Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/4fba0b-7bee-4312-ab89-b4fcefd37ce1/1/XZ-OhVvxsEMJxJxB9_Qw3Mj5RY0.mft
File: XZ-OhVvxsEMJxJxB9_Qw3Mj5RY0.mft (raw, json)
Hash identifier: mjCkJA0rfV0EfaX2IXpZynd/hy1j909/SsIPCkyDWdI=
Subject key identifier: 9C:D4:54:10:8A:53:B1:88:24:3A:AD:0F:11:7D:0F:BE:63:19:8C:19
Authority key identifier: 5D:9F:8E:85:5B:F1:B0:43:09:C4:9C:41:F7:F4:30:DC:C8:F9:45:8D
Certificate issuer: /CN=5d9f8e855bf1b04309c49c41f7f430dcc8f9458d
Certificate serial: 019D3789367CCAA7BCBDE0EE3F1E0789ECFA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XZ-OhVvxsEMJxJxB9_Qw3Mj5RY0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/4fba0b-7bee-4312-ab89-b4fcefd37ce1/1/XZ-OhVvxsEMJxJxB9_Qw3Mj5RY0.mft
Manifest number: 038D
Signing time: Sun 29 Mar 2026 03:00:32 +0000
Manifest this update: Sun 29 Mar 2026 03:00:32 +0000
Manifest next update: Mon 30 Mar 2026 03:00:32 +0000
Files and hashes: 1: XZ-OhVvxsEMJxJxB9_Qw3Mj5RY0.crl (hash: EBP/1H32E1WuWBue1VNiobyHo5GDGbPF5irrTdWcaTk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/4fba0b-7bee-4312-ab89-b4fcefd37ce1/1/XZ-OhVvxsEMJxJxB9_Qw3Mj5RY0.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/4fba0b-7bee-4312-ab89-b4fcefd37ce1/1/XZ-OhVvxsEMJxJxB9_Qw3Mj5RY0.mft
rsync://rpki.ripe.net/repository/DEFAULT/XZ-OhVvxsEMJxJxB9_Qw3Mj5RY0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 03:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:89:36:7c:ca:a7:bc:bd:e0:ee:3f:1e:07:89:ec:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d9f8e855bf1b04309c49c41f7f430dcc8f9458d
Validity
Not Before: Mar 29 03:00:32 2026 GMT
Not After : Mar 30 03:00:32 2026 GMT
Subject: CN=9cd454108a53b188243aad0f117d0fbe63198c19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:61:ea:c5:6f:19:7a:10:7c:fe:52:d9:83:b2:
a8:25:54:f7:27:a5:db:32:3b:8c:f9:fd:85:d8:0d:
b8:8b:58:fa:98:e1:63:4c:68:1f:3c:14:ce:33:1d:
ae:69:27:32:a7:4f:9e:21:58:fd:0c:49:2d:97:cd:
4e:0b:24:33:05:40:a8:ec:6d:a0:a0:b2:95:5b:98:
e7:16:de:5a:3e:cd:66:7f:38:a6:76:5c:89:c0:43:
41:63:c5:e4:aa:b0:52:4b:8a:67:db:e6:32:ab:e2:
9e:a6:d2:31:25:19:cb:9f:10:ad:c3:c8:47:bd:6d:
c5:b2:11:ab:a5:4d:13:22:25:8a:47:61:51:72:7c:
89:5b:3a:0c:0a:89:2e:d6:5a:40:7e:fa:1e:83:ac:
b6:b0:8d:a9:30:59:24:03:da:7d:c2:fe:88:0b:08:
e2:e6:10:95:99:32:7e:7e:70:57:19:2a:2b:3c:07:
63:d8:c9:a4:98:26:6a:2e:3a:91:ba:ea:e6:12:ca:
6a:30:66:13:59:f5:28:6b:2c:dd:0a:13:40:b4:df:
5a:c3:07:34:c1:6b:60:0c:42:bf:47:0c:ee:49:02:
dc:54:91:bc:f2:59:70:dd:12:29:2f:de:e5:90:b2:
e3:46:51:70:25:7c:90:a9:f8:c8:83:63:2b:02:e7:
26:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:D4:54:10:8A:53:B1:88:24:3A:AD:0F:11:7D:0F:BE:63:19:8C:19
X509v3 Authority Key Identifier:
keyid:5D:9F:8E:85:5B:F1:B0:43:09:C4:9C:41:F7:F4:30:DC:C8:F9:45:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XZ-OhVvxsEMJxJxB9_Qw3Mj5RY0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4fba0b-7bee-4312-ab89-b4fcefd37ce1/1/XZ-OhVvxsEMJxJxB9_Qw3Mj5RY0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4fba0b-7bee-4312-ab89-b4fcefd37ce1/1/XZ-OhVvxsEMJxJxB9_Qw3Mj5RY0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
50:1a:7c:16:6e:3d:e1:af:73:f9:e4:0f:d8:f9:a5:76:fb:af:
be:9e:a1:06:ab:5c:e3:c6:b9:36:33:ef:9a:53:a6:67:3a:0d:
f4:c6:24:87:c3:e3:8a:48:0e:9b:db:81:b4:05:c6:16:ca:25:
0d:ae:b7:1c:13:1d:fa:c9:88:ca:40:19:12:3d:75:13:96:c7:
ed:59:3e:84:b9:72:e2:90:f6:3b:c3:ad:00:7f:ee:d7:a3:c7:
7a:84:b2:5d:7b:33:3f:19:82:76:77:93:e6:96:0b:7c:22:32:
68:a0:a1:9e:cc:27:3d:64:6c:a1:39:2e:e2:6d:7f:bc:7a:44:
92:d5:00:0c:10:7a:45:03:ed:17:0d:cf:87:da:a3:a6:5a:34:
6d:fb:73:c2:12:9f:ec:69:d8:31:4f:73:9a:9a:49:01:75:90:
48:49:30:1c:4b:0e:5a:04:59:12:5b:61:50:fb:b9:52:33:11:
f7:53:08:fd:2d:1a:fd:86:85:4e:c8:83:e0:e7:e1:1f:b0:88:
b0:13:ac:c8:80:a8:4f:5c:45:d8:08:95:06:87:fb:82:4c:41:
32:fd:14:df:1a:af:ba:a3:f9:29:f6:b3:f4:4b:eb:cb:ba:d8:
f6:d0:60:d9:ae:c9:d7:d5:05:1b:7e:d9:90:7d:bd:a0:af:0a:
3b:78:08:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iTZ8yqe8veDuPx4Hiez6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkOWY4ZTg1NWJmMWIwNDMwOWM0OWM0MWY3ZjQzMGRjYzhm
OTQ1OGQwHhcNMjYwMzI5MDMwMDMyWhcNMjYwMzMwMDMwMDMyWjAzMTEwLwYDVQQD
Eyg5Y2Q0NTQxMDhhNTNiMTg4MjQzYWFkMGYxMTdkMGZiZTYzMTk4YzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1WHqxW8ZehB8/lLZg7KoJVT3J6Xb
MjuM+f2F2A24i1j6mOFjTGgfPBTOMx2uaScyp0+eIVj9DEktl81OCyQzBUCo7G2g
oLKVW5jnFt5aPs1mfzimdlyJwENBY8XkqrBSS4pn2+Yyq+KeptIxJRnLnxCtw8hH
vW3FshGrpU0TIiWKR2FRcnyJWzoMCoku1lpAfvoeg6y2sI2pMFkkA9p9wv6ICwji
5hCVmTJ+fnBXGSorPAdj2MmkmCZqLjqRuurmEspqMGYTWfUoayzdChNAtN9awwc0
wWtgDEK/RwzuSQLcVJG88llw3RIpL97lkLLjRlFwJXyQqfjIg2MrAucmGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJzUVBCKU7GIJDqtDxF9D75jGYwZMB8GA1UdIwQY
MBaAFF2fjoVb8bBDCcScQff0MNzI+UWNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFotT2hWdnhzRU1KeEp4QjlfUXczTWo1UlkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS80ZmJhMGItN2JlZS00MzEyLWFiODkt
YjRmY2VmZDM3Y2UxLzEvWFotT2hWdnhzRU1KeEp4QjlfUXczTWo1UlkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS80ZmJhMGItN2JlZS00MzEyLWFiODktYjRmY2VmZDM3Y2Ux
LzEvWFotT2hWdnhzRU1KeEp4QjlfUXczTWo1UlkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUBp8Fm49
4a9z+eQP2Pmldvuvvp6hBqtc48a5NjPvmlOmZzoN9MYkh8PjikgOm9uBtAXGFsol
Da63HBMd+smIykAZEj11E5bH7Vk+hLly4pD2O8OtAH/u16PHeoSyXXszPxmCdneT
5pYLfCIyaKChnswnPWRsoTku4m1/vHpEktUADBB6RQPtFw3Ph9qjplo0bftzwhKf
7GnYMU9zmppJAXWQSEkwHEsOWgRZElthUPu5UjMR91MI/S0a/YaFTsiD4OfhH7CI
sBOsyICoT1xF2AiVBof7gkxBMv0U3xqvuqP5Kfaz9Evry7rY9tBg2a7J19UFG37Z
kH29oK8KO3gIuQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:45:43 2026 by rpki-client