Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft
File: XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft (raw, json)
Hash identifier: R6rC5RbtP4U0ryfHP9KomMnlmQvmc083+/DwM3XK5AQ=
Subject key identifier: F4:8A:CB:64:FD:EC:24:52:E8:E0:61:C9:13:60:E3:44:77:B6:B6:00
Authority key identifier: 5D:21:96:8E:91:C2:F4:7F:1B:07:C1:F3:5F:E7:D2:63:C5:6D:04:95
Certificate issuer: /CN=5d21968e91c2f47f1b07c1f35fe7d263c56d0495
Certificate serial: 019D2960F65DBA551AAE43B06BC0110A6353
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XSGWjpHC9H8bB8HzX-fSY8VtBJU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft
Manifest number: 0899
Signing time: Thu 26 Mar 2026 09:01:53 +0000
Manifest this update: Thu 26 Mar 2026 09:01:53 +0000
Manifest next update: Fri 27 Mar 2026 09:01:53 +0000
Files and hashes: 1: XSGWjpHC9H8bB8HzX-fSY8VtBJU.crl (hash: /g21WqK9bDVZRm3cPRs7K8H+Iqw0WlM3li35KWJypwc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft
rsync://rpki.ripe.net/repository/DEFAULT/XSGWjpHC9H8bB8HzX-fSY8VtBJU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:60:f6:5d:ba:55:1a:ae:43:b0:6b:c0:11:0a:63:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d21968e91c2f47f1b07c1f35fe7d263c56d0495
Validity
Not Before: Mar 26 09:01:53 2026 GMT
Not After : Mar 27 09:01:53 2026 GMT
Subject: CN=f48acb64fdec2452e8e061c91360e34477b6b600
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:72:e6:d3:93:c6:36:f5:95:85:fc:21:6b:ba:
c5:9d:45:0d:e0:01:53:c7:fa:56:13:e4:ca:1d:cc:
0a:21:fc:b2:01:69:1a:75:66:53:ee:fb:08:d7:bc:
8c:bc:8a:d1:0a:11:4d:64:7a:bb:f3:a2:6a:e2:d1:
eb:a4:88:a3:7b:e8:27:d4:99:50:11:57:7b:b3:17:
85:76:bc:8d:b5:d4:df:d8:8e:e0:93:b7:b8:c6:41:
80:db:b9:b8:b7:49:06:7f:e7:9e:51:95:2b:65:8b:
5c:29:4c:17:4c:e4:37:0b:c7:a4:65:86:92:f1:82:
f5:e1:75:11:cb:cb:b8:91:03:49:0e:98:5d:75:b2:
42:e8:36:fe:25:d4:8f:d7:5a:1f:d0:74:41:ca:12:
07:25:14:e4:c1:51:ab:27:e2:57:97:cc:15:7e:49:
13:1d:86:85:01:75:4a:aa:73:7e:02:92:5f:79:f0:
8d:f6:ac:c6:7b:cd:15:ad:a0:1a:52:64:f7:37:18:
07:ea:97:25:9c:23:c0:32:70:93:bb:1c:54:4b:bf:
75:d4:06:13:33:39:f3:61:16:fd:de:81:4a:d6:1b:
40:a1:13:af:a9:4d:1c:3d:96:e7:87:0e:f8:6b:92:
4e:07:fe:7c:92:78:8a:53:18:c0:c5:d6:3f:4f:06:
e8:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:8A:CB:64:FD:EC:24:52:E8:E0:61:C9:13:60:E3:44:77:B6:B6:00
X509v3 Authority Key Identifier:
keyid:5D:21:96:8E:91:C2:F4:7F:1B:07:C1:F3:5F:E7:D2:63:C5:6D:04:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XSGWjpHC9H8bB8HzX-fSY8VtBJU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
26:da:42:0c:41:16:aa:1d:cc:75:2a:29:19:4c:2e:27:cb:f4:
78:d6:83:66:1e:58:85:93:66:e4:91:d5:d0:69:f1:48:48:cb:
4a:a6:82:5f:5f:8d:26:a6:5a:3e:d5:51:25:76:2a:12:70:fe:
a7:3d:6e:c7:a8:77:13:2d:bb:c9:04:ab:a7:e1:d3:7d:ad:d2:
07:9c:77:ea:a4:e5:9c:2d:d5:99:04:c9:03:42:52:a5:95:0e:
17:a0:98:4a:7e:87:7d:dd:55:11:91:e2:88:31:22:65:bc:79:
0f:f7:c4:59:3b:ad:cb:8f:a9:b0:c9:84:57:4e:89:35:8e:0c:
b4:ea:fd:98:68:e3:e2:b6:90:a0:93:b8:a3:85:02:c6:9d:39:
03:47:e6:6d:51:44:3f:4f:89:9a:c1:8e:04:bb:6b:77:a4:e7:
21:2b:b4:6b:3c:bd:e6:1d:69:15:98:0c:9c:9b:3c:42:16:d5:
5c:dc:1b:9a:9f:13:ea:0e:4e:6a:74:df:d5:fa:de:9b:d1:dc:
97:16:58:08:11:b3:f9:8c:32:c9:01:af:4b:ed:9a:a2:77:36:
35:63:f5:ba:dc:5a:fe:d9:97:02:8a:92:27:9e:87:12:15:5c:
63:bf:7a:8f:83:2e:d6:69:92:0e:52:7f:e1:ca:0a:ae:d2:e6:
22:95:8d:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYPZdulUarkOwa8ARCmNTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMjE5NjhlOTFjMmY0N2YxYjA3YzFmMzVmZTdkMjYzYzU2
ZDA0OTUwHhcNMjYwMzI2MDkwMTUzWhcNMjYwMzI3MDkwMTUzWjAzMTEwLwYDVQQD
EyhmNDhhY2I2NGZkZWMyNDUyZThlMDYxYzkxMzYwZTM0NDc3YjZiNjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1nLm05PGNvWVhfwha7rFnUUN4AFT
x/pWE+TKHcwKIfyyAWkadWZT7vsI17yMvIrRChFNZHq786Jq4tHrpIije+gn1JlQ
EVd7sxeFdryNtdTf2I7gk7e4xkGA27m4t0kGf+eeUZUrZYtcKUwXTOQ3C8ekZYaS
8YL14XURy8u4kQNJDphddbJC6Db+JdSP11of0HRByhIHJRTkwVGrJ+JXl8wVfkkT
HYaFAXVKqnN+ApJfefCN9qzGe80VraAaUmT3NxgH6pclnCPAMnCTuxxUS7911AYT
MznzYRb93oFK1htAoROvqU0cPZbnhw74a5JOB/58kniKUxjAxdY/TwbofwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPSKy2T97CRS6OBhyRNg40R3trYAMB8GA1UdIwQY
MBaAFF0hlo6RwvR/GwfB81/n0mPFbQSVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFNHV2pwSEM5SDhiQjhIelgtZlNZOFZ0QkpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS84ZjAxNWQtYTdlNC00OGQ4LTg3MDUt
MWVjMzc0NjVkM2FmLzEvWFNHV2pwSEM5SDhiQjhIelgtZlNZOFZ0QkpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS84ZjAxNWQtYTdlNC00OGQ4LTg3MDUtMWVjMzc0NjVkM2Fm
LzEvWFNHV2pwSEM5SDhiQjhIelgtZlNZOFZ0QkpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJtpCDEEW
qh3MdSopGUwuJ8v0eNaDZh5YhZNm5JHV0GnxSEjLSqaCX1+NJqZaPtVRJXYqEnD+
pz1ux6h3Ey27yQSrp+HTfa3SB5x36qTlnC3VmQTJA0JSpZUOF6CYSn6Hfd1VEZHi
iDEiZbx5D/fEWTuty4+psMmEV06JNY4MtOr9mGjj4raQoJO4o4UCxp05A0fmbVFE
P0+JmsGOBLtrd6TnISu0azy95h1pFZgMnJs8QhbVXNwbmp8T6g5OanTf1frem9Hc
lxZYCBGz+YwyyQGvS+2aonc2NWP1utxa/tmXAoqSJ56HEhVcY796j4Mu1mmSDlJ/
4coKrtLmIpWNUg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 19:05:42 2026 by rpki-client