Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/de9ffc-4477-4e30-9570-6541cc006eac/1/xx85HWDhoTnMxCsXoyqVNj31z7A.mft
File: xx85HWDhoTnMxCsXoyqVNj31z7A.mft (raw, json)
Hash identifier: S5TzLhA5OOY4xAqiAGbdk0LUInjgjIlc6SlS++AtQPc=
Subject key identifier: E7:D7:E6:06:31:F9:ED:1E:4C:32:10:F9:5E:F4:E6:A7:D8:19:2E:8C
Authority key identifier: C7:1F:39:1D:60:E1:A1:39:CC:C4:2B:17:A3:2A:95:36:3D:F5:CF:B0
Certificate issuer: /CN=c71f391d60e1a139ccc42b17a32a95363df5cfb0
Certificate serial: 019CAEDA3B5A37D9459B2FE93806575A4DCA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xx85HWDhoTnMxCsXoyqVNj31z7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/de9ffc-4477-4e30-9570-6541cc006eac/1/xx85HWDhoTnMxCsXoyqVNj31z7A.mft
Manifest number: 0166
Signing time: Mon 02 Mar 2026 14:01:03 +0000
Manifest this update: Mon 02 Mar 2026 14:01:03 +0000
Manifest next update: Tue 03 Mar 2026 14:01:03 +0000
Files and hashes: 1: 5Ac1xGg2xzacy1Elgpwm7Fl9gOY.roa (hash: VWmcJPkpnJaJdz3GW3aT+bj0R6mJFxMSWGrX3LD0Zyk=)
2: xx85HWDhoTnMxCsXoyqVNj31z7A.crl (hash: BsnbzbovMGcDnbJIXPKTBK545FVA4DMO+zhpsiMJROk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/de9ffc-4477-4e30-9570-6541cc006eac/1/xx85HWDhoTnMxCsXoyqVNj31z7A.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/de9ffc-4477-4e30-9570-6541cc006eac/1/xx85HWDhoTnMxCsXoyqVNj31z7A.mft
rsync://rpki.ripe.net/repository/DEFAULT/xx85HWDhoTnMxCsXoyqVNj31z7A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 14:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ae:da:3b:5a:37:d9:45:9b:2f:e9:38:06:57:5a:4d:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c71f391d60e1a139ccc42b17a32a95363df5cfb0
Validity
Not Before: Mar 2 14:01:03 2026 GMT
Not After : Mar 3 14:01:03 2026 GMT
Subject: CN=e7d7e60631f9ed1e4c3210f95ef4e6a7d8192e8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:6f:18:f1:b4:56:2d:21:d1:62:92:6a:6d:2a:
7b:16:cf:ff:7c:8b:5e:e7:36:ed:60:62:c8:4f:8d:
ab:95:83:ec:4b:a4:3e:99:9f:f1:c7:0b:91:80:3e:
79:54:5d:4e:6b:98:f9:01:af:59:32:b1:76:2b:3b:
0b:72:e3:ce:b1:8c:62:bc:d1:1c:18:0f:10:27:7c:
04:c1:9e:55:a2:e8:6e:53:26:5c:18:76:64:f8:1f:
55:26:4e:a5:67:a5:05:cd:e0:9f:8b:48:41:fe:4e:
1d:97:cb:7e:59:4d:0d:22:20:75:cc:02:63:db:4f:
79:b0:01:92:c3:a3:17:6e:a6:d6:91:ab:ad:e1:62:
f9:85:e8:15:1e:c7:73:95:5c:73:3c:ec:c7:aa:ca:
12:d6:66:66:0e:03:ce:ce:40:1b:c0:88:e1:bf:d8:
31:9c:a1:ae:59:ae:24:c7:65:95:7d:c2:21:8b:a7:
d7:f3:66:80:2c:d6:89:00:98:5b:60:01:0d:97:e0:
76:a5:75:ef:cf:54:92:08:69:b9:7d:cf:3b:03:c6:
f9:5b:04:94:94:f8:11:2e:c2:a4:6f:80:72:38:96:
03:59:2b:ef:06:c7:07:6b:b0:d5:18:18:6a:ad:14:
82:1c:ed:fd:c5:34:15:07:05:10:09:d4:d4:6a:e4:
35:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:D7:E6:06:31:F9:ED:1E:4C:32:10:F9:5E:F4:E6:A7:D8:19:2E:8C
X509v3 Authority Key Identifier:
keyid:C7:1F:39:1D:60:E1:A1:39:CC:C4:2B:17:A3:2A:95:36:3D:F5:CF:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xx85HWDhoTnMxCsXoyqVNj31z7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/de9ffc-4477-4e30-9570-6541cc006eac/1/xx85HWDhoTnMxCsXoyqVNj31z7A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/de9ffc-4477-4e30-9570-6541cc006eac/1/xx85HWDhoTnMxCsXoyqVNj31z7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9d:20:77:bf:f1:88:58:27:f9:18:e6:49:af:ab:09:d1:e6:ce:
00:26:4a:6e:c1:66:5f:56:82:b1:01:74:81:70:cf:a3:92:4c:
b6:f1:74:3e:d5:8e:94:f7:75:dd:8f:7d:5d:93:27:d3:e6:60:
b8:eb:38:bf:19:c3:5b:e1:cf:8e:7c:1d:95:23:6b:32:a2:e5:
77:5c:bd:cf:04:01:e5:fd:cb:8d:61:9d:65:8d:9d:ca:63:59:
4b:b7:66:cd:a7:69:9c:8c:ed:53:25:44:83:92:4e:0b:e8:ed:
fe:73:b1:92:11:39:72:e6:cc:de:d6:e8:14:79:77:0c:5a:96:
b2:6a:88:e8:b9:cb:45:fb:c2:94:7b:43:49:d4:62:8c:83:de:
52:23:23:85:6a:e7:7b:5b:c2:0f:73:22:1e:cd:80:33:13:ed:
0a:7d:c4:10:77:b7:2d:73:ad:7f:89:d2:75:ae:5c:d8:28:a7:
45:54:2e:44:0c:eb:b0:ce:9c:5f:4f:50:eb:9d:78:67:94:85:
96:85:f5:a0:23:d8:2a:61:4e:85:a6:6c:04:e5:dd:92:b4:4c:
2f:66:e2:e8:8e:da:99:9d:f6:ca:e9:99:b1:21:04:eb:9d:f8:
a2:f5:66:93:74:47:0a:bd:81:b7:9b:d0:ab:47:51:72:85:1d:
27:46:3b:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyu2jtaN9lFmy/pOAZXWk3KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3MWYzOTFkNjBlMWExMzljY2M0MmIxN2EzMmE5NTM2M2Rm
NWNmYjAwHhcNMjYwMzAyMTQwMTAzWhcNMjYwMzAzMTQwMTAzWjAzMTEwLwYDVQQD
EyhlN2Q3ZTYwNjMxZjllZDFlNGMzMjEwZjk1ZWY0ZTZhN2Q4MTkyZThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvG8Y8bRWLSHRYpJqbSp7Fs//fIte
5zbtYGLIT42rlYPsS6Q+mZ/xxwuRgD55VF1Oa5j5Aa9ZMrF2KzsLcuPOsYxivNEc
GA8QJ3wEwZ5VouhuUyZcGHZk+B9VJk6lZ6UFzeCfi0hB/k4dl8t+WU0NIiB1zAJj
2095sAGSw6MXbqbWkaut4WL5hegVHsdzlVxzPOzHqsoS1mZmDgPOzkAbwIjhv9gx
nKGuWa4kx2WVfcIhi6fX82aALNaJAJhbYAENl+B2pXXvz1SSCGm5fc87A8b5WwSU
lPgRLsKkb4ByOJYDWSvvBscHa7DVGBhqrRSCHO39xTQVBwUQCdTUauQ1awIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOfX5gYx+e0eTDIQ+V705qfYGS6MMB8GA1UdIwQY
MBaAFMcfOR1g4aE5zMQrF6MqlTY99c+wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHg4NUhXRGhvVG5NeENzWG95cVZOajMxejdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9kZTlmZmMtNDQ3Ny00ZTMwLTk1NzAt
NjU0MWNjMDA2ZWFjLzEveHg4NUhXRGhvVG5NeENzWG95cVZOajMxejdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9kZTlmZmMtNDQ3Ny00ZTMwLTk1NzAtNjU0MWNjMDA2ZWFj
LzEveHg4NUhXRGhvVG5NeENzWG95cVZOajMxejdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnSB3v/GI
WCf5GOZJr6sJ0ebOACZKbsFmX1aCsQF0gXDPo5JMtvF0PtWOlPd13Y99XZMn0+Zg
uOs4vxnDW+HPjnwdlSNrMqLld1y9zwQB5f3LjWGdZY2dymNZS7dmzadpnIztUyVE
g5JOC+jt/nOxkhE5cubM3tboFHl3DFqWsmqI6LnLRfvClHtDSdRijIPeUiMjhWrn
e1vCD3MiHs2AMxPtCn3EEHe3LXOtf4nSda5c2CinRVQuRAzrsM6cX09Q6514Z5SF
loX1oCPYKmFOhaZsBOXdkrRML2bi6I7amZ32yumZsSEE6534ovVmk3RHCr2Bt5vQ
q0dRcoUdJ0Y7Pg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 21:13:53 2026 by rpki-client