Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.mft
File: XiZI8SkNRHG821C4K-TtkyADCU0.mft (raw, json)
Hash identifier: Yp8f3/UZhI1i8nlJCabpF9Wi+K5YMJvli+b/lQz589U=
Subject key identifier: 7E:C3:9A:16:84:65:B8:CF:6B:17:92:11:79:47:1E:23:E5:A0:35:4A
Authority key identifier: 5E:26:48:F1:29:0D:44:71:BC:DB:50:B8:2B:E4:ED:93:20:03:09:4D
Certificate issuer: /CN=5e2648f1290d4471bcdb50b82be4ed932003094d
Certificate serial: 019D9AAC2C721334FBC70CEAD12F005BA3EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XiZI8SkNRHG821C4K-TtkyADCU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.mft
Manifest number: 1854
Signing time: Fri 17 Apr 2026 09:01:07 +0000
Manifest this update: Fri 17 Apr 2026 09:01:07 +0000
Manifest next update: Sat 18 Apr 2026 09:01:07 +0000
Files and hashes: 1: XiZI8SkNRHG821C4K-TtkyADCU0.crl (hash: NUVuwhYp9sXnqNWplaTk2vjQQEOfFeq53ix/Hebd1w0=)
2: sq8rzyi0UVog1iS5Ju1CZc-6dl0.roa (hash: hTNSZci/jvQbgI5g6zcbraZud5VHWLa8WEC2pVISMYE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.mft
rsync://rpki.ripe.net/repository/DEFAULT/XiZI8SkNRHG821C4K-TtkyADCU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:ac:2c:72:13:34:fb:c7:0c:ea:d1:2f:00:5b:a3:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e2648f1290d4471bcdb50b82be4ed932003094d
Validity
Not Before: Apr 17 09:01:07 2026 GMT
Not After : Apr 18 09:01:07 2026 GMT
Subject: CN=7ec39a168465b8cf6b17921179471e23e5a0354a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:74:21:28:f4:ad:d6:27:ae:57:e1:7b:76:c5:
30:4d:31:19:d9:28:9f:27:c0:56:40:df:21:dd:ba:
03:24:12:9d:9b:1e:91:75:26:1d:c6:01:4a:55:6f:
eb:ae:a0:6a:d4:7d:7a:b6:26:26:3b:72:2d:02:cd:
1c:f4:37:e7:b6:fd:fd:66:4e:80:2d:d8:0b:f6:2d:
56:86:19:78:ca:d0:f2:98:b3:8a:c4:39:81:78:54:
d3:43:62:d7:82:db:06:65:75:f9:8a:73:d1:27:16:
3d:e2:12:3b:6f:11:00:52:bd:6d:42:66:d3:1d:74:
76:2d:cc:fc:c0:43:1d:0f:9f:0b:af:ba:32:6b:b1:
ff:88:91:01:91:13:7f:99:32:7f:6d:84:bd:c1:0d:
db:c1:88:50:92:96:50:e3:ec:9f:d2:79:bb:3d:4a:
d3:33:ce:df:d4:8a:a4:3c:eb:80:2f:04:1f:58:0b:
60:f7:9a:db:35:fe:8d:ad:40:dd:3d:0d:9b:a5:93:
57:76:2c:7c:bc:39:68:61:ef:cc:eb:bc:86:32:44:
4b:6b:b4:e1:f1:1b:d8:9a:40:50:1e:27:24:ec:0d:
6f:4b:29:cd:1e:79:89:a9:01:91:71:2c:89:73:9e:
f9:f5:d1:ea:02:ed:4a:5d:1f:40:ab:c5:81:ba:5b:
72:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:C3:9A:16:84:65:B8:CF:6B:17:92:11:79:47:1E:23:E5:A0:35:4A
X509v3 Authority Key Identifier:
keyid:5E:26:48:F1:29:0D:44:71:BC:DB:50:B8:2B:E4:ED:93:20:03:09:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XiZI8SkNRHG821C4K-TtkyADCU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
87:69:27:03:4c:23:5c:c0:eb:a7:3e:14:2f:51:63:59:4a:97:
e9:2d:fe:bd:1f:b8:81:47:c3:2e:ea:f1:d0:1d:64:9f:a4:96:
46:b7:d0:86:8e:b8:9d:d9:a3:4e:11:a8:1a:88:12:65:40:8b:
c5:dc:7a:16:d0:69:f0:aa:39:8e:db:e3:c5:4a:c6:d0:f6:ff:
f7:58:d7:4b:ad:48:c4:b4:6a:73:0c:ca:3a:34:3f:44:58:e1:
6a:5a:c0:1b:71:1d:1e:27:45:97:c1:32:c8:ac:40:a8:f8:a6:
65:21:e5:9d:9f:5e:d8:42:35:2d:57:ee:bf:1e:f5:97:db:e9:
96:aa:ee:1a:e0:9b:f6:79:e8:0e:77:e1:de:58:13:a1:6f:02:
22:44:5d:88:5f:2e:38:3f:df:10:b3:08:8b:dd:ab:51:2e:df:
49:17:dd:4e:ce:3e:5e:5a:54:53:5d:f2:54:b0:77:d8:32:85:
64:69:30:b7:9f:dc:27:ed:be:b0:fd:62:1e:aa:b7:5b:1b:6b:
fc:3d:10:b1:32:f5:0c:94:2a:30:44:ad:61:29:9e:bf:95:cf:
16:a9:37:59:8a:65:c4:7a:a0:e2:a8:5e:26:08:39:ca:85:d1:
78:11:8a:76:3a:3b:34:b8:fb:96:2a:11:ae:79:69:76:24:d6:
bc:17:b8:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2arCxyEzT7xwzq0S8AW6PuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMjY0OGYxMjkwZDQ0NzFiY2RiNTBiODJiZTRlZDkzMjAw
MzA5NGQwHhcNMjYwNDE3MDkwMTA3WhcNMjYwNDE4MDkwMTA3WjAzMTEwLwYDVQQD
Eyg3ZWMzOWExNjg0NjViOGNmNmIxNzkyMTE3OTQ3MWUyM2U1YTAzNTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHQhKPSt1ieuV+F7dsUwTTEZ2Sif
J8BWQN8h3boDJBKdmx6RdSYdxgFKVW/rrqBq1H16tiYmO3ItAs0c9Dfntv39Zk6A
LdgL9i1Whhl4ytDymLOKxDmBeFTTQ2LXgtsGZXX5inPRJxY94hI7bxEAUr1tQmbT
HXR2Lcz8wEMdD58Lr7oya7H/iJEBkRN/mTJ/bYS9wQ3bwYhQkpZQ4+yf0nm7PUrT
M87f1IqkPOuALwQfWAtg95rbNf6NrUDdPQ2bpZNXdix8vDloYe/M67yGMkRLa7Th
8RvYmkBQHick7A1vSynNHnmJqQGRcSyJc5759dHqAu1KXR9Aq8WBulty3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH7DmhaEZbjPaxeSEXlHHiPloDVKMB8GA1UdIwQY
MBaAFF4mSPEpDURxvNtQuCvk7ZMgAwlNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGlaSThTa05SSEc4MjFDNEstVHRreUFEQ1UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iYzRjNTMtMGRiNS00ZjExLTg0ZjYt
ZjU1ZmNkZjk3ODQ2LzEvWGlaSThTa05SSEc4MjFDNEstVHRreUFEQ1UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iYzRjNTMtMGRiNS00ZjExLTg0ZjYtZjU1ZmNkZjk3ODQ2
LzEvWGlaSThTa05SSEc4MjFDNEstVHRreUFEQ1UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh2knA0wj
XMDrpz4UL1FjWUqX6S3+vR+4gUfDLurx0B1kn6SWRrfQho64ndmjThGoGogSZUCL
xdx6FtBp8Ko5jtvjxUrG0Pb/91jXS61IxLRqcwzKOjQ/RFjhalrAG3EdHidFl8Ey
yKxAqPimZSHlnZ9e2EI1LVfuvx71l9vplqruGuCb9nnoDnfh3lgToW8CIkRdiF8u
OD/fELMIi92rUS7fSRfdTs4+XlpUU13yVLB32DKFZGkwt5/cJ+2+sP1iHqq3Wxtr
/D0QsTL1DJQqMEStYSmev5XPFqk3WYplxHqg4qheJgg5yoXReBGKdjo7NLj7lioR
rnlpdiTWvBe4Ag==
-----END CERTIFICATE-----
Generated at Fri Apr 17 15:32:22 2026 by rpki-client