Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft
File: XNhYOyEXQQSea7GalG2DGqvxGtM.mft (raw, json)
Hash identifier: luddtZp6w3QhpP8xXIslP+/QG1b4h2j45k/f+HGu2f0=
Subject key identifier: B8:BD:54:51:66:E0:47:CD:1D:90:81:35:2D:C1:F0:F7:0E:6A:15:41
Authority key identifier: 5C:D8:58:3B:21:17:41:04:9E:6B:B1:9A:94:6D:83:1A:AB:F1:1A:D3
Certificate issuer: /CN=5cd8583b211741049e6bb19a946d831aabf11ad3
Certificate serial: 019CADC84FCBB94AE6EB225B301A14FFEA0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft
Manifest number: 1789
Signing time: Mon 02 Mar 2026 09:01:51 +0000
Manifest this update: Mon 02 Mar 2026 09:01:51 +0000
Manifest next update: Tue 03 Mar 2026 09:01:51 +0000
Files and hashes: 1: S2GzX7bjyNfk8zuc_J7yDO8r8_A.roa (hash: 9cgwTQAZVGZH9VKGn5dJT7UJ2jaArnzhzVtmHDdrHjU=)
2: XNhYOyEXQQSea7GalG2DGqvxGtM.crl (hash: iZIIArCjxthwtOuM6i6LGcNbtim5vlh/04yDiASkBTw=)
3: rSchH_WpkAQtklBw4R5ArVw7Etg.roa (hash: FQrYCtK1inx5vQ38kiI4C/z5+zK3xo4th9Fjypdt9nc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft
rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:c8:4f:cb:b9:4a:e6:eb:22:5b:30:1a:14:ff:ea:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cd8583b211741049e6bb19a946d831aabf11ad3
Validity
Not Before: Mar 2 09:01:51 2026 GMT
Not After : Mar 3 09:01:51 2026 GMT
Subject: CN=b8bd545166e047cd1d9081352dc1f0f70e6a1541
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:4a:f6:7c:7f:c2:fe:e3:0f:08:4d:56:a4:e3:
c3:db:fd:8e:2a:3e:07:23:09:ea:bb:a3:c4:0b:00:
a7:cf:cb:9f:91:57:c1:84:30:07:69:95:46:18:4d:
4e:b4:7c:8b:c4:c6:97:d9:cf:0a:0e:0d:15:e0:9f:
53:cc:5a:33:66:11:34:d9:ef:24:a0:8c:9c:7c:bb:
71:63:2f:36:28:cf:d6:e3:71:aa:e1:5e:f3:33:01:
0d:c9:66:9e:63:82:20:c4:78:88:ba:ee:70:e5:42:
8b:ed:b7:70:80:1f:ba:69:e7:a0:e6:29:da:ca:dd:
6f:e0:51:44:4c:d2:14:7f:30:67:83:ba:e2:80:07:
ac:fa:12:09:15:a0:a1:f3:a8:f0:3c:61:f0:14:6d:
63:bc:9d:93:5b:a9:00:13:7c:48:53:3a:a1:85:ae:
51:03:8a:bb:5f:77:09:d3:0c:4a:8d:43:c1:3a:65:
14:f4:fa:db:b9:83:ae:57:27:db:1d:77:eb:96:25:
46:6e:cc:c7:92:66:50:78:23:24:73:4a:73:f2:11:
b5:c5:fd:03:1b:f3:af:0c:b8:a9:54:df:2c:c3:58:
70:50:5b:c1:03:a8:f3:1e:73:7c:19:3c:0a:0a:b4:
11:69:ed:19:12:89:c6:2a:cc:ac:c4:1a:5a:e4:ed:
15:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:BD:54:51:66:E0:47:CD:1D:90:81:35:2D:C1:F0:F7:0E:6A:15:41
X509v3 Authority Key Identifier:
keyid:5C:D8:58:3B:21:17:41:04:9E:6B:B1:9A:94:6D:83:1A:AB:F1:1A:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
66:27:6b:62:55:f9:92:e6:ca:3a:93:4c:c0:28:bf:b9:a7:16:
bd:da:7b:e4:36:6b:44:73:85:9b:2b:22:64:ef:97:ed:22:dd:
8d:dc:1a:4e:cb:f7:1f:e4:91:41:04:e1:24:7b:e7:08:5b:28:
90:d3:bb:d1:3a:c8:a3:89:2a:36:95:ae:aa:de:41:9a:c1:19:
fe:e9:a9:02:a3:5b:89:3d:54:7f:4e:4c:94:11:35:f6:e8:e9:
45:ff:28:d3:3a:46:a5:14:b8:f4:69:46:4e:99:5e:fc:26:c1:
eb:1c:d8:20:f4:10:f0:17:5e:a6:34:dd:f8:83:62:9d:cf:bd:
78:c9:65:b6:8d:c6:5d:c3:7e:73:82:74:ea:e1:12:ed:ef:ce:
ef:f9:a9:c4:ed:50:7f:74:53:df:4f:01:03:19:83:8e:e1:36:
01:e2:a7:12:ee:18:46:88:e4:24:ba:d0:eb:37:f3:3b:6e:c2:
ae:b5:e1:18:74:ea:15:63:79:f3:45:5e:79:7b:96:19:48:6b:
35:54:14:34:10:f4:9f:87:66:b5:5e:30:18:be:32:e8:14:f2:
60:bf:27:5d:76:78:01:29:c9:85:ea:d8:09:7d:9e:ee:48:5d:
4b:f3:95:53:39:ff:1a:84:e3:da:b4:dc:94:ff:2f:9b:5d:5d:
6a:12:1d:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytyE/LuUrm6yJbMBoU/+oOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZDg1ODNiMjExNzQxMDQ5ZTZiYjE5YTk0NmQ4MzFhYWJm
MTFhZDMwHhcNMjYwMzAyMDkwMTUxWhcNMjYwMzAzMDkwMTUxWjAzMTEwLwYDVQQD
EyhiOGJkNTQ1MTY2ZTA0N2NkMWQ5MDgxMzUyZGMxZjBmNzBlNmExNTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0r2fH/C/uMPCE1WpOPD2/2OKj4H
Iwnqu6PECwCnz8ufkVfBhDAHaZVGGE1OtHyLxMaX2c8KDg0V4J9TzFozZhE02e8k
oIycfLtxYy82KM/W43Gq4V7zMwENyWaeY4IgxHiIuu5w5UKL7bdwgB+6aeeg5ina
yt1v4FFETNIUfzBng7rigAes+hIJFaCh86jwPGHwFG1jvJ2TW6kAE3xIUzqhha5R
A4q7X3cJ0wxKjUPBOmUU9PrbuYOuVyfbHXfrliVGbszHkmZQeCMkc0pz8hG1xf0D
G/OvDLipVN8sw1hwUFvBA6jzHnN8GTwKCrQRae0ZEonGKsysxBpa5O0VmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLi9VFFm4EfNHZCBNS3B8PcOahVBMB8GA1UdIwQY
MBaAFFzYWDshF0EEnmuxmpRtgxqr8RrTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC83Mjk4YWItN2I5Yy00N2FkLTkwODUt
NTA5NzRiY2RjMjQ4LzEvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC83Mjk4YWItN2I5Yy00N2FkLTkwODUtNTA5NzRiY2RjMjQ4
LzEvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZidrYlX5
kubKOpNMwCi/uacWvdp75DZrRHOFmysiZO+X7SLdjdwaTsv3H+SRQQThJHvnCFso
kNO70TrIo4kqNpWuqt5BmsEZ/umpAqNbiT1Uf05MlBE19ujpRf8o0zpGpRS49GlG
Tple/CbB6xzYIPQQ8BdepjTd+INinc+9eMllto3GXcN+c4J06uES7e/O7/mpxO1Q
f3RT308BAxmDjuE2AeKnEu4YRojkJLrQ6zfzO27CrrXhGHTqFWN580VeeXuWGUhr
NVQUNBD0n4dmtV4wGL4y6BTyYL8nXXZ4ASnJherYCX2e7khdS/OVUzn/GoTj2rTc
lP8vm11dahIdnA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:54:59 2026 by rpki-client