Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/f83d09-3413-4651-96ce-8fb5244bc256/1/I_XCWFOCCEeS8TrRlyBe_dJ1LfI.mft
File: I_XCWFOCCEeS8TrRlyBe_dJ1LfI.mft (raw, json)
Hash identifier: RUgk/KwEf+4ty8gLHcpMkyHpqZnVeDnSd2zk4cd8S6k=
Subject key identifier: BF:34:A1:D3:67:CC:40:05:E5:52:97:85:3A:45:22:92:38:74:E7:CE
Authority key identifier: 23:F5:C2:58:53:82:08:47:92:F1:3A:D1:97:20:5E:FD:D2:75:2D:F2
Certificate issuer: /CN=23f5c2585382084792f13ad197205efdd2752df2
Certificate serial: 019D3262FA5E0F73B072BE68C91A0BB7FC4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I_XCWFOCCEeS8TrRlyBe_dJ1LfI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/f83d09-3413-4651-96ce-8fb5244bc256/1/I_XCWFOCCEeS8TrRlyBe_dJ1LfI.mft
Manifest number: 023A
Signing time: Sat 28 Mar 2026 03:00:40 +0000
Manifest this update: Sat 28 Mar 2026 03:00:40 +0000
Manifest next update: Sun 29 Mar 2026 03:00:40 +0000
Files and hashes: 1: I_XCWFOCCEeS8TrRlyBe_dJ1LfI.crl (hash: LcW4FKscxZqSGboY/Xheg1fK5SVIKmddlZUeD6EjH58=)
2: ayEAcT6oCdclXkVG2FkLRzZ9mOw.roa (hash: 7P+K2VYLnbm0w74/RJLkFBdqeqXQaGd7I3w+dIasZpw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/f83d09-3413-4651-96ce-8fb5244bc256/1/I_XCWFOCCEeS8TrRlyBe_dJ1LfI.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/f83d09-3413-4651-96ce-8fb5244bc256/1/I_XCWFOCCEeS8TrRlyBe_dJ1LfI.mft
rsync://rpki.ripe.net/repository/DEFAULT/I_XCWFOCCEeS8TrRlyBe_dJ1LfI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 00:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:32:62:fa:5e:0f:73:b0:72:be:68:c9:1a:0b:b7:fc:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23f5c2585382084792f13ad197205efdd2752df2
Validity
Not Before: Mar 28 03:00:40 2026 GMT
Not After : Mar 29 03:00:40 2026 GMT
Subject: CN=bf34a1d367cc4005e55297853a4522923874e7ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:d2:79:03:df:f4:5a:9f:28:f2:a7:32:94:72:
05:49:d9:9a:4d:65:c0:c1:4f:88:9d:e1:5e:67:4f:
c2:54:ae:fd:15:49:bd:07:80:96:f4:7e:12:2b:19:
99:01:44:ec:72:7e:45:bf:51:eb:6e:c0:be:56:af:
9e:c1:fb:7b:97:81:e9:cd:17:be:73:9d:22:5a:05:
c6:bd:76:97:66:cb:b9:24:e8:e9:39:88:bc:99:e2:
cd:14:3c:93:72:a9:b8:83:fd:f0:2b:d5:20:d9:25:
a3:14:c1:ee:eb:9d:06:20:02:c4:36:b3:93:3d:35:
f3:43:cf:b0:2f:23:41:55:ed:90:16:0e:c9:42:81:
06:45:d5:7c:46:a9:b7:28:64:aa:cf:86:4a:67:4d:
0e:3c:dc:30:9c:67:94:96:65:9c:86:68:3f:b4:59:
e3:2c:b5:74:68:8d:ae:e0:78:7c:8a:3f:42:e8:da:
45:01:d9:6d:6e:10:ae:7b:93:34:e2:1c:d2:0e:17:
a2:19:af:01:aa:3e:20:9e:32:38:95:6b:6e:73:c6:
ea:07:03:e4:78:4a:b7:96:f4:cf:ae:45:77:60:4c:
ba:f6:40:4a:e2:c1:4f:ec:43:f5:88:6a:36:8a:a0:
45:38:94:25:29:89:f2:1f:0c:cb:b6:1f:92:b2:01:
c2:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:34:A1:D3:67:CC:40:05:E5:52:97:85:3A:45:22:92:38:74:E7:CE
X509v3 Authority Key Identifier:
keyid:23:F5:C2:58:53:82:08:47:92:F1:3A:D1:97:20:5E:FD:D2:75:2D:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I_XCWFOCCEeS8TrRlyBe_dJ1LfI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/f83d09-3413-4651-96ce-8fb5244bc256/1/I_XCWFOCCEeS8TrRlyBe_dJ1LfI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/f83d09-3413-4651-96ce-8fb5244bc256/1/I_XCWFOCCEeS8TrRlyBe_dJ1LfI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5e:fa:16:a2:eb:73:67:a0:0e:ef:42:12:c5:2d:c3:79:5d:62:
1a:bf:35:59:c7:43:d6:54:a4:45:c1:65:fb:4f:7f:06:8c:57:
7c:ff:5d:af:45:80:36:68:48:05:63:f7:43:f0:08:cd:42:57:
b9:aa:25:d3:71:70:28:89:80:1b:af:dd:9f:15:b4:0c:18:32:
61:21:77:9f:43:a9:80:bc:1a:e5:d9:c5:1a:b6:b9:76:fb:58:
33:ed:80:33:5b:f8:cf:53:85:e6:df:28:99:be:86:90:20:0a:
0d:67:45:4a:a8:d1:a6:c2:dc:40:09:90:4b:45:c0:7b:57:73:
ca:97:c8:09:1e:de:23:c9:1b:74:b0:17:be:b4:51:25:03:f5:
bb:3d:1a:23:59:90:05:2c:80:31:36:b0:8b:06:80:09:ba:c4:
ef:d2:77:a0:0e:b6:e8:6c:ce:2f:7e:da:ba:94:0e:5c:32:61:
c3:04:47:93:a6:54:f4:a2:e6:b5:05:a9:ac:e1:c7:43:c7:c6:
e4:a8:dd:87:62:7a:29:f4:6b:2a:e6:d9:fe:a4:42:b9:26:86:
f0:4a:8c:34:90:ae:0e:ff:e9:e1:ea:4a:1a:86:b1:0d:26:e2:
d0:0c:22:cc:bb:15:b4:0f:99:2c:89:a8:0e:5c:de:9b:33:9c:
20:3b:20:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0yYvpeD3Owcr5oyRoLt/xNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZjVjMjU4NTM4MjA4NDc5MmYxM2FkMTk3MjA1ZWZkZDI3
NTJkZjIwHhcNMjYwMzI4MDMwMDQwWhcNMjYwMzI5MDMwMDQwWjAzMTEwLwYDVQQD
EyhiZjM0YTFkMzY3Y2M0MDA1ZTU1Mjk3ODUzYTQ1MjI5MjM4NzRlN2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltJ5A9/0Wp8o8qcylHIFSdmaTWXA
wU+IneFeZ0/CVK79FUm9B4CW9H4SKxmZAUTscn5Fv1HrbsC+Vq+ewft7l4HpzRe+
c50iWgXGvXaXZsu5JOjpOYi8meLNFDyTcqm4g/3wK9Ug2SWjFMHu650GIALENrOT
PTXzQ8+wLyNBVe2QFg7JQoEGRdV8Rqm3KGSqz4ZKZ00OPNwwnGeUlmWchmg/tFnj
LLV0aI2u4Hh8ij9C6NpFAdltbhCue5M04hzSDheiGa8Bqj4gnjI4lWtuc8bqBwPk
eEq3lvTPrkV3YEy69kBK4sFP7EP1iGo2iqBFOJQlKYnyHwzLth+SsgHCKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL80odNnzEAF5VKXhTpFIpI4dOfOMB8GA1UdIwQY
MBaAFCP1wlhTgghHkvE60ZcgXv3SdS3yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSV9YQ1dGT0NDRWVTOFRyUmx5QmVfZEoxTGZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9mODNkMDktMzQxMy00NjUxLTk2Y2Ut
OGZiNTI0NGJjMjU2LzEvSV9YQ1dGT0NDRWVTOFRyUmx5QmVfZEoxTGZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9mODNkMDktMzQxMy00NjUxLTk2Y2UtOGZiNTI0NGJjMjU2
LzEvSV9YQ1dGT0NDRWVTOFRyUmx5QmVfZEoxTGZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXvoWoutz
Z6AO70ISxS3DeV1iGr81WcdD1lSkRcFl+09/BoxXfP9dr0WANmhIBWP3Q/AIzUJX
uaol03FwKImAG6/dnxW0DBgyYSF3n0OpgLwa5dnFGra5dvtYM+2AM1v4z1OF5t8o
mb6GkCAKDWdFSqjRpsLcQAmQS0XAe1dzypfICR7eI8kbdLAXvrRRJQP1uz0aI1mQ
BSyAMTawiwaACbrE79J3oA626GzOL37aupQOXDJhwwRHk6ZU9KLmtQWprOHHQ8fG
5Kjdh2J6KfRrKubZ/qRCuSaG8EqMNJCuDv/p4epKGoaxDSbi0AwizLsVtA+ZLImo
DlzemzOcIDsgsg==
-----END CERTIFICATE-----
Generated at Sat Mar 28 08:43:18 2026 by rpki-client