Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft
File: XasLCOUfgYIkYp-zohHYPVvjVEA.mft (raw, json)
Hash identifier: 0WEwtlgTmZc4o/Fo2WRK9j0wtDAvbrkF3sF+9cFgJfw=
Subject key identifier: 19:3B:61:ED:18:D4:47:81:3D:FB:3C:1A:78:07:F0:68:EC:56:FE:EC
Authority key identifier: 5D:AB:0B:08:E5:1F:81:82:24:62:9F:B3:A2:11:D8:3D:5B:E3:54:40
Certificate issuer: /CN=5dab0b08e51f818224629fb3a211d83d5be35440
Certificate serial: 019CAB34A8B0B7AC40405CB6478C5D4BADCA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft
Manifest number: 1654
Signing time: Sun 01 Mar 2026 21:01:20 +0000
Manifest this update: Sun 01 Mar 2026 21:01:20 +0000
Manifest next update: Mon 02 Mar 2026 21:01:20 +0000
Files and hashes: 1: HdxQx8q8ZBcZded3E8nmTrSkgmE.roa (hash: me4VXnxn0oOOrXZ4tjj+/iKQpTq2YIw30gSY0JjN42A=)
2: XasLCOUfgYIkYp-zohHYPVvjVEA.crl (hash: dsUeB3MoezIzbYk9o8Xt3S6tjqf6ar+kfLWH3FF0EL0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft
rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 21:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:34:a8:b0:b7:ac:40:40:5c:b6:47:8c:5d:4b:ad:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dab0b08e51f818224629fb3a211d83d5be35440
Validity
Not Before: Mar 1 21:01:20 2026 GMT
Not After : Mar 2 21:01:20 2026 GMT
Subject: CN=193b61ed18d447813dfb3c1a7807f068ec56feec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:e8:4a:ac:e9:ae:ac:91:d3:2f:3b:d6:05:57:
02:43:3c:cc:c9:f7:5b:d5:0e:b3:5e:ac:6b:e1:40:
3c:e7:39:0e:a3:48:fc:4a:60:33:9e:32:40:1f:c5:
55:87:81:02:2a:13:ba:c6:e7:7a:c0:90:ca:16:ba:
77:d7:1c:dd:a8:99:8b:a9:02:67:62:2b:2d:53:78:
45:c3:df:24:b3:9e:02:61:9d:fa:bf:74:88:8c:d0:
10:1b:ae:db:93:a2:78:05:36:b0:00:0d:fa:9a:0f:
37:98:2b:20:ec:4c:8e:ad:10:18:e9:5c:f1:ac:57:
45:b9:4f:5f:8c:1b:70:1d:da:d5:9a:cf:77:31:a8:
8c:d1:1e:3c:9f:d2:35:99:a5:f8:bd:43:36:1f:2f:
a2:b3:74:ae:be:b6:cf:fc:b5:62:55:4e:e7:6b:aa:
73:86:5d:5b:e8:41:9f:ec:17:74:b4:bc:2c:c1:cc:
4d:79:8e:e2:9a:0a:28:60:cb:d6:f9:87:05:3b:93:
e5:46:7e:7a:de:a0:c5:24:a2:47:03:d9:94:be:0d:
31:67:5a:ea:53:40:10:37:81:81:16:98:9b:ac:39:
ef:65:a5:d5:c1:11:52:84:86:8e:6e:6c:26:6b:2d:
7c:80:46:ce:03:14:3b:22:27:58:4b:fb:b4:48:81:
f2:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:3B:61:ED:18:D4:47:81:3D:FB:3C:1A:78:07:F0:68:EC:56:FE:EC
X509v3 Authority Key Identifier:
keyid:5D:AB:0B:08:E5:1F:81:82:24:62:9F:B3:A2:11:D8:3D:5B:E3:54:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
60:0f:09:b6:f9:8a:af:6c:b5:d0:68:da:05:6a:a8:81:a8:2d:
60:33:ec:d3:49:7e:30:be:3a:ad:13:6b:ac:23:7f:fc:2b:5d:
64:5c:db:a6:be:07:0c:d7:4a:de:22:82:84:eb:3e:01:44:a8:
f7:ee:74:e1:da:1f:68:78:27:65:48:67:61:b7:e9:3f:cd:04:
43:ef:8a:1f:f6:1e:7b:05:60:66:6e:32:51:08:bb:c6:9b:e5:
f9:ec:80:f8:67:54:93:e1:f2:d5:5b:5e:bd:12:22:13:1e:f0:
64:00:30:b1:63:f7:4b:05:14:a3:2b:d0:c7:89:b3:7e:6d:3d:
a4:d3:b3:82:9f:1c:bf:b7:14:5c:66:63:c3:b4:51:45:a4:63:
d7:a6:a1:e7:3a:7e:b8:6d:f9:4e:ce:b2:63:4f:6d:3c:72:d5:
1e:4e:aa:c5:2f:2c:d0:bf:85:56:44:47:bb:c1:ea:35:86:3f:
72:6d:a0:47:9b:39:85:94:cf:c6:c0:f5:29:ea:38:9b:f6:0c:
a1:aa:b3:f9:4e:d0:a1:87:7f:dc:e8:1d:dd:e5:8c:4c:b4:c8:
98:1b:6f:83:3a:e7:db:59:65:ed:99:1f:4a:f1:16:0e:e3:18:
68:1d:72:6d:af:25:81:4f:3c:d6:a7:e6:40:62:c3:b0:1a:ff:
d7:62:c5:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrNKiwt6xAQFy2R4xdS63KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYWIwYjA4ZTUxZjgxODIyNDYyOWZiM2EyMTFkODNkNWJl
MzU0NDAwHhcNMjYwMzAxMjEwMTIwWhcNMjYwMzAyMjEwMTIwWjAzMTEwLwYDVQQD
EygxOTNiNjFlZDE4ZDQ0NzgxM2RmYjNjMWE3ODA3ZjA2OGVjNTZmZWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyuhKrOmurJHTLzvWBVcCQzzMyfdb
1Q6zXqxr4UA85zkOo0j8SmAznjJAH8VVh4ECKhO6xud6wJDKFrp31xzdqJmLqQJn
YistU3hFw98ks54CYZ36v3SIjNAQG67bk6J4BTawAA36mg83mCsg7EyOrRAY6Vzx
rFdFuU9fjBtwHdrVms93MaiM0R48n9I1maX4vUM2Hy+is3SuvrbP/LViVU7na6pz
hl1b6EGf7Bd0tLwswcxNeY7imgooYMvW+YcFO5PlRn563qDFJKJHA9mUvg0xZ1rq
U0AQN4GBFpibrDnvZaXVwRFShIaObmwmay18gEbOAxQ7IidYS/u0SIHyEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBk7Ye0Y1EeBPfs8GngH8GjsVv7sMB8GA1UdIwQY
MBaAFF2rCwjlH4GCJGKfs6IR2D1b41RAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9lNjIwODktYjk4YS00ZmRkLTljNGUt
NjI3ODkxODJhMGYzLzEvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9lNjIwODktYjk4YS00ZmRkLTljNGUtNjI3ODkxODJhMGYz
LzEvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYA8JtvmK
r2y10GjaBWqogagtYDPs00l+ML46rRNrrCN//CtdZFzbpr4HDNdK3iKChOs+AUSo
9+504dofaHgnZUhnYbfpP80EQ++KH/YeewVgZm4yUQi7xpvl+eyA+GdUk+Hy1Vte
vRIiEx7wZAAwsWP3SwUUoyvQx4mzfm09pNOzgp8cv7cUXGZjw7RRRaRj16ah5zp+
uG35Ts6yY09tPHLVHk6qxS8s0L+FVkRHu8HqNYY/cm2gR5s5hZTPxsD1Keo4m/YM
oaqz+U7QoYd/3Ogd3eWMTLTImBtvgzrn21ll7ZkfSvEWDuMYaB1yba8lgU881qfm
QGLDsBr/12LFPQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 05:40:12 2026 by rpki-client