Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/a4af15-7fdd-45a4-a172-1df8fa20fa9e/1/XqFlPhd6opVUAIBcjHW9DWhYOvw.mft
File: XqFlPhd6opVUAIBcjHW9DWhYOvw.mft (raw, json)
Hash identifier: 2sjWvHLhe5qgu1/7Ze3Z2avunMWslYMAB0zzDcHO2Cc=
Subject key identifier: 75:3F:53:67:BA:DC:92:24:B5:E3:99:38:21:C5:41:16:31:67:19:1A
Authority key identifier: 5E:A1:65:3E:17:7A:A2:95:54:00:80:5C:8C:75:BD:0D:68:58:3A:FC
Certificate issuer: /CN=5ea1653e177aa2955400805c8c75bd0d68583afc
Certificate serial: 019CAAC68C19D01A88F86789CDF426D25FEA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XqFlPhd6opVUAIBcjHW9DWhYOvw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/a4af15-7fdd-45a4-a172-1df8fa20fa9e/1/XqFlPhd6opVUAIBcjHW9DWhYOvw.mft
Manifest number: 0CD6
Signing time: Sun 01 Mar 2026 19:01:04 +0000
Manifest this update: Sun 01 Mar 2026 19:01:04 +0000
Manifest next update: Mon 02 Mar 2026 19:01:04 +0000
Files and hashes: 1: Cj5zwQGWSYblCJRXKaQKctud0XU.roa (hash: xmUDvaYQWawK9zhBWUIaHZpPsBr12uVNC2m3+pJz1gA=)
2: XqFlPhd6opVUAIBcjHW9DWhYOvw.crl (hash: gJvMhq/hvBnNSnq7AMkGA87l56NwWa3e5ziHJVEvlLs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/a4af15-7fdd-45a4-a172-1df8fa20fa9e/1/XqFlPhd6opVUAIBcjHW9DWhYOvw.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/a4af15-7fdd-45a4-a172-1df8fa20fa9e/1/XqFlPhd6opVUAIBcjHW9DWhYOvw.mft
rsync://rpki.ripe.net/repository/DEFAULT/XqFlPhd6opVUAIBcjHW9DWhYOvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:c6:8c:19:d0:1a:88:f8:67:89:cd:f4:26:d2:5f:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ea1653e177aa2955400805c8c75bd0d68583afc
Validity
Not Before: Mar 1 19:01:04 2026 GMT
Not After : Mar 2 19:01:04 2026 GMT
Subject: CN=753f5367badc9224b5e3993821c541163167191a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:cb:ca:7e:79:7d:fe:dc:64:05:61:aa:fb:4f:
8e:e5:3e:74:a9:fc:3a:1a:12:24:7b:11:d3:24:8f:
10:24:79:e4:11:99:bd:5c:47:9c:85:4d:9a:d6:ee:
c1:89:48:88:ad:71:ce:24:29:ca:bf:fe:7e:77:de:
5e:83:b7:83:ef:7c:57:9a:3f:a3:45:31:5c:2c:48:
77:74:52:08:3a:ac:2a:bf:9a:1d:e1:bc:cf:88:54:
4a:f4:20:6c:7c:ab:01:ab:48:32:e5:e1:e0:a7:fa:
af:a3:a7:2e:bc:7a:a1:74:25:dd:bd:f0:f3:28:71:
16:ef:ef:bd:0b:b9:51:ee:82:46:05:52:5c:d8:bd:
2b:0a:23:96:70:7f:17:20:c7:f1:a9:b5:cd:03:aa:
3c:27:12:f7:47:8f:1c:7a:48:12:1c:83:2a:85:26:
67:a8:3e:9c:70:95:df:a0:bc:be:eb:87:c8:aa:cb:
61:cb:8b:c0:4b:6d:3d:71:95:d7:4a:92:a4:37:2b:
a9:b6:eb:d0:b4:68:af:ef:f2:67:ea:7a:4b:3c:b6:
c3:90:b8:81:c2:11:b7:57:61:4d:fb:c1:0a:80:4e:
23:df:65:e0:6e:18:e2:a8:57:15:61:c1:fc:00:61:
f0:42:90:23:6d:6d:9e:09:3a:e2:13:92:26:cc:3f:
66:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:3F:53:67:BA:DC:92:24:B5:E3:99:38:21:C5:41:16:31:67:19:1A
X509v3 Authority Key Identifier:
keyid:5E:A1:65:3E:17:7A:A2:95:54:00:80:5C:8C:75:BD:0D:68:58:3A:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XqFlPhd6opVUAIBcjHW9DWhYOvw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/a4af15-7fdd-45a4-a172-1df8fa20fa9e/1/XqFlPhd6opVUAIBcjHW9DWhYOvw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/a4af15-7fdd-45a4-a172-1df8fa20fa9e/1/XqFlPhd6opVUAIBcjHW9DWhYOvw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
71:15:96:28:be:75:83:1f:c9:77:b5:70:56:4e:69:41:9a:dc:
9c:6a:fe:a2:9c:ce:59:f2:a4:73:ee:7f:57:a8:98:25:d2:64:
1e:1e:92:50:5c:6e:dc:4f:b7:b3:25:fa:e7:9c:e0:8f:8b:3e:
97:b5:8b:5b:9a:4b:8c:bc:6e:d2:ab:5b:b8:28:71:c5:89:b2:
8c:f3:37:8c:1b:59:ef:36:ed:65:48:ce:16:d2:e0:bb:ed:b6:
d7:56:a6:0b:a2:af:21:da:dd:0f:a6:99:92:de:75:ad:de:6b:
04:8d:31:e3:7a:a6:17:f0:40:31:a5:dd:95:92:68:fb:c8:0a:
85:89:ea:86:f0:c6:2a:a2:a6:ac:ef:a2:72:c9:46:67:d3:b5:
bd:8a:06:db:88:af:b0:74:68:ad:c4:12:91:dd:30:d0:35:50:
44:f3:48:27:fe:8d:3b:5b:98:b0:3a:9b:18:4e:69:a2:bb:bf:
44:15:d1:1e:17:b0:37:14:c1:ac:1d:48:63:75:33:9f:9d:14:
a2:12:48:90:34:53:e5:65:e3:88:ec:04:65:57:18:e1:80:ce:
ae:41:2d:61:cf:eb:9a:19:e9:52:be:b4:aa:7b:5f:84:ef:f7:
30:5b:32:8d:7a:e0:46:67:26:87:15:03:b0:0d:c5:7b:c9:83:
c9:22:ba:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxowZ0BqI+GeJzfQm0l/qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYTE2NTNlMTc3YWEyOTU1NDAwODA1YzhjNzViZDBkNjg1
ODNhZmMwHhcNMjYwMzAxMTkwMTA0WhcNMjYwMzAyMTkwMTA0WjAzMTEwLwYDVQQD
Eyg3NTNmNTM2N2JhZGM5MjI0YjVlMzk5MzgyMWM1NDExNjMxNjcxOTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMvKfnl9/txkBWGq+0+O5T50qfw6
GhIkexHTJI8QJHnkEZm9XEechU2a1u7BiUiIrXHOJCnKv/5+d95eg7eD73xXmj+j
RTFcLEh3dFIIOqwqv5od4bzPiFRK9CBsfKsBq0gy5eHgp/qvo6cuvHqhdCXdvfDz
KHEW7++9C7lR7oJGBVJc2L0rCiOWcH8XIMfxqbXNA6o8JxL3R48cekgSHIMqhSZn
qD6ccJXfoLy+64fIqsthy4vAS209cZXXSpKkNyuptuvQtGiv7/Jn6npLPLbDkLiB
whG3V2FN+8EKgE4j32XgbhjiqFcVYcH8AGHwQpAjbW2eCTriE5ImzD9m/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHU/U2e63JIkteOZOCHFQRYxZxkaMB8GA1UdIwQY
MBaAFF6hZT4XeqKVVACAXIx1vQ1oWDr8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHFGbFBoZDZvcFZVQUlCY2pIVzlEV2hZT3Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9hNGFmMTUtN2ZkZC00NWE0LWExNzIt
MWRmOGZhMjBmYTllLzEvWHFGbFBoZDZvcFZVQUlCY2pIVzlEV2hZT3Z3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9hNGFmMTUtN2ZkZC00NWE0LWExNzItMWRmOGZhMjBmYTll
LzEvWHFGbFBoZDZvcFZVQUlCY2pIVzlEV2hZT3Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcRWWKL51
gx/Jd7VwVk5pQZrcnGr+opzOWfKkc+5/V6iYJdJkHh6SUFxu3E+3syX655zgj4s+
l7WLW5pLjLxu0qtbuChxxYmyjPM3jBtZ7zbtZUjOFtLgu+2211amC6KvIdrdD6aZ
kt51rd5rBI0x43qmF/BAMaXdlZJo+8gKhYnqhvDGKqKmrO+icslGZ9O1vYoG24iv
sHRorcQSkd0w0DVQRPNIJ/6NO1uYsDqbGE5poru/RBXRHhewNxTBrB1IY3Uzn50U
ohJIkDRT5WXjiOwEZVcY4YDOrkEtYc/rmhnpUr60qntfhO/3MFsyjXrgRmcmhxUD
sA3Fe8mDySK6Yw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:07:00 2026 by rpki-client