Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft
File: XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft (raw, json)
Hash identifier: as7NnG+ciOZOaGSUZ1PoZ2fIAaBF3zOrwsvHmgsBkQ4=
Subject key identifier: 0B:82:33:8E:9E:71:52:BC:6A:65:3B:93:B6:82:0E:5A:D5:0D:B9:8E
Authority key identifier: 5D:A3:8F:7C:3E:CA:D2:9E:C5:06:44:B7:00:68:B9:2A:1B:E4:70:74
Certificate issuer: /CN=5da38f7c3ecad29ec50644b70068b92a1be47074
Certificate serial: 019D1A917C370BB77C73DCB9B7E2103FDDF5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft
Manifest number: 07B6
Signing time: Mon 23 Mar 2026 12:00:35 +0000
Manifest this update: Mon 23 Mar 2026 12:00:35 +0000
Manifest next update: Tue 24 Mar 2026 12:00:35 +0000
Files and hashes: 1: XaOPfD7K0p7FBkS3AGi5KhvkcHQ.crl (hash: 2Yz0JbNOvhbB+MzEPD85nVYk+H42C3Ceuq4tRDZ5mgk=)
2: kntcIg5R-5qlE_1v0MgDc5JrGm8.roa (hash: znKqSMDbos60JURfUbINwysXxNpan+j5qOGaM247VDM=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1a:91:7c:37:0b:b7:7c:73:dc:b9:b7:e2:10:3f:dd:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da38f7c3ecad29ec50644b70068b92a1be47074
Validity
Not Before: Mar 23 12:00:35 2026 GMT
Not After : Mar 24 12:00:35 2026 GMT
Subject: CN=0b82338e9e7152bc6a653b93b6820e5ad50db98e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:3d:14:4f:6d:b9:aa:d2:8b:9e:31:db:9d:d7:
7a:6a:d9:5d:2a:91:5b:ba:ec:90:66:09:09:33:ce:
63:21:cd:84:e7:85:43:33:53:47:14:69:62:14:32:
35:7c:d8:01:1b:b2:37:61:4f:d2:e6:e7:ae:7f:e9:
3f:6f:da:9f:d3:f2:71:29:4f:4b:9c:f0:6b:42:15:
c1:2f:2c:e8:a8:b5:2f:21:45:b7:b3:b1:cb:09:90:
34:97:b6:67:92:45:8c:32:a0:85:6a:6e:9d:3e:66:
af:cc:c2:a5:18:c2:04:cc:01:cd:ed:77:38:21:f4:
da:4a:23:35:75:40:60:05:7a:32:54:c5:67:f9:02:
00:e8:b7:a0:20:35:f7:be:54:11:7e:18:70:41:65:
7b:99:6a:2f:a3:2c:48:d8:84:d2:17:c6:f4:73:ca:
da:b8:8c:79:95:12:a0:08:98:8f:6b:66:58:b8:ea:
0b:14:49:64:a5:11:55:81:93:9a:67:14:58:f1:6c:
07:19:b3:fe:23:f9:55:ec:3b:76:77:20:d6:2a:3b:
e1:35:62:03:51:22:ce:a6:b3:fc:1e:6e:7a:ac:0e:
c9:d2:5b:a9:bc:1c:86:74:3b:3b:8f:eb:de:14:fb:
08:13:15:0a:fe:ab:a0:d9:88:15:7f:4b:60:39:6b:
49:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:82:33:8E:9E:71:52:BC:6A:65:3B:93:B6:82:0E:5A:D5:0D:B9:8E
X509v3 Authority Key Identifier:
keyid:5D:A3:8F:7C:3E:CA:D2:9E:C5:06:44:B7:00:68:B9:2A:1B:E4:70:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9b:9c:a1:06:37:47:bc:d3:2c:7b:46:d7:90:e6:de:1d:e0:17:
bb:10:dc:4b:24:a9:69:21:88:55:d6:ae:00:e6:44:d9:35:61:
43:d4:ff:71:11:cd:b4:42:1e:8b:89:6c:04:e7:33:a3:06:8f:
4a:13:9d:7b:5f:24:c9:68:23:ee:53:a7:60:41:17:dd:49:b4:
16:69:29:57:0c:ff:87:5b:8b:91:69:78:db:69:1d:b6:54:5b:
1b:97:61:c2:29:c2:43:07:30:3e:d8:a3:e3:7f:d5:5d:32:e6:
20:7b:59:17:dd:05:75:2b:6c:2a:ad:61:9b:dd:f6:6d:da:79:
fa:8b:29:63:ea:81:01:06:bc:02:0c:ff:8b:55:03:a3:0d:a9:
85:12:a5:63:e2:e7:4d:da:84:80:51:c8:b0:ef:63:12:7e:d4:
96:f6:32:a9:b9:1e:e5:5a:ea:24:5b:c7:2e:f8:a6:63:37:33:
8a:d8:ef:97:2e:1f:f4:11:a8:53:2c:19:9a:56:c6:a2:75:17:
ac:61:e9:30:1f:ff:25:fb:04:bf:22:f7:3f:19:f9:19:b7:f8:
a8:93:5e:1d:cc:e9:aa:c1:dd:52:7d:0b:a3:e0:be:56:6c:9b:
0c:2a:a2:36:6a:88:03:ea:69:76:8e:74:be:10:2e:cc:c8:f0:
9c:1a:cb:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0akXw3C7d8c9y5t+IQP931MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM4ZjdjM2VjYWQyOWVjNTA2NDRiNzAwNjhiOTJhMWJl
NDcwNzQwHhcNMjYwMzIzMTIwMDM1WhcNMjYwMzI0MTIwMDM1WjAzMTEwLwYDVQQD
EygwYjgyMzM4ZTllNzE1MmJjNmE2NTNiOTNiNjgyMGU1YWQ1MGRiOThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmz0UT225qtKLnjHbndd6atldKpFb
uuyQZgkJM85jIc2E54VDM1NHFGliFDI1fNgBG7I3YU/S5ueuf+k/b9qf0/JxKU9L
nPBrQhXBLyzoqLUvIUW3s7HLCZA0l7ZnkkWMMqCFam6dPmavzMKlGMIEzAHN7Xc4
IfTaSiM1dUBgBXoyVMVn+QIA6LegIDX3vlQRfhhwQWV7mWovoyxI2ITSF8b0c8ra
uIx5lRKgCJiPa2ZYuOoLFElkpRFVgZOaZxRY8WwHGbP+I/lV7Dt2dyDWKjvhNWID
USLOprP8Hm56rA7J0lupvByGdDs7j+veFPsIExUK/qug2YgVf0tgOWtJLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAuCM46ecVK8amU7k7aCDlrVDbmOMB8GA1UdIwQY
MBaAFF2jj3w+ytKexQZEtwBouSob5HB0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPUGZEN0swcDdGQmtTM0FHaTVLaHZrY0hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9iYmE4ZTctYjlkMi00ZDliLTg4Yjkt
OTQwOGYxYmMwZDEyLzEvWGFPUGZEN0swcDdGQmtTM0FHaTVLaHZrY0hRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9iYmE4ZTctYjlkMi00ZDliLTg4YjktOTQwOGYxYmMwZDEy
LzEvWGFPUGZEN0swcDdGQmtTM0FHaTVLaHZrY0hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm5yhBjdH
vNMse0bXkObeHeAXuxDcSySpaSGIVdauAOZE2TVhQ9T/cRHNtEIei4lsBOczowaP
ShOde18kyWgj7lOnYEEX3Um0FmkpVwz/h1uLkWl422kdtlRbG5dhwinCQwcwPtij
43/VXTLmIHtZF90FdStsKq1hm932bdp5+ospY+qBAQa8Agz/i1UDow2phRKlY+Ln
TdqEgFHIsO9jEn7UlvYyqbke5VrqJFvHLvimYzczitjvly4f9BGoUywZmlbGonUX
rGHpMB//JfsEvyL3Pxn5Gbf4qJNeHczpqsHdUn0Lo+C+VmybDCqiNmqIA+ppdo50
vhAuzMjwnBrLuQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 11:05:08 2026 by rpki-client