Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/c503d6-b6e4-43e2-91e6-71c570dcb0a4/1/XAAsRHm7TJbiI0OZznH1YDRSmdA.mft
File: XAAsRHm7TJbiI0OZznH1YDRSmdA.mft (raw, json)
Hash identifier: el37O15X3bQ/SQCbo+68pW/jQGxbDGUlJE0MlSqYUp0=
Subject key identifier: AF:08:FF:1C:F4:D9:0E:47:3F:81:38:1E:5E:84:EF:C6:90:2F:00:E6
Authority key identifier: 5C:00:2C:44:79:BB:4C:96:E2:23:43:99:CE:71:F5:60:34:52:99:D0
Certificate issuer: /CN=5c002c4479bb4c96e2234399ce71f560345299d0
Certificate serial: 019D28F30F70AF66116BB76DC300E8267B8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XAAsRHm7TJbiI0OZznH1YDRSmdA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/c503d6-b6e4-43e2-91e6-71c570dcb0a4/1/XAAsRHm7TJbiI0OZznH1YDRSmdA.mft
Manifest number: 0B1B
Signing time: Thu 26 Mar 2026 07:01:50 +0000
Manifest this update: Thu 26 Mar 2026 07:01:50 +0000
Manifest next update: Fri 27 Mar 2026 07:01:50 +0000
Files and hashes: 1: XAAsRHm7TJbiI0OZznH1YDRSmdA.crl (hash: B82mASkCMoCPIF4nb4Qh22/XIJMuMHogdHSd1A1j/4E=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/c503d6-b6e4-43e2-91e6-71c570dcb0a4/1/XAAsRHm7TJbiI0OZznH1YDRSmdA.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/c503d6-b6e4-43e2-91e6-71c570dcb0a4/1/XAAsRHm7TJbiI0OZznH1YDRSmdA.mft
rsync://rpki.ripe.net/repository/DEFAULT/XAAsRHm7TJbiI0OZznH1YDRSmdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:f3:0f:70:af:66:11:6b:b7:6d:c3:00:e8:26:7b:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c002c4479bb4c96e2234399ce71f560345299d0
Validity
Not Before: Mar 26 07:01:50 2026 GMT
Not After : Mar 27 07:01:50 2026 GMT
Subject: CN=af08ff1cf4d90e473f81381e5e84efc6902f00e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ca:cf:a5:e1:ba:0b:9b:b3:db:9c:12:95:87:
a7:3c:08:ae:e4:0d:89:c3:82:68:52:06:0d:1d:ef:
6e:70:ff:d0:a5:fb:de:a1:dc:83:46:bf:de:a4:01:
a1:80:15:ef:80:b9:55:d5:f0:2c:86:44:02:4e:78:
8b:c4:67:80:0c:11:47:ed:9f:83:e1:ca:b9:5f:01:
36:8e:df:40:4d:67:61:ac:58:99:d5:c7:9b:35:0f:
83:1c:2f:ad:af:79:32:7a:f8:36:a4:26:52:98:77:
e8:b4:5a:92:a7:4b:1d:d7:17:7a:f2:dc:8b:1a:d4:
a0:30:3f:c3:5e:61:68:5b:53:1d:2a:98:a6:ed:94:
d1:a8:83:41:2b:b5:ac:a1:e0:b8:12:04:31:8a:70:
37:ab:5d:5c:f1:78:1f:77:57:36:dd:18:b2:f7:cd:
81:36:f9:4f:31:65:b9:68:62:bb:80:75:03:e1:bd:
62:29:95:9f:a6:17:91:1b:85:f1:04:a0:71:ef:55:
95:5f:fb:b9:39:2b:9f:6c:35:d0:a8:5b:f0:5d:ce:
15:3b:e7:80:bf:49:cb:73:7f:81:70:af:d5:2c:f2:
00:24:a1:46:32:7c:e8:2f:09:2c:4f:04:d4:72:08:
23:27:a0:d6:28:e6:a6:70:34:0a:69:09:83:00:87:
4d:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:08:FF:1C:F4:D9:0E:47:3F:81:38:1E:5E:84:EF:C6:90:2F:00:E6
X509v3 Authority Key Identifier:
keyid:5C:00:2C:44:79:BB:4C:96:E2:23:43:99:CE:71:F5:60:34:52:99:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XAAsRHm7TJbiI0OZznH1YDRSmdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/c503d6-b6e4-43e2-91e6-71c570dcb0a4/1/XAAsRHm7TJbiI0OZznH1YDRSmdA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/c503d6-b6e4-43e2-91e6-71c570dcb0a4/1/XAAsRHm7TJbiI0OZznH1YDRSmdA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
95:39:63:ff:ad:76:a0:b2:a0:99:5c:be:68:35:56:28:94:e1:
91:f7:ba:bb:64:b2:2d:86:d9:1b:e6:b5:a3:ff:ca:e5:1d:a4:
66:55:a9:26:a4:a9:b1:4e:79:a5:22:f3:92:c6:9d:3c:70:61:
08:fb:4b:de:7c:e2:48:47:e8:22:83:61:47:a8:6a:f4:9a:36:
5e:31:81:3e:9a:c9:d2:d2:a0:fd:18:a7:eb:4a:38:37:21:b0:
41:17:f9:b1:d8:41:45:f3:11:5a:6d:0d:e1:e1:c2:27:56:41:
94:c1:b1:f8:ba:a3:2e:84:36:0d:cc:f4:46:f9:a6:2b:7d:d7:
63:c1:ab:dd:1c:64:ba:b4:bd:c7:1b:e8:98:9b:91:90:66:a2:
82:32:19:67:22:a1:d0:aa:ab:8b:c5:eb:f3:c4:5a:f9:63:c7:
20:da:c3:39:4f:8d:7e:64:3a:2e:55:07:b9:86:58:de:28:ea:
bc:03:0f:37:e0:cf:d0:b8:00:d2:d9:03:ef:7f:e9:c4:c8:03:
7d:4f:9c:f5:7c:f9:8a:b0:aa:de:c1:04:42:49:79:b2:69:c5:
d9:dd:b3:d7:a2:bc:2b:b2:e5:86:8e:d6:63:e3:34:e3:08:bf:
aa:d3:4c:28:b8:02:9f:92:7d:52:c7:4b:59:41:6a:7c:d8:aa:
27:34:66:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8w9wr2YRa7dtwwDoJnuNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjMDAyYzQ0NzliYjRjOTZlMjIzNDM5OWNlNzFmNTYwMzQ1
Mjk5ZDAwHhcNMjYwMzI2MDcwMTUwWhcNMjYwMzI3MDcwMTUwWjAzMTEwLwYDVQQD
EyhhZjA4ZmYxY2Y0ZDkwZTQ3M2Y4MTM4MWU1ZTg0ZWZjNjkwMmYwMGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMrPpeG6C5uz25wSlYenPAiu5A2J
w4JoUgYNHe9ucP/QpfveodyDRr/epAGhgBXvgLlV1fAshkQCTniLxGeADBFH7Z+D
4cq5XwE2jt9ATWdhrFiZ1cebNQ+DHC+tr3kyevg2pCZSmHfotFqSp0sd1xd68tyL
GtSgMD/DXmFoW1MdKpim7ZTRqINBK7WsoeC4EgQxinA3q11c8Xgfd1c23Riy982B
NvlPMWW5aGK7gHUD4b1iKZWfpheRG4XxBKBx71WVX/u5OSufbDXQqFvwXc4VO+eA
v0nLc3+BcK/VLPIAJKFGMnzoLwksTwTUcggjJ6DWKOamcDQKaQmDAIdNbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK8I/xz02Q5HP4E4Hl6E78aQLwDmMB8GA1UdIwQY
MBaAFFwALER5u0yW4iNDmc5x9WA0UpnQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEFBc1JIbTdUSmJpSTBPWnpuSDFZRFJTbWRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9jNTAzZDYtYjZlNC00M2UyLTkxZTYt
NzFjNTcwZGNiMGE0LzEvWEFBc1JIbTdUSmJpSTBPWnpuSDFZRFJTbWRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9jNTAzZDYtYjZlNC00M2UyLTkxZTYtNzFjNTcwZGNiMGE0
LzEvWEFBc1JIbTdUSmJpSTBPWnpuSDFZRFJTbWRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlTlj/612
oLKgmVy+aDVWKJThkfe6u2SyLYbZG+a1o//K5R2kZlWpJqSpsU55pSLzksadPHBh
CPtL3nziSEfoIoNhR6hq9Jo2XjGBPprJ0tKg/Rin60o4NyGwQRf5sdhBRfMRWm0N
4eHCJ1ZBlMGx+LqjLoQ2Dcz0RvmmK33XY8Gr3RxkurS9xxvomJuRkGaigjIZZyKh
0Kqri8Xr88Ra+WPHINrDOU+NfmQ6LlUHuYZY3ijqvAMPN+DP0LgA0tkD73/pxMgD
fU+c9Xz5irCq3sEEQkl5smnF2d2z16K8K7Llho7WY+M04wi/qtNMKLgCn5J9UsdL
WUFqfNiqJzRmiA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:29:22 2026 by rpki-client