Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.mft
File: XiZI8SkNRHG821C4K-TtkyADCU0.mft (raw, json)
Hash identifier: 8lnRDUv2jAvS7x48TATNo8Q4fJzsfwOVT2tsUsGIcsU=
Subject key identifier: 07:F3:D2:06:53:E5:89:FC:E6:83:C3:18:0E:EE:28:B8:65:D1:4B:98
Authority key identifier: 5E:26:48:F1:29:0D:44:71:BC:DB:50:B8:2B:E4:ED:93:20:03:09:4D
Certificate issuer: /CN=5e2648f1290d4471bcdb50b82be4ed932003094d
Certificate serial: 019CAB34202235DEB77597CB3913145D7811
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XiZI8SkNRHG821C4K-TtkyADCU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.mft
Manifest number: 17D8
Signing time: Sun 01 Mar 2026 21:00:45 +0000
Manifest this update: Sun 01 Mar 2026 21:00:45 +0000
Manifest next update: Mon 02 Mar 2026 21:00:45 +0000
Files and hashes: 1: XiZI8SkNRHG821C4K-TtkyADCU0.crl (hash: qcfyCmW7a3CFb3n2pT1xaIpBqn+99hgqxzsEWfDIUA0=)
2: sq8rzyi0UVog1iS5Ju1CZc-6dl0.roa (hash: hTNSZci/jvQbgI5g6zcbraZud5VHWLa8WEC2pVISMYE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.mft
rsync://rpki.ripe.net/repository/DEFAULT/XiZI8SkNRHG821C4K-TtkyADCU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:34:20:22:35:de:b7:75:97:cb:39:13:14:5d:78:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e2648f1290d4471bcdb50b82be4ed932003094d
Validity
Not Before: Mar 1 21:00:45 2026 GMT
Not After : Mar 2 21:00:45 2026 GMT
Subject: CN=07f3d20653e589fce683c3180eee28b865d14b98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:dc:62:77:cf:f3:69:e9:8e:c1:35:40:6d:83:
a7:a7:25:01:33:a2:45:b5:37:f0:66:65:12:72:26:
6b:35:64:03:4c:47:46:b9:a5:bc:af:a2:90:36:e0:
3b:7d:60:87:ae:38:2e:71:ee:4a:5e:68:af:5c:56:
5b:ef:bd:16:c7:7f:54:12:8e:26:7a:11:2f:e5:9d:
71:fc:9c:e9:41:a2:fe:ac:43:8c:dd:c0:ea:97:f9:
a1:2a:1d:7a:3a:66:0d:ce:98:aa:3c:7c:04:de:38:
b9:78:79:01:65:c7:9e:cb:e4:c7:d3:e0:05:ab:ce:
50:ce:84:a6:c8:98:6f:02:96:9a:50:24:c6:78:df:
e1:74:a4:1e:32:63:c9:eb:61:e7:3a:bf:5a:51:ac:
f7:2c:9b:49:ad:11:47:d1:27:5c:84:d8:af:89:50:
83:39:24:67:a4:97:47:67:0a:28:72:a9:6e:15:ea:
e5:97:3d:7f:49:c9:60:30:52:cb:5b:50:a3:2f:a1:
53:43:84:1e:9e:67:a0:b3:5b:68:9b:50:f5:90:49:
04:c1:7f:b6:62:0a:dd:8a:54:81:bc:82:80:ba:0c:
09:3a:f8:13:2b:e7:98:fe:62:50:35:27:16:67:ae:
0e:df:b2:bf:95:c7:6b:97:db:65:14:78:b7:eb:b0:
93:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:F3:D2:06:53:E5:89:FC:E6:83:C3:18:0E:EE:28:B8:65:D1:4B:98
X509v3 Authority Key Identifier:
keyid:5E:26:48:F1:29:0D:44:71:BC:DB:50:B8:2B:E4:ED:93:20:03:09:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XiZI8SkNRHG821C4K-TtkyADCU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5e:7b:61:ca:42:04:44:18:65:13:cd:36:38:b7:f3:3c:29:b1:
3e:c1:dc:b7:8c:8b:62:11:70:59:5d:37:f3:7b:6a:95:c8:c3:
9b:12:1f:e7:8f:05:8a:a0:21:57:da:ff:73:e1:ad:3c:35:42:
53:bb:6d:a7:e3:2e:2a:08:cc:54:de:01:dc:75:02:25:69:31:
26:43:69:c6:a0:79:58:f8:91:31:10:f0:3c:93:4c:7f:9e:4f:
53:ca:cb:e2:30:d1:7d:65:ce:12:b7:23:39:d4:7c:46:c5:e6:
2e:57:d4:e5:51:dd:30:f1:4f:e8:65:17:56:dd:1b:8a:b2:c6:
59:f9:80:7c:70:44:55:c2:96:15:b8:cc:06:31:a7:12:00:44:
08:0f:9a:60:07:8d:23:d7:6a:b5:e4:52:23:a0:2d:78:d5:59:
76:3f:5f:70:e0:5e:82:af:69:f4:ce:f6:a8:2b:ef:ae:63:cd:
8d:1b:4b:34:22:67:3b:4a:1a:b1:38:48:ce:28:05:43:c6:51:
2d:3a:7c:2c:40:47:a9:38:08:dc:92:8b:4e:4c:ec:6f:09:c7:
7f:64:75:d7:ad:db:12:05:d7:af:61:7c:33:16:b4:d2:2f:fe:
40:83:43:23:c7:09:ff:0b:ed:a8:ea:5c:54:55:29:e9:0f:8a:
70:2b:a5:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrNCAiNd63dZfLORMUXXgRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMjY0OGYxMjkwZDQ0NzFiY2RiNTBiODJiZTRlZDkzMjAw
MzA5NGQwHhcNMjYwMzAxMjEwMDQ1WhcNMjYwMzAyMjEwMDQ1WjAzMTEwLwYDVQQD
EygwN2YzZDIwNjUzZTU4OWZjZTY4M2MzMTgwZWVlMjhiODY1ZDE0Yjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9xid8/zaemOwTVAbYOnpyUBM6JF
tTfwZmUSciZrNWQDTEdGuaW8r6KQNuA7fWCHrjguce5KXmivXFZb770Wx39UEo4m
ehEv5Z1x/JzpQaL+rEOM3cDql/mhKh16OmYNzpiqPHwE3ji5eHkBZceey+TH0+AF
q85QzoSmyJhvApaaUCTGeN/hdKQeMmPJ62HnOr9aUaz3LJtJrRFH0SdchNiviVCD
OSRnpJdHZwoocqluFerllz1/SclgMFLLW1CjL6FTQ4Qenmegs1tom1D1kEkEwX+2
YgrdilSBvIKAugwJOvgTK+eY/mJQNScWZ64O37K/lcdrl9tlFHi367CThQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAfz0gZT5Yn85oPDGA7uKLhl0UuYMB8GA1UdIwQY
MBaAFF4mSPEpDURxvNtQuCvk7ZMgAwlNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGlaSThTa05SSEc4MjFDNEstVHRreUFEQ1UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iYzRjNTMtMGRiNS00ZjExLTg0ZjYt
ZjU1ZmNkZjk3ODQ2LzEvWGlaSThTa05SSEc4MjFDNEstVHRreUFEQ1UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iYzRjNTMtMGRiNS00ZjExLTg0ZjYtZjU1ZmNkZjk3ODQ2
LzEvWGlaSThTa05SSEc4MjFDNEstVHRreUFEQ1UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXnthykIE
RBhlE802OLfzPCmxPsHct4yLYhFwWV0383tqlcjDmxIf548FiqAhV9r/c+GtPDVC
U7ttp+MuKgjMVN4B3HUCJWkxJkNpxqB5WPiRMRDwPJNMf55PU8rL4jDRfWXOErcj
OdR8RsXmLlfU5VHdMPFP6GUXVt0birLGWfmAfHBEVcKWFbjMBjGnEgBECA+aYAeN
I9dqteRSI6AteNVZdj9fcOBegq9p9M72qCvvrmPNjRtLNCJnO0oasThIzigFQ8ZR
LTp8LEBHqTgI3JKLTkzsbwnHf2R1163bEgXXr2F8Mxa00i/+QINDI8cJ/wvtqOpc
VFUp6Q+KcCuluQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:55:58 2026 by rpki-client