Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.mft
File: XiZI8SkNRHG821C4K-TtkyADCU0.mft (raw, json)
Hash identifier: JMU4oVEiZl2l29boc62DUyq9vCJmmkAHbuIdKb1JFTY=
Subject key identifier: D4:65:26:0A:0E:55:F0:64:B4:AE:FB:5F:16:0E:E4:AF:C7:EF:43:DC
Authority key identifier: 5E:26:48:F1:29:0D:44:71:BC:DB:50:B8:2B:E4:ED:93:20:03:09:4D
Certificate issuer: /CN=5e2648f1290d4471bcdb50b82be4ed932003094d
Certificate serial: 019EB87D0C86301A63C7908DFAFF8DF15344
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XiZI8SkNRHG821C4K-TtkyADCU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.mft
Manifest number: 18E8
Signing time: Thu 11 Jun 2026 21:01:03 +0000
Manifest this update: Thu 11 Jun 2026 21:01:03 +0000
Manifest next update: Fri 12 Jun 2026 21:01:03 +0000
Files and hashes: 1: XiZI8SkNRHG821C4K-TtkyADCU0.crl (hash: T1ZxWpPEKxR2hVrtb7v90Ls2CP2TUP8VSD78/yw+0ME=)
2: sq8rzyi0UVog1iS5Ju1CZc-6dl0.roa (hash: hTNSZci/jvQbgI5g6zcbraZud5VHWLa8WEC2pVISMYE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.mft
rsync://rpki.ripe.net/repository/DEFAULT/XiZI8SkNRHG821C4K-TtkyADCU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 20:26:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b8:7d:0c:86:30:1a:63:c7:90:8d:fa:ff:8d:f1:53:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e2648f1290d4471bcdb50b82be4ed932003094d
Validity
Not Before: Jun 11 21:01:03 2026 GMT
Not After : Jun 12 21:01:03 2026 GMT
Subject: CN=d465260a0e55f064b4aefb5f160ee4afc7ef43dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e6:98:29:d2:1d:94:43:18:65:6c:06:c1:ca:
86:72:f8:bb:c3:7e:0b:4a:51:c9:09:90:45:0e:be:
be:23:cf:9c:d0:f9:4d:99:1f:c4:3f:f5:e1:e1:b2:
02:66:0f:0d:ca:bb:ab:66:75:04:6c:58:03:98:8d:
76:71:d3:d9:81:43:12:b6:91:08:50:f3:f7:46:9a:
de:5d:66:a8:7b:49:86:d8:64:9c:4a:43:ad:7c:f1:
26:1c:b4:3f:de:4b:41:8f:c6:ce:0a:57:0d:f6:ce:
55:b7:8a:8c:2e:8c:15:6e:d1:82:e3:8f:38:09:76:
6f:c9:04:ea:dc:10:f2:ba:3c:7f:91:d4:90:ed:9e:
ba:02:4f:1b:ea:1c:32:33:10:ef:e5:64:b5:6c:1b:
1a:02:38:db:11:f8:78:a8:90:a8:b4:32:74:38:ff:
25:cf:91:07:3e:e1:eb:fe:bd:fb:1d:72:a2:c0:db:
f0:7b:8e:58:46:69:07:48:66:ea:23:76:48:ad:ec:
f5:bb:f1:6a:d1:f8:cb:90:07:f9:0f:b5:d6:58:18:
28:4c:b8:fe:b4:d0:93:79:6d:b2:6f:43:d5:1e:99:
67:fa:59:e5:3c:45:b6:b9:1d:12:da:7e:15:fe:39:
41:d2:d4:cc:d0:77:a7:9d:17:65:24:ac:40:05:29:
bb:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:65:26:0A:0E:55:F0:64:B4:AE:FB:5F:16:0E:E4:AF:C7:EF:43:DC
X509v3 Authority Key Identifier:
keyid:5E:26:48:F1:29:0D:44:71:BC:DB:50:B8:2B:E4:ED:93:20:03:09:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XiZI8SkNRHG821C4K-TtkyADCU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a3:58:69:9c:77:86:02:e0:d4:90:c9:09:7f:e6:ef:59:a5:ab:
b7:a4:b3:2f:38:5d:9b:d9:c6:3e:cc:d0:2c:65:ed:d3:73:35:
28:c3:bb:dc:a7:e1:b8:16:9a:80:07:a4:73:c6:54:cb:80:fb:
60:9e:89:cc:d9:db:d1:84:79:4f:71:16:2e:a1:ce:90:08:21:
65:8f:91:96:ec:4e:7c:f0:7d:1f:38:0b:da:b3:6d:19:c2:c6:
2f:ed:1f:4c:dd:11:ca:be:01:fc:80:2a:b5:b9:d8:b9:f4:77:
a2:3b:ed:b9:d7:8f:dc:f1:0b:82:5c:bf:d5:09:f3:2e:3b:50:
f9:69:d9:47:19:b2:e3:51:a7:db:bd:ca:7d:36:c0:cf:81:80:
e0:21:2c:9f:69:d2:4a:66:63:1f:8b:43:6f:36:2f:30:02:40:
6a:a1:50:ed:80:e3:fb:a2:57:86:9f:a4:ea:7a:33:21:14:95:
e7:c9:0c:f8:d1:20:14:e3:f7:b4:d4:77:bb:90:af:5c:70:8a:
48:c1:f0:ba:e8:f1:5f:85:39:5d:26:21:a3:ba:f7:64:9b:5e:
16:b6:b5:cd:6b:fe:4e:81:36:6c:c7:8b:a1:4a:df:84:08:e7:
da:80:c5:99:30:9a:c4:39:77:97:ad:e5:8d:e6:b3:c5:40:34:
d4:db:49:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ64fQyGMBpjx5CN+v+N8VNEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMjY0OGYxMjkwZDQ0NzFiY2RiNTBiODJiZTRlZDkzMjAw
MzA5NGQwHhcNMjYwNjExMjEwMTAzWhcNMjYwNjEyMjEwMTAzWjAzMTEwLwYDVQQD
EyhkNDY1MjYwYTBlNTVmMDY0YjRhZWZiNWYxNjBlZTRhZmM3ZWY0M2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+aYKdIdlEMYZWwGwcqGcvi7w34L
SlHJCZBFDr6+I8+c0PlNmR/EP/Xh4bICZg8NyrurZnUEbFgDmI12cdPZgUMStpEI
UPP3RpreXWaoe0mG2GScSkOtfPEmHLQ/3ktBj8bOClcN9s5Vt4qMLowVbtGC4484
CXZvyQTq3BDyujx/kdSQ7Z66Ak8b6hwyMxDv5WS1bBsaAjjbEfh4qJCotDJ0OP8l
z5EHPuHr/r37HXKiwNvwe45YRmkHSGbqI3ZIrez1u/Fq0fjLkAf5D7XWWBgoTLj+
tNCTeW2yb0PVHpln+lnlPEW2uR0S2n4V/jlB0tTM0HennRdlJKxABSm7CwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNRlJgoOVfBktK77XxYO5K/H70PcMB8GA1UdIwQY
MBaAFF4mSPEpDURxvNtQuCvk7ZMgAwlNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGlaSThTa05SSEc4MjFDNEstVHRreUFEQ1UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iYzRjNTMtMGRiNS00ZjExLTg0ZjYt
ZjU1ZmNkZjk3ODQ2LzEvWGlaSThTa05SSEc4MjFDNEstVHRreUFEQ1UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iYzRjNTMtMGRiNS00ZjExLTg0ZjYtZjU1ZmNkZjk3ODQ2
LzEvWGlaSThTa05SSEc4MjFDNEstVHRreUFEQ1UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo1hpnHeG
AuDUkMkJf+bvWaWrt6SzLzhdm9nGPszQLGXt03M1KMO73KfhuBaagAekc8ZUy4D7
YJ6JzNnb0YR5T3EWLqHOkAghZY+RluxOfPB9HzgL2rNtGcLGL+0fTN0Ryr4B/IAq
tbnYufR3ojvtudeP3PELgly/1QnzLjtQ+WnZRxmy41Gn273KfTbAz4GA4CEsn2nS
SmZjH4tDbzYvMAJAaqFQ7YDj+6JXhp+k6nozIRSV58kM+NEgFOP3tNR3u5CvXHCK
SMHwuujxX4U5XSYho7r3ZJteFra1zWv+ToE2bMeLoUrfhAjn2oDFmTCaxDl3l63l
jeazxUA01NtJsw==
-----END CERTIFICATE-----
Generated at Thu Jun 11 23:56:27 2026 by rpki-client