Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft
File: XNhYOyEXQQSea7GalG2DGqvxGtM.mft (raw, json)
Hash identifier: zqeWH2UlZi6XBbMMa/Q1m+HGpx38w4el8idQdUOK5nM=
Subject key identifier: E8:03:85:2E:9D:BB:16:75:1A:11:82:14:00:F6:F5:38:96:35:38:E7
Authority key identifier: 5C:D8:58:3B:21:17:41:04:9E:6B:B1:9A:94:6D:83:1A:AB:F1:1A:D3
Certificate issuer: /CN=5cd8583b211741049e6bb19a946d831aabf11ad3
Certificate serial: 019EC2C9E7087C781AA25FD2AC020822DF6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft
Manifest number: 189D
Signing time: Sat 13 Jun 2026 21:01:12 +0000
Manifest this update: Sat 13 Jun 2026 21:01:12 +0000
Manifest next update: Sun 14 Jun 2026 21:01:12 +0000
Files and hashes: 1: S2GzX7bjyNfk8zuc_J7yDO8r8_A.roa (hash: 9cgwTQAZVGZH9VKGn5dJT7UJ2jaArnzhzVtmHDdrHjU=)
2: XNhYOyEXQQSea7GalG2DGqvxGtM.crl (hash: 1+6o1yDffX4k2qMu44RPPukUhFKPrEkMlH/al8Ru+Dg=)
3: rSchH_WpkAQtklBw4R5ArVw7Etg.roa (hash: FQrYCtK1inx5vQ38kiI4C/z5+zK3xo4th9Fjypdt9nc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft
rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 17:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:c2:c9:e7:08:7c:78:1a:a2:5f:d2:ac:02:08:22:df:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cd8583b211741049e6bb19a946d831aabf11ad3
Validity
Not Before: Jun 13 21:01:12 2026 GMT
Not After : Jun 14 21:01:12 2026 GMT
Subject: CN=e803852e9dbb16751a11821400f6f538963538e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:d6:ca:5e:87:73:7e:44:e3:5c:1f:3e:66:de:
d1:35:13:a9:99:a9:cb:48:0b:f4:76:6a:6d:10:d7:
f0:5e:42:4c:47:df:b6:76:8f:ed:3b:05:d7:d8:d0:
5f:7b:38:a7:5e:60:5a:93:74:58:e8:16:e1:79:01:
e4:4a:be:85:50:7e:cf:95:24:b4:b8:4b:ef:41:0e:
c0:ed:a0:5f:94:c7:e7:b5:28:85:54:a5:d7:49:12:
35:c4:46:5a:90:d5:b4:27:63:19:a3:41:84:36:4b:
0c:4d:52:71:a0:48:a2:fb:43:75:7f:59:10:83:73:
c3:db:02:c8:79:47:f5:e1:de:39:34:79:81:31:af:
14:a1:b5:51:0a:a3:d0:5a:09:d4:ae:06:f0:49:a1:
6e:be:e2:4d:99:54:f3:a7:d7:35:81:02:d1:80:7e:
4f:04:52:ae:a4:fd:3e:c8:6f:42:02:ab:0b:a5:b7:
c8:93:da:df:bb:c6:7e:9b:e1:9b:ec:fc:26:a9:99:
89:d9:4c:48:c2:70:da:06:ce:65:34:a8:84:2c:9f:
14:ac:90:85:e7:29:cf:23:4e:4b:f5:ac:24:ba:e8:
94:94:45:18:39:8d:60:51:a0:72:a0:f9:a1:f0:8f:
32:e1:e6:8a:57:77:ec:e3:bb:ea:04:b8:58:4c:76:
23:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:03:85:2E:9D:BB:16:75:1A:11:82:14:00:F6:F5:38:96:35:38:E7
X509v3 Authority Key Identifier:
keyid:5C:D8:58:3B:21:17:41:04:9E:6B:B1:9A:94:6D:83:1A:AB:F1:1A:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2f:59:ac:1a:c9:92:0d:a7:83:17:cb:8c:1a:15:3f:23:da:d6:
10:d6:76:45:97:11:9f:f9:92:8c:e7:f5:a4:7e:fe:1b:55:59:
17:97:d1:03:bc:21:12:49:97:e2:55:a0:22:d8:26:e7:30:c0:
9e:9f:53:9b:1d:60:38:d7:5b:fd:97:41:39:44:da:fb:53:13:
67:b5:aa:79:b2:43:4c:a6:2b:3c:8a:81:3e:e2:5a:4a:8f:a1:
8f:93:2b:c9:92:c4:44:3c:12:6b:48:d2:b2:9a:35:92:72:61:
17:12:02:18:6c:6f:48:dd:4f:9b:2f:37:c9:38:d5:b5:eb:af:
cd:c6:e8:39:ca:84:b2:e9:e4:ce:97:36:e3:a5:b7:b2:ea:eb:
d2:1c:18:61:10:5a:b3:cf:97:0a:37:ee:33:42:e4:6d:02:b1:
68:68:22:99:05:80:85:0f:e6:44:66:b8:88:20:b6:1e:9b:62:
51:1b:44:fe:1a:ef:ca:67:a8:11:5e:3d:a8:68:fb:f5:ee:06:
46:bf:6d:7c:8e:87:b6:5c:5b:be:93:59:b9:fe:4a:b3:44:24:
93:40:9b:3b:69:83:ab:c5:0d:78:5a:f4:5e:45:f5:5e:cc:f8:
80:00:42:6e:aa:f2:63:1f:4d:51:d9:21:a1:b5:f6:de:99:e1:
c9:9d:57:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7CyecIfHgaol/SrAIIIt9rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZDg1ODNiMjExNzQxMDQ5ZTZiYjE5YTk0NmQ4MzFhYWJm
MTFhZDMwHhcNMjYwNjEzMjEwMTEyWhcNMjYwNjE0MjEwMTEyWjAzMTEwLwYDVQQD
EyhlODAzODUyZTlkYmIxNjc1MWExMTgyMTQwMGY2ZjUzODk2MzUzOGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA19bKXodzfkTjXB8+Zt7RNROpmanL
SAv0dmptENfwXkJMR9+2do/tOwXX2NBfezinXmBak3RY6BbheQHkSr6FUH7PlSS0
uEvvQQ7A7aBflMfntSiFVKXXSRI1xEZakNW0J2MZo0GENksMTVJxoEii+0N1f1kQ
g3PD2wLIeUf14d45NHmBMa8UobVRCqPQWgnUrgbwSaFuvuJNmVTzp9c1gQLRgH5P
BFKupP0+yG9CAqsLpbfIk9rfu8Z+m+Gb7PwmqZmJ2UxIwnDaBs5lNKiELJ8UrJCF
5ynPI05L9awkuuiUlEUYOY1gUaByoPmh8I8y4eaKV3fs47vqBLhYTHYj0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOgDhS6duxZ1GhGCFAD29TiWNTjnMB8GA1UdIwQY
MBaAFFzYWDshF0EEnmuxmpRtgxqr8RrTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC83Mjk4YWItN2I5Yy00N2FkLTkwODUt
NTA5NzRiY2RjMjQ4LzEvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC83Mjk4YWItN2I5Yy00N2FkLTkwODUtNTA5NzRiY2RjMjQ4
LzEvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL1msGsmS
DaeDF8uMGhU/I9rWENZ2RZcRn/mSjOf1pH7+G1VZF5fRA7whEkmX4lWgItgm5zDA
np9Tmx1gONdb/ZdBOUTa+1MTZ7WqebJDTKYrPIqBPuJaSo+hj5MryZLERDwSa0jS
spo1knJhFxICGGxvSN1Pmy83yTjVteuvzcboOcqEsunkzpc246W3surr0hwYYRBa
s8+XCjfuM0LkbQKxaGgimQWAhQ/mRGa4iCC2HptiURtE/hrvymeoEV49qGj79e4G
Rr9tfI6HtlxbvpNZuf5Ks0Qkk0CbO2mDq8UNeFr0XkX1Xsz4gABCbqryYx9NUdkh
obX23pnhyZ1Xyw==
-----END CERTIFICATE-----
Generated at Sun Jun 14 01:55:50 2026 by rpki-client