Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.mft
File: XL1s2RrWpyhrIfZQn92fUP7nXYc.mft (raw, json)
Hash identifier: YKDg1youibh+e84Eon0m0uFMidjXkTUGUTPWhAqk7rg=
Subject key identifier: D4:C8:62:B1:7D:C2:42:9D:9E:90:2F:DB:C6:08:8C:C2:5C:E2:00:8C
Authority key identifier: 5C:BD:6C:D9:1A:D6:A7:28:6B:21:F6:50:9F:DD:9F:50:FE:E7:5D:87
Certificate issuer: /CN=5cbd6cd91ad6a7286b21f6509fdd9f50fee75d87
Certificate serial: 019D26CCEFB193FD62A855AD0C24818067A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XL1s2RrWpyhrIfZQn92fUP7nXYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.mft
Manifest number: 17B3
Signing time: Wed 25 Mar 2026 21:00:58 +0000
Manifest this update: Wed 25 Mar 2026 21:00:58 +0000
Manifest next update: Thu 26 Mar 2026 21:00:58 +0000
Files and hashes: 1: XL1s2RrWpyhrIfZQn92fUP7nXYc.crl (hash: tYD0ZwJnX6HGdte8w5GaL2P7BJ/wZ/dPswOLJ9Pkzxc=)
2: aJRCmul5cvMFEkfsWwNh6YKtWg0.roa (hash: scsks3FGlAv25a5TwoetFCR7muYAvHPLPp8bABvEfPI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.mft
rsync://rpki.ripe.net/repository/DEFAULT/XL1s2RrWpyhrIfZQn92fUP7nXYc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:cc:ef:b1:93:fd:62:a8:55:ad:0c:24:81:80:67:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cbd6cd91ad6a7286b21f6509fdd9f50fee75d87
Validity
Not Before: Mar 25 21:00:58 2026 GMT
Not After : Mar 26 21:00:58 2026 GMT
Subject: CN=d4c862b17dc2429d9e902fdbc6088cc25ce2008c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b3:2f:24:7a:e7:45:13:71:be:81:60:c2:b0:
cb:7e:13:c1:ca:4f:a0:c5:52:65:3c:ad:4d:09:b0:
69:8a:d3:15:43:a6:ab:1e:bb:4e:4a:6a:af:c2:66:
9c:c3:c5:72:67:17:cc:01:d7:5c:5e:d7:5e:a1:3b:
39:a5:79:c2:7e:0a:42:23:3f:24:08:9a:75:c6:66:
b4:51:19:8b:b8:60:ab:68:bf:fb:8b:0f:3a:5c:32:
a6:25:ee:65:c5:38:eb:57:54:76:71:3d:d0:1e:cd:
6d:8d:c7:db:38:73:a1:a5:41:a7:36:75:7b:a2:16:
81:a2:40:06:0c:2d:7e:65:bc:5a:f2:6d:0d:e4:88:
6d:52:f6:48:69:8d:ae:ad:08:d8:bb:06:b1:aa:8e:
a6:5d:2a:4e:8c:d1:55:57:43:29:a8:ac:aa:57:b6:
b2:76:24:bc:c9:fc:bc:b7:fe:e5:f7:8d:7f:47:f6:
fa:ab:51:2f:23:11:33:c4:f9:94:e2:ab:de:13:18:
22:38:f5:41:56:96:b0:71:36:fb:2f:19:8f:e3:04:
e1:f9:f3:e8:40:f1:8f:9c:2e:64:00:3c:65:ce:81:
8e:dc:0b:b7:28:09:4a:5b:8f:65:bb:7e:ca:5a:25:
0e:0a:54:f0:e0:ad:c9:44:29:99:9b:e1:24:8b:34:
ef:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:C8:62:B1:7D:C2:42:9D:9E:90:2F:DB:C6:08:8C:C2:5C:E2:00:8C
X509v3 Authority Key Identifier:
keyid:5C:BD:6C:D9:1A:D6:A7:28:6B:21:F6:50:9F:DD:9F:50:FE:E7:5D:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XL1s2RrWpyhrIfZQn92fUP7nXYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
07:6b:b8:35:cd:75:29:ca:16:a8:02:66:d3:b2:ef:67:a0:c3:
7f:0c:b8:0b:b8:76:d6:7e:2f:52:b4:10:5f:a5:c4:90:d9:72:
ad:78:93:50:fa:84:50:24:04:fb:5d:fe:76:86:fc:e1:aa:b5:
f1:a0:2a:e0:04:bf:20:34:9f:7c:a8:ad:0f:88:0c:a6:c4:84:
31:53:d2:79:60:06:c5:18:c6:68:4f:74:27:9b:d5:4e:30:26:
1f:4b:ed:d5:7e:90:17:bc:b3:1f:5a:33:29:54:39:af:22:1d:
cc:84:e5:d8:96:70:3c:4d:51:cf:16:b3:9a:3f:65:a3:4a:ee:
c0:db:59:90:62:f4:76:f9:1c:d2:56:28:99:fe:e5:49:ab:5b:
7e:ad:77:9f:c4:46:8f:8f:3c:82:b3:a0:1a:b9:89:61:c8:dc:
84:7d:59:f0:90:c4:1e:8a:b5:75:fc:cb:3f:1b:4f:82:80:53:
00:3e:68:21:cd:89:a6:94:bd:fa:da:f3:05:0b:26:01:08:46:
01:04:c4:19:9c:1a:c1:09:0e:59:32:d9:4d:71:ed:af:95:b9:
be:23:5f:82:e7:05:a4:4f:ae:f0:2c:f2:ff:91:3b:d8:76:1e:
8d:e6:a1:2b:cf:38:f2:1d:ce:b5:7f:71:67:ac:e4:cf:59:97:
57:c5:5a:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mzO+xk/1iqFWtDCSBgGepMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjYmQ2Y2Q5MWFkNmE3Mjg2YjIxZjY1MDlmZGQ5ZjUwZmVl
NzVkODcwHhcNMjYwMzI1MjEwMDU4WhcNMjYwMzI2MjEwMDU4WjAzMTEwLwYDVQQD
EyhkNGM4NjJiMTdkYzI0MjlkOWU5MDJmZGJjNjA4OGNjMjVjZTIwMDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7MvJHrnRRNxvoFgwrDLfhPByk+g
xVJlPK1NCbBpitMVQ6arHrtOSmqvwmacw8VyZxfMAddcXtdeoTs5pXnCfgpCIz8k
CJp1xma0URmLuGCraL/7iw86XDKmJe5lxTjrV1R2cT3QHs1tjcfbOHOhpUGnNnV7
ohaBokAGDC1+Zbxa8m0N5IhtUvZIaY2urQjYuwaxqo6mXSpOjNFVV0MpqKyqV7ay
diS8yfy8t/7l941/R/b6q1EvIxEzxPmU4qveExgiOPVBVpawcTb7LxmP4wTh+fPo
QPGPnC5kADxlzoGO3Au3KAlKW49lu37KWiUOClTw4K3JRCmZm+EkizTv1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNTIYrF9wkKdnpAv28YIjMJc4gCMMB8GA1UdIwQY
MBaAFFy9bNka1qcoayH2UJ/dn1D+512HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEwxczJScldweWhySWZaUW45MmZVUDduWFljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lMDIyM2EtMzFmZC00Y2FjLTgxNjQt
ZmJhMDc0YmExYjkwLzEvWEwxczJScldweWhySWZaUW45MmZVUDduWFljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9lMDIyM2EtMzFmZC00Y2FjLTgxNjQtZmJhMDc0YmExYjkw
LzEvWEwxczJScldweWhySWZaUW45MmZVUDduWFljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB2u4Nc11
KcoWqAJm07LvZ6DDfwy4C7h21n4vUrQQX6XEkNlyrXiTUPqEUCQE+13+dob84aq1
8aAq4AS/IDSffKitD4gMpsSEMVPSeWAGxRjGaE90J5vVTjAmH0vt1X6QF7yzH1oz
KVQ5ryIdzITl2JZwPE1Rzxazmj9lo0ruwNtZkGL0dvkc0lYomf7lSatbfq13n8RG
j488grOgGrmJYcjchH1Z8JDEHoq1dfzLPxtPgoBTAD5oIc2JppS9+trzBQsmAQhG
AQTEGZwawQkOWTLZTXHtr5W5viNfgucFpE+u8Czy/5E72HYejeahK8848h3OtX9x
Z6zkz1mXV8VaOg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:11:06 2026 by rpki-client