Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/e2927e-bff0-4c61-9188-b86a6f262633/1/xLCiTzhOiW3lHlg149KEYHtJxZE.mft
File: xLCiTzhOiW3lHlg149KEYHtJxZE.mft (raw, json)
Hash identifier: XjkTiLUJQlRLAQpii3JsFcOc+0GWoKJ5IJ+pjkQLz9E=
Subject key identifier: 1A:A7:8D:08:FC:99:AF:7E:E9:0B:A3:FC:C2:0A:40:A9:63:72:52:F8
Authority key identifier: C4:B0:A2:4F:38:4E:89:6D:E5:1E:58:35:E3:D2:84:60:7B:49:C5:91
Certificate issuer: /CN=c4b0a24f384e896de51e5835e3d284607b49c591
Certificate serial: 019D28F2FCDA545AD6847AF5666597E028EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xLCiTzhOiW3lHlg149KEYHtJxZE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/e2927e-bff0-4c61-9188-b86a6f262633/1/xLCiTzhOiW3lHlg149KEYHtJxZE.mft
Manifest number: 035B
Signing time: Thu 26 Mar 2026 07:01:46 +0000
Manifest this update: Thu 26 Mar 2026 07:01:46 +0000
Manifest next update: Fri 27 Mar 2026 07:01:46 +0000
Files and hashes: 1: xLCiTzhOiW3lHlg149KEYHtJxZE.crl (hash: 75fC4BYnHEcqBI9NxIvcFpyOR2JVkMq/XrgzJoa5KHs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/e2927e-bff0-4c61-9188-b86a6f262633/1/xLCiTzhOiW3lHlg149KEYHtJxZE.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/e2927e-bff0-4c61-9188-b86a6f262633/1/xLCiTzhOiW3lHlg149KEYHtJxZE.mft
rsync://rpki.ripe.net/repository/DEFAULT/xLCiTzhOiW3lHlg149KEYHtJxZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 07:01:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:f2:fc:da:54:5a:d6:84:7a:f5:66:65:97:e0:28:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4b0a24f384e896de51e5835e3d284607b49c591
Validity
Not Before: Mar 26 07:01:46 2026 GMT
Not After : Mar 27 07:01:46 2026 GMT
Subject: CN=1aa78d08fc99af7ee90ba3fcc20a40a9637252f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:db:6d:49:0a:75:ed:37:fa:31:5f:e6:02:15:
c0:39:b5:dd:c8:b5:32:a7:7e:12:ce:d1:21:70:e0:
89:8a:10:08:0b:74:33:3e:66:94:e9:05:40:89:be:
94:6c:b6:23:22:fe:46:14:8e:85:fb:db:fb:ab:19:
1d:34:f3:d5:64:32:d9:1b:06:64:4d:95:ce:3e:fd:
2b:c7:74:8e:13:b7:5f:35:ee:76:b0:14:5c:ca:d5:
cf:21:74:d0:30:64:08:c1:a1:1c:ed:2d:e0:c1:43:
c4:1e:65:0a:fa:c6:68:ea:ac:a3:69:e6:a0:d1:10:
07:d9:c4:5d:79:47:4d:3f:bb:df:16:1e:ed:1b:a8:
a8:8f:3b:a1:52:20:ea:92:4b:18:fb:3b:27:f6:18:
a9:18:e7:90:28:ed:17:b6:f3:25:0b:db:27:97:5b:
5d:e1:15:ea:85:af:2f:92:79:60:ab:23:9c:54:71:
14:bf:ce:16:36:17:22:0b:82:82:2d:6f:29:56:73:
63:0b:ea:64:5f:93:0b:94:a4:3f:fd:a4:34:4f:fd:
ca:3f:2b:48:2c:5b:80:a7:60:0b:48:d2:1e:6b:08:
42:2f:31:a7:d3:7c:19:ed:cc:58:83:19:26:34:e7:
e9:b3:88:93:b5:85:75:40:e1:1f:28:21:9e:77:64:
62:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:A7:8D:08:FC:99:AF:7E:E9:0B:A3:FC:C2:0A:40:A9:63:72:52:F8
X509v3 Authority Key Identifier:
keyid:C4:B0:A2:4F:38:4E:89:6D:E5:1E:58:35:E3:D2:84:60:7B:49:C5:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xLCiTzhOiW3lHlg149KEYHtJxZE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/e2927e-bff0-4c61-9188-b86a6f262633/1/xLCiTzhOiW3lHlg149KEYHtJxZE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/e2927e-bff0-4c61-9188-b86a6f262633/1/xLCiTzhOiW3lHlg149KEYHtJxZE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
25:05:a5:4c:38:41:0c:c6:43:f0:ef:bf:c8:16:ca:fd:d7:36:
5f:78:48:e2:87:c7:d9:eb:e4:de:96:f8:f5:92:fb:99:96:b2:
13:a9:0d:1d:57:04:87:f7:52:ad:ef:49:72:91:91:ce:ce:8a:
7a:83:32:a8:b0:af:97:7b:26:6a:c1:23:9d:4e:67:fa:b0:03:
ff:18:8c:5e:41:11:81:bf:9f:b5:88:1e:12:56:7e:b4:f8:b5:
5c:a4:fd:cb:2a:df:65:0b:c9:97:a1:72:be:88:c8:74:be:6c:
25:84:28:5a:19:28:25:63:6d:5f:5e:dd:02:d2:ef:c1:bc:74:
b9:e9:a0:bd:6c:08:66:c6:2c:9f:15:a9:11:fb:02:7a:4b:aa:
e4:58:7a:ee:c8:05:6b:a0:bc:e9:82:91:34:1e:dc:e3:fa:25:
9c:32:c2:46:11:be:20:30:2d:11:91:2d:35:7f:af:e4:5d:20:
4a:ff:d4:fd:2f:ad:b2:41:78:fd:54:be:b6:64:cc:1d:fd:7b:
76:af:d7:b1:83:b3:c9:7f:ec:96:40:bd:50:35:16:bc:9b:75:
85:bc:e5:a3:eb:84:ac:80:3f:0d:61:19:14:45:06:f1:ab:0d:
dc:ea:c6:d1:fe:a2:f6:3e:0f:9f:0d:4e:52:fe:96:a8:fb:a0:
b0:f0:bd:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8vzaVFrWhHr1ZmWX4CjrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0YjBhMjRmMzg0ZTg5NmRlNTFlNTgzNWUzZDI4NDYwN2I0
OWM1OTEwHhcNMjYwMzI2MDcwMTQ2WhcNMjYwMzI3MDcwMTQ2WjAzMTEwLwYDVQQD
EygxYWE3OGQwOGZjOTlhZjdlZTkwYmEzZmNjMjBhNDBhOTYzNzI1MmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9ttSQp17Tf6MV/mAhXAObXdyLUy
p34SztEhcOCJihAIC3QzPmaU6QVAib6UbLYjIv5GFI6F+9v7qxkdNPPVZDLZGwZk
TZXOPv0rx3SOE7dfNe52sBRcytXPIXTQMGQIwaEc7S3gwUPEHmUK+sZo6qyjaeag
0RAH2cRdeUdNP7vfFh7tG6iojzuhUiDqkksY+zsn9hipGOeQKO0XtvMlC9snl1td
4RXqha8vknlgqyOcVHEUv84WNhciC4KCLW8pVnNjC+pkX5MLlKQ//aQ0T/3KPytI
LFuAp2ALSNIeawhCLzGn03wZ7cxYgxkmNOfps4iTtYV1QOEfKCGed2RiJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBqnjQj8ma9+6Quj/MIKQKljclL4MB8GA1UdIwQY
MBaAFMSwok84Tolt5R5YNePShGB7ScWRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveExDaVR6aE9pVzNsSGxnMTQ5S0VZSHRKeFpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9lMjkyN2UtYmZmMC00YzYxLTkxODgt
Yjg2YTZmMjYyNjMzLzEveExDaVR6aE9pVzNsSGxnMTQ5S0VZSHRKeFpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9lMjkyN2UtYmZmMC00YzYxLTkxODgtYjg2YTZmMjYyNjMz
LzEveExDaVR6aE9pVzNsSGxnMTQ5S0VZSHRKeFpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJQWlTDhB
DMZD8O+/yBbK/dc2X3hI4ofH2evk3pb49ZL7mZayE6kNHVcEh/dSre9JcpGRzs6K
eoMyqLCvl3smasEjnU5n+rAD/xiMXkERgb+ftYgeElZ+tPi1XKT9yyrfZQvJl6Fy
vojIdL5sJYQoWhkoJWNtX17dAtLvwbx0uemgvWwIZsYsnxWpEfsCekuq5Fh67sgF
a6C86YKRNB7c4/olnDLCRhG+IDAtEZEtNX+v5F0gSv/U/S+tskF4/VS+tmTMHf17
dq/XsYOzyX/slkC9UDUWvJt1hbzlo+uErIA/DWEZFEUG8asN3OrG0f6i9j4Pnw1O
Uv6WqPugsPC9EA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 17:07:11 2026 by rpki-client