Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/582b7f-60c3-411a-9625-32da1db4b203/1/xw2_VVhwtVas-rQox06s7lb3siI.mft
File: xw2_VVhwtVas-rQox06s7lb3siI.mft (raw, json)
Hash identifier: Yipb2+VDK+tTOEUK9QN+O8wUv4IHVhmXB5v+QAsGoIk=
Subject key identifier: 18:E5:BE:1C:D0:1E:05:1D:E4:5D:78:CB:9D:A6:90:6F:65:F8:B8:B0
Authority key identifier: C7:0D:BF:55:58:70:B5:56:AC:FA:B4:28:C7:4E:AC:EE:56:F7:B2:22
Certificate issuer: /CN=c70dbf555870b556acfab428c74eacee56f7b222
Certificate serial: 019CADC770B75D5E415DAAEA936857980AE2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xw2_VVhwtVas-rQox06s7lb3siI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/582b7f-60c3-411a-9625-32da1db4b203/1/xw2_VVhwtVas-rQox06s7lb3siI.mft
Manifest number: 1849
Signing time: Mon 02 Mar 2026 09:00:54 +0000
Manifest this update: Mon 02 Mar 2026 09:00:54 +0000
Manifest next update: Tue 03 Mar 2026 09:00:54 +0000
Files and hashes: 1: UVWbdtgMtPSlXPD-ljLhVUXQTLI.roa (hash: 0y9dv3rbyul1H/gRs5dF3tqgdi9jkPTntAurTA6guBk=)
2: xw2_VVhwtVas-rQox06s7lb3siI.crl (hash: mvdY0yNCmey4kvR/N4EQItnRsoKPyDFHbBHOSwWWxLs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/582b7f-60c3-411a-9625-32da1db4b203/1/xw2_VVhwtVas-rQox06s7lb3siI.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/582b7f-60c3-411a-9625-32da1db4b203/1/xw2_VVhwtVas-rQox06s7lb3siI.mft
rsync://rpki.ripe.net/repository/DEFAULT/xw2_VVhwtVas-rQox06s7lb3siI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:c7:70:b7:5d:5e:41:5d:aa:ea:93:68:57:98:0a:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c70dbf555870b556acfab428c74eacee56f7b222
Validity
Not Before: Mar 2 09:00:54 2026 GMT
Not After : Mar 3 09:00:54 2026 GMT
Subject: CN=18e5be1cd01e051de45d78cb9da6906f65f8b8b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:f6:f5:bc:c3:a6:2a:81:ec:c9:e7:3a:0e:f7:
fa:05:a0:8f:3d:67:bc:3e:30:66:f9:c8:75:bf:c9:
96:30:7a:24:a9:25:9b:08:3e:87:43:6f:1a:e2:7a:
dc:71:ab:a2:d8:67:3f:5a:dc:50:5c:26:40:a5:b9:
01:10:87:9d:7c:52:24:89:80:89:53:bf:6b:fd:e4:
61:78:6f:22:a6:80:a5:29:3a:8e:7b:11:ab:be:c1:
20:ce:dc:cf:80:98:41:83:92:18:9a:f0:30:66:cd:
a0:b6:9d:dd:cf:dd:51:43:b3:ff:b0:ba:8f:93:bd:
71:2f:aa:69:bb:bd:d6:da:28:39:e0:d1:32:44:e6:
63:b7:07:25:96:a4:6a:f2:02:80:62:bf:be:d5:2a:
aa:2d:fe:76:f6:57:de:5f:65:ca:0b:09:1f:33:bb:
15:21:c7:27:9b:3f:0f:cc:02:a8:36:1f:88:63:86:
8f:0b:51:39:58:72:0f:c8:39:9e:c9:22:0d:f5:10:
08:28:cc:84:ca:83:9d:4f:05:d4:c5:cd:75:b1:f6:
39:86:e7:3a:13:d6:d0:8b:62:78:f4:e3:c9:96:12:
ab:05:eb:8b:d2:67:18:6a:b5:a6:6d:4f:cb:7a:57:
79:71:95:b8:44:5d:e5:02:80:54:fc:bf:5a:97:ba:
83:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:E5:BE:1C:D0:1E:05:1D:E4:5D:78:CB:9D:A6:90:6F:65:F8:B8:B0
X509v3 Authority Key Identifier:
keyid:C7:0D:BF:55:58:70:B5:56:AC:FA:B4:28:C7:4E:AC:EE:56:F7:B2:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xw2_VVhwtVas-rQox06s7lb3siI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/582b7f-60c3-411a-9625-32da1db4b203/1/xw2_VVhwtVas-rQox06s7lb3siI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/582b7f-60c3-411a-9625-32da1db4b203/1/xw2_VVhwtVas-rQox06s7lb3siI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6e:f6:85:02:7d:24:10:6d:f3:e4:a5:46:7c:71:1d:6e:80:b1:
41:69:45:c0:99:f4:ba:d2:b2:08:fd:be:54:90:cb:1c:54:3a:
84:5c:2f:7a:7b:36:a7:4f:b4:41:a2:e0:fb:77:65:60:fd:5e:
e4:a0:90:c1:72:e0:f6:5b:02:e0:3f:d5:6a:ea:15:de:ab:f8:
4d:1b:84:2e:6c:31:a5:d0:0c:81:ae:98:f6:2e:ec:e7:f0:8c:
c0:c7:ff:e8:eb:52:6a:15:63:16:2f:d6:33:46:51:22:cf:77:
1a:53:8c:1b:43:e1:17:4f:66:fe:b2:6c:02:ab:6c:4f:a2:ac:
b2:c7:f5:d5:0a:68:43:0f:6d:26:1c:60:b5:8e:c8:1b:d2:d7:
52:0c:a3:30:a8:26:3c:31:f1:fe:c3:dc:77:bc:77:70:49:f1:
7a:0e:eb:b1:de:52:ea:ce:86:b0:ed:ef:f6:79:9a:59:f2:47:
69:ac:a9:6f:ef:80:a5:3b:62:9d:bb:6e:dc:c9:34:9f:14:b7:
ef:5c:05:50:b4:e4:05:09:0e:9b:57:cc:29:d4:e3:d7:1b:69:
d3:f3:23:be:8a:f6:4e:3d:3f:73:3e:3c:3f:a3:a8:f7:94:a5:
b5:d3:b7:ec:ea:f4:82:9e:86:c0:cc:ab:bf:6a:bf:c6:ff:eb:
2c:40:f9:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytx3C3XV5BXarqk2hXmAriMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3MGRiZjU1NTg3MGI1NTZhY2ZhYjQyOGM3NGVhY2VlNTZm
N2IyMjIwHhcNMjYwMzAyMDkwMDU0WhcNMjYwMzAzMDkwMDU0WjAzMTEwLwYDVQQD
EygxOGU1YmUxY2QwMWUwNTFkZTQ1ZDc4Y2I5ZGE2OTA2ZjY1ZjhiOGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3fb1vMOmKoHsyec6Dvf6BaCPPWe8
PjBm+ch1v8mWMHokqSWbCD6HQ28a4nrccaui2Gc/WtxQXCZApbkBEIedfFIkiYCJ
U79r/eRheG8ipoClKTqOexGrvsEgztzPgJhBg5IYmvAwZs2gtp3dz91RQ7P/sLqP
k71xL6ppu73W2ig54NEyROZjtwcllqRq8gKAYr++1SqqLf529lfeX2XKCwkfM7sV
Iccnmz8PzAKoNh+IY4aPC1E5WHIPyDmeySIN9RAIKMyEyoOdTwXUxc11sfY5huc6
E9bQi2J49OPJlhKrBeuL0mcYarWmbU/Leld5cZW4RF3lAoBU/L9al7qDRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBjlvhzQHgUd5F14y52mkG9l+LiwMB8GA1UdIwQY
MBaAFMcNv1VYcLVWrPq0KMdOrO5W97IiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHcyX1ZWaHd0VmFzLXJRb3gwNnM3bGIzc2lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS81ODJiN2YtNjBjMy00MTFhLTk2MjUt
MzJkYTFkYjRiMjAzLzEveHcyX1ZWaHd0VmFzLXJRb3gwNnM3bGIzc2lJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS81ODJiN2YtNjBjMy00MTFhLTk2MjUtMzJkYTFkYjRiMjAz
LzEveHcyX1ZWaHd0VmFzLXJRb3gwNnM3bGIzc2lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbvaFAn0k
EG3z5KVGfHEdboCxQWlFwJn0utKyCP2+VJDLHFQ6hFwvens2p0+0QaLg+3dlYP1e
5KCQwXLg9lsC4D/VauoV3qv4TRuELmwxpdAMga6Y9i7s5/CMwMf/6OtSahVjFi/W
M0ZRIs93GlOMG0PhF09m/rJsAqtsT6Ksssf11QpoQw9tJhxgtY7IG9LXUgyjMKgm
PDHx/sPcd7x3cEnxeg7rsd5S6s6GsO3v9nmaWfJHaaypb++ApTtinbtu3Mk0nxS3
71wFULTkBQkOm1fMKdTj1xtp0/Mjvor2Tj0/cz48P6Oo95SltdO37Or0gp6GwMyr
v2q/xv/rLED5Tg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:29:34 2026 by rpki-client