Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.mft
File: XX2xSVjPTXheWe9cbGefjvVMHYs.mft (raw, json)
Hash identifier: JfSYfeMTa+nt5JykfLh/tk8VU9oEGBHQg4llYPBEQEs=
Subject key identifier: 32:A7:E8:91:E8:E8:5C:47:29:1F:B2:C0:F1:37:12:03:80:A3:7F:9D
Authority key identifier: 5D:7D:B1:49:58:CF:4D:78:5E:59:EF:5C:6C:67:9F:8E:F5:4C:1D:8B
Certificate issuer: /CN=5d7db14958cf4d785e59ef5c6c679f8ef54c1d8b
Certificate serial: 019D27720215858045C496DA9AC6A409EC7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XX2xSVjPTXheWe9cbGefjvVMHYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.mft
Manifest number: 086E
Signing time: Thu 26 Mar 2026 00:01:16 +0000
Manifest this update: Thu 26 Mar 2026 00:01:16 +0000
Manifest next update: Fri 27 Mar 2026 00:01:16 +0000
Files and hashes: 1: XX2xSVjPTXheWe9cbGefjvVMHYs.crl (hash: ha2TVEmnEOAZeMwnNH9BE/f+83TgxuOdWtvRzJkq4w4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.mft
rsync://rpki.ripe.net/repository/DEFAULT/XX2xSVjPTXheWe9cbGefjvVMHYs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:72:02:15:85:80:45:c4:96:da:9a:c6:a4:09:ec:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d7db14958cf4d785e59ef5c6c679f8ef54c1d8b
Validity
Not Before: Mar 26 00:01:16 2026 GMT
Not After : Mar 27 00:01:16 2026 GMT
Subject: CN=32a7e891e8e85c47291fb2c0f137120380a37f9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:d2:ab:7f:ce:fd:50:0e:6c:7d:f7:3b:ff:d3:
53:6d:7a:7a:68:d6:f5:78:90:8b:38:c9:27:0d:5b:
17:61:07:90:13:4b:54:1a:5d:6c:68:08:69:5a:ab:
c7:ec:33:d6:eb:40:44:d5:28:87:d1:43:e6:fb:16:
ee:2c:fa:0d:2b:a2:65:a7:18:b3:7c:17:ee:c6:da:
ed:23:ba:01:2f:ff:ff:0e:ee:ec:4a:3f:7c:c2:b6:
66:41:8a:8c:58:ff:47:e5:44:e0:04:e7:81:ec:48:
91:97:1d:81:2d:f7:8e:46:90:c0:07:2c:74:ce:fd:
f8:aa:6d:2c:2c:a2:a8:39:21:13:fa:2b:38:0b:71:
92:0d:1a:91:83:1b:04:f3:ac:f6:c6:28:0a:d8:e4:
8b:a4:e6:06:78:dd:76:c3:81:b8:88:51:e7:99:27:
a6:13:51:40:d8:32:54:fb:dc:44:e5:b2:cd:e5:a2:
02:f7:a1:c7:0d:92:9c:42:1f:2e:7b:79:05:3b:be:
4f:bb:76:0d:7b:ce:d8:c7:d4:53:a3:0d:0f:de:b1:
91:61:d9:fb:ce:8d:94:4b:fd:fe:d1:5c:b3:d0:6f:
bd:fb:a8:53:64:ee:5f:63:79:4a:43:25:c3:bc:1b:
83:28:04:84:df:7d:56:4e:69:34:a9:32:dc:0a:a7:
dc:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:A7:E8:91:E8:E8:5C:47:29:1F:B2:C0:F1:37:12:03:80:A3:7F:9D
X509v3 Authority Key Identifier:
keyid:5D:7D:B1:49:58:CF:4D:78:5E:59:EF:5C:6C:67:9F:8E:F5:4C:1D:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XX2xSVjPTXheWe9cbGefjvVMHYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6e:56:3d:e2:46:d6:d1:70:24:94:3b:65:d7:60:23:00:aa:8b:
f6:88:b0:ba:dd:ad:fa:92:b0:d2:34:b5:78:05:62:8f:a2:36:
f2:a5:43:08:02:24:c1:59:aa:00:e9:49:03:38:b5:da:05:40:
6e:e1:b3:53:db:0a:d9:a5:0b:7f:a7:e7:7e:fe:3a:1a:32:0d:
92:7d:ad:06:57:04:a6:07:71:0a:52:dd:07:0f:26:8f:f1:6d:
d4:3a:58:6d:9a:dc:fa:33:0a:3b:3e:07:dc:16:d2:ee:b4:0b:
99:47:11:6d:f1:08:c9:11:6b:86:4e:79:9b:79:84:95:42:22:
1f:89:00:d6:d0:59:0e:da:ec:7d:9d:0d:eb:aa:55:d1:95:4f:
1e:79:fb:4b:e4:26:f0:e9:ff:4b:0a:45:26:53:06:46:75:90:
b7:6b:35:1c:f7:a0:6c:df:52:32:2c:17:82:ab:be:b8:33:2b:
97:17:55:c8:37:16:ba:23:18:e5:d5:a8:a7:3e:db:96:82:05:
e0:5d:d3:73:d0:c2:52:cb:cd:80:0f:8d:da:93:17:4b:8e:59:
e0:af:e8:98:72:96:c3:59:d3:ff:54:02:e3:ea:f7:88:77:df:
a9:0d:7f:10:ff:8b:2d:d7:ef:84:02:4f:21:1d:8a:5a:e1:78:
86:c3:fc:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ncgIVhYBFxJbamsakCex/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkN2RiMTQ5NThjZjRkNzg1ZTU5ZWY1YzZjNjc5ZjhlZjU0
YzFkOGIwHhcNMjYwMzI2MDAwMTE2WhcNMjYwMzI3MDAwMTE2WjAzMTEwLwYDVQQD
EygzMmE3ZTg5MWU4ZTg1YzQ3MjkxZmIyYzBmMTM3MTIwMzgwYTM3ZjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+9Krf879UA5sffc7/9NTbXp6aNb1
eJCLOMknDVsXYQeQE0tUGl1saAhpWqvH7DPW60BE1SiH0UPm+xbuLPoNK6Jlpxiz
fBfuxtrtI7oBL///Du7sSj98wrZmQYqMWP9H5UTgBOeB7EiRlx2BLfeORpDAByx0
zv34qm0sLKKoOSET+is4C3GSDRqRgxsE86z2xigK2OSLpOYGeN12w4G4iFHnmSem
E1FA2DJU+9xE5bLN5aIC96HHDZKcQh8ue3kFO75Pu3YNe87Yx9RTow0P3rGRYdn7
zo2US/3+0Vyz0G+9+6hTZO5fY3lKQyXDvBuDKASE331WTmk0qTLcCqfcBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDKn6JHo6FxHKR+ywPE3EgOAo3+dMB8GA1UdIwQY
MBaAFF19sUlYz014XlnvXGxnn471TB2LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFgyeFNWalBUWGhlV2U5Y2JHZWZqdlZNSFlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yMTdlOTctNmIyYy00YTVkLTkxNWIt
OTQ5YzYyOGU1ZjNjLzEvWFgyeFNWalBUWGhlV2U5Y2JHZWZqdlZNSFlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8yMTdlOTctNmIyYy00YTVkLTkxNWItOTQ5YzYyOGU1ZjNj
LzEvWFgyeFNWalBUWGhlV2U5Y2JHZWZqdlZNSFlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAblY94kbW
0XAklDtl12AjAKqL9oiwut2t+pKw0jS1eAVij6I28qVDCAIkwVmqAOlJAzi12gVA
buGzU9sK2aULf6fnfv46GjINkn2tBlcEpgdxClLdBw8mj/Ft1DpYbZrc+jMKOz4H
3BbS7rQLmUcRbfEIyRFrhk55m3mElUIiH4kA1tBZDtrsfZ0N66pV0ZVPHnn7S+Qm
8On/SwpFJlMGRnWQt2s1HPegbN9SMiwXgqu+uDMrlxdVyDcWuiMY5dWopz7bloIF
4F3Tc9DCUsvNgA+N2pMXS45Z4K/omHKWw1nT/1QC4+r3iHffqQ1/EP+LLdfvhAJP
IR2KWuF4hsP8Jw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:54:44 2026 by rpki-client