Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/bfce8d-0147-47ea-a279-b8f5708f2369/1/XSP6gsR1KG22BxT2A2Gg8crCPSM.mft
File: XSP6gsR1KG22BxT2A2Gg8crCPSM.mft (raw, json)
Hash identifier: Tj1gnFKxM8R3B7LQpNT5Ur7W8apG5w+FW1c7aMUwyn4=
Subject key identifier: 45:A4:DC:12:7C:B9:AA:9D:14:F3:50:13:13:32:3D:CD:C5:44:07:75
Authority key identifier: 5D:23:FA:82:C4:75:28:6D:B6:07:14:F6:03:61:A0:F1:CA:C2:3D:23
Certificate issuer: /CN=5d23fa82c475286db60714f60361a0f1cac23d23
Certificate serial: 019D33E3AA1DAA620409B742E8880EBC4B8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XSP6gsR1KG22BxT2A2Gg8crCPSM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/bfce8d-0147-47ea-a279-b8f5708f2369/1/XSP6gsR1KG22BxT2A2Gg8crCPSM.mft
Manifest number: 31
Signing time: Sat 28 Mar 2026 10:00:51 +0000
Manifest this update: Sat 28 Mar 2026 10:00:51 +0000
Manifest next update: Sun 29 Mar 2026 10:00:51 +0000
Files and hashes: 1: XSP6gsR1KG22BxT2A2Gg8crCPSM.crl (hash: NMWxEr77rTImVSwhEyihCY9bcBs6DQod97Yq5AlvTxM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/bfce8d-0147-47ea-a279-b8f5708f2369/1/XSP6gsR1KG22BxT2A2Gg8crCPSM.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/bfce8d-0147-47ea-a279-b8f5708f2369/1/XSP6gsR1KG22BxT2A2Gg8crCPSM.mft
rsync://rpki.ripe.net/repository/DEFAULT/XSP6gsR1KG22BxT2A2Gg8crCPSM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:33:e3:aa:1d:aa:62:04:09:b7:42:e8:88:0e:bc:4b:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d23fa82c475286db60714f60361a0f1cac23d23
Validity
Not Before: Mar 28 10:00:51 2026 GMT
Not After : Mar 29 10:00:51 2026 GMT
Subject: CN=45a4dc127cb9aa9d14f3501313323dcdc5440775
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d6:8b:d9:4c:2f:a1:49:7b:15:67:43:fb:6a:
8b:23:26:14:99:a7:ff:ce:6e:bf:62:f9:34:ea:d0:
3c:1e:0b:c9:6b:b5:24:4d:97:48:02:4f:6d:02:26:
7c:61:cb:fe:3a:e0:9e:c3:96:9a:43:0b:ac:28:3b:
dc:e4:d2:ad:d2:2b:5d:e9:f1:81:d0:37:60:57:eb:
95:c0:6c:50:c8:76:3b:3e:50:ad:d2:d8:16:14:da:
c6:30:7b:34:2a:5e:83:bd:18:8e:26:30:5b:a5:77:
a1:e8:68:40:70:22:54:7a:6e:ad:23:16:7a:08:da:
91:74:ae:db:90:5f:aa:70:38:b1:0b:50:31:31:df:
2a:d2:17:bf:18:45:23:5a:5b:5b:24:44:65:ce:59:
63:ad:8f:ee:8c:69:fb:4c:ef:dd:97:45:b6:7f:64:
96:7b:17:01:dc:af:b6:85:95:61:07:22:12:52:7c:
2c:66:4b:a5:6b:8f:17:39:6f:b0:bc:ab:98:8c:34:
ed:e4:fb:f0:c2:15:47:7b:a6:94:2b:65:56:a5:fb:
d2:00:7e:11:26:da:ce:9e:5d:b7:e1:b3:87:89:5c:
8e:e0:e4:1a:22:9a:b3:49:c0:25:4c:61:84:c2:4b:
b8:15:d7:1b:c6:47:06:61:84:f3:22:1b:eb:a5:4a:
90:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:A4:DC:12:7C:B9:AA:9D:14:F3:50:13:13:32:3D:CD:C5:44:07:75
X509v3 Authority Key Identifier:
keyid:5D:23:FA:82:C4:75:28:6D:B6:07:14:F6:03:61:A0:F1:CA:C2:3D:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XSP6gsR1KG22BxT2A2Gg8crCPSM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/bfce8d-0147-47ea-a279-b8f5708f2369/1/XSP6gsR1KG22BxT2A2Gg8crCPSM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/bfce8d-0147-47ea-a279-b8f5708f2369/1/XSP6gsR1KG22BxT2A2Gg8crCPSM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2d:fd:a3:47:6e:f0:ed:f2:02:f0:fb:48:33:b9:c3:c1:6c:b6:
a3:cd:bf:63:eb:28:2f:1c:71:70:f1:53:6a:aa:51:e9:85:11:
00:19:a2:99:51:85:66:7d:81:9e:07:88:05:b4:7e:e8:d0:56:
c1:d8:1f:9a:11:ee:9d:d7:f9:4f:c8:40:74:5b:6f:e8:04:6e:
d5:7b:76:dc:cc:22:ee:76:ea:d6:15:df:a8:9a:a4:7b:fa:86:
d3:bd:7a:06:01:6c:8f:4a:aa:6c:eb:f4:73:92:9a:52:fc:f2:
58:d5:05:44:cf:f9:b9:7b:f9:c6:83:aa:2e:a5:ae:34:75:f0:
62:32:96:5e:ef:2f:1c:60:dc:24:75:66:ab:46:07:76:a1:ba:
b4:e2:75:0f:96:f0:76:42:6f:29:42:db:5c:ca:13:58:c4:0b:
f0:36:a3:a0:0a:fb:bd:25:f9:ce:49:9a:2b:62:1e:7d:99:9d:
8b:bf:30:52:e1:63:e3:e3:8e:c8:82:68:dc:c2:42:a0:bd:7e:
dd:9f:1b:39:37:80:11:da:56:3d:63:4c:25:c4:60:50:c7:85:
18:cc:fe:98:7a:62:23:07:15:98:fd:a0:20:41:50:ab:81:f4:
c5:86:77:fd:c4:e4:1a:bc:2d:24:0e:a4:43:d2:70:2b:89:88:
47:4e:6f:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0z46odqmIECbdC6IgOvEuNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMjNmYTgyYzQ3NTI4NmRiNjA3MTRmNjAzNjFhMGYxY2Fj
MjNkMjMwHhcNMjYwMzI4MTAwMDUxWhcNMjYwMzI5MTAwMDUxWjAzMTEwLwYDVQQD
Eyg0NWE0ZGMxMjdjYjlhYTlkMTRmMzUwMTMxMzMyM2RjZGM1NDQwNzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutaL2UwvoUl7FWdD+2qLIyYUmaf/
zm6/Yvk06tA8HgvJa7UkTZdIAk9tAiZ8Ycv+OuCew5aaQwusKDvc5NKt0itd6fGB
0DdgV+uVwGxQyHY7PlCt0tgWFNrGMHs0Kl6DvRiOJjBbpXeh6GhAcCJUem6tIxZ6
CNqRdK7bkF+qcDixC1AxMd8q0he/GEUjWltbJERlzlljrY/ujGn7TO/dl0W2f2SW
excB3K+2hZVhByISUnwsZkula48XOW+wvKuYjDTt5PvwwhVHe6aUK2VWpfvSAH4R
JtrOnl234bOHiVyO4OQaIpqzScAlTGGEwku4FdcbxkcGYYTzIhvrpUqQnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEWk3BJ8uaqdFPNQExMyPc3FRAd1MB8GA1UdIwQY
MBaAFF0j+oLEdShttgcU9gNhoPHKwj0jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFNQNmdzUjFLRzIyQnhUMkEyR2c4Y3JDUFNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9iZmNlOGQtMDE0Ny00N2VhLWEyNzkt
YjhmNTcwOGYyMzY5LzEvWFNQNmdzUjFLRzIyQnhUMkEyR2c4Y3JDUFNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9iZmNlOGQtMDE0Ny00N2VhLWEyNzktYjhmNTcwOGYyMzY5
LzEvWFNQNmdzUjFLRzIyQnhUMkEyR2c4Y3JDUFNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALf2jR27w
7fIC8PtIM7nDwWy2o82/Y+soLxxxcPFTaqpR6YURABmimVGFZn2BngeIBbR+6NBW
wdgfmhHundf5T8hAdFtv6ARu1Xt23Mwi7nbq1hXfqJqke/qG0716BgFsj0qqbOv0
c5KaUvzyWNUFRM/5uXv5xoOqLqWuNHXwYjKWXu8vHGDcJHVmq0YHdqG6tOJ1D5bw
dkJvKULbXMoTWMQL8DajoAr7vSX5zkmaK2IefZmdi78wUuFj4+OOyIJo3MJCoL1+
3Z8bOTeAEdpWPWNMJcRgUMeFGMz+mHpiIwcVmP2gIEFQq4H0xYZ3/cTkGrwtJA6k
Q9JwK4mIR05vtw==
-----END CERTIFICATE-----
Generated at Sat Mar 28 14:29:50 2026 by rpki-client