Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/57b891-a912-4c6a-8e3b-d41fcdf57598/1/XYO1pn2S_6hHbJMhqnv21KINPas.mft
File: XYO1pn2S_6hHbJMhqnv21KINPas.mft (raw, json)
Hash identifier: KgC6oCH/iEpC3GfvWCGca/DWg9ZzXXkwcF6c5JnDufI=
Subject key identifier: 5E:DB:23:B9:8C:04:12:22:77:B7:52:81:40:27:12:B9:A6:A8:F5:D1
Authority key identifier: 5D:83:B5:A6:7D:92:FF:A8:47:6C:93:21:AA:7B:F6:D4:A2:0D:3D:AB
Certificate issuer: /CN=5d83b5a67d92ffa8476c9321aa7bf6d4a20d3dab
Certificate serial: 019CAA21B235D4533BC5EA5F25F494DE20A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XYO1pn2S_6hHbJMhqnv21KINPas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/57b891-a912-4c6a-8e3b-d41fcdf57598/1/XYO1pn2S_6hHbJMhqnv21KINPas.mft
Manifest number: 1240
Signing time: Sun 01 Mar 2026 16:01:00 +0000
Manifest this update: Sun 01 Mar 2026 16:01:00 +0000
Manifest next update: Mon 02 Mar 2026 16:01:00 +0000
Files and hashes: 1: XYO1pn2S_6hHbJMhqnv21KINPas.crl (hash: 6u/U+UX92u+j/ErYz5xNppL+kkpi7j0sYfgoSAPWc0w=)
2: yqeabqkOB5fG5PtO7nwnhSFJt98.roa (hash: qildy36/K9jS6v0WoAJhzWi2T0378O5DKM8NUUD22gI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/57b891-a912-4c6a-8e3b-d41fcdf57598/1/XYO1pn2S_6hHbJMhqnv21KINPas.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/57b891-a912-4c6a-8e3b-d41fcdf57598/1/XYO1pn2S_6hHbJMhqnv21KINPas.mft
rsync://rpki.ripe.net/repository/DEFAULT/XYO1pn2S_6hHbJMhqnv21KINPas.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 16:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:21:b2:35:d4:53:3b:c5:ea:5f:25:f4:94:de:20:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d83b5a67d92ffa8476c9321aa7bf6d4a20d3dab
Validity
Not Before: Mar 1 16:01:00 2026 GMT
Not After : Mar 2 16:01:00 2026 GMT
Subject: CN=5edb23b98c04122277b75281402712b9a6a8f5d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:f6:6c:f5:d5:a9:90:81:90:3f:9b:26:b7:bd:
92:a0:c8:55:23:3c:fd:af:31:d8:a9:2c:8b:e2:e6:
92:a6:5d:cb:4a:0a:04:20:c5:11:02:96:ba:4e:cc:
c5:a6:2c:5d:13:6c:57:eb:42:47:81:ef:42:60:b5:
23:0a:f5:71:ff:c8:cc:24:9f:8b:e3:e3:e2:ad:70:
c8:02:f8:91:ee:60:0e:16:73:56:11:b6:65:35:48:
e0:5b:c2:57:32:2a:54:cc:48:4c:06:fd:9a:32:d0:
2b:96:d6:f1:98:3e:51:b4:38:e3:41:7f:b9:f8:95:
18:0d:29:d2:4c:92:5d:5e:49:57:94:66:67:33:b7:
74:79:8d:d0:1a:09:f2:cb:29:40:e5:01:9e:6c:29:
e0:c7:75:89:48:b0:48:41:fc:a2:b9:32:73:05:9d:
0e:cd:18:fe:d0:30:4d:50:a9:22:b9:2e:fb:a2:a8:
fa:2d:15:2b:a4:e3:32:35:77:8f:4f:c9:d6:b3:eb:
ef:c4:e3:2f:a2:66:93:e1:2d:62:e1:32:87:b9:44:
91:dc:e0:58:6a:3f:ea:12:64:94:76:6f:df:df:ac:
0d:79:da:73:43:10:80:db:e1:33:42:31:2b:bc:bd:
51:57:ad:f3:30:5c:40:bd:e0:f9:c9:7d:2c:94:ac:
7f:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:DB:23:B9:8C:04:12:22:77:B7:52:81:40:27:12:B9:A6:A8:F5:D1
X509v3 Authority Key Identifier:
keyid:5D:83:B5:A6:7D:92:FF:A8:47:6C:93:21:AA:7B:F6:D4:A2:0D:3D:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYO1pn2S_6hHbJMhqnv21KINPas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/57b891-a912-4c6a-8e3b-d41fcdf57598/1/XYO1pn2S_6hHbJMhqnv21KINPas.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/57b891-a912-4c6a-8e3b-d41fcdf57598/1/XYO1pn2S_6hHbJMhqnv21KINPas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
14:45:74:62:9c:09:02:c7:89:73:f2:d7:b5:43:5a:07:75:4a:
f7:73:97:ad:0b:a3:39:d9:17:e3:7d:e6:bb:40:03:dd:be:0e:
a6:c2:a0:14:32:77:af:24:fc:30:f3:ae:8e:de:aa:0d:11:10:
c2:81:2b:ed:ae:a2:21:1c:26:cd:d6:4b:8c:47:90:5f:f7:0c:
e1:7e:ab:92:ec:82:44:47:d1:65:42:7c:6e:55:39:94:53:36:
c6:97:fd:07:85:98:f2:59:f3:18:81:c0:0b:ff:cd:d2:00:34:
8a:db:33:d8:10:ac:b0:94:ab:23:ba:28:e2:9d:60:f6:1c:7e:
52:00:32:09:60:81:41:4a:7c:db:e8:68:0e:d1:a3:69:15:f9:
bd:a9:6a:fd:25:f2:dc:65:ba:a2:eb:ea:16:bd:d3:2c:bc:ee:
67:ac:fa:a2:62:ed:b1:96:e9:88:32:a1:de:7c:53:56:b3:f2:
27:15:ce:c6:35:8b:61:6c:4f:84:6b:a5:3d:12:91:c0:0e:79:
1b:60:18:3c:a3:2c:3f:00:35:e3:0d:92:41:6b:d5:f1:b6:f1:
21:b4:9d:79:f7:ec:9d:72:1a:0f:e5:1c:f4:78:fd:67:c8:ef:
0c:c9:01:94:85:e2:e7:4c:87:b1:1c:f7:e2:ab:3e:27:61:27:
e1:f6:bf:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqIbI11FM7xepfJfSU3iChMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkODNiNWE2N2Q5MmZmYTg0NzZjOTMyMWFhN2JmNmQ0YTIw
ZDNkYWIwHhcNMjYwMzAxMTYwMTAwWhcNMjYwMzAyMTYwMTAwWjAzMTEwLwYDVQQD
Eyg1ZWRiMjNiOThjMDQxMjIyNzdiNzUyODE0MDI3MTJiOWE2YThmNWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2/Zs9dWpkIGQP5smt72SoMhVIzz9
rzHYqSyL4uaSpl3LSgoEIMURApa6TszFpixdE2xX60JHge9CYLUjCvVx/8jMJJ+L
4+PirXDIAviR7mAOFnNWEbZlNUjgW8JXMipUzEhMBv2aMtArltbxmD5RtDjjQX+5
+JUYDSnSTJJdXklXlGZnM7d0eY3QGgnyyylA5QGebCngx3WJSLBIQfyiuTJzBZ0O
zRj+0DBNUKkiuS77oqj6LRUrpOMyNXePT8nWs+vvxOMvomaT4S1i4TKHuUSR3OBY
aj/qEmSUdm/f36wNedpzQxCA2+EzQjErvL1RV63zMFxAveD5yX0slKx/CwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF7bI7mMBBIid7dSgUAnErmmqPXRMB8GA1UdIwQY
MBaAFF2DtaZ9kv+oR2yTIap79tSiDT2rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFlPMXBuMlNfNmhIYkpNaHFudjIxS0lOUGFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi81N2I4OTEtYTkxMi00YzZhLThlM2It
ZDQxZmNkZjU3NTk4LzEvWFlPMXBuMlNfNmhIYkpNaHFudjIxS0lOUGFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi81N2I4OTEtYTkxMi00YzZhLThlM2ItZDQxZmNkZjU3NTk4
LzEvWFlPMXBuMlNfNmhIYkpNaHFudjIxS0lOUGFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFEV0YpwJ
AseJc/LXtUNaB3VK93OXrQujOdkX433mu0AD3b4OpsKgFDJ3ryT8MPOujt6qDREQ
woEr7a6iIRwmzdZLjEeQX/cM4X6rkuyCREfRZUJ8blU5lFM2xpf9B4WY8lnzGIHA
C//N0gA0itsz2BCssJSrI7oo4p1g9hx+UgAyCWCBQUp82+hoDtGjaRX5valq/SXy
3GW6ouvqFr3TLLzuZ6z6omLtsZbpiDKh3nxTVrPyJxXOxjWLYWxPhGulPRKRwA55
G2AYPKMsPwA14w2SQWvV8bbxIbSdeffsnXIaD+Uc9Hj9Z8jvDMkBlIXi50yHsRz3
4qs+J2En4fa/tQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:19:53 2026 by rpki-client