Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
File: XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft (raw, json)
Hash identifier: KsSViWq8Yy+OlObtnXRWxQoc4XG/Cw4sRx3RtDPmOhw=
Subject key identifier: E0:12:A3:64:3F:D7:28:AF:D8:02:FD:03:07:AF:55:7B:E5:BB:BA:97
Authority key identifier: 5E:BB:65:36:7D:82:42:B0:15:9A:25:39:CB:5A:02:33:54:2E:F9:63
Certificate issuer: /CN=5ebb65367d8242b0159a2539cb5a0233542ef963
Certificate serial: 019D9B880AF8715E46A0ECD68683FAC9FF71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
Manifest number: 0997
Signing time: Fri 17 Apr 2026 13:01:17 +0000
Manifest this update: Fri 17 Apr 2026 13:01:17 +0000
Manifest next update: Sat 18 Apr 2026 13:01:17 +0000
Files and hashes: 1: XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl (hash: YcOgwwdAUrEbYwRTzypNf5MkgfsX6ofjDumuxoQ+Bdc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 13:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:88:0a:f8:71:5e:46:a0:ec:d6:86:83:fa:c9:ff:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ebb65367d8242b0159a2539cb5a0233542ef963
Validity
Not Before: Apr 17 13:01:17 2026 GMT
Not After : Apr 18 13:01:17 2026 GMT
Subject: CN=e012a3643fd728afd802fd0307af557be5bbba97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:0c:c3:ae:87:42:5a:6d:e3:04:50:27:1f:17:
7f:ae:83:c7:8a:8e:9c:7f:29:ae:43:17:06:3f:f0:
32:4b:7d:09:f8:74:70:19:2d:94:af:e5:22:0b:00:
bb:eb:23:0d:b6:c4:22:08:bf:72:ba:87:cc:42:83:
9f:eb:1d:09:ed:e2:42:ce:64:91:d9:95:3b:54:5e:
0e:da:d2:6e:31:ff:24:4e:89:6c:88:2e:5c:34:45:
70:c1:62:a3:73:53:77:91:37:aa:4d:52:91:2b:bd:
0d:2b:b2:55:ec:04:00:92:a0:6b:8a:ae:3a:78:09:
9e:e5:26:cf:07:a4:6a:7d:91:3c:1e:12:01:09:ff:
47:a3:08:25:de:6f:d5:65:27:0c:cb:c3:2b:1c:0d:
cf:69:46:94:c3:f1:38:72:7d:d3:6e:f0:43:47:30:
90:10:30:3a:c5:64:f9:45:18:ef:2f:55:7c:38:7b:
d6:91:00:29:4c:27:2e:4a:f0:31:8d:06:2d:25:05:
b1:41:51:0e:b3:71:24:34:de:66:9d:29:56:21:5f:
18:5c:3a:d8:84:8e:0d:92:8c:a3:26:84:69:5d:01:
20:73:69:a8:e3:5a:bd:54:f3:0c:37:ae:53:0f:7e:
54:b3:c8:46:8b:93:c1:db:48:ea:ea:13:d0:96:dd:
6d:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:12:A3:64:3F:D7:28:AF:D8:02:FD:03:07:AF:55:7B:E5:BB:BA:97
X509v3 Authority Key Identifier:
keyid:5E:BB:65:36:7D:82:42:B0:15:9A:25:39:CB:5A:02:33:54:2E:F9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
18:0f:e0:1d:e0:93:ea:98:b2:d8:3a:73:68:be:80:a9:52:fa:
c2:80:3d:b2:37:a0:69:44:b6:ef:13:de:42:bc:35:28:7f:5a:
34:96:9d:b8:6b:1a:a9:80:a0:a6:43:72:e4:1f:4d:75:57:90:
5f:ef:07:c2:d8:34:de:d3:31:86:25:35:02:e3:e8:63:ca:bd:
5a:96:7f:bc:d5:ff:d1:2c:96:27:ce:b8:40:b7:ac:7f:6b:5c:
4a:0c:3e:00:4a:ab:57:ca:ef:00:22:5f:9d:33:e1:48:58:d8:
ee:e7:74:76:0f:7b:9a:e6:f4:4f:4e:03:39:f6:47:4f:de:7a:
3b:fe:ac:4c:c9:68:88:80:83:2d:7a:f3:6a:2a:37:a5:a4:0e:
c2:e9:c1:85:06:8f:16:01:d9:6b:92:e8:9a:a5:3f:bc:2d:a4:
2f:3b:57:a2:aa:1f:05:9e:ff:a8:20:cd:f6:b8:30:5e:d4:a4:
fe:0b:a0:25:30:80:8f:5c:2b:50:02:bd:b2:72:ef:fe:85:0d:
55:b7:04:37:76:2f:66:62:ca:bd:a0:32:4f:9e:3a:ef:5d:4b:
c8:06:af:93:19:f7:91:10:8e:b3:51:4c:37:3d:1b:db:78:2e:
32:4f:9d:a2:94:6a:a2:32:9f:52:96:f8:72:9d:54:aa:e1:27:
47:40:0b:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2biAr4cV5GoOzWhoP6yf9xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYmI2NTM2N2Q4MjQyYjAxNTlhMjUzOWNiNWEwMjMzNTQy
ZWY5NjMwHhcNMjYwNDE3MTMwMTE3WhcNMjYwNDE4MTMwMTE3WjAzMTEwLwYDVQQD
EyhlMDEyYTM2NDNmZDcyOGFmZDgwMmZkMDMwN2FmNTU3YmU1YmJiYTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQzDrodCWm3jBFAnHxd/roPHio6c
fymuQxcGP/AyS30J+HRwGS2Ur+UiCwC76yMNtsQiCL9yuofMQoOf6x0J7eJCzmSR
2ZU7VF4O2tJuMf8kTolsiC5cNEVwwWKjc1N3kTeqTVKRK70NK7JV7AQAkqBriq46
eAme5SbPB6RqfZE8HhIBCf9Howgl3m/VZScMy8MrHA3PaUaUw/E4cn3TbvBDRzCQ
EDA6xWT5RRjvL1V8OHvWkQApTCcuSvAxjQYtJQWxQVEOs3EkNN5mnSlWIV8YXDrY
hI4NkoyjJoRpXQEgc2mo41q9VPMMN65TD35Us8hGi5PB20jq6hPQlt1tNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOASo2Q/1yiv2AL9AwevVXvlu7qXMB8GA1UdIwQY
MBaAFF67ZTZ9gkKwFZolOctaAjNULvljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy81NDMwZDYtZWRjMC00NDI4LWIyNGEt
MzAwZjVjYWJlZTExLzEvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy81NDMwZDYtZWRjMC00NDI4LWIyNGEtMzAwZjVjYWJlZTEx
LzEvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGA/gHeCT
6piy2DpzaL6AqVL6woA9sjegaUS27xPeQrw1KH9aNJaduGsaqYCgpkNy5B9NdVeQ
X+8Hwtg03tMxhiU1AuPoY8q9WpZ/vNX/0SyWJ864QLesf2tcSgw+AEqrV8rvACJf
nTPhSFjY7ud0dg97mub0T04DOfZHT956O/6sTMloiICDLXrzaio3paQOwunBhQaP
FgHZa5LomqU/vC2kLztXoqofBZ7/qCDN9rgwXtSk/gugJTCAj1wrUAK9snLv/oUN
VbcEN3YvZmLKvaAyT546711LyAavkxn3kRCOs1FMNz0b23guMk+dopRqojKfUpb4
cp1UquEnR0AL+Q==
-----END CERTIFICATE-----
Generated at Fri Apr 17 18:40:37 2026 by rpki-client