Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/10fea8-4f9c-42e2-b041-bd65fed67dc6/1/XY9AsSSN49pfXWCX-BBoKTxL7vc.mft
File: XY9AsSSN49pfXWCX-BBoKTxL7vc.mft (raw, json)
Hash identifier: PJ2RjYlg0/+WEAunbUtdgw3dPV734/ek5wRPTJOigpM=
Subject key identifier: 13:F3:BD:95:18:D2:BA:30:80:19:1E:90:57:F8:99:99:FC:64:5F:C5
Authority key identifier: 5D:8F:40:B1:24:8D:E3:DA:5F:5D:60:97:F8:10:68:29:3C:4B:EE:F7
Certificate issuer: /CN=5d8f40b1248de3da5f5d6097f81068293c4beef7
Certificate serial: 019CAEA35126FDE17B4A3BFD3FEA4B72C196
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XY9AsSSN49pfXWCX-BBoKTxL7vc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/10fea8-4f9c-42e2-b041-bd65fed67dc6/1/XY9AsSSN49pfXWCX-BBoKTxL7vc.mft
Manifest number: 0173
Signing time: Mon 02 Mar 2026 13:01:04 +0000
Manifest this update: Mon 02 Mar 2026 13:01:04 +0000
Manifest next update: Tue 03 Mar 2026 13:01:04 +0000
Files and hashes: 1: XY9AsSSN49pfXWCX-BBoKTxL7vc.crl (hash: mKUFybWFCz1/wKHmLEB1bLR2kyyqCJJAn30LSyFcjqY=)
2: _a7gNZLlQxgHn1SWkyljxM4Vp8E.roa (hash: riqb9ZgtO6K145lOcaQYpYRovN3sqPG5Tn86hViYkIc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/10fea8-4f9c-42e2-b041-bd65fed67dc6/1/XY9AsSSN49pfXWCX-BBoKTxL7vc.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/10fea8-4f9c-42e2-b041-bd65fed67dc6/1/XY9AsSSN49pfXWCX-BBoKTxL7vc.mft
rsync://rpki.ripe.net/repository/DEFAULT/XY9AsSSN49pfXWCX-BBoKTxL7vc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 13:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ae:a3:51:26:fd:e1:7b:4a:3b:fd:3f:ea:4b:72:c1:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d8f40b1248de3da5f5d6097f81068293c4beef7
Validity
Not Before: Mar 2 13:01:04 2026 GMT
Not After : Mar 3 13:01:04 2026 GMT
Subject: CN=13f3bd9518d2ba3080191e9057f89999fc645fc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:d9:3e:f6:f6:04:39:4f:e5:bc:46:e2:d4:69:
88:bd:40:27:e1:8a:93:34:63:fe:25:1a:c5:37:c5:
be:a2:88:3b:14:68:21:29:79:71:54:f9:a7:b3:47:
69:0b:14:22:fb:87:ee:4d:71:91:bd:68:ea:96:3f:
7d:d3:72:e9:1e:ed:f5:5e:91:fc:cc:c8:4f:ac:d8:
00:87:b0:f4:74:7d:7e:82:1e:38:6e:9e:c8:ff:b7:
99:9a:95:7b:3a:bc:63:89:08:b3:b8:31:f7:5a:ae:
1b:46:93:46:d8:da:84:4e:5c:6f:0f:f8:92:9e:ff:
f7:3e:37:09:c6:06:22:cb:90:18:23:d6:47:d5:29:
a9:80:d1:90:04:aa:af:f0:19:1f:00:aa:36:ef:de:
f8:2c:71:06:4d:60:3f:09:6b:19:e2:d9:53:fb:e8:
c2:12:5b:41:f8:85:5a:2c:68:ad:4e:5f:37:71:03:
ef:3a:3f:6a:c5:c1:b1:bc:bb:60:41:c1:05:e6:92:
1d:56:70:54:f9:5c:1c:8e:66:65:59:63:66:6a:be:
5e:b4:43:6d:6a:28:3e:5d:98:b5:41:9b:76:f3:56:
c8:62:14:08:22:24:38:c6:1a:5e:1e:0f:63:3c:d4:
88:5c:08:a0:6c:b4:ea:1b:43:b0:e8:43:a5:80:f3:
fe:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:F3:BD:95:18:D2:BA:30:80:19:1E:90:57:F8:99:99:FC:64:5F:C5
X509v3 Authority Key Identifier:
keyid:5D:8F:40:B1:24:8D:E3:DA:5F:5D:60:97:F8:10:68:29:3C:4B:EE:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XY9AsSSN49pfXWCX-BBoKTxL7vc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/10fea8-4f9c-42e2-b041-bd65fed67dc6/1/XY9AsSSN49pfXWCX-BBoKTxL7vc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/10fea8-4f9c-42e2-b041-bd65fed67dc6/1/XY9AsSSN49pfXWCX-BBoKTxL7vc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
37:a9:5b:5e:23:54:e3:45:1b:89:de:a6:9b:fa:49:c6:8f:69:
44:fa:5e:c1:46:9e:3d:35:96:6b:c0:cd:ed:a7:ba:49:f6:8c:
12:4d:39:e4:e9:40:b2:3e:67:cc:a4:e5:16:84:8b:5b:c5:97:
3f:43:fa:a3:af:a0:93:58:ea:08:1c:2f:88:72:3c:91:99:da:
61:05:2a:c2:59:36:06:b7:c9:da:ea:4a:3f:b8:56:54:8b:bf:
00:00:0e:7e:96:e0:8a:02:ea:19:90:e7:0f:a4:c2:29:c1:d9:
88:77:51:b2:09:c9:eb:b6:e8:52:f4:d4:2d:09:21:20:15:3d:
0f:8d:b6:06:92:63:21:ec:37:85:a5:95:3c:b8:90:6b:d6:7b:
0a:d3:be:82:dc:10:08:5c:cf:8f:a1:2f:e8:e7:29:0f:de:c9:
a8:29:a6:c9:b3:85:31:8e:ca:eb:4a:0d:72:5d:f9:02:d7:94:
5c:70:6d:95:bf:0c:52:ef:71:ed:0b:e5:2d:b3:d8:79:07:b8:
2f:cf:1e:4e:14:73:2c:cd:43:e0:98:59:e5:8f:c8:ed:05:52:
39:b4:81:d6:69:32:7d:a6:d6:33:79:99:24:5a:cb:25:e9:21:
67:d6:8a:9b:10:89:52:ab:96:b6:04:ac:2d:47:4f:af:eb:65:
eb:44:f3:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyuo1Em/eF7Sjv9P+pLcsGWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkOGY0MGIxMjQ4ZGUzZGE1ZjVkNjA5N2Y4MTA2ODI5M2M0
YmVlZjcwHhcNMjYwMzAyMTMwMTA0WhcNMjYwMzAzMTMwMTA0WjAzMTEwLwYDVQQD
EygxM2YzYmQ5NTE4ZDJiYTMwODAxOTFlOTA1N2Y4OTk5OWZjNjQ1ZmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjdk+9vYEOU/lvEbi1GmIvUAn4YqT
NGP+JRrFN8W+oog7FGghKXlxVPmns0dpCxQi+4fuTXGRvWjqlj9903LpHu31XpH8
zMhPrNgAh7D0dH1+gh44bp7I/7eZmpV7OrxjiQizuDH3Wq4bRpNG2NqETlxvD/iS
nv/3PjcJxgYiy5AYI9ZH1SmpgNGQBKqv8BkfAKo27974LHEGTWA/CWsZ4tlT++jC
EltB+IVaLGitTl83cQPvOj9qxcGxvLtgQcEF5pIdVnBU+VwcjmZlWWNmar5etENt
aig+XZi1QZt281bIYhQIIiQ4xhpeHg9jPNSIXAigbLTqG0Ow6EOlgPP+wwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBPzvZUY0rowgBkekFf4mZn8ZF/FMB8GA1UdIwQY
MBaAFF2PQLEkjePaX11gl/gQaCk8S+73MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFk5QXNTU040OXBmWFdDWC1CQm9LVHhMN3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8xMGZlYTgtNGY5Yy00MmUyLWIwNDEt
YmQ2NWZlZDY3ZGM2LzEvWFk5QXNTU040OXBmWFdDWC1CQm9LVHhMN3ZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8xMGZlYTgtNGY5Yy00MmUyLWIwNDEtYmQ2NWZlZDY3ZGM2
LzEvWFk5QXNTU040OXBmWFdDWC1CQm9LVHhMN3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN6lbXiNU
40Ubid6mm/pJxo9pRPpewUaePTWWa8DN7ae6SfaMEk055OlAsj5nzKTlFoSLW8WX
P0P6o6+gk1jqCBwviHI8kZnaYQUqwlk2BrfJ2upKP7hWVIu/AAAOfpbgigLqGZDn
D6TCKcHZiHdRsgnJ67boUvTULQkhIBU9D422BpJjIew3haWVPLiQa9Z7CtO+gtwQ
CFzPj6Ev6OcpD97JqCmmybOFMY7K60oNcl35AteUXHBtlb8MUu9x7QvlLbPYeQe4
L88eThRzLM1D4JhZ5Y/I7QVSObSB1mkyfabWM3mZJFrLJekhZ9aKmxCJUquWtgSs
LUdPr+tl60Tzug==
-----END CERTIFICATE-----
Generated at Mon Mar 2 19:08:47 2026 by rpki-client