Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.mft
File: xTG2PRGmzC0c5p4TEch6waanBzM.mft (raw, json)
Hash identifier: /HNulzuyz0qxBaCDYsmkfvEDSvjO/pFp69ykvebRo+0=
Subject key identifier: A2:B5:01:47:0B:5F:AB:AE:D3:F2:30:90:B7:2E:C9:42:92:20:55:05
Authority key identifier: C5:31:B6:3D:11:A6:CC:2D:1C:E6:9E:13:11:C8:7A:C1:A6:A7:07:33
Certificate issuer: /CN=c531b63d11a6cc2d1ce69e1311c87ac1a6a70733
Certificate serial: 019DA4537D8932B3386C0CE4FD96D3A8C414
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xTG2PRGmzC0c5p4TEch6waanBzM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.mft
Manifest number: 114C
Signing time: Sun 19 Apr 2026 06:00:28 +0000
Manifest this update: Sun 19 Apr 2026 06:00:28 +0000
Manifest next update: Mon 20 Apr 2026 06:00:28 +0000
Files and hashes: 1: WGUKVj-vf2RKGeE0tMRbU2IE_NQ.roa (hash: tHeLPtV3EhtYhN1tkXzaqoA9I1M0f8QKiOJp3r6uMxQ=)
2: xTG2PRGmzC0c5p4TEch6waanBzM.crl (hash: whue/pzYnSCvS8ucyvuKOVL5iNgu5oFvPYqyY64VZEo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.mft
rsync://rpki.ripe.net/repository/DEFAULT/xTG2PRGmzC0c5p4TEch6waanBzM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 04:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a4:53:7d:89:32:b3:38:6c:0c:e4:fd:96:d3:a8:c4:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c531b63d11a6cc2d1ce69e1311c87ac1a6a70733
Validity
Not Before: Apr 19 06:00:28 2026 GMT
Not After : Apr 20 06:00:28 2026 GMT
Subject: CN=a2b501470b5fabaed3f23090b72ec94292205505
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:1f:32:77:1e:c4:44:07:30:6c:15:0d:e2:0a:
f9:9a:ee:84:27:56:75:3c:53:72:04:2b:cc:db:f8:
a6:33:56:41:27:79:e4:e6:6c:a0:a1:27:4f:32:51:
f2:2c:5e:88:21:ba:5d:31:28:60:99:c3:5d:1b:d7:
a8:ba:79:ba:4e:5e:d7:00:a1:84:e9:95:e3:67:56:
56:82:2c:c4:85:4d:a9:90:ac:4e:12:3e:5d:30:d1:
00:a2:1c:0b:24:d6:88:13:19:79:ac:00:b5:e6:71:
b7:37:fa:e0:20:5c:ee:27:68:03:c1:a0:3f:e2:89:
33:0d:09:5f:30:f3:04:f1:a0:13:e0:03:9b:dd:ba:
be:63:37:23:4d:e3:1a:e1:7d:0c:70:47:43:69:00:
d2:c2:0d:60:3c:d5:c7:f6:75:54:b3:db:61:04:72:
92:a2:70:25:6b:53:81:25:7d:df:24:8d:3a:6e:34:
14:df:c0:dc:1a:42:ed:84:63:f2:22:5a:4f:fc:7d:
82:3a:c8:1d:b1:a1:c1:28:1a:c3:bb:6a:f5:74:57:
1e:9c:54:21:8f:20:e6:0b:68:56:12:63:9d:67:06:
9c:9e:bd:b9:a1:5e:ae:82:ca:58:4e:e0:e4:07:e3:
88:b2:1e:a9:e7:c3:5c:24:e1:f8:56:83:3d:5e:ce:
00:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:B5:01:47:0B:5F:AB:AE:D3:F2:30:90:B7:2E:C9:42:92:20:55:05
X509v3 Authority Key Identifier:
keyid:C5:31:B6:3D:11:A6:CC:2D:1C:E6:9E:13:11:C8:7A:C1:A6:A7:07:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xTG2PRGmzC0c5p4TEch6waanBzM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a2:d3:af:6d:bc:8c:4c:b0:57:c5:39:c9:21:79:32:99:ee:10:
db:bd:03:0e:5b:e2:55:60:35:20:ba:86:85:e9:91:2e:a0:82:
11:a7:9c:b3:ef:ca:ae:f6:ef:b4:8f:96:87:28:68:77:74:e8:
c6:43:71:40:e9:02:f3:78:e4:ff:c5:60:64:45:79:db:75:9d:
23:02:d0:80:d6:d4:94:2d:dd:8e:2a:ea:8b:38:e0:f8:6b:41:
f6:44:03:4c:9a:5e:8b:49:aa:43:c9:50:94:f1:95:92:27:79:
52:b4:17:e5:ce:5d:21:f5:04:1b:15:4e:2c:9e:81:63:37:96:
1f:cb:c9:ae:87:71:c6:45:b5:9a:62:a4:3e:cb:34:01:c5:4f:
74:4a:5f:ba:ad:88:64:a7:69:67:5f:f3:d2:f0:e4:09:81:be:
78:95:e1:00:c5:ad:d0:f0:50:46:a6:82:60:4c:df:e0:4c:28:
a7:de:4d:98:98:e7:74:97:fb:97:7e:f6:02:d6:ea:32:97:01:
72:3e:cc:ac:e9:be:7a:50:aa:68:eb:8c:14:78:26:2d:37:5f:
cb:83:dc:62:ca:97:4c:eb:1b:c6:1b:a1:77:61:f2:75:f4:24:
bf:43:04:d6:a5:f3:dd:9a:b0:4c:ca:df:3f:44:64:dd:eb:d5:
8d:2b:99:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2kU32JMrM4bAzk/ZbTqMQUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1MzFiNjNkMTFhNmNjMmQxY2U2OWUxMzExYzg3YWMxYTZh
NzA3MzMwHhcNMjYwNDE5MDYwMDI4WhcNMjYwNDIwMDYwMDI4WjAzMTEwLwYDVQQD
EyhhMmI1MDE0NzBiNWZhYmFlZDNmMjMwOTBiNzJlYzk0MjkyMjA1NTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhh8ydx7ERAcwbBUN4gr5mu6EJ1Z1
PFNyBCvM2/imM1ZBJ3nk5mygoSdPMlHyLF6IIbpdMShgmcNdG9eounm6Tl7XAKGE
6ZXjZ1ZWgizEhU2pkKxOEj5dMNEAohwLJNaIExl5rAC15nG3N/rgIFzuJ2gDwaA/
4okzDQlfMPME8aAT4AOb3bq+YzcjTeMa4X0McEdDaQDSwg1gPNXH9nVUs9thBHKS
onAla1OBJX3fJI06bjQU38DcGkLthGPyIlpP/H2COsgdsaHBKBrDu2r1dFcenFQh
jyDmC2hWEmOdZwacnr25oV6ugspYTuDkB+OIsh6p58NcJOH4VoM9Xs4ADQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKK1AUcLX6uu0/IwkLcuyUKSIFUFMB8GA1UdIwQY
MBaAFMUxtj0RpswtHOaeExHIesGmpwczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFRHMlBSR216QzBjNXA0VEVjaDZ3YWFuQnpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC84Njg5OGUtZTZlNi00Yjg4LTg4MTEt
ZGI4Y2FiY2VlMjFlLzEveFRHMlBSR216QzBjNXA0VEVjaDZ3YWFuQnpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC84Njg5OGUtZTZlNi00Yjg4LTg4MTEtZGI4Y2FiY2VlMjFl
LzEveFRHMlBSR216QzBjNXA0VEVjaDZ3YWFuQnpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAotOvbbyM
TLBXxTnJIXkyme4Q270DDlviVWA1ILqGhemRLqCCEaecs+/KrvbvtI+Whyhod3To
xkNxQOkC83jk/8VgZEV523WdIwLQgNbUlC3djirqizjg+GtB9kQDTJpei0mqQ8lQ
lPGVkid5UrQX5c5dIfUEGxVOLJ6BYzeWH8vJrodxxkW1mmKkPss0AcVPdEpfuq2I
ZKdpZ1/z0vDkCYG+eJXhAMWt0PBQRqaCYEzf4Ewop95NmJjndJf7l372AtbqMpcB
cj7MrOm+elCqaOuMFHgmLTdfy4PcYsqXTOsbxhuhd2HydfQkv0ME1qXz3ZqwTMrf
P0Rk3evVjSuZ/A==
-----END CERTIFICATE-----
Generated at Sun Apr 19 12:58:28 2026 by rpki-client