Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.mft
File: XX2xSVjPTXheWe9cbGefjvVMHYs.mft (raw, json)
Hash identifier: roBkwL0HkO8lwmQBXY7soBrhSVFiEIXmj0LblBFdtiQ=
Subject key identifier: E7:6B:C2:40:15:24:3A:64:04:30:8D:D6:28:0A:B1:84:A1:67:A6:0D
Authority key identifier: 5D:7D:B1:49:58:CF:4D:78:5E:59:EF:5C:6C:67:9F:8E:F5:4C:1D:8B
Certificate issuer: /CN=5d7db14958cf4d785e59ef5c6c679f8ef54c1d8b
Certificate serial: 019D38D2F8C05177D70103B6825F7C09305B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XX2xSVjPTXheWe9cbGefjvVMHYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.mft
Manifest number: 0877
Signing time: Sun 29 Mar 2026 09:00:43 +0000
Manifest this update: Sun 29 Mar 2026 09:00:43 +0000
Manifest next update: Mon 30 Mar 2026 09:00:43 +0000
Files and hashes: 1: XX2xSVjPTXheWe9cbGefjvVMHYs.crl (hash: 7H/N99uERh3eEd1fCVpKbpS5YBgn0doSCBbfwfc3KKM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.mft
rsync://rpki.ripe.net/repository/DEFAULT/XX2xSVjPTXheWe9cbGefjvVMHYs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d2:f8:c0:51:77:d7:01:03:b6:82:5f:7c:09:30:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d7db14958cf4d785e59ef5c6c679f8ef54c1d8b
Validity
Not Before: Mar 29 09:00:43 2026 GMT
Not After : Mar 30 09:00:43 2026 GMT
Subject: CN=e76bc24015243a6404308dd6280ab184a167a60d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ba:93:07:79:b2:28:9d:38:af:8c:bc:ac:8f:
7f:be:c3:54:a3:25:17:8f:7f:c9:c7:9e:8d:a3:5c:
a0:85:60:40:0b:ab:b9:80:9d:9c:6a:2a:12:71:7c:
33:d8:9c:6a:33:74:73:78:d4:83:41:d6:fd:f2:0d:
23:e2:3c:77:6a:b8:01:ee:ab:02:bb:c7:8d:fb:cc:
26:98:ba:b8:cf:83:87:47:7a:93:8c:f9:d3:df:54:
f5:05:93:a0:b4:76:d7:4e:76:63:c0:46:78:a9:6c:
66:c1:e6:36:b5:de:ed:05:fc:50:34:c4:0d:6e:77:
53:e8:fe:97:fd:47:c3:ea:53:f3:37:d3:05:97:92:
f2:45:74:fb:0c:89:0b:d4:4f:9e:98:f5:b2:09:42:
f0:2d:ac:f7:b4:65:40:26:3b:24:37:d5:af:00:4c:
30:64:52:a7:96:f0:08:e3:26:47:96:99:17:d0:ef:
c3:4e:7c:45:46:75:2a:e2:22:08:7c:46:d6:17:65:
15:00:63:9e:11:82:7e:56:5f:21:c6:26:c2:03:6a:
bf:d6:5c:ac:f9:6f:1c:1c:2e:3c:27:5c:a4:fa:37:
5c:74:d4:20:15:1f:86:0f:c2:aa:e7:70:62:94:b3:
ad:fe:ea:f4:ec:aa:7a:c6:2a:0e:ad:0d:da:5a:f1:
a2:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:6B:C2:40:15:24:3A:64:04:30:8D:D6:28:0A:B1:84:A1:67:A6:0D
X509v3 Authority Key Identifier:
keyid:5D:7D:B1:49:58:CF:4D:78:5E:59:EF:5C:6C:67:9F:8E:F5:4C:1D:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XX2xSVjPTXheWe9cbGefjvVMHYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9d:1f:74:07:8f:0a:92:7c:69:6c:ac:18:08:1e:c2:be:4c:a4:
c6:b3:72:d1:48:73:23:f7:e3:2d:3b:63:fc:1e:e8:c4:08:68:
61:e2:f1:d3:3e:46:83:5f:17:14:fb:d9:28:18:f2:e6:e3:f4:
37:d6:03:44:30:26:97:75:86:37:19:b8:79:a9:8d:1b:3e:ff:
03:0c:6f:29:b9:7e:d1:74:2c:5a:10:d6:52:f6:1f:90:a4:37:
17:09:5b:c3:79:36:e0:af:46:da:c5:94:e8:67:29:8a:35:99:
a0:5b:a8:f2:bf:2c:ad:a7:f1:ee:d3:58:21:95:7a:ab:b2:78:
bb:02:48:63:b6:4a:c4:e1:cd:63:0c:2a:29:5b:3f:07:bf:fd:
42:69:e0:28:63:63:1d:6d:82:b8:48:c9:6a:86:36:9c:09:76:
63:f8:2e:88:18:b7:10:67:75:f0:c0:7b:13:bb:1b:4b:c6:f4:
c6:79:fd:98:6f:5d:32:14:b6:df:b3:f8:f9:66:06:75:7e:d9:
be:37:29:32:e0:ad:a9:6f:cb:20:74:f3:74:c7:ce:78:99:b3:
d1:43:bb:9d:05:01:04:b8:ad:06:81:26:4d:db:ba:ab:5d:55:
0a:47:90:bb:7f:a9:16:90:aa:20:6a:e4:a0:2a:bd:1c:7b:a8:
f2:a5:c0:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040vjAUXfXAQO2gl98CTBbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkN2RiMTQ5NThjZjRkNzg1ZTU5ZWY1YzZjNjc5ZjhlZjU0
YzFkOGIwHhcNMjYwMzI5MDkwMDQzWhcNMjYwMzMwMDkwMDQzWjAzMTEwLwYDVQQD
EyhlNzZiYzI0MDE1MjQzYTY0MDQzMDhkZDYyODBhYjE4NGExNjdhNjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbqTB3myKJ04r4y8rI9/vsNUoyUX
j3/Jx56No1yghWBAC6u5gJ2caioScXwz2JxqM3RzeNSDQdb98g0j4jx3argB7qsC
u8eN+8wmmLq4z4OHR3qTjPnT31T1BZOgtHbXTnZjwEZ4qWxmweY2td7tBfxQNMQN
bndT6P6X/UfD6lPzN9MFl5LyRXT7DIkL1E+emPWyCULwLaz3tGVAJjskN9WvAEww
ZFKnlvAI4yZHlpkX0O/DTnxFRnUq4iIIfEbWF2UVAGOeEYJ+Vl8hxibCA2q/1lys
+W8cHC48J1yk+jdcdNQgFR+GD8Kq53BilLOt/ur07Kp6xioOrQ3aWvGiRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOdrwkAVJDpkBDCN1igKsYShZ6YNMB8GA1UdIwQY
MBaAFF19sUlYz014XlnvXGxnn471TB2LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFgyeFNWalBUWGhlV2U5Y2JHZWZqdlZNSFlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yMTdlOTctNmIyYy00YTVkLTkxNWIt
OTQ5YzYyOGU1ZjNjLzEvWFgyeFNWalBUWGhlV2U5Y2JHZWZqdlZNSFlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8yMTdlOTctNmIyYy00YTVkLTkxNWItOTQ5YzYyOGU1ZjNj
LzEvWFgyeFNWalBUWGhlV2U5Y2JHZWZqdlZNSFlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnR90B48K
knxpbKwYCB7CvkykxrNy0UhzI/fjLTtj/B7oxAhoYeLx0z5Gg18XFPvZKBjy5uP0
N9YDRDAml3WGNxm4eamNGz7/AwxvKbl+0XQsWhDWUvYfkKQ3Fwlbw3k24K9G2sWU
6GcpijWZoFuo8r8srafx7tNYIZV6q7J4uwJIY7ZKxOHNYwwqKVs/B7/9QmngKGNj
HW2CuEjJaoY2nAl2Y/guiBi3EGd18MB7E7sbS8b0xnn9mG9dMhS237P4+WYGdX7Z
vjcpMuCtqW/LIHTzdMfOeJmz0UO7nQUBBLitBoEmTdu6q11VCkeQu3+pFpCqIGrk
oCq9HHuo8qXAkQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:03:37 2026 by rpki-client