Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.mft
File: XTcKSLWfuBFJXxHElzRILyKxo5I.mft (raw, json)
Hash identifier: 7IxUh8nFFGrm455ryHDEN7My7ZKHP2Yy2VFwkCF3iXA=
Subject key identifier: 32:49:F4:89:CE:DB:F1:D5:C3:50:8F:A4:A7:A9:8B:BC:F7:53:07:32
Authority key identifier: 5D:37:0A:48:B5:9F:B8:11:49:5F:11:C4:97:34:48:2F:22:B1:A3:92
Certificate issuer: /CN=5d370a48b59fb811495f11c49734482f22b1a392
Certificate serial: 019E1FB599A65B4B9C839BDB547E0706706B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTcKSLWfuBFJXxHElzRILyKxo5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.mft
Manifest number: 1610
Signing time: Wed 13 May 2026 05:00:55 +0000
Manifest this update: Wed 13 May 2026 05:00:55 +0000
Manifest next update: Thu 14 May 2026 05:00:55 +0000
Files and hashes: 1: IcvWLfVUU_qQmUluK1ZJPZKwDUE.roa (hash: 5KtWCkiCc0spLueO4XERS0KkPgjFXkSMZZzwBDaPptQ=)
2: XTcKSLWfuBFJXxHElzRILyKxo5I.crl (hash: UEpKJuaKY8jadwY1tECjAJBYuEsp5fIkUHNnnp1MODQ=)
3: iTA00PhnwnNaKrIdb7Sf-BOFNWU.roa (hash: VqBJga5+IchMfnf1RmPYAK4MIX90SZMIG8XmiqppDnE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.mft
rsync://rpki.ripe.net/repository/DEFAULT/XTcKSLWfuBFJXxHElzRILyKxo5I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 05:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1f:b5:99:a6:5b:4b:9c:83:9b:db:54:7e:07:06:70:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d370a48b59fb811495f11c49734482f22b1a392
Validity
Not Before: May 13 05:00:55 2026 GMT
Not After : May 14 05:00:55 2026 GMT
Subject: CN=3249f489cedbf1d5c3508fa4a7a98bbcf7530732
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:73:70:6f:2c:32:7b:a9:d8:19:e8:18:17:57:
9a:4d:f4:a2:97:c4:bf:5d:fd:50:13:cc:fc:bd:21:
d9:55:3a:74:3b:2d:8f:28:74:2e:21:24:aa:93:b1:
6e:7c:af:12:d0:b3:91:59:0c:0b:73:f3:74:52:00:
51:25:a3:ef:68:2e:42:b9:52:d8:92:9c:f7:c6:fd:
af:56:de:83:68:5f:12:9f:c9:7a:c9:0e:ac:c4:39:
35:e6:7c:f2:62:20:db:57:95:77:95:95:17:95:32:
d8:1a:6f:57:a4:0e:63:3e:89:53:89:cb:28:1b:0e:
fa:75:26:ca:08:77:f1:a8:3b:5e:67:d1:fb:53:4c:
bd:05:86:e5:e0:29:0d:73:d6:8b:da:59:b8:cb:b1:
75:4d:4b:2e:a0:5b:d8:c3:17:e8:ed:1a:a9:e2:83:
ff:08:b2:62:a9:db:a1:b0:6f:e8:52:27:0c:d6:9a:
d3:4c:a1:1f:b3:f7:66:b4:9e:bf:98:b7:1b:dd:9c:
b5:e5:ea:9c:44:3a:5f:40:9b:71:d4:77:51:fd:f3:
d0:41:d2:6f:87:ad:a3:61:3c:24:4e:71:4e:4a:07:
0e:39:ad:6d:dc:32:0e:3f:dc:3f:b1:69:53:43:a8:
b8:34:2a:03:4f:b7:01:61:59:0e:ee:a9:27:98:db:
f9:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:49:F4:89:CE:DB:F1:D5:C3:50:8F:A4:A7:A9:8B:BC:F7:53:07:32
X509v3 Authority Key Identifier:
keyid:5D:37:0A:48:B5:9F:B8:11:49:5F:11:C4:97:34:48:2F:22:B1:A3:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTcKSLWfuBFJXxHElzRILyKxo5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6c:5c:99:83:35:32:11:7d:6f:7c:c5:d8:15:16:5a:6e:ed:2e:
6e:d7:aa:f6:86:f9:da:5e:ab:e0:67:db:75:09:ee:01:d3:bd:
95:3d:e4:98:04:3f:f2:6e:94:94:27:50:63:f4:e0:54:49:04:
a7:b8:59:3d:08:66:28:cd:37:8f:e3:83:9b:e7:8e:98:0a:e2:
9f:2b:8c:4a:18:35:38:3e:bc:05:ef:a6:90:bf:fa:9d:8e:1c:
3c:b3:ca:12:57:03:50:8d:0a:41:e2:f6:e5:59:9c:36:2d:2b:
6b:f8:42:83:cd:86:fc:8f:ae:60:c3:b4:c5:31:b8:71:ac:11:
a9:95:f5:68:fa:83:16:23:9c:11:9a:eb:31:72:a6:1e:25:2f:
62:ad:c7:76:17:d2:4d:26:31:a8:9f:8d:7a:8f:b8:5d:6b:64:
af:77:25:4f:f2:68:ef:44:bd:d7:41:d3:11:7a:24:44:e9:65:
2b:39:20:01:d0:64:11:5c:f4:af:89:76:69:d6:e4:f9:3b:cd:
6e:e0:9c:ff:a2:0d:6e:38:0c:a0:0d:07:0a:71:6b:65:6f:f1:
d4:71:f8:1f:e5:fa:4a:5d:26:c3:d0:ce:e9:ac:e1:da:c5:18:
55:34:32:c3:16:cd:3f:3c:68:39:44:48:e1:93:64:e1:c6:9a:
d0:42:49:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4ftZmmW0ucg5vbVH4HBnBrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMzcwYTQ4YjU5ZmI4MTE0OTVmMTFjNDk3MzQ0ODJmMjJi
MWEzOTIwHhcNMjYwNTEzMDUwMDU1WhcNMjYwNTE0MDUwMDU1WjAzMTEwLwYDVQQD
EygzMjQ5ZjQ4OWNlZGJmMWQ1YzM1MDhmYTRhN2E5OGJiY2Y3NTMwNzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxHNwbywye6nYGegYF1eaTfSil8S/
Xf1QE8z8vSHZVTp0Oy2PKHQuISSqk7FufK8S0LORWQwLc/N0UgBRJaPvaC5CuVLY
kpz3xv2vVt6DaF8Sn8l6yQ6sxDk15nzyYiDbV5V3lZUXlTLYGm9XpA5jPolTicso
Gw76dSbKCHfxqDteZ9H7U0y9BYbl4CkNc9aL2lm4y7F1TUsuoFvYwxfo7Rqp4oP/
CLJiqduhsG/oUicM1prTTKEfs/dmtJ6/mLcb3Zy15eqcRDpfQJtx1HdR/fPQQdJv
h62jYTwkTnFOSgcOOa1t3DIOP9w/sWlTQ6i4NCoDT7cBYVkO7qknmNv5GQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDJJ9InO2/HVw1CPpKepi7z3UwcyMB8GA1UdIwQY
MBaAFF03Cki1n7gRSV8RxJc0SC8isaOSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRjS1NMV2Z1QkZKWHhIRWx6UklMeUt4bzVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83MDg1OGEtNjM5NS00MDJkLTlhY2Ut
ZTI3MjAxMzAyNmI0LzEvWFRjS1NMV2Z1QkZKWHhIRWx6UklMeUt4bzVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS83MDg1OGEtNjM5NS00MDJkLTlhY2UtZTI3MjAxMzAyNmI0
LzEvWFRjS1NMV2Z1QkZKWHhIRWx6UklMeUt4bzVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbFyZgzUy
EX1vfMXYFRZabu0ubteq9ob52l6r4GfbdQnuAdO9lT3kmAQ/8m6UlCdQY/TgVEkE
p7hZPQhmKM03j+ODm+eOmArinyuMShg1OD68Be+mkL/6nY4cPLPKElcDUI0KQeL2
5VmcNi0ra/hCg82G/I+uYMO0xTG4cawRqZX1aPqDFiOcEZrrMXKmHiUvYq3HdhfS
TSYxqJ+Neo+4XWtkr3clT/Jo70S910HTEXokROllKzkgAdBkEVz0r4l2adbk+TvN
buCc/6INbjgMoA0HCnFrZW/x1HH4H+X6Sl0mw9DO6azh2sUYVTQywxbNPzxoOURI
4ZNk4caa0EJJVw==
-----END CERTIFICATE-----
Generated at Wed May 13 14:06:36 2026 by rpki-client