Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/775017-a45b-4637-a3a0-af1a0e00f823/1/sx0cKJHYgEaaINi38Y5M2GVDAEY.mft
File: sx0cKJHYgEaaINi38Y5M2GVDAEY.mft (raw, json)
Hash identifier: Ynadwc6NTfSORU5mB5dfgCNB/wyGUP42TAMYsUJ0xFg=
Subject key identifier: 35:37:E5:40:9E:B7:73:2D:67:68:60:14:61:C1:7F:3D:9C:D7:A8:0A
Authority key identifier: B3:1D:1C:28:91:D8:80:46:9A:20:D8:B7:F1:8E:4C:D8:65:43:00:46
Certificate issuer: /CN=b31d1c2891d880469a20d8b7f18e4cd865430046
Certificate serial: 019CAA5853BCDF33C11B3903A1C7BCD2BBF0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sx0cKJHYgEaaINi38Y5M2GVDAEY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/775017-a45b-4637-a3a0-af1a0e00f823/1/sx0cKJHYgEaaINi38Y5M2GVDAEY.mft
Manifest number: 0528
Signing time: Sun 01 Mar 2026 17:00:41 +0000
Manifest this update: Sun 01 Mar 2026 17:00:41 +0000
Manifest next update: Mon 02 Mar 2026 17:00:41 +0000
Files and hashes: 1: nZ-MC578XDNoxF9WT_GxSRoreCI.roa (hash: P9N+z+cz6t9cJMJHuc2G7Ay4P8kV4Zg2jsXlf/jTUFo=)
2: sx0cKJHYgEaaINi38Y5M2GVDAEY.crl (hash: tRmilSg7w7+NSVcux/MDQpv0nXf0ErvgNqsxxNGDDq0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/775017-a45b-4637-a3a0-af1a0e00f823/1/sx0cKJHYgEaaINi38Y5M2GVDAEY.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/775017-a45b-4637-a3a0-af1a0e00f823/1/sx0cKJHYgEaaINi38Y5M2GVDAEY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sx0cKJHYgEaaINi38Y5M2GVDAEY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:58:53:bc:df:33:c1:1b:39:03:a1:c7:bc:d2:bb:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b31d1c2891d880469a20d8b7f18e4cd865430046
Validity
Not Before: Mar 1 17:00:41 2026 GMT
Not After : Mar 2 17:00:41 2026 GMT
Subject: CN=3537e5409eb7732d6768601461c17f3d9cd7a80a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:ec:12:99:e8:40:1c:b4:de:eb:03:31:d1:66:
3d:b6:f9:1d:91:f8:99:39:b4:24:9f:20:2e:a2:91:
dd:99:e2:7e:1a:4d:67:f0:9d:c2:d3:fe:79:bd:22:
88:4a:37:55:07:65:58:4b:75:28:af:d6:d7:a9:f4:
c3:2e:f6:d5:3a:ce:d8:55:b2:64:6c:b9:a1:f0:bf:
9e:86:60:f1:ef:9b:6c:1c:df:d9:82:1b:3d:3f:74:
50:59:a8:6c:8f:7f:a9:47:d2:78:b7:df:70:15:64:
95:37:40:fb:8c:ea:e4:9b:14:4c:28:42:fe:ae:52:
eb:a6:e6:51:c4:23:4c:f4:fd:83:1e:51:ed:87:55:
d9:39:eb:9a:5a:90:bc:03:91:a7:ba:0a:5a:63:6f:
be:0d:2b:96:1e:9f:49:1e:57:45:96:52:be:78:21:
ec:f6:95:dc:9c:ba:bb:c0:fb:f9:31:0c:2d:69:7d:
65:67:65:d5:eb:12:62:b4:32:ad:f0:d1:b0:17:06:
9d:51:c1:14:ad:a1:dd:14:0f:cc:1b:d0:d3:ca:c9:
8a:71:a4:57:ae:4b:c6:7b:e8:a7:37:f0:fe:70:3c:
89:8d:29:80:e2:03:6f:84:29:5c:79:de:b2:4e:0e:
58:76:cf:e1:0d:3e:41:83:1e:61:63:d6:71:22:7e:
e0:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:37:E5:40:9E:B7:73:2D:67:68:60:14:61:C1:7F:3D:9C:D7:A8:0A
X509v3 Authority Key Identifier:
keyid:B3:1D:1C:28:91:D8:80:46:9A:20:D8:B7:F1:8E:4C:D8:65:43:00:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sx0cKJHYgEaaINi38Y5M2GVDAEY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/775017-a45b-4637-a3a0-af1a0e00f823/1/sx0cKJHYgEaaINi38Y5M2GVDAEY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/775017-a45b-4637-a3a0-af1a0e00f823/1/sx0cKJHYgEaaINi38Y5M2GVDAEY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9a:4a:ff:06:1e:16:8a:48:77:85:bd:31:2d:a1:62:64:08:c8:
5c:63:7d:d4:c6:f7:12:49:b2:49:e3:42:ae:80:a4:32:af:29:
1c:3d:7a:91:a4:55:d2:5a:fa:0a:d8:9f:64:74:82:c7:d5:b9:
96:1a:7c:85:6e:63:79:79:96:74:7d:63:94:cb:82:d0:4e:76:
b5:21:de:aa:a3:7d:b4:f9:bf:ae:f9:a8:ae:b2:33:c6:e1:83:
8b:ef:de:ca:da:97:ec:d8:7e:ee:7c:19:b0:f2:31:99:a8:5f:
32:82:9f:ea:af:7b:a3:2b:ee:2a:c4:bd:35:fa:96:3d:4b:2a:
fe:d1:47:33:b2:d6:56:32:e7:90:52:ac:f1:c3:79:9b:c0:49:
5c:52:be:f2:32:05:77:64:1f:71:48:9f:9a:ce:d8:fc:cf:7c:
5f:6f:f8:52:b9:42:36:3d:c6:e4:c3:43:6b:e7:0c:81:71:f0:
c0:57:02:20:5b:8c:d8:f0:00:83:09:5e:a4:cb:b6:28:f6:a2:
f1:6b:3f:a9:34:36:c1:29:ba:d9:97:e6:67:08:c4:2c:18:d8:
7a:23:87:ab:bc:17:fa:52:79:72:a8:6c:da:8b:42:83:14:40:
29:d1:34:0e:8e:ee:1e:d5:49:3f:36:fe:ac:02:fb:1e:22:68:
c6:3f:ca:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqWFO83zPBGzkDoce80rvwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMWQxYzI4OTFkODgwNDY5YTIwZDhiN2YxOGU0Y2Q4NjU0
MzAwNDYwHhcNMjYwMzAxMTcwMDQxWhcNMjYwMzAyMTcwMDQxWjAzMTEwLwYDVQQD
EygzNTM3ZTU0MDllYjc3MzJkNjc2ODYwMTQ2MWMxN2YzZDljZDdhODBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9OwSmehAHLTe6wMx0WY9tvkdkfiZ
ObQknyAuopHdmeJ+Gk1n8J3C0/55vSKISjdVB2VYS3Uor9bXqfTDLvbVOs7YVbJk
bLmh8L+ehmDx75tsHN/Zghs9P3RQWahsj3+pR9J4t99wFWSVN0D7jOrkmxRMKEL+
rlLrpuZRxCNM9P2DHlHth1XZOeuaWpC8A5GnugpaY2++DSuWHp9JHldFllK+eCHs
9pXcnLq7wPv5MQwtaX1lZ2XV6xJitDKt8NGwFwadUcEUraHdFA/MG9DTysmKcaRX
rkvGe+inN/D+cDyJjSmA4gNvhClced6yTg5Yds/hDT5Bgx5hY9ZxIn7gYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDU35UCet3MtZ2hgFGHBfz2c16gKMB8GA1UdIwQY
MBaAFLMdHCiR2IBGmiDYt/GOTNhlQwBGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3gwY0tKSFlnRWFhSU5pMzhZNU0yR1ZEQUVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy83NzUwMTctYTQ1Yi00NjM3LWEzYTAt
YWYxYTBlMDBmODIzLzEvc3gwY0tKSFlnRWFhSU5pMzhZNU0yR1ZEQUVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy83NzUwMTctYTQ1Yi00NjM3LWEzYTAtYWYxYTBlMDBmODIz
LzEvc3gwY0tKSFlnRWFhSU5pMzhZNU0yR1ZEQUVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmkr/Bh4W
ikh3hb0xLaFiZAjIXGN91Mb3EkmySeNCroCkMq8pHD16kaRV0lr6CtifZHSCx9W5
lhp8hW5jeXmWdH1jlMuC0E52tSHeqqN9tPm/rvmorrIzxuGDi+/eytqX7Nh+7nwZ
sPIxmahfMoKf6q97oyvuKsS9NfqWPUsq/tFHM7LWVjLnkFKs8cN5m8BJXFK+8jIF
d2QfcUifms7Y/M98X2/4UrlCNj3G5MNDa+cMgXHwwFcCIFuM2PAAgwlepMu2KPai
8Ws/qTQ2wSm62ZfmZwjELBjYeiOHq7wX+lJ5cqhs2otCgxRAKdE0Do7uHtVJPzb+
rAL7HiJoxj/Kzw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:56:48 2026 by rpki-client