Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.mft
File: xTG2PRGmzC0c5p4TEch6waanBzM.mft (raw, json)
Hash identifier: lkF8F7YffJ9jquqpKbRXU1HNX6ssg8uGxjKQRObwt58=
Subject key identifier: 1F:21:A4:93:05:21:9D:9C:63:1E:73:0B:EA:AB:A1:F5:F3:5F:45:BE
Authority key identifier: C5:31:B6:3D:11:A6:CC:2D:1C:E6:9E:13:11:C8:7A:C1:A6:A7:07:33
Certificate issuer: /CN=c531b63d11a6cc2d1ce69e1311c87ac1a6a70733
Certificate serial: 019CAB344B95BC9B028D128BB8C7274BAA7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xTG2PRGmzC0c5p4TEch6waanBzM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.mft
Manifest number: 10CB
Signing time: Sun 01 Mar 2026 21:00:56 +0000
Manifest this update: Sun 01 Mar 2026 21:00:56 +0000
Manifest next update: Mon 02 Mar 2026 21:00:56 +0000
Files and hashes: 1: WGUKVj-vf2RKGeE0tMRbU2IE_NQ.roa (hash: tHeLPtV3EhtYhN1tkXzaqoA9I1M0f8QKiOJp3r6uMxQ=)
2: xTG2PRGmzC0c5p4TEch6waanBzM.crl (hash: S6l+Zr/UfW0GQO9LGlAEIwcoB7WNq+/DeemhJ1IzNvY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.mft
rsync://rpki.ripe.net/repository/DEFAULT/xTG2PRGmzC0c5p4TEch6waanBzM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 21:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:34:4b:95:bc:9b:02:8d:12:8b:b8:c7:27:4b:aa:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c531b63d11a6cc2d1ce69e1311c87ac1a6a70733
Validity
Not Before: Mar 1 21:00:56 2026 GMT
Not After : Mar 2 21:00:56 2026 GMT
Subject: CN=1f21a49305219d9c631e730beaaba1f5f35f45be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:63:c5:53:95:9c:49:79:a6:07:42:76:90:c3:
06:79:53:2a:6b:ac:c7:27:e8:69:6d:49:48:eb:77:
14:a4:ea:da:f5:4b:74:00:de:49:e3:23:5f:d2:2e:
d7:71:55:9f:bd:67:f5:d8:ba:7a:a0:c0:17:96:6b:
85:89:a8:0c:1c:48:a0:35:2f:78:50:75:61:24:44:
61:03:ca:20:5a:22:d9:81:e0:7e:7f:44:ac:e7:47:
b8:59:55:6c:cd:e2:04:c3:5d:ff:fb:ff:ec:b3:28:
8a:73:96:f5:c5:55:33:59:d6:ca:a4:74:59:d5:df:
1d:4a:ad:5e:df:b5:2a:71:1c:d2:62:10:4d:ef:57:
5b:95:3d:06:5d:db:6b:f9:a8:d3:6c:53:cb:31:74:
3a:b6:2d:cc:30:8f:16:23:c1:d1:a9:8c:18:e4:7a:
c4:a3:ff:1d:ca:db:2c:de:41:00:da:1c:bd:7c:05:
42:d3:ac:ad:6f:e5:a6:64:3a:83:b6:93:41:09:25:
e3:f7:aa:9d:90:3d:d1:fd:ef:d2:d7:dd:e5:69:61:
3b:01:15:1b:49:56:88:55:b4:75:e1:ee:30:c6:5b:
64:32:ac:c9:d1:2d:67:bd:15:c5:6c:17:1b:08:a1:
e1:ec:2d:8c:b6:03:5a:07:9e:7b:5d:f8:66:fb:90:
74:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:21:A4:93:05:21:9D:9C:63:1E:73:0B:EA:AB:A1:F5:F3:5F:45:BE
X509v3 Authority Key Identifier:
keyid:C5:31:B6:3D:11:A6:CC:2D:1C:E6:9E:13:11:C8:7A:C1:A6:A7:07:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xTG2PRGmzC0c5p4TEch6waanBzM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6d:6d:df:02:79:83:42:d7:09:df:6c:fb:9f:e1:55:f6:10:79:
90:06:b4:b2:c6:27:07:5d:82:ca:a4:a2:74:35:aa:94:7b:74:
d0:27:9b:67:27:e9:5b:cd:cb:08:23:6c:e0:89:ee:5b:98:01:
f6:c2:7f:d9:78:c8:02:8b:57:6e:68:79:58:30:ba:3c:3b:86:
54:a4:b4:32:a2:24:a5:9e:76:6f:53:27:73:ee:2e:d0:a3:13:
73:6b:65:db:6d:75:db:0d:8e:1f:69:93:fa:4a:e1:d0:18:25:
4a:bd:60:c1:b0:e6:65:05:29:0d:54:3c:00:01:86:01:ab:05:
e9:28:f6:1a:16:11:7c:93:c5:56:b1:d9:d6:e4:c0:e1:d0:81:
68:5f:cf:c7:47:cc:d6:99:b3:e1:0a:ff:41:11:ab:db:9d:67:
01:a1:ca:ee:91:4d:e1:5d:ac:c7:6a:cb:07:54:60:be:08:c1:
99:20:a6:14:49:83:6f:04:25:05:c8:91:12:1d:f4:2b:f3:70:
85:4c:15:4d:c3:45:d9:5c:02:02:c9:3f:61:53:9b:ed:7d:c8:
57:72:e6:d6:86:fa:12:d4:ef:8e:89:ab:e5:5f:90:35:75:60:
f3:fd:db:68:a5:d3:45:e3:c6:f7:61:92:5e:3b:eb:de:b8:94:
9f:42:c5:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrNEuVvJsCjRKLuMcnS6p6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1MzFiNjNkMTFhNmNjMmQxY2U2OWUxMzExYzg3YWMxYTZh
NzA3MzMwHhcNMjYwMzAxMjEwMDU2WhcNMjYwMzAyMjEwMDU2WjAzMTEwLwYDVQQD
EygxZjIxYTQ5MzA1MjE5ZDljNjMxZTczMGJlYWFiYTFmNWYzNWY0NWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGPFU5WcSXmmB0J2kMMGeVMqa6zH
J+hpbUlI63cUpOra9Ut0AN5J4yNf0i7XcVWfvWf12Lp6oMAXlmuFiagMHEigNS94
UHVhJERhA8ogWiLZgeB+f0Ss50e4WVVszeIEw13/+//ssyiKc5b1xVUzWdbKpHRZ
1d8dSq1e37UqcRzSYhBN71dblT0GXdtr+ajTbFPLMXQ6ti3MMI8WI8HRqYwY5HrE
o/8dytss3kEA2hy9fAVC06ytb+WmZDqDtpNBCSXj96qdkD3R/e/S193laWE7ARUb
SVaIVbR14e4wxltkMqzJ0S1nvRXFbBcbCKHh7C2MtgNaB557Xfhm+5B0hQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB8hpJMFIZ2cYx5zC+qrofXzX0W+MB8GA1UdIwQY
MBaAFMUxtj0RpswtHOaeExHIesGmpwczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFRHMlBSR216QzBjNXA0VEVjaDZ3YWFuQnpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC84Njg5OGUtZTZlNi00Yjg4LTg4MTEt
ZGI4Y2FiY2VlMjFlLzEveFRHMlBSR216QzBjNXA0VEVjaDZ3YWFuQnpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC84Njg5OGUtZTZlNi00Yjg4LTg4MTEtZGI4Y2FiY2VlMjFl
LzEveFRHMlBSR216QzBjNXA0VEVjaDZ3YWFuQnpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbW3fAnmD
QtcJ32z7n+FV9hB5kAa0ssYnB12CyqSidDWqlHt00CebZyfpW83LCCNs4InuW5gB
9sJ/2XjIAotXbmh5WDC6PDuGVKS0MqIkpZ52b1Mnc+4u0KMTc2tl22112w2OH2mT
+krh0BglSr1gwbDmZQUpDVQ8AAGGAasF6Sj2GhYRfJPFVrHZ1uTA4dCBaF/Px0fM
1pmz4Qr/QRGr251nAaHK7pFN4V2sx2rLB1RgvgjBmSCmFEmDbwQlBciREh30K/Nw
hUwVTcNF2VwCAsk/YVOb7X3IV3Lm1ob6EtTvjomr5V+QNXVg8/3baKXTRePG92GS
Xjvr3riUn0LFBQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 05:39:11 2026 by rpki-client