Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/xb-nGlET_tgkZHdsFDcVFMkhjvU.mft
File: xb-nGlET_tgkZHdsFDcVFMkhjvU.mft (raw, json)
Hash identifier: nK7l9VJOPMXJLpsihirkxt/8naDIkWj3DnsgZqJgODA=
Subject key identifier: 43:3B:EB:12:7E:B1:C9:06:E0:EF:E1:D3:06:69:7B:6F:16:E6:51:2A
Authority key identifier: C5:BF:A7:1A:51:13:FE:D8:24:64:77:6C:14:37:15:14:C9:21:8E:F5
Certificate issuer: /CN=c5bfa71a5113fed82464776c14371514c9218ef5
Certificate serial: 019D9A07075ACA5108529529BBB4691BFA47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xb-nGlET_tgkZHdsFDcVFMkhjvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/xb-nGlET_tgkZHdsFDcVFMkhjvU.mft
Manifest number: 0CFA
Signing time: Fri 17 Apr 2026 06:00:44 +0000
Manifest this update: Fri 17 Apr 2026 06:00:44 +0000
Manifest next update: Sat 18 Apr 2026 06:00:44 +0000
Files and hashes: 1: jBvSHulkiAFNZq-1Sz_1NBwC4gw.roa (hash: kIr3tsaXSv0n1HwqnJcooiylPmXgSiBfGD9CqML14GU=)
2: xb-nGlET_tgkZHdsFDcVFMkhjvU.crl (hash: GyErxkblfmBRetvXGJxW2d1sPwIsOkUNKjMpj3edX2s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/xb-nGlET_tgkZHdsFDcVFMkhjvU.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/xb-nGlET_tgkZHdsFDcVFMkhjvU.mft
rsync://rpki.ripe.net/repository/DEFAULT/xb-nGlET_tgkZHdsFDcVFMkhjvU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 06:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:07:07:5a:ca:51:08:52:95:29:bb:b4:69:1b:fa:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5bfa71a5113fed82464776c14371514c9218ef5
Validity
Not Before: Apr 17 06:00:44 2026 GMT
Not After : Apr 18 06:00:44 2026 GMT
Subject: CN=433beb127eb1c906e0efe1d306697b6f16e6512a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:ae:6e:2b:2b:71:b9:37:f8:3d:a0:38:bb:52:
c2:c2:a9:f7:2c:ee:17:fd:bb:62:59:62:77:d6:f9:
8d:8d:ca:93:4c:a4:42:b1:37:e1:a4:68:38:c3:fd:
ab:4a:d7:cd:2f:cf:b6:6e:7f:fc:b1:d0:d1:8a:e8:
90:32:8e:c9:4d:4e:55:c5:18:53:87:5f:7d:fe:6a:
44:e1:37:49:50:6e:f5:74:f8:0c:2e:c0:05:bd:12:
6b:1f:d6:74:5a:22:6a:3c:d5:f8:9b:1c:11:0d:30:
22:68:74:61:36:f0:25:35:d0:83:d0:9b:f1:3a:dd:
15:19:b4:2a:74:96:e4:ae:e6:3d:1b:73:0c:46:67:
fc:e2:29:d3:28:56:dd:06:af:44:e0:c5:a9:1f:fd:
ad:26:f6:fd:9f:79:db:7a:7e:4a:01:5d:52:d2:ce:
31:4a:6e:8a:ff:a4:1e:ce:03:2b:39:8d:0a:fc:fa:
17:b8:19:af:84:78:24:1c:b0:bf:b4:9e:9a:e9:80:
8b:c1:e6:9d:07:0b:1c:bd:71:d0:4f:73:0b:26:18:
c5:94:c6:86:3c:4c:1a:f7:2f:41:1d:f5:03:6b:cc:
24:64:2a:21:15:dc:e5:8b:4c:35:2d:ad:1e:a1:74:
5c:36:de:3a:53:77:50:00:33:a6:bc:08:bc:7c:ec:
d0:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:3B:EB:12:7E:B1:C9:06:E0:EF:E1:D3:06:69:7B:6F:16:E6:51:2A
X509v3 Authority Key Identifier:
keyid:C5:BF:A7:1A:51:13:FE:D8:24:64:77:6C:14:37:15:14:C9:21:8E:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xb-nGlET_tgkZHdsFDcVFMkhjvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/xb-nGlET_tgkZHdsFDcVFMkhjvU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/67c8fb-0257-4d60-a0df-6fce03325b3f/1/xb-nGlET_tgkZHdsFDcVFMkhjvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
77:ff:c3:55:af:9e:34:b0:d3:5e:bd:d8:f6:65:31:aa:61:ec:
1f:b5:b3:d8:32:71:f2:06:18:74:fb:d7:e9:63:17:8e:ce:8a:
3a:e4:22:40:c2:c7:c4:4d:11:7e:c1:20:bc:f8:8f:0e:8d:74:
70:b3:e9:53:8e:c3:20:ab:b5:a9:37:eb:ca:6e:52:f2:0a:23:
13:25:bf:91:fc:28:2b:61:9b:60:78:41:bd:85:8b:9f:6d:d3:
ba:8a:45:26:f9:e3:88:fb:e3:48:be:39:83:10:99:4c:d6:26:
0b:6b:0a:43:6f:54:0c:97:a6:4f:54:6b:5e:59:b6:93:3d:2a:
91:58:4c:6a:26:10:b5:2c:50:45:0c:6c:ee:ec:41:74:d5:4b:
dd:f6:fe:8d:bc:17:a1:6e:32:18:49:7f:22:d6:d0:89:17:28:
72:14:4d:e9:95:fb:94:c7:6e:4d:44:24:de:d1:38:0f:58:d0:
ce:bb:da:95:9a:51:a7:79:fb:17:15:24:28:65:51:c0:7b:76:
00:f0:f3:3b:1e:93:c4:dd:91:69:36:df:c4:fa:7f:c6:01:95:
a0:2c:e0:dd:c7:8b:9f:d5:71:f6:f1:50:f8:dd:be:cf:7f:44:
c0:b5:2e:85:79:6c:1e:3e:a6:68:39:15:9f:ad:21:f2:0c:45:
22:7f:26:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aBwdaylEIUpUpu7RpG/pHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YmZhNzFhNTExM2ZlZDgyNDY0Nzc2YzE0MzcxNTE0Yzky
MThlZjUwHhcNMjYwNDE3MDYwMDQ0WhcNMjYwNDE4MDYwMDQ0WjAzMTEwLwYDVQQD
Eyg0MzNiZWIxMjdlYjFjOTA2ZTBlZmUxZDMwNjY5N2I2ZjE2ZTY1MTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2K5uKytxuTf4PaA4u1LCwqn3LO4X
/btiWWJ31vmNjcqTTKRCsTfhpGg4w/2rStfNL8+2bn/8sdDRiuiQMo7JTU5VxRhT
h199/mpE4TdJUG71dPgMLsAFvRJrH9Z0WiJqPNX4mxwRDTAiaHRhNvAlNdCD0Jvx
Ot0VGbQqdJbkruY9G3MMRmf84inTKFbdBq9E4MWpH/2tJvb9n3nben5KAV1S0s4x
Sm6K/6QezgMrOY0K/PoXuBmvhHgkHLC/tJ6a6YCLweadBwscvXHQT3MLJhjFlMaG
PEwa9y9BHfUDa8wkZCohFdzli0w1La0eoXRcNt46U3dQADOmvAi8fOzQ8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEM76xJ+sckG4O/h0wZpe28W5lEqMB8GA1UdIwQY
MBaAFMW/pxpRE/7YJGR3bBQ3FRTJIY71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGItbkdsRVRfdGdrWkhkc0ZEY1ZGTWtoanZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC82N2M4ZmItMDI1Ny00ZDYwLWEwZGYt
NmZjZTAzMzI1YjNmLzEveGItbkdsRVRfdGdrWkhkc0ZEY1ZGTWtoanZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC82N2M4ZmItMDI1Ny00ZDYwLWEwZGYtNmZjZTAzMzI1YjNm
LzEveGItbkdsRVRfdGdrWkhkc0ZEY1ZGTWtoanZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd//DVa+e
NLDTXr3Y9mUxqmHsH7Wz2DJx8gYYdPvX6WMXjs6KOuQiQMLHxE0RfsEgvPiPDo10
cLPpU47DIKu1qTfrym5S8gojEyW/kfwoK2GbYHhBvYWLn23TuopFJvnjiPvjSL45
gxCZTNYmC2sKQ29UDJemT1RrXlm2kz0qkVhMaiYQtSxQRQxs7uxBdNVL3fb+jbwX
oW4yGEl/ItbQiRcochRN6ZX7lMduTUQk3tE4D1jQzrvalZpRp3n7FxUkKGVRwHt2
APDzOx6TxN2RaTbfxPp/xgGVoCzg3ceLn9Vx9vFQ+N2+z39EwLUuhXlsHj6maDkV
n60h8gxFIn8mng==
-----END CERTIFICATE-----
Generated at Fri Apr 17 09:41:05 2026 by rpki-client