Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.mft
File: XTcKSLWfuBFJXxHElzRILyKxo5I.mft (raw, json)
Hash identifier: w6bmSsqldOy74n1VemGDln+Tevc6MbyXPSG+nJx70SI=
Subject key identifier: 23:05:12:F4:8A:14:C6:D9:D1:3C:15:21:31:7F:83:CD:15:C0:26:1C
Authority key identifier: 5D:37:0A:48:B5:9F:B8:11:49:5F:11:C4:97:34:48:2F:22:B1:A3:92
Certificate issuer: /CN=5d370a48b59fb811495f11c49734482f22b1a392
Certificate serial: 019D2695ED196DE9AC343659D0BDD14CC3C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTcKSLWfuBFJXxHElzRILyKxo5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.mft
Manifest number: 158F
Signing time: Wed 25 Mar 2026 20:00:52 +0000
Manifest this update: Wed 25 Mar 2026 20:00:52 +0000
Manifest next update: Thu 26 Mar 2026 20:00:52 +0000
Files and hashes: 1: IcvWLfVUU_qQmUluK1ZJPZKwDUE.roa (hash: 5KtWCkiCc0spLueO4XERS0KkPgjFXkSMZZzwBDaPptQ=)
2: XTcKSLWfuBFJXxHElzRILyKxo5I.crl (hash: TLIv/EEVB0K1UswsTsf9364fZ4B5kPGz9aaOIq5P/B0=)
3: iTA00PhnwnNaKrIdb7Sf-BOFNWU.roa (hash: VqBJga5+IchMfnf1RmPYAK4MIX90SZMIG8XmiqppDnE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.mft
rsync://rpki.ripe.net/repository/DEFAULT/XTcKSLWfuBFJXxHElzRILyKxo5I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 20:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:95:ed:19:6d:e9:ac:34:36:59:d0:bd:d1:4c:c3:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d370a48b59fb811495f11c49734482f22b1a392
Validity
Not Before: Mar 25 20:00:52 2026 GMT
Not After : Mar 26 20:00:52 2026 GMT
Subject: CN=230512f48a14c6d9d13c1521317f83cd15c0261c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:80:51:51:e7:c6:a6:26:3b:15:1c:21:88:f9:
27:c2:82:18:d0:f9:c5:bc:08:a1:25:17:29:73:e1:
63:7f:0d:04:bd:4e:21:0c:1d:58:06:3c:eb:c0:9a:
a1:bc:0f:52:b2:9f:43:ed:ac:5f:d9:3d:db:94:d1:
f4:1b:f9:ea:7a:5a:d9:5e:5d:4d:30:14:e9:68:6f:
5b:eb:31:c8:f2:aa:34:67:14:1d:25:ac:ab:41:e4:
6b:f3:68:6b:51:c7:fa:04:3d:58:49:b1:11:f1:91:
e5:f9:04:ac:6a:21:8f:e4:21:e7:0e:66:2d:7b:20:
3c:2e:49:f7:20:a3:0c:96:a1:6f:92:68:42:72:08:
28:75:dd:5a:ec:6a:66:ab:ca:c8:fe:fd:06:bc:60:
c7:b7:7e:08:b5:db:16:b1:22:84:ba:b8:69:52:4d:
7c:c9:cd:79:03:51:f0:40:38:50:c2:cb:9c:36:2f:
e4:ef:6d:cc:78:6c:71:d1:02:4e:97:72:c0:af:6d:
a6:ee:7d:3d:7f:db:9c:5f:c6:14:86:63:45:e7:c0:
4a:e4:46:28:f8:50:61:fd:aa:94:7d:e7:c1:42:70:
d7:f8:7e:da:0f:cd:c1:ea:a4:7b:25:fb:2c:bf:96:
d0:bf:d9:aa:4f:7b:3c:c3:98:b0:08:d0:1d:7a:f7:
60:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:05:12:F4:8A:14:C6:D9:D1:3C:15:21:31:7F:83:CD:15:C0:26:1C
X509v3 Authority Key Identifier:
keyid:5D:37:0A:48:B5:9F:B8:11:49:5F:11:C4:97:34:48:2F:22:B1:A3:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTcKSLWfuBFJXxHElzRILyKxo5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
03:bf:dc:99:2d:9c:dc:a6:1e:9a:3d:2d:42:06:3c:39:fe:d2:
e8:fd:ec:5e:c0:f0:ec:b3:ae:9d:3d:9a:33:76:5c:fd:85:25:
b6:69:29:71:0d:7c:c9:e6:6b:e5:df:27:d1:90:42:9a:e3:b3:
f6:19:ad:4d:ca:c0:75:24:ed:56:32:4a:c7:7d:20:75:92:92:
8c:07:69:30:cd:83:78:1b:d5:09:ab:87:27:2d:62:fd:c0:83:
08:95:1d:88:54:2a:30:0d:9c:c7:68:ed:fc:16:49:3c:77:65:
6a:05:19:7b:9b:de:6d:17:a1:c0:69:0a:09:95:3d:80:06:56:
1a:22:c3:58:c8:26:56:85:5b:9d:ee:20:b1:46:b6:bd:18:3e:
68:e1:d9:dd:b3:2e:f0:c5:4a:e4:e0:63:95:fc:93:43:5d:f1:
19:16:87:24:6e:2a:d4:48:05:bb:3e:80:25:54:ab:26:59:45:
f4:b8:77:02:4a:aa:95:57:1c:a1:50:a5:1c:41:99:72:2a:ce:
0f:eb:ff:9c:f6:a7:c9:28:79:48:3a:34:19:a6:ef:2f:e6:1a:
07:54:53:07:fe:22:47:b3:61:ed:c4:39:b4:9f:78:b6:99:0f:
78:e4:67:5d:c2:b3:79:8a:51:df:c8:fa:c2:bc:ca:5d:07:a7:
f9:28:cb:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mle0ZbemsNDZZ0L3RTMPDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMzcwYTQ4YjU5ZmI4MTE0OTVmMTFjNDk3MzQ0ODJmMjJi
MWEzOTIwHhcNMjYwMzI1MjAwMDUyWhcNMjYwMzI2MjAwMDUyWjAzMTEwLwYDVQQD
EygyMzA1MTJmNDhhMTRjNmQ5ZDEzYzE1MjEzMTdmODNjZDE1YzAyNjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYBRUefGpiY7FRwhiPknwoIY0PnF
vAihJRcpc+Fjfw0EvU4hDB1YBjzrwJqhvA9Ssp9D7axf2T3blNH0G/nqelrZXl1N
MBTpaG9b6zHI8qo0ZxQdJayrQeRr82hrUcf6BD1YSbER8ZHl+QSsaiGP5CHnDmYt
eyA8Lkn3IKMMlqFvkmhCcggodd1a7Gpmq8rI/v0GvGDHt34ItdsWsSKEurhpUk18
yc15A1HwQDhQwsucNi/k723MeGxx0QJOl3LAr22m7n09f9ucX8YUhmNF58BK5EYo
+FBh/aqUfefBQnDX+H7aD83B6qR7Jfssv5bQv9mqT3s8w5iwCNAdevdg5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCMFEvSKFMbZ0TwVITF/g80VwCYcMB8GA1UdIwQY
MBaAFF03Cki1n7gRSV8RxJc0SC8isaOSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRjS1NMV2Z1QkZKWHhIRWx6UklMeUt4bzVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83MDg1OGEtNjM5NS00MDJkLTlhY2Ut
ZTI3MjAxMzAyNmI0LzEvWFRjS1NMV2Z1QkZKWHhIRWx6UklMeUt4bzVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS83MDg1OGEtNjM5NS00MDJkLTlhY2UtZTI3MjAxMzAyNmI0
LzEvWFRjS1NMV2Z1QkZKWHhIRWx6UklMeUt4bzVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA7/cmS2c
3KYemj0tQgY8Of7S6P3sXsDw7LOunT2aM3Zc/YUltmkpcQ18yeZr5d8n0ZBCmuOz
9hmtTcrAdSTtVjJKx30gdZKSjAdpMM2DeBvVCauHJy1i/cCDCJUdiFQqMA2cx2jt
/BZJPHdlagUZe5vebRehwGkKCZU9gAZWGiLDWMgmVoVbne4gsUa2vRg+aOHZ3bMu
8MVK5OBjlfyTQ13xGRaHJG4q1EgFuz6AJVSrJllF9Lh3AkqqlVccoVClHEGZcirO
D+v/nPanySh5SDo0GabvL+YaB1RTB/4iR7Nh7cQ5tJ94tpkPeORnXcKzeYpR38j6
wrzKXQen+SjLrg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 05:04:10 2026 by rpki-client