Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
File: XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft (raw, json)
Hash identifier: cCbOSKHjcrlrOUZ0cHHHwBwDfNHLmSirMRceHvE8hn0=
Subject key identifier: C8:15:0C:14:97:7A:A1:22:F9:BB:96:53:29:74:0D:24:7C:9D:07:40
Authority key identifier: 5E:BB:65:36:7D:82:42:B0:15:9A:25:39:CB:5A:02:33:54:2E:F9:63
Certificate issuer: /CN=5ebb65367d8242b0159a2539cb5a0233542ef963
Certificate serial: 019D25BA9F428BB3A490DFF15D45D6F07D0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
Manifest number: 095A
Signing time: Wed 25 Mar 2026 16:01:20 +0000
Manifest this update: Wed 25 Mar 2026 16:01:20 +0000
Manifest next update: Thu 26 Mar 2026 16:01:20 +0000
Files and hashes: 1: XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl (hash: EyvY2h+uWi1WlMBkHRXTv4hI2PLMaaSWMEVJ2tr/krI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:25:ba:9f:42:8b:b3:a4:90:df:f1:5d:45:d6:f0:7d:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ebb65367d8242b0159a2539cb5a0233542ef963
Validity
Not Before: Mar 25 16:01:20 2026 GMT
Not After : Mar 26 16:01:20 2026 GMT
Subject: CN=c8150c14977aa122f9bb965329740d247c9d0740
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:92:59:4c:2b:46:4f:d6:b7:8b:92:f5:f2:2e:
bd:36:25:97:8e:90:6b:f0:7d:79:15:ac:5b:52:28:
84:7a:64:6b:22:2d:07:c6:21:e1:54:fb:74:61:8f:
33:da:24:0c:23:bc:5f:e0:75:8a:ac:6b:42:95:c0:
3e:65:20:d6:a8:b2:04:09:2e:bc:9c:9b:0b:82:88:
29:3f:95:d0:4f:fd:79:f7:f6:e5:0d:65:87:27:77:
ed:55:a4:1a:05:b7:0c:af:b1:56:03:0a:c3:80:b9:
11:ee:8f:75:cb:7b:da:d3:e3:bf:75:d3:36:66:1c:
ec:70:d4:cf:63:51:a2:37:3f:b7:37:24:fc:46:86:
71:d7:10:0e:2d:52:2e:65:d8:b0:30:26:75:a2:54:
c1:16:50:c4:66:34:fc:b7:bc:56:72:65:68:97:4c:
fe:19:98:79:80:0f:f8:8c:10:00:98:4e:83:70:f2:
d3:2d:38:fa:c9:42:8e:c8:56:91:37:c8:36:62:7a:
fe:cf:d1:1c:ef:e8:bc:5b:ae:64:1c:a9:c9:a2:1f:
e8:c2:ac:d2:43:e3:43:30:98:37:5c:be:2f:c9:3b:
9b:8a:47:23:a9:ed:ac:79:e2:0a:4d:61:43:01:77:
b8:f4:27:38:19:b4:7f:e6:22:62:54:39:e4:0e:92:
d6:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:15:0C:14:97:7A:A1:22:F9:BB:96:53:29:74:0D:24:7C:9D:07:40
X509v3 Authority Key Identifier:
keyid:5E:BB:65:36:7D:82:42:B0:15:9A:25:39:CB:5A:02:33:54:2E:F9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
73:d0:90:ab:9f:10:46:4b:04:96:5e:a9:d2:f7:95:f2:82:da:
a8:af:89:e8:2a:24:cf:18:b7:e8:bd:67:e9:64:c8:3e:18:31:
be:33:d4:d1:6e:92:81:34:38:49:ba:d3:f3:18:93:8e:49:43:
69:c5:3a:bf:4f:03:44:f1:b6:25:b1:87:79:23:79:fb:af:af:
d0:ed:b0:34:8a:5c:c1:5d:fa:f3:a2:c5:a0:d8:5d:10:14:a0:
cc:ed:0c:ca:a3:10:af:fc:af:b6:9a:cb:e2:92:d3:49:6b:ac:
2b:e8:f0:06:ab:0c:a8:91:eb:15:55:d0:02:07:93:19:23:c9:
01:4b:67:00:db:c1:01:db:ad:ff:96:28:fa:83:b9:7d:bf:7c:
57:0c:79:0c:72:84:b1:a9:40:25:ec:b1:f5:60:f9:82:5c:39:
d0:fc:01:31:a4:e2:54:b5:14:49:3d:f5:e6:3f:6d:5d:03:6f:
55:71:35:92:4e:fc:6e:4c:38:b5:cb:29:84:ed:45:6d:e5:22:
6a:1e:f3:1c:87:4c:1c:55:ca:df:e3:df:bb:a0:a6:18:ea:7a:
24:18:f9:ce:24:d8:5a:22:e6:b4:4f:91:05:56:43:d6:ca:67:
39:52:94:c4:79:46:0e:c3:12:a2:79:51:47:48:c6:7a:00:ac:
26:03:9d:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0lup9Ci7OkkN/xXUXW8H0PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYmI2NTM2N2Q4MjQyYjAxNTlhMjUzOWNiNWEwMjMzNTQy
ZWY5NjMwHhcNMjYwMzI1MTYwMTIwWhcNMjYwMzI2MTYwMTIwWjAzMTEwLwYDVQQD
EyhjODE1MGMxNDk3N2FhMTIyZjliYjk2NTMyOTc0MGQyNDdjOWQwNzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZJZTCtGT9a3i5L18i69NiWXjpBr
8H15FaxbUiiEemRrIi0HxiHhVPt0YY8z2iQMI7xf4HWKrGtClcA+ZSDWqLIECS68
nJsLgogpP5XQT/159/blDWWHJ3ftVaQaBbcMr7FWAwrDgLkR7o91y3va0+O/ddM2
ZhzscNTPY1GiNz+3NyT8RoZx1xAOLVIuZdiwMCZ1olTBFlDEZjT8t7xWcmVol0z+
GZh5gA/4jBAAmE6DcPLTLTj6yUKOyFaRN8g2Ynr+z9Ec7+i8W65kHKnJoh/owqzS
Q+NDMJg3XL4vyTubikcjqe2seeIKTWFDAXe49Cc4GbR/5iJiVDnkDpLWcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMgVDBSXeqEi+buWUyl0DSR8nQdAMB8GA1UdIwQY
MBaAFF67ZTZ9gkKwFZolOctaAjNULvljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy81NDMwZDYtZWRjMC00NDI4LWIyNGEt
MzAwZjVjYWJlZTExLzEvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy81NDMwZDYtZWRjMC00NDI4LWIyNGEtMzAwZjVjYWJlZTEx
LzEvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc9CQq58Q
RksEll6p0veV8oLaqK+J6Cokzxi36L1n6WTIPhgxvjPU0W6SgTQ4SbrT8xiTjklD
acU6v08DRPG2JbGHeSN5+6+v0O2wNIpcwV3686LFoNhdEBSgzO0MyqMQr/yvtprL
4pLTSWusK+jwBqsMqJHrFVXQAgeTGSPJAUtnANvBAdut/5Yo+oO5fb98Vwx5DHKE
salAJeyx9WD5glw50PwBMaTiVLUUST315j9tXQNvVXE1kk78bkw4tcsphO1FbeUi
ah7zHIdMHFXK3+Pfu6CmGOp6JBj5ziTYWiLmtE+RBVZD1spnOVKUxHlGDsMSonlR
R0jGegCsJgOdZg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:22:21 2026 by rpki-client