Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.mft
File: XiZI8SkNRHG821C4K-TtkyADCU0.mft (raw, json)
Hash identifier: BrVvUoRQOC1S52IlqunjKgj8IyZjtZknIZOlmwLEQj0=
Subject key identifier: 97:70:53:9D:DD:D7:86:80:D4:0F:9C:92:65:59:38:E2:3E:F1:EC:75
Authority key identifier: 5E:26:48:F1:29:0D:44:71:BC:DB:50:B8:2B:E4:ED:93:20:03:09:4D
Certificate issuer: /CN=5e2648f1290d4471bcdb50b82be4ed932003094d
Certificate serial: 019CE334CE013F88A8DE3F755C0587E40F28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XiZI8SkNRHG821C4K-TtkyADCU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.mft
Manifest number: 17F5
Signing time: Thu 12 Mar 2026 18:00:14 +0000
Manifest this update: Thu 12 Mar 2026 18:00:14 +0000
Manifest next update: Fri 13 Mar 2026 18:00:14 +0000
Files and hashes: 1: XiZI8SkNRHG821C4K-TtkyADCU0.crl (hash: Ak3ASZSKJvTNW0HOByozjCiRr4gTIDQjI+ep1wycMUc=)
2: sq8rzyi0UVog1iS5Ju1CZc-6dl0.roa (hash: hTNSZci/jvQbgI5g6zcbraZud5VHWLa8WEC2pVISMYE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.mft
rsync://rpki.ripe.net/repository/DEFAULT/XiZI8SkNRHG821C4K-TtkyADCU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 15:04:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e3:34:ce:01:3f:88:a8:de:3f:75:5c:05:87:e4:0f:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e2648f1290d4471bcdb50b82be4ed932003094d
Validity
Not Before: Mar 12 18:00:14 2026 GMT
Not After : Mar 13 18:00:14 2026 GMT
Subject: CN=9770539dddd78680d40f9c92655938e23ef1ec75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:3c:0c:4c:60:19:29:83:87:2b:fd:08:b5:17:
1d:4e:e7:4a:a8:a0:95:31:97:c6:7e:f6:47:d3:37:
f9:21:18:b0:e8:fe:bc:81:0b:d6:43:83:bd:31:6e:
25:c7:dc:a1:49:5a:65:80:a6:3d:3c:ee:6b:f2:25:
4e:45:c4:3d:ab:d6:a0:17:ba:3d:49:61:6d:3a:f8:
02:3d:56:43:e5:03:79:f6:bb:86:68:24:50:46:47:
65:ee:21:5c:d8:ec:ce:a2:72:f3:63:90:b7:fd:f1:
ef:e6:33:7b:f3:38:99:75:fd:6b:3f:fd:75:43:5c:
2f:50:98:7b:3f:11:3a:cc:ee:fe:38:12:8e:a3:ca:
72:de:b7:34:5e:bf:d0:e0:0e:f2:ef:ae:5a:8a:19:
a5:fb:3c:90:2d:94:aa:52:6b:2b:de:94:74:d9:24:
6a:c5:0b:89:07:9c:54:c1:0c:c7:ad:e1:0d:ca:72:
19:5d:30:e1:fb:b0:a7:67:e1:1e:e4:d1:c7:02:67:
f7:fd:1b:fe:ec:42:d8:65:62:6b:fb:b0:17:5c:13:
6b:99:83:88:72:7b:f7:24:56:16:64:f6:f8:93:81:
53:7f:17:42:eb:4e:50:ff:9b:f7:1c:62:f3:60:54:
5c:ef:1d:cc:5b:29:86:7f:3e:65:db:80:35:a2:2f:
e8:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:70:53:9D:DD:D7:86:80:D4:0F:9C:92:65:59:38:E2:3E:F1:EC:75
X509v3 Authority Key Identifier:
keyid:5E:26:48:F1:29:0D:44:71:BC:DB:50:B8:2B:E4:ED:93:20:03:09:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XiZI8SkNRHG821C4K-TtkyADCU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5e:3f:a6:52:71:d2:3b:ca:d2:49:1c:cd:10:76:20:7d:f3:ba:
46:e8:73:08:bc:fd:91:04:47:b8:02:cf:6a:62:5e:54:81:1e:
e1:a8:e9:45:8c:55:28:f9:58:4a:c3:d6:bb:d1:2b:84:ad:a7:
3c:b3:95:94:c0:a9:03:72:fd:5c:78:44:84:2e:43:df:97:e0:
74:96:58:8a:8e:3f:eb:17:56:ae:5d:e4:ed:66:9e:32:71:b9:
93:bc:a8:3a:dd:c4:45:f1:c7:69:d1:45:30:6a:b5:bd:f4:dd:
bd:2e:54:1c:a1:16:0f:4c:fa:ef:d2:2d:7f:ba:d0:21:01:23:
30:b4:f1:4d:2d:cc:94:53:8a:ff:31:0c:35:40:ce:c6:f8:6d:
8e:2a:a1:32:c0:99:67:2e:31:60:81:5c:c4:7e:91:78:5a:1f:
9c:05:98:87:c0:6b:3f:ad:c4:1a:4e:20:8c:9d:7e:09:e0:5e:
ff:9a:d6:e9:cf:78:92:82:36:eb:2d:7f:36:0c:45:6c:45:d6:
a0:9a:97:ce:c9:ee:83:9d:28:1a:ef:bd:8f:b2:95:3c:35:93:
20:d9:bf:f0:b2:ab:d9:86:c0:89:b8:02:8b:49:49:1d:95:2c:
07:0e:5c:37:25:37:18:b4:1b:c2:84:8a:3b:73:9f:c1:c6:31:
3c:bc:82:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZzjNM4BP4io3j91XAWH5A8oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMjY0OGYxMjkwZDQ0NzFiY2RiNTBiODJiZTRlZDkzMjAw
MzA5NGQwHhcNMjYwMzEyMTgwMDE0WhcNMjYwMzEzMTgwMDE0WjAzMTEwLwYDVQQD
Eyg5NzcwNTM5ZGRkZDc4NjgwZDQwZjljOTI2NTU5MzhlMjNlZjFlYzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjwMTGAZKYOHK/0ItRcdTudKqKCV
MZfGfvZH0zf5IRiw6P68gQvWQ4O9MW4lx9yhSVplgKY9PO5r8iVORcQ9q9agF7o9
SWFtOvgCPVZD5QN59ruGaCRQRkdl7iFc2OzOonLzY5C3/fHv5jN78ziZdf1rP/11
Q1wvUJh7PxE6zO7+OBKOo8py3rc0Xr/Q4A7y765aihml+zyQLZSqUmsr3pR02SRq
xQuJB5xUwQzHreENynIZXTDh+7CnZ+Ee5NHHAmf3/Rv+7ELYZWJr+7AXXBNrmYOI
cnv3JFYWZPb4k4FTfxdC605Q/5v3HGLzYFRc7x3MWymGfz5l24A1oi/o9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJdwU53d14aA1A+ckmVZOOI+8ex1MB8GA1UdIwQY
MBaAFF4mSPEpDURxvNtQuCvk7ZMgAwlNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGlaSThTa05SSEc4MjFDNEstVHRreUFEQ1UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iYzRjNTMtMGRiNS00ZjExLTg0ZjYt
ZjU1ZmNkZjk3ODQ2LzEvWGlaSThTa05SSEc4MjFDNEstVHRreUFEQ1UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iYzRjNTMtMGRiNS00ZjExLTg0ZjYtZjU1ZmNkZjk3ODQ2
LzEvWGlaSThTa05SSEc4MjFDNEstVHRreUFEQ1UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXj+mUnHS
O8rSSRzNEHYgffO6RuhzCLz9kQRHuALPamJeVIEe4ajpRYxVKPlYSsPWu9ErhK2n
PLOVlMCpA3L9XHhEhC5D35fgdJZYio4/6xdWrl3k7WaeMnG5k7yoOt3ERfHHadFF
MGq1vfTdvS5UHKEWD0z679Itf7rQIQEjMLTxTS3MlFOK/zEMNUDOxvhtjiqhMsCZ
Zy4xYIFcxH6ReFofnAWYh8BrP63EGk4gjJ1+CeBe/5rW6c94koI26y1/NgxFbEXW
oJqXzsnug50oGu+9j7KVPDWTINm/8LKr2YbAibgCi0lJHZUsBw5cNyU3GLQbwoSK
O3OfwcYxPLyCWQ==
-----END CERTIFICATE-----
Generated at Thu Mar 12 23:02:23 2026 by rpki-client