Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/95d956-88d9-48ca-9294-5accb8c3d646/1/XIZcjpK_HeLYDcPsaNYdF2HEYks.mft
File: XIZcjpK_HeLYDcPsaNYdF2HEYks.mft (raw, json)
Hash identifier: S+sE1VH0z+7e7OqRnfTQDZ83axJ5e8tq4kQaxmGDELk=
Subject key identifier: 0A:CD:99:8A:13:11:A6:5A:57:CC:03:AB:25:4E:48:68:DF:28:4C:A4
Authority key identifier: 5C:86:5C:8E:92:BF:1D:E2:D8:0D:C3:EC:68:D6:1D:17:61:C4:62:4B
Certificate issuer: /CN=5c865c8e92bf1de2d80dc3ec68d61d1761c4624b
Certificate serial: 019D9BF5808B3C3FC7A618CD2ECE4CA89AEB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XIZcjpK_HeLYDcPsaNYdF2HEYks.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/95d956-88d9-48ca-9294-5accb8c3d646/1/XIZcjpK_HeLYDcPsaNYdF2HEYks.mft
Manifest number: 03
Signing time: Fri 17 Apr 2026 15:00:50 +0000
Manifest this update: Fri 17 Apr 2026 15:00:50 +0000
Manifest next update: Sat 18 Apr 2026 15:00:50 +0000
Files and hashes: 1: XIZcjpK_HeLYDcPsaNYdF2HEYks.crl (hash: iV4fn08maRv+mdzKp/zDOW5/DOuLYDvqvkBiGA1F/Ig=)
2: vx-dMynrTlhRGBj5W4xOg8tXzq4.roa (hash: dSwPN9gEJQKBHApKqv16FHfQnir8v/0ooHnc1vPcEnk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/95d956-88d9-48ca-9294-5accb8c3d646/1/XIZcjpK_HeLYDcPsaNYdF2HEYks.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/95d956-88d9-48ca-9294-5accb8c3d646/1/XIZcjpK_HeLYDcPsaNYdF2HEYks.mft
rsync://rpki.ripe.net/repository/DEFAULT/XIZcjpK_HeLYDcPsaNYdF2HEYks.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 15:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:f5:80:8b:3c:3f:c7:a6:18:cd:2e:ce:4c:a8:9a:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c865c8e92bf1de2d80dc3ec68d61d1761c4624b
Validity
Not Before: Apr 17 15:00:50 2026 GMT
Not After : Apr 18 15:00:50 2026 GMT
Subject: CN=0acd998a1311a65a57cc03ab254e4868df284ca4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:90:ef:d2:68:97:70:4f:77:f6:39:36:76:25:
6d:77:ee:b7:94:c0:cd:fe:86:26:79:2d:ae:54:3c:
f8:d8:97:72:2b:fe:3a:98:28:fa:ef:69:47:56:57:
2b:fc:a8:08:ae:2a:78:6f:8e:ac:c1:d7:f2:ef:cc:
b4:7c:06:6f:82:e0:9d:b6:90:2b:e0:85:c7:40:d9:
76:0f:d1:6c:26:fa:45:7c:b1:17:2d:ee:02:50:cb:
e2:fb:59:17:ae:d8:53:69:c4:a0:5a:d4:5d:c6:33:
b1:6b:68:04:4f:04:65:14:3a:ee:e8:27:58:95:ac:
79:f8:97:e8:8b:ac:8c:25:fc:6e:e0:6d:88:8b:61:
99:31:6b:17:ba:58:c3:78:d7:13:f0:cc:bc:45:1b:
fb:f7:40:ec:62:81:39:79:64:0b:8a:39:7f:c9:79:
7a:27:53:2c:0f:5d:fb:07:51:9d:2a:96:b3:04:bb:
c4:52:27:e3:3e:f5:83:96:2d:b3:ba:55:56:50:8e:
d8:e8:c8:ee:2b:e0:f9:7f:a3:d7:99:05:e2:f9:95:
c3:56:22:a5:c7:f9:a0:83:d8:79:f7:8a:3d:09:84:
b8:a9:df:b8:ed:85:43:55:e0:55:ab:e9:db:34:78:
89:d7:47:9f:de:74:85:3d:25:32:bf:8b:30:19:3d:
d9:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:CD:99:8A:13:11:A6:5A:57:CC:03:AB:25:4E:48:68:DF:28:4C:A4
X509v3 Authority Key Identifier:
keyid:5C:86:5C:8E:92:BF:1D:E2:D8:0D:C3:EC:68:D6:1D:17:61:C4:62:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XIZcjpK_HeLYDcPsaNYdF2HEYks.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/95d956-88d9-48ca-9294-5accb8c3d646/1/XIZcjpK_HeLYDcPsaNYdF2HEYks.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/95d956-88d9-48ca-9294-5accb8c3d646/1/XIZcjpK_HeLYDcPsaNYdF2HEYks.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
38:03:7c:62:63:8e:98:0f:a9:bc:d6:78:35:67:6f:73:9a:1f:
8e:ce:a4:b5:08:4b:e0:20:01:a1:90:5d:69:24:bb:22:a1:8d:
04:dc:80:84:3c:bc:5d:93:cd:b1:ad:85:c9:ca:fd:b9:4e:95:
7b:74:16:20:a9:d8:6b:33:05:d2:94:3b:7a:be:4f:27:1f:23:
37:ac:31:fa:27:86:da:35:28:d6:8b:bc:3e:8e:03:f1:c3:77:
81:cd:f1:56:9a:ee:c1:e2:49:81:69:34:01:ea:86:7d:2e:18:
fb:f9:bc:06:9d:40:7a:89:8f:9f:a1:f9:77:03:df:50:5e:27:
84:55:fe:e7:33:37:e3:4a:99:63:5c:cc:98:77:2f:35:e4:95:
c8:30:e7:73:d3:77:8e:79:e5:2a:d6:f4:cf:43:50:69:82:9f:
c5:62:86:ed:00:4d:77:cd:c2:09:f7:b4:5e:7a:83:61:6b:56:
c6:33:40:e1:ff:e9:4d:3f:82:3e:cc:dd:b5:f7:03:fb:ec:87:
a0:b9:f5:30:c8:74:99:bc:a3:b9:f5:15:f8:e9:41:29:2b:d9:
88:24:90:f5:7e:ba:15:28:ea:8f:f0:f9:5e:2e:94:4b:3e:b4:
dc:24:72:19:a3:0e:df:33:db:18:4f:fd:3d:58:a2:be:91:c7:
f8:19:b8:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2b9YCLPD/HphjNLs5MqJrrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjODY1YzhlOTJiZjFkZTJkODBkYzNlYzY4ZDYxZDE3NjFj
NDYyNGIwHhcNMjYwNDE3MTUwMDUwWhcNMjYwNDE4MTUwMDUwWjAzMTEwLwYDVQQD
EygwYWNkOTk4YTEzMTFhNjVhNTdjYzAzYWIyNTRlNDg2OGRmMjg0Y2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopDv0miXcE939jk2diVtd+63lMDN
/oYmeS2uVDz42JdyK/46mCj672lHVlcr/KgIrip4b46swdfy78y0fAZvguCdtpAr
4IXHQNl2D9FsJvpFfLEXLe4CUMvi+1kXrthTacSgWtRdxjOxa2gETwRlFDru6CdY
lax5+Jfoi6yMJfxu4G2Ii2GZMWsXuljDeNcT8My8RRv790DsYoE5eWQLijl/yXl6
J1MsD137B1GdKpazBLvEUifjPvWDli2zulVWUI7Y6MjuK+D5f6PXmQXi+ZXDViKl
x/mgg9h594o9CYS4qd+47YVDVeBVq+nbNHiJ10ef3nSFPSUyv4swGT3ZPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFArNmYoTEaZaV8wDqyVOSGjfKEykMB8GA1UdIwQY
MBaAFFyGXI6Svx3i2A3D7GjWHRdhxGJLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWElaY2pwS19IZUxZRGNQc2FOWWRGMkhFWWtzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC85NWQ5NTYtODhkOS00OGNhLTkyOTQt
NWFjY2I4YzNkNjQ2LzEvWElaY2pwS19IZUxZRGNQc2FOWWRGMkhFWWtzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC85NWQ5NTYtODhkOS00OGNhLTkyOTQtNWFjY2I4YzNkNjQ2
LzEvWElaY2pwS19IZUxZRGNQc2FOWWRGMkhFWWtzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOAN8YmOO
mA+pvNZ4NWdvc5ofjs6ktQhL4CABoZBdaSS7IqGNBNyAhDy8XZPNsa2Fycr9uU6V
e3QWIKnYazMF0pQ7er5PJx8jN6wx+ieG2jUo1ou8Po4D8cN3gc3xVpruweJJgWk0
AeqGfS4Y+/m8Bp1AeomPn6H5dwPfUF4nhFX+5zM340qZY1zMmHcvNeSVyDDnc9N3
jnnlKtb0z0NQaYKfxWKG7QBNd83CCfe0XnqDYWtWxjNA4f/pTT+CPszdtfcD++yH
oLn1MMh0mbyjufUV+OlBKSvZiCSQ9X66FSjqj/D5Xi6USz603CRyGaMO3zPbGE/9
PViivpHH+Bm4eA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 23:54:33 2026 by rpki-client