057-9578-b0898fbb1cab/1/xHKa8T09FW9BGXaxduVU-mcddvc.mft
File: xHKa8T09FW9BGXaxduVU-mcddvc.mft (raw, json)
Hash identifier: NvR37ggz/PD10lgK6zNH/I7EuDOblgVisjW4eBTGwpM=
Subject key identifier: DA:DC:A2:71:DF:16:C7:A9:7D:9B:07:F3:6C:A9:E2:D8:A7:5C:E4:F8
Authority key identifier: C4:72:9A:F1:3D:3D:15:6F:41:19:76:B1:76:E5:54:FA:67:1D:76:F7
Certificate issuer: /CN=c4729af13d3d156f411976b176e554fa671d76f7
Certificate serial: 019CAA8FCEB092A84D830BA5570125F6AB94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xHKa8T09FW9BGXaxduVU-mcddvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/95e060-fa2a-4057-9578-b0898fbb1cab/1/xHKa8T09FW9BGXaxduVU-mcddvc.mft
Manifest number: 158A
Signing time: Sun 01 Mar 2026 18:01:17 +0000
Manifest this update: Sun 01 Mar 2026 18:01:17 +0000
Manifest next update: Mon 02 Mar 2026 18:01:17 +0000
Files and hashes: 1: 5bGOVGgpUSjx1uwMkRS9oqXlCJM.roa (hash: gEd4SfTflxW3Gsgz2afT2mctC6KsEwsMe5axMz0injA=)
2: xHKa8T09FW9BGXaxduVU-mcddvc.crl (hash: Xfv9rAPQKqA7LAjSpF9wd3mdOIo8Cs3NXol0EvjfIVo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/95e060-fa2a-4057-9578-b0898fbb1cab/1/xHKa8T09FW9BGXaxduVU-mcddvc.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/95e060-fa2a-4057-9578-b0898fbb1cab/1/xHKa8T09FW9BGXaxduVU-mcddvc.mft
rsync://rpki.ripe.net/repository/DEFAULT/xHKa8T09FW9BGXaxduVU-mcddvc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:8f:ce:b0:92:a8:4d:83:0b:a5:57:01:25:f6:ab:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4729af13d3d156f411976b176e554fa671d76f7
Validity
Not Before: Mar 1 18:01:17 2026 GMT
Not After : Mar 2 18:01:17 2026 GMT
Subject: CN=dadca271df16c7a97d9b07f36ca9e2d8a75ce4f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:e6:44:37:19:b8:1a:ef:da:4a:fc:c0:46:f9:
ad:8a:eb:89:e5:25:bb:4f:87:92:0b:ca:4b:1d:fc:
72:03:9a:40:6f:8b:38:35:02:82:3c:65:81:26:e9:
75:89:45:cb:3a:1b:92:c9:84:5c:a5:ce:13:52:f6:
5b:9a:98:f3:c2:fa:3c:6d:52:22:d1:0b:2d:b3:b5:
2b:53:cc:ca:81:85:2f:4d:f9:e7:72:e3:2c:ff:5c:
cc:0e:78:ab:3a:5a:47:6b:12:03:7a:b4:3f:22:e7:
dc:36:77:77:8a:55:66:83:0e:d6:64:c9:88:dd:f1:
28:5a:98:86:cf:d0:ca:ab:3e:29:06:17:e6:cd:39:
96:8b:8d:3f:64:7c:8c:c0:cc:55:5e:99:28:cf:f1:
33:5c:a3:40:f6:21:80:99:f4:95:8d:e1:d3:2d:65:
b4:71:ed:cd:8b:52:4b:d7:e2:a8:68:18:94:f1:6b:
9b:07:81:47:8e:ca:9b:0f:3f:e3:be:1f:cd:62:61:
c3:6a:6c:bf:50:66:ad:c2:20:75:71:c4:14:3e:69:
4f:78:48:89:f4:54:f8:5b:ee:7b:8a:8c:06:4e:94:
5d:03:cf:58:d4:63:ff:04:49:77:52:f4:6f:f3:bb:
aa:11:8b:ad:82:d4:ac:98:cc:43:74:f6:71:3e:56:
05:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:DC:A2:71:DF:16:C7:A9:7D:9B:07:F3:6C:A9:E2:D8:A7:5C:E4:F8
X509v3 Authority Key Identifier:
keyid:C4:72:9A:F1:3D:3D:15:6F:41:19:76:B1:76:E5:54:FA:67:1D:76:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xHKa8T09FW9BGXaxduVU-mcddvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/95e060-fa2a-4057-9578-b0898fbb1cab/1/xHKa8T09FW9BGXaxduVU-mcddvc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/95e060-fa2a-4057-9578-b0898fbb1cab/1/xHKa8T09FW9BGXaxduVU-mcddvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
37:00:85:85:0e:34:0b:23:cd:59:a5:12:48:ea:d3:30:c7:be:
6b:42:bd:46:b8:35:a8:7a:32:16:d4:01:e5:b0:97:8e:2a:61:
58:bc:83:89:d4:7a:0a:c1:36:8e:1c:3c:56:02:e6:95:59:f3:
58:c0:04:e2:0b:68:bf:59:a1:72:0f:34:86:d8:3c:10:76:72:
8c:2f:06:80:45:8e:bb:e4:a1:69:c6:c1:45:c6:a0:1b:9d:02:
ea:94:c6:a5:da:1d:fb:dc:b7:69:85:9d:dc:48:dc:27:87:5c:
43:b4:a4:29:ae:36:6e:9e:fd:7a:87:7f:67:c2:c4:f8:77:69:
a3:b9:e8:6e:00:4c:dc:20:84:4b:3f:e7:69:ec:2b:9c:b9:21:
8e:9e:ef:f9:af:a0:f9:c5:d7:f5:53:39:de:c0:ef:d1:3e:cc:
e7:5a:d5:1f:23:b5:7b:d8:b7:44:34:f9:a9:89:09:b3:44:e7:
07:15:d3:30:09:95:7a:69:f7:27:1d:ae:fb:1f:37:b4:75:fe:
03:80:30:1b:77:02:ff:19:4d:90:6d:81:5f:84:84:e4:49:2b:
5a:b7:ee:9b:d3:37:ed:39:3e:28:eb:ce:f8:6b:1c:ad:ed:c5:
cc:1d:0c:ee:7d:a1:32:2d:b4:55:76:84:97:d6:77:4a:80:e1:
e7:fa:1d:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqj86wkqhNgwulVwEl9quUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NzI5YWYxM2QzZDE1NmY0MTE5NzZiMTc2ZTU1NGZhNjcx
ZDc2ZjcwHhcNMjYwMzAxMTgwMTE3WhcNMjYwMzAyMTgwMTE3WjAzMTEwLwYDVQQD
EyhkYWRjYTI3MWRmMTZjN2E5N2Q5YjA3ZjM2Y2E5ZTJkOGE3NWNlNGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueZENxm4Gu/aSvzARvmtiuuJ5SW7
T4eSC8pLHfxyA5pAb4s4NQKCPGWBJul1iUXLOhuSyYRcpc4TUvZbmpjzwvo8bVIi
0Qsts7UrU8zKgYUvTfnncuMs/1zMDnirOlpHaxIDerQ/IufcNnd3ilVmgw7WZMmI
3fEoWpiGz9DKqz4pBhfmzTmWi40/ZHyMwMxVXpkoz/EzXKNA9iGAmfSVjeHTLWW0
ce3Ni1JL1+KoaBiU8WubB4FHjsqbDz/jvh/NYmHDamy/UGatwiB1ccQUPmlPeEiJ
9FT4W+57iowGTpRdA89Y1GP/BEl3UvRv87uqEYutgtSsmMxDdPZxPlYFZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNrconHfFsepfZsH82yp4tinXOT4MB8GA1UdIwQY
MBaAFMRymvE9PRVvQRl2sXblVPpnHXb3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEhLYThUMDlGVzlCR1hheGR1VlUtbWNkZHZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85NWUwNjAtZmEyYS00MDU3LTk1Nzgt
YjA4OThmYmIxY2FiLzEveEhLYThUMDlGVzlCR1hheGR1VlUtbWNkZHZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85NWUwNjAtZmEyYS00MDU3LTk1NzgtYjA4OThmYmIxY2Fi
LzEveEhLYThUMDlGVzlCR1hheGR1VlUtbWNkZHZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANwCFhQ40
CyPNWaUSSOrTMMe+a0K9Rrg1qHoyFtQB5bCXjiphWLyDidR6CsE2jhw8VgLmlVnz
WMAE4gtov1mhcg80htg8EHZyjC8GgEWOu+ShacbBRcagG50C6pTGpdod+9y3aYWd
3EjcJ4dcQ7SkKa42bp79eod/Z8LE+Hdpo7nobgBM3CCESz/naewrnLkhjp7v+a+g
+cXX9VM53sDv0T7M51rVHyO1e9i3RDT5qYkJs0TnBxXTMAmVemn3Jx2u+x83tHX+
A4AwG3cC/xlNkG2BX4SE5EkrWrfum9M37Tk+KOvO+Gscre3FzB0M7n2hMi20VXaE
l9Z3SoDh5/odbw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:18:18 2026 by rpki-client