Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/XTgiOCiaiALPUrZ9m_Suh6UJM8M.mft
File: XTgiOCiaiALPUrZ9m_Suh6UJM8M.mft (raw, json)
Hash identifier: /Pk7OFlYSFUHUoZEiGR9ApZPnHtXhmGemuu1CpLAacI=
Subject key identifier: F9:95:5E:D5:89:CE:EF:13:88:D9:39:A7:A2:81:96:77:2F:97:69:BB
Authority key identifier: 5D:38:22:38:28:9A:88:02:CF:52:B6:7D:9B:F4:AE:87:A5:09:33:C3
Certificate issuer: /CN=5d382238289a8802cf52b67d9bf4ae87a50933c3
Certificate serial: 019CABD91E10E717E3E95F8E907B923922B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTgiOCiaiALPUrZ9m_Suh6UJM8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/XTgiOCiaiALPUrZ9m_Suh6UJM8M.mft
Manifest number: 17B3
Signing time: Mon 02 Mar 2026 00:00:58 +0000
Manifest this update: Mon 02 Mar 2026 00:00:58 +0000
Manifest next update: Tue 03 Mar 2026 00:00:58 +0000
Files and hashes: 1: XTgiOCiaiALPUrZ9m_Suh6UJM8M.crl (hash: 6/+zdrzT1LKV6yaIOwfOkX3ABi0ewyPgENLJuVaxEbw=)
2: vIEeMsOgyhAbHtdasH9clWdBUoM.roa (hash: LNPknqC7GAKoJKuLl2I8NQhITu9vWI4/MB5dCdNLtbk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/XTgiOCiaiALPUrZ9m_Suh6UJM8M.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/XTgiOCiaiALPUrZ9m_Suh6UJM8M.mft
rsync://rpki.ripe.net/repository/DEFAULT/XTgiOCiaiALPUrZ9m_Suh6UJM8M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:d9:1e:10:e7:17:e3:e9:5f:8e:90:7b:92:39:22:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d382238289a8802cf52b67d9bf4ae87a50933c3
Validity
Not Before: Mar 2 00:00:58 2026 GMT
Not After : Mar 3 00:00:58 2026 GMT
Subject: CN=f9955ed589ceef1388d939a7a28196772f9769bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:a9:5d:56:76:2d:9f:4b:a9:bf:f0:5d:3b:64:
44:14:b9:88:9d:82:93:a0:cc:80:81:b3:70:6e:0e:
b8:39:ec:ae:43:74:eb:2c:a8:19:6a:4e:aa:e0:1d:
bd:34:f5:03:8a:77:71:ee:cc:d1:4a:c4:ad:10:b5:
96:a5:90:db:0d:6b:cc:ea:f7:c2:29:55:52:13:0c:
03:f7:bb:66:8e:74:af:fd:06:93:96:7f:1a:90:cd:
7d:6c:eb:07:dc:98:12:c1:5e:92:37:99:9b:7a:0f:
d4:dc:6c:c5:85:8f:9c:73:f3:ac:97:49:6c:9f:ae:
6b:f7:a5:e3:08:b1:1d:d2:c4:6a:64:11:75:09:8c:
6c:6c:65:31:3e:1c:3d:a6:dc:22:27:34:9a:01:dc:
1b:a3:91:41:20:5a:55:92:8b:3c:d4:d0:1b:bd:11:
9f:ed:c7:a7:75:64:6d:45:27:8b:59:37:e2:66:1e:
77:0e:7e:c8:ea:15:cf:8c:26:b5:07:b0:1d:c8:97:
6d:7e:06:1e:97:cc:5d:4a:ba:8b:ca:89:c6:09:da:
c6:c7:05:45:82:9c:cf:2e:6c:e2:e7:b2:49:fe:39:
15:8b:ba:63:05:a9:81:1d:23:88:15:ef:23:a5:df:
56:04:34:6c:ed:70:39:be:ea:73:2c:97:02:48:39:
14:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:95:5E:D5:89:CE:EF:13:88:D9:39:A7:A2:81:96:77:2F:97:69:BB
X509v3 Authority Key Identifier:
keyid:5D:38:22:38:28:9A:88:02:CF:52:B6:7D:9B:F4:AE:87:A5:09:33:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTgiOCiaiALPUrZ9m_Suh6UJM8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/XTgiOCiaiALPUrZ9m_Suh6UJM8M.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/XTgiOCiaiALPUrZ9m_Suh6UJM8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
65:9b:e7:d1:bd:61:fd:38:22:ed:fa:e0:2a:a6:cf:35:c4:74:
96:56:4a:c8:bd:b2:0c:81:00:b6:24:56:ae:e1:6f:3f:29:d1:
e4:41:b8:d3:58:a0:dc:72:29:0b:d3:ac:7b:ad:15:2c:1e:80:
d9:95:9e:83:ec:6c:57:7e:ba:84:16:10:71:17:1f:6b:6e:4c:
83:2f:8c:a2:4c:3c:66:3f:b5:e4:bd:d8:8d:ba:64:12:b2:18:
4f:77:da:14:4c:88:94:3a:7d:4b:59:05:d4:9b:be:52:61:f3:
a5:35:df:2b:27:81:b4:cc:57:0f:3f:85:55:49:ac:ce:e6:37:
92:b8:d6:59:01:86:1d:30:06:52:8f:75:79:77:ad:27:7c:e8:
ac:92:be:fb:bf:87:2f:43:04:8c:c2:ba:7f:ad:84:39:7d:9c:
cb:22:79:29:e8:84:1e:75:7f:04:07:b7:35:0d:b8:da:6d:6f:
5c:d6:15:f8:98:14:2e:6b:bd:46:de:96:ff:9c:2f:d4:49:4a:
60:41:98:54:54:d8:94:f9:06:51:8e:a0:a7:24:b5:31:f1:e6:
e7:23:0f:4a:76:1d:35:cf:2a:5b:de:31:46:bd:b3:2c:10:85:
52:5c:72:bc:49:4a:39:ec:61:2c:63:0f:b9:98:40:6d:28:0a:
98:a1:eb:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2R4Q5xfj6V+OkHuSOSKyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMzgyMjM4Mjg5YTg4MDJjZjUyYjY3ZDliZjRhZTg3YTUw
OTMzYzMwHhcNMjYwMzAyMDAwMDU4WhcNMjYwMzAzMDAwMDU4WjAzMTEwLwYDVQQD
EyhmOTk1NWVkNTg5Y2VlZjEzODhkOTM5YTdhMjgxOTY3NzJmOTc2OWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6ldVnYtn0upv/BdO2REFLmInYKT
oMyAgbNwbg64OeyuQ3TrLKgZak6q4B29NPUDindx7szRSsStELWWpZDbDWvM6vfC
KVVSEwwD97tmjnSv/QaTln8akM19bOsH3JgSwV6SN5mbeg/U3GzFhY+cc/Osl0ls
n65r96XjCLEd0sRqZBF1CYxsbGUxPhw9ptwiJzSaAdwbo5FBIFpVkos81NAbvRGf
7cendWRtRSeLWTfiZh53Dn7I6hXPjCa1B7AdyJdtfgYel8xdSrqLyonGCdrGxwVF
gpzPLmzi57JJ/jkVi7pjBamBHSOIFe8jpd9WBDRs7XA5vupzLJcCSDkU+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPmVXtWJzu8TiNk5p6KBlncvl2m7MB8GA1UdIwQY
MBaAFF04IjgomogCz1K2fZv0roelCTPDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRnaU9DaWFpQUxQVXJaOW1fU3VoNlVKTThNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi84NTAxOGEtYzIzOC00MzE5LWFkNDIt
ODg1NzU3YzEyNDhmLzEvWFRnaU9DaWFpQUxQVXJaOW1fU3VoNlVKTThNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi84NTAxOGEtYzIzOC00MzE5LWFkNDItODg1NzU3YzEyNDhm
LzEvWFRnaU9DaWFpQUxQVXJaOW1fU3VoNlVKTThNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZZvn0b1h
/Tgi7frgKqbPNcR0llZKyL2yDIEAtiRWruFvPynR5EG401ig3HIpC9Ose60VLB6A
2ZWeg+xsV366hBYQcRcfa25Mgy+Mokw8Zj+15L3YjbpkErIYT3faFEyIlDp9S1kF
1Ju+UmHzpTXfKyeBtMxXDz+FVUmszuY3krjWWQGGHTAGUo91eXetJ3zorJK++7+H
L0MEjMK6f62EOX2cyyJ5KeiEHnV/BAe3NQ242m1vXNYV+JgULmu9Rt6W/5wv1ElK
YEGYVFTYlPkGUY6gpyS1MfHm5yMPSnYdNc8qW94xRr2zLBCFUlxyvElKOexhLGMP
uZhAbSgKmKHrcA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:56:59 2026 by rpki-client