Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/4cac6b-8e05-448a-83f7-6835852158d8/1/xtEbZP_hjvpC9DpsdlY53uONAn4.mft
File: xtEbZP_hjvpC9DpsdlY53uONAn4.mft (raw, json)
Hash identifier: OBWfALw0kSuFUWZcP0HRCuckwRiOl8PgUrIwyAcAI3Y=
Subject key identifier: FC:EB:54:15:53:68:E7:79:22:E4:E9:70:E8:71:57:F9:56:1C:AB:53
Authority key identifier: C6:D1:1B:64:FF:E1:8E:FA:42:F4:3A:6C:76:56:39:DE:E3:8D:02:7E
Certificate issuer: /CN=c6d11b64ffe18efa42f43a6c765639dee38d027e
Certificate serial: 019CAA58D2DD71773B30FB7165854B4D9632
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xtEbZP_hjvpC9DpsdlY53uONAn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/4cac6b-8e05-448a-83f7-6835852158d8/1/xtEbZP_hjvpC9DpsdlY53uONAn4.mft
Manifest number: 10CD
Signing time: Sun 01 Mar 2026 17:01:13 +0000
Manifest this update: Sun 01 Mar 2026 17:01:13 +0000
Manifest next update: Mon 02 Mar 2026 17:01:13 +0000
Files and hashes: 1: 1HMsGfdsMj6bVCe_HqSPHKmPGQA.roa (hash: Aa+3horScinkb91IcV06nuOTEkzdcEAPUq8TBlQGMDg=)
2: Q6q5ifTmogwJicn2e4z2f5_1UN8.roa (hash: ZCT+LPivkmFqXHHIYRE3kEHzKOk9mVM2bvW0OtpppFg=)
3: xtEbZP_hjvpC9DpsdlY53uONAn4.crl (hash: EvoF7k83xnil5G3fx8rmFf2Fm9O+eC6ITlktzCYPlIY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/4cac6b-8e05-448a-83f7-6835852158d8/1/xtEbZP_hjvpC9DpsdlY53uONAn4.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/4cac6b-8e05-448a-83f7-6835852158d8/1/xtEbZP_hjvpC9DpsdlY53uONAn4.mft
rsync://rpki.ripe.net/repository/DEFAULT/xtEbZP_hjvpC9DpsdlY53uONAn4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:58:d2:dd:71:77:3b:30:fb:71:65:85:4b:4d:96:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6d11b64ffe18efa42f43a6c765639dee38d027e
Validity
Not Before: Mar 1 17:01:13 2026 GMT
Not After : Mar 2 17:01:13 2026 GMT
Subject: CN=fceb54155368e77922e4e970e87157f9561cab53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:38:aa:31:67:79:ac:97:0f:fc:1f:d3:03:e1:
77:08:27:91:f0:d1:42:c9:f4:e3:a0:ae:8b:01:74:
c8:62:23:4a:ec:cc:1e:5b:b2:3c:e6:fa:eb:6c:46:
7b:39:77:bf:ff:54:b5:61:66:75:a4:9a:21:be:93:
44:42:58:f0:8c:fc:c1:14:51:f0:bb:02:46:47:50:
d3:d7:72:da:b9:c1:8b:2a:00:4a:ba:44:d5:e5:15:
13:74:67:28:08:ca:5c:7e:71:29:10:cb:28:93:72:
1e:40:1e:93:18:09:18:b5:56:d5:e5:c8:4f:f3:3a:
84:b3:db:4b:74:af:0d:d6:ed:76:15:fb:ea:03:5d:
29:ae:44:2b:a2:e8:9e:ca:b8:2c:83:ed:eb:0f:db:
4b:1d:67:46:58:4e:e4:c9:16:fd:f4:27:88:1a:62:
5a:63:fc:4c:e3:f5:36:4f:48:41:c9:c1:df:28:f5:
a2:ad:f0:3d:ef:99:fc:e7:fd:22:16:c2:bf:00:e3:
39:c0:70:88:62:92:5a:00:b3:fd:2d:e8:fa:4b:8c:
26:86:54:35:f1:c8:b7:99:d8:86:07:4c:bf:b4:78:
58:65:dc:4d:73:11:29:3b:b9:f8:0e:0c:c3:61:25:
4a:e5:19:fe:37:d0:97:d1:94:50:46:c1:44:3f:a7:
c5:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:EB:54:15:53:68:E7:79:22:E4:E9:70:E8:71:57:F9:56:1C:AB:53
X509v3 Authority Key Identifier:
keyid:C6:D1:1B:64:FF:E1:8E:FA:42:F4:3A:6C:76:56:39:DE:E3:8D:02:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xtEbZP_hjvpC9DpsdlY53uONAn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/4cac6b-8e05-448a-83f7-6835852158d8/1/xtEbZP_hjvpC9DpsdlY53uONAn4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/4cac6b-8e05-448a-83f7-6835852158d8/1/xtEbZP_hjvpC9DpsdlY53uONAn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
be:24:ec:ba:07:38:9b:8f:e2:1e:9a:85:c1:01:48:4b:98:4b:
86:75:e8:d6:16:a4:c3:df:a0:61:98:7f:e4:75:f8:89:bc:0c:
99:2a:7e:41:2f:c7:8b:4e:63:51:c4:84:df:aa:f4:05:91:ff:
c7:21:e7:60:1c:ba:47:da:84:ea:21:b6:5d:96:ad:c6:01:f2:
0a:b9:69:81:67:99:26:cb:79:a5:c2:b9:d6:ae:9f:12:76:1e:
03:5a:99:bb:47:8c:72:41:d5:99:3b:10:3d:68:ca:38:56:c9:
4e:16:ec:ef:fa:04:db:af:d0:22:42:68:ee:a1:5b:68:8b:d8:
e3:1d:db:62:dc:27:16:cc:e8:59:ae:33:55:b5:f6:4e:6b:be:
21:07:ba:ba:a3:5d:75:5e:89:6b:51:88:30:c1:ef:c3:65:97:
bb:48:05:6c:e6:e6:a8:cb:d3:06:b7:4d:5c:c3:7e:db:67:bb:
0d:6e:2b:5c:07:16:c0:51:34:da:9d:4b:1b:86:b0:f4:af:9e:
35:d9:5d:fd:11:b1:62:19:de:5d:83:bc:02:61:be:9c:ea:8c:
4b:b6:9f:a4:bd:23:c2:ca:7f:0a:62:5b:b7:9b:e0:24:c0:27:
16:f1:3a:34:91:04:a6:e8:88:1b:cc:42:d0:d9:02:57:6e:ad:
0b:d2:83:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqWNLdcXc7MPtxZYVLTZYyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZDExYjY0ZmZlMThlZmE0MmY0M2E2Yzc2NTYzOWRlZTM4
ZDAyN2UwHhcNMjYwMzAxMTcwMTEzWhcNMjYwMzAyMTcwMTEzWjAzMTEwLwYDVQQD
EyhmY2ViNTQxNTUzNjhlNzc5MjJlNGU5NzBlODcxNTdmOTU2MWNhYjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujiqMWd5rJcP/B/TA+F3CCeR8NFC
yfTjoK6LAXTIYiNK7MweW7I85vrrbEZ7OXe//1S1YWZ1pJohvpNEQljwjPzBFFHw
uwJGR1DT13LaucGLKgBKukTV5RUTdGcoCMpcfnEpEMsok3IeQB6TGAkYtVbV5chP
8zqEs9tLdK8N1u12FfvqA10prkQrouieyrgsg+3rD9tLHWdGWE7kyRb99CeIGmJa
Y/xM4/U2T0hBycHfKPWirfA975n85/0iFsK/AOM5wHCIYpJaALP9Lej6S4wmhlQ1
8ci3mdiGB0y/tHhYZdxNcxEpO7n4DgzDYSVK5Rn+N9CX0ZRQRsFEP6fFFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPzrVBVTaOd5IuTpcOhxV/lWHKtTMB8GA1UdIwQY
MBaAFMbRG2T/4Y76QvQ6bHZWOd7jjQJ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHRFYlpQX2hqdnBDOURwc2RsWTUzdU9OQW40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80Y2FjNmItOGUwNS00NDhhLTgzZjct
NjgzNTg1MjE1OGQ4LzEveHRFYlpQX2hqdnBDOURwc2RsWTUzdU9OQW40Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy80Y2FjNmItOGUwNS00NDhhLTgzZjctNjgzNTg1MjE1OGQ4
LzEveHRFYlpQX2hqdnBDOURwc2RsWTUzdU9OQW40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAviTsugc4
m4/iHpqFwQFIS5hLhnXo1hakw9+gYZh/5HX4ibwMmSp+QS/Hi05jUcSE36r0BZH/
xyHnYBy6R9qE6iG2XZatxgHyCrlpgWeZJst5pcK51q6fEnYeA1qZu0eMckHVmTsQ
PWjKOFbJThbs7/oE26/QIkJo7qFbaIvY4x3bYtwnFszoWa4zVbX2Tmu+IQe6uqNd
dV6Ja1GIMMHvw2WXu0gFbObmqMvTBrdNXMN+22e7DW4rXAcWwFE02p1LG4aw9K+e
Ndld/RGxYhneXYO8AmG+nOqMS7afpL0jwsp/CmJbt5vgJMAnFvE6NJEEpuiIG8xC
0NkCV26tC9KD0w==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:43:44 2026 by rpki-client