Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft
File: 5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft (raw, json)
Hash identifier: gFPSUKIRY3ZPjYDgmH7M9tHIHYe0akIhCI+sxGgUvA4=
Subject key identifier: 1D:D8:B1:AC:44:05:A1:38:45:D8:0C:7E:DC:2E:EA:BC:89:10:01:E5
Authority key identifier: E4:D0:9E:8E:F1:71:E9:AE:21:62:7C:CA:76:ED:64:FD:17:E6:EE:D2
Certificate issuer: /CN=e4d09e8ef171e9ae21627cca76ed64fd17e6eed2
Certificate serial: 019D38D35F83E67C658BA20A2B8AA3E3C8DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5NCejvFx6a4hYnzKdu1k_Rfm7tI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft
Manifest number: 17D0
Signing time: Sun 29 Mar 2026 09:01:09 +0000
Manifest this update: Sun 29 Mar 2026 09:01:09 +0000
Manifest next update: Mon 30 Mar 2026 09:01:09 +0000
Files and hashes: 1: 5NCejvFx6a4hYnzKdu1k_Rfm7tI.crl (hash: Zcwr9XSUmqzHlB1dOOFtrac6Crnyiocyl77sBCM+KFI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft
rsync://rpki.ripe.net/repository/DEFAULT/5NCejvFx6a4hYnzKdu1k_Rfm7tI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:5f:83:e6:7c:65:8b:a2:0a:2b:8a:a3:e3:c8:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4d09e8ef171e9ae21627cca76ed64fd17e6eed2
Validity
Not Before: Mar 29 09:01:09 2026 GMT
Not After : Mar 30 09:01:09 2026 GMT
Subject: CN=1dd8b1ac4405a13845d80c7edc2eeabc891001e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:3f:ac:b1:62:6a:44:fe:83:03:2c:b1:69:e8:
81:53:dd:8c:56:05:7c:ad:4b:10:c8:77:d5:a1:bd:
f3:39:c2:60:e5:15:bd:77:ec:f0:a2:66:c2:bc:ef:
af:fb:ac:85:4b:51:89:55:9c:d8:10:32:0a:a3:12:
5d:ad:fb:b7:72:82:73:5f:ee:33:96:63:33:c1:0f:
d6:b8:5d:6c:6c:a0:f4:3b:71:ee:f9:69:9e:ba:4f:
2f:e2:52:51:5b:cf:2b:bb:01:73:0f:d4:13:11:cc:
d9:c0:f8:34:8b:31:e1:79:c7:c9:16:68:f6:f6:3d:
75:4b:9f:e2:9d:1a:3c:a9:93:4c:e1:b8:c7:55:27:
86:65:e3:61:7d:77:9b:99:99:69:5f:90:4d:d5:db:
92:8b:c9:9c:bd:d3:06:d0:49:00:bc:79:77:81:12:
86:90:4c:d7:fe:13:26:cc:8e:d5:ff:cc:7c:0a:95:
fc:50:72:b9:55:88:61:07:63:72:97:1a:c1:8e:dd:
33:e9:30:e6:47:b7:5a:e5:f9:5e:52:ff:c3:72:96:
a5:be:0a:56:8a:44:ff:7f:bb:5c:d8:a8:69:83:ff:
54:d9:4c:19:3e:72:35:82:e8:34:1e:6a:bc:33:72:
07:85:04:39:e2:4d:af:90:ed:8a:15:88:14:14:01:
e3:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:D8:B1:AC:44:05:A1:38:45:D8:0C:7E:DC:2E:EA:BC:89:10:01:E5
X509v3 Authority Key Identifier:
keyid:E4:D0:9E:8E:F1:71:E9:AE:21:62:7C:CA:76:ED:64:FD:17:E6:EE:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5NCejvFx6a4hYnzKdu1k_Rfm7tI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
61:89:6a:2f:4b:28:63:40:97:08:db:f0:d1:e3:41:1a:0b:da:
3f:64:9c:ee:fb:b6:a0:5a:9f:8a:37:f6:fd:35:4b:3d:a6:1d:
c9:cc:7d:11:55:ed:fe:14:f0:cc:08:7f:b3:93:6f:c9:d8:a7:
68:9c:4b:84:01:03:48:86:9a:ba:8b:31:ec:08:e7:be:52:53:
a3:ea:cd:96:73:9f:3a:67:10:1b:e5:6e:48:4a:1b:1f:66:a7:
ee:e4:39:c4:94:35:55:79:6a:3f:e5:ea:28:b2:1d:0a:73:73:
3c:55:17:8b:d3:b3:8e:55:8d:b6:20:d3:b8:8e:dd:c7:7a:42:
3d:9e:64:96:4b:9d:59:34:30:08:6a:d1:da:91:69:6c:c0:9e:
d7:34:24:88:e6:c5:68:0f:74:85:8a:bb:3d:85:b0:63:6a:8d:
86:99:a4:db:e3:76:35:7e:24:51:c2:ec:33:f2:a7:4c:4d:25:
6e:e8:d5:2c:e8:51:49:be:b4:94:b3:10:68:e2:c4:1e:21:bc:
f7:83:d7:0f:f8:7d:37:c0:b9:0e:eb:43:c3:d4:bd:5a:c7:62:
f1:d8:e8:db:ea:11:f2:2a:6c:52:2c:71:98:f2:f5:fe:85:04:
55:c7:d0:72:27:cd:29:38:47:d7:82:aa:3f:65:f5:5f:97:12:
ec:14:6f:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0401+D5nxli6IKK4qj48jaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0ZDA5ZThlZjE3MWU5YWUyMTYyN2NjYTc2ZWQ2NGZkMTdl
NmVlZDIwHhcNMjYwMzI5MDkwMTA5WhcNMjYwMzMwMDkwMTA5WjAzMTEwLwYDVQQD
EygxZGQ4YjFhYzQ0MDVhMTM4NDVkODBjN2VkYzJlZWFiYzg5MTAwMWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqD+ssWJqRP6DAyyxaeiBU92MVgV8
rUsQyHfVob3zOcJg5RW9d+zwombCvO+v+6yFS1GJVZzYEDIKoxJdrfu3coJzX+4z
lmMzwQ/WuF1sbKD0O3Hu+Wmeuk8v4lJRW88ruwFzD9QTEczZwPg0izHhecfJFmj2
9j11S5/inRo8qZNM4bjHVSeGZeNhfXebmZlpX5BN1duSi8mcvdMG0EkAvHl3gRKG
kEzX/hMmzI7V/8x8CpX8UHK5VYhhB2NylxrBjt0z6TDmR7da5fleUv/DcpalvgpW
ikT/f7tc2Khpg/9U2UwZPnI1gug0Hmq8M3IHhQQ54k2vkO2KFYgUFAHjJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB3YsaxEBaE4RdgMftwu6ryJEAHlMB8GA1UdIwQY
MBaAFOTQno7xcemuIWJ8ynbtZP0X5u7SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNU5DZWp2Rng2YTRoWW56S2R1MWtfUmZtN3RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC84Yzg4MTEtMDFjNi00N2MyLWI1ZjAt
M2MxNjI0MTAwNzUyLzEvNU5DZWp2Rng2YTRoWW56S2R1MWtfUmZtN3RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC84Yzg4MTEtMDFjNi00N2MyLWI1ZjAtM2MxNjI0MTAwNzUy
LzEvNU5DZWp2Rng2YTRoWW56S2R1MWtfUmZtN3RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYYlqL0so
Y0CXCNvw0eNBGgvaP2Sc7vu2oFqfijf2/TVLPaYdycx9EVXt/hTwzAh/s5Nvydin
aJxLhAEDSIaauosx7AjnvlJTo+rNlnOfOmcQG+VuSEobH2an7uQ5xJQ1VXlqP+Xq
KLIdCnNzPFUXi9OzjlWNtiDTuI7dx3pCPZ5klkudWTQwCGrR2pFpbMCe1zQkiObF
aA90hYq7PYWwY2qNhpmk2+N2NX4kUcLsM/KnTE0lbujVLOhRSb60lLMQaOLEHiG8
94PXD/h9N8C5DutDw9S9Wsdi8djo2+oR8ipsUixxmPL1/oUEVcfQcifNKThH14Kq
P2X1X5cS7BRvpw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:13:17 2026 by rpki-client