Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft
File: XNhYOyEXQQSea7GalG2DGqvxGtM.mft (raw, json)
Hash identifier: +Q5FgonAHTX962LF+xCUQ5B8sZTdDx2jcAVpWcB6NtY=
Subject key identifier: 76:FA:22:06:4C:75:49:85:3E:38:6E:ED:4A:32:01:66:6B:2E:73:03
Authority key identifier: 5C:D8:58:3B:21:17:41:04:9E:6B:B1:9A:94:6D:83:1A:AB:F1:1A:D3
Certificate issuer: /CN=5cd8583b211741049e6bb19a946d831aabf11ad3
Certificate serial: 019D9B50E4CECFA45A7E275E75D190C437BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft
Manifest number: 1804
Signing time: Fri 17 Apr 2026 12:01:03 +0000
Manifest this update: Fri 17 Apr 2026 12:01:03 +0000
Manifest next update: Sat 18 Apr 2026 12:01:03 +0000
Files and hashes: 1: S2GzX7bjyNfk8zuc_J7yDO8r8_A.roa (hash: 9cgwTQAZVGZH9VKGn5dJT7UJ2jaArnzhzVtmHDdrHjU=)
2: XNhYOyEXQQSea7GalG2DGqvxGtM.crl (hash: +G/tuAfrduehsR5MbHKOvzF7ezBuO61HhLPa1p4fM1k=)
3: rSchH_WpkAQtklBw4R5ArVw7Etg.roa (hash: FQrYCtK1inx5vQ38kiI4C/z5+zK3xo4th9Fjypdt9nc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft
rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 12:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:50:e4:ce:cf:a4:5a:7e:27:5e:75:d1:90:c4:37:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cd8583b211741049e6bb19a946d831aabf11ad3
Validity
Not Before: Apr 17 12:01:03 2026 GMT
Not After : Apr 18 12:01:03 2026 GMT
Subject: CN=76fa22064c7549853e386eed4a3201666b2e7303
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:34:5d:a5:75:fe:c9:f5:9e:83:4f:ae:1a:7d:
c4:e8:cd:19:36:9a:2c:d2:7e:e7:69:8b:d2:90:7c:
2d:03:99:ba:a7:e8:87:b5:ad:32:c7:63:7c:45:4c:
8f:16:72:a8:be:6f:a1:0c:c2:d3:67:67:72:1a:30:
c0:bd:ca:11:af:70:48:99:af:20:49:b5:f7:d7:7e:
34:25:4f:3b:03:f1:3e:b6:30:d5:2b:40:00:df:7a:
78:94:6a:c8:98:a1:9c:35:04:06:b1:3b:bb:54:3a:
db:37:77:55:7e:6f:a0:16:c4:7f:bf:c9:79:0a:8f:
09:7c:ed:40:e5:80:f4:ef:6d:a4:fd:0a:c4:34:50:
7f:24:82:44:0e:e7:34:f8:36:8f:88:e1:95:ae:16:
d8:ca:de:ee:ba:e8:45:27:88:7f:02:6c:63:8b:14:
8d:5a:a4:a6:f2:15:9e:71:e0:05:ec:d3:19:ad:54:
77:79:3b:a4:61:24:c6:84:a0:69:e8:ee:19:3e:63:
b6:ba:da:ff:0d:2e:68:16:f9:fd:0b:46:77:4e:97:
de:89:bd:1e:6d:6e:f2:71:f7:4f:dd:d3:31:cd:15:
8e:35:ba:98:4c:c2:ef:01:a8:54:0b:34:d4:a0:c8:
db:0d:07:09:87:1b:78:15:59:c7:07:bd:29:58:2f:
d4:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:FA:22:06:4C:75:49:85:3E:38:6E:ED:4A:32:01:66:6B:2E:73:03
X509v3 Authority Key Identifier:
keyid:5C:D8:58:3B:21:17:41:04:9E:6B:B1:9A:94:6D:83:1A:AB:F1:1A:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
58:8f:91:bb:e4:d0:7b:5c:00:73:6c:28:fb:d7:97:da:13:0f:
7e:5c:73:77:ff:b0:f3:52:07:02:80:3a:11:df:81:fd:10:6d:
6c:93:df:b4:43:dd:a3:48:66:1f:02:5a:95:14:73:5f:f5:af:
79:b2:69:b8:66:b0:f7:60:7a:5a:e5:5a:7d:57:f1:46:c8:8e:
bf:f5:a3:f8:0a:81:bf:3e:d4:dd:0e:cc:df:fa:00:67:62:2d:
e4:69:5e:1f:f6:17:e7:b5:27:9c:ba:9a:89:36:09:c6:15:77:
36:7c:fe:b5:5b:49:1b:4e:f1:56:02:7c:13:19:22:7c:6b:69:
e3:79:4a:b2:95:3f:5d:3c:7a:82:a4:30:09:77:45:fd:75:51:
40:ef:fd:d3:1c:89:44:d4:e9:f9:78:2d:35:5c:26:92:6d:f2:
78:c4:02:4d:8a:e5:46:41:71:38:53:d6:b7:d2:4c:20:b1:8f:
1c:c0:de:30:72:45:48:8d:16:4b:7c:cc:f9:ba:f5:52:bb:ea:
6e:31:a4:cc:71:41:aa:e1:69:ef:6d:ac:32:f3:c0:24:c0:4a:
1f:eb:a0:2a:34:92:11:54:b1:24:c5:bc:de:85:b4:3c:e1:fe:
d3:78:38:21:c0:9c:a3:02:a7:52:f5:45:3b:aa:51:0a:7e:59:
a5:d0:41:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bUOTOz6RafideddGQxDe6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZDg1ODNiMjExNzQxMDQ5ZTZiYjE5YTk0NmQ4MzFhYWJm
MTFhZDMwHhcNMjYwNDE3MTIwMTAzWhcNMjYwNDE4MTIwMTAzWjAzMTEwLwYDVQQD
Eyg3NmZhMjIwNjRjNzU0OTg1M2UzODZlZWQ0YTMyMDE2NjZiMmU3MzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTRdpXX+yfWeg0+uGn3E6M0ZNpos
0n7naYvSkHwtA5m6p+iHta0yx2N8RUyPFnKovm+hDMLTZ2dyGjDAvcoRr3BIma8g
SbX31340JU87A/E+tjDVK0AA33p4lGrImKGcNQQGsTu7VDrbN3dVfm+gFsR/v8l5
Co8JfO1A5YD0722k/QrENFB/JIJEDuc0+DaPiOGVrhbYyt7uuuhFJ4h/AmxjixSN
WqSm8hWeceAF7NMZrVR3eTukYSTGhKBp6O4ZPmO2utr/DS5oFvn9C0Z3Tpfeib0e
bW7ycfdP3dMxzRWONbqYTMLvAahUCzTUoMjbDQcJhxt4FVnHB70pWC/UqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHb6IgZMdUmFPjhu7UoyAWZrLnMDMB8GA1UdIwQY
MBaAFFzYWDshF0EEnmuxmpRtgxqr8RrTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC83Mjk4YWItN2I5Yy00N2FkLTkwODUt
NTA5NzRiY2RjMjQ4LzEvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC83Mjk4YWItN2I5Yy00N2FkLTkwODUtNTA5NzRiY2RjMjQ4
LzEvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWI+Ru+TQ
e1wAc2wo+9eX2hMPflxzd/+w81IHAoA6Ed+B/RBtbJPftEPdo0hmHwJalRRzX/Wv
ebJpuGaw92B6WuVafVfxRsiOv/Wj+AqBvz7U3Q7M3/oAZ2It5GleH/YX57UnnLqa
iTYJxhV3Nnz+tVtJG07xVgJ8ExkifGtp43lKspU/XTx6gqQwCXdF/XVRQO/90xyJ
RNTp+XgtNVwmkm3yeMQCTYrlRkFxOFPWt9JMILGPHMDeMHJFSI0WS3zM+br1Urvq
bjGkzHFBquFp722sMvPAJMBKH+ugKjSSEVSxJMW83oW0POH+03g4IcCcowKnUvVF
O6pRCn5ZpdBBvA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 19:16:13 2026 by rpki-client