Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft
File: XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft (raw, json)
Hash identifier: q9aKsEbXhsT1wuoKnengT051KPt8PJHrDw4kxgIUIF8=
Subject key identifier: 92:FF:F6:1C:AF:E6:E2:60:F4:72:82:A4:FB:DB:65:16:02:07:87:9B
Authority key identifier: 5D:A3:8F:7C:3E:CA:D2:9E:C5:06:44:B7:00:68:B9:2A:1B:E4:70:74
Certificate issuer: /CN=5da38f7c3ecad29ec50644b70068b92a1be47074
Certificate serial: 019CAAFD90F0F254C4DBF7EBAC5A626C7089
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft
Manifest number: 077C
Signing time: Sun 01 Mar 2026 20:01:10 +0000
Manifest this update: Sun 01 Mar 2026 20:01:10 +0000
Manifest next update: Mon 02 Mar 2026 20:01:10 +0000
Files and hashes: 1: XaOPfD7K0p7FBkS3AGi5KhvkcHQ.crl (hash: fZoxNCvS1kENHiXZ7SRwZvdW8hQ4AQcLxqPQmWXc9wM=)
2: uIvtDzhKHe34XUw3AjUJ-Wpl12g.roa (hash: 1b0mX93hCCvx3yM8WvdN1bbkHBmgl+8nkXCuMNhdlkc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 20:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:fd:90:f0:f2:54:c4:db:f7:eb:ac:5a:62:6c:70:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da38f7c3ecad29ec50644b70068b92a1be47074
Validity
Not Before: Mar 1 20:01:10 2026 GMT
Not After : Mar 2 20:01:10 2026 GMT
Subject: CN=92fff61cafe6e260f47282a4fbdb65160207879b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:a9:23:e2:09:d6:14:fd:47:ef:60:7e:50:b1:
e3:ae:50:00:71:d7:c4:9b:70:1b:2f:52:4c:ab:31:
bd:f8:86:f0:17:23:44:e8:1c:af:20:4f:19:53:d7:
f4:2d:19:0a:63:91:4a:70:5a:22:56:39:15:12:d9:
c3:b2:a5:b2:af:00:50:2f:ea:e4:35:26:f2:af:e9:
90:68:3b:d1:50:82:d6:8e:91:93:9d:29:67:d8:8f:
72:7c:d5:6c:02:20:09:11:a4:93:f5:8c:4a:c5:0a:
fe:8f:cb:0c:c4:2b:9c:6c:62:74:bb:ee:14:5f:6e:
85:f6:79:74:53:b4:e6:8c:ef:c8:22:3a:f0:78:05:
bc:5e:cb:0b:fe:e9:f8:37:0c:06:e0:79:a2:33:ab:
a4:f0:26:d1:6c:9b:cb:ff:14:64:0a:43:c0:ae:88:
94:55:18:40:0b:e1:a4:de:d4:f4:4f:bf:b1:5d:0a:
a5:60:97:d7:dd:e4:1b:d0:4a:f4:a7:65:10:a4:2b:
04:90:86:5e:f5:e1:6e:c2:9d:ec:fb:ea:f6:b4:74:
d6:6c:51:b0:1b:04:e5:fa:f0:ea:c5:f5:2c:42:5a:
8b:63:bb:0c:a9:45:30:30:90:9d:f2:d4:1b:59:d6:
92:4d:24:ce:68:7e:ac:23:f7:e3:f4:c7:f1:52:eb:
23:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:FF:F6:1C:AF:E6:E2:60:F4:72:82:A4:FB:DB:65:16:02:07:87:9B
X509v3 Authority Key Identifier:
keyid:5D:A3:8F:7C:3E:CA:D2:9E:C5:06:44:B7:00:68:B9:2A:1B:E4:70:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
47:e4:a3:18:ea:e7:24:93:41:26:1c:29:6e:5c:5e:38:68:83:
b5:02:cb:73:9a:aa:3d:dd:a7:d0:e2:27:bd:01:0b:21:2e:3e:
ad:4c:71:8e:4e:d3:57:7f:f2:f3:97:a0:b9:ac:8a:e3:11:52:
15:64:60:ef:38:a9:3f:76:51:52:c6:98:cd:9b:b2:ec:d9:6e:
e6:68:38:25:b8:cc:cb:dc:07:d8:59:41:0a:f1:3b:14:77:30:
f5:bd:26:e3:ff:cf:0e:ab:fd:7a:12:e3:31:b9:5e:b0:4c:35:
86:c6:ad:16:f5:3e:23:6f:d8:91:64:65:c4:10:ee:d5:44:a6:
d4:ad:8b:75:1a:d4:a9:c5:ed:8c:08:ba:29:67:f9:ed:ad:47:
0f:8f:cc:ba:7f:e5:de:30:aa:13:81:fd:80:99:3b:6a:98:79:
45:71:fc:1d:52:61:ba:42:c6:4a:90:36:f9:ff:ec:48:6b:1d:
b1:7c:36:88:2a:8b:a2:18:26:77:e8:5b:00:c8:99:9e:6c:34:
04:1c:eb:cb:39:09:54:c7:ed:6b:bb:df:24:c7:01:26:1a:16:
14:47:cf:bb:c0:95:f3:f4:e1:62:b3:5f:e1:f1:74:bc:16:e5:
50:0a:78:b4:6e:69:52:00:c1:62:21:80:63:ae:c1:bd:51:60:
40:c8:55:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyq/ZDw8lTE2/frrFpibHCJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM4ZjdjM2VjYWQyOWVjNTA2NDRiNzAwNjhiOTJhMWJl
NDcwNzQwHhcNMjYwMzAxMjAwMTEwWhcNMjYwMzAyMjAwMTEwWjAzMTEwLwYDVQQD
Eyg5MmZmZjYxY2FmZTZlMjYwZjQ3MjgyYTRmYmRiNjUxNjAyMDc4NzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlqkj4gnWFP1H72B+ULHjrlAAcdfE
m3AbL1JMqzG9+IbwFyNE6ByvIE8ZU9f0LRkKY5FKcFoiVjkVEtnDsqWyrwBQL+rk
NSbyr+mQaDvRUILWjpGTnSln2I9yfNVsAiAJEaST9YxKxQr+j8sMxCucbGJ0u+4U
X26F9nl0U7TmjO/IIjrweAW8XssL/un4NwwG4HmiM6uk8CbRbJvL/xRkCkPAroiU
VRhAC+Gk3tT0T7+xXQqlYJfX3eQb0Er0p2UQpCsEkIZe9eFuwp3s++r2tHTWbFGw
GwTl+vDqxfUsQlqLY7sMqUUwMJCd8tQbWdaSTSTOaH6sI/fj9MfxUusjtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJL/9hyv5uJg9HKCpPvbZRYCB4ebMB8GA1UdIwQY
MBaAFF2jj3w+ytKexQZEtwBouSob5HB0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPUGZEN0swcDdGQmtTM0FHaTVLaHZrY0hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9iYmE4ZTctYjlkMi00ZDliLTg4Yjkt
OTQwOGYxYmMwZDEyLzEvWGFPUGZEN0swcDdGQmtTM0FHaTVLaHZrY0hRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9iYmE4ZTctYjlkMi00ZDliLTg4YjktOTQwOGYxYmMwZDEy
LzEvWGFPUGZEN0swcDdGQmtTM0FHaTVLaHZrY0hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR+SjGOrn
JJNBJhwpblxeOGiDtQLLc5qqPd2n0OInvQELIS4+rUxxjk7TV3/y85eguayK4xFS
FWRg7zipP3ZRUsaYzZuy7Nlu5mg4JbjMy9wH2FlBCvE7FHcw9b0m4//PDqv9ehLj
MblesEw1hsatFvU+I2/YkWRlxBDu1USm1K2LdRrUqcXtjAi6KWf57a1HD4/Mun/l
3jCqE4H9gJk7aph5RXH8HVJhukLGSpA2+f/sSGsdsXw2iCqLohgmd+hbAMiZnmw0
BBzryzkJVMfta7vfJMcBJhoWFEfPu8CV8/ThYrNf4fF0vBblUAp4tG5pUgDBYiGA
Y67BvVFgQMhVUQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:18:40 2026 by rpki-client