Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft
File: xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft (raw, json)
Hash identifier: Qx/PB/NCd5kiQCIp8F3UCTxTQCsLt9CpB+EuLRHFgQo=
Subject key identifier: D1:D5:71:42:4B:AE:5D:09:7A:0B:89:98:0A:A6:6B:5D:48:9C:67:BD
Authority key identifier: C4:13:D7:A3:76:5F:F9:A2:2B:BC:22:99:E0:49:69:1E:29:40:CB:82
Certificate issuer: /CN=c413d7a3765ff9a22bbc2299e049691e2940cb82
Certificate serial: 019D38D2F483CB9D42DDFA3AE29684A562FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft
Manifest number: 1600
Signing time: Sun 29 Mar 2026 09:00:42 +0000
Manifest this update: Sun 29 Mar 2026 09:00:42 +0000
Manifest next update: Mon 30 Mar 2026 09:00:42 +0000
Files and hashes: 1: xBPXo3Zf-aIrvCKZ4ElpHilAy4I.crl (hash: /i0ppVJLWahketkGczCpferdF2hsb46NFP1LofDvG7A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft
rsync://rpki.ripe.net/repository/DEFAULT/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d2:f4:83:cb:9d:42:dd:fa:3a:e2:96:84:a5:62:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c413d7a3765ff9a22bbc2299e049691e2940cb82
Validity
Not Before: Mar 29 09:00:42 2026 GMT
Not After : Mar 30 09:00:42 2026 GMT
Subject: CN=d1d571424bae5d097a0b89980aa66b5d489c67bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fe:3a:41:a6:5d:d6:47:94:08:2d:22:b0:1d:6a:
21:94:e6:e1:12:db:01:a3:ac:5a:71:d4:76:41:2c:
c3:bf:ba:20:dd:55:8a:de:c4:5f:b8:f5:8b:e3:ac:
4d:60:6f:6a:c4:42:72:fa:51:95:1c:25:c6:65:38:
39:ca:1b:9d:bf:0b:6b:08:ce:8a:f2:43:60:49:e5:
61:ae:c9:80:15:11:c8:9e:cb:5c:80:fc:bc:97:60:
73:d8:b6:25:34:5c:f2:20:5a:4b:db:b0:6b:28:9c:
08:ba:9d:b8:b0:d0:ea:07:c7:31:7c:1f:b8:1c:43:
02:a9:f9:ed:66:89:43:99:1b:cb:02:e0:db:6b:3d:
45:c1:e7:7b:e7:f8:f4:27:6f:70:38:9b:21:1a:56:
ad:33:c3:cd:0b:53:06:ce:0e:5a:99:fc:3d:0b:08:
62:c2:f5:3a:bd:8a:4b:d5:97:79:fa:e5:8b:6b:d3:
01:01:68:40:40:12:fe:6c:8e:e1:de:36:81:c3:5f:
a7:b5:c7:fb:06:93:1f:88:eb:30:58:39:2e:a3:44:
35:38:3e:f2:5d:97:48:5c:9c:29:1e:ab:3c:b5:4e:
1f:30:b5:b2:32:ea:e3:c1:cb:80:9d:0a:7a:65:09:
38:71:f8:b5:41:44:cc:86:57:fd:92:21:c5:fd:40:
4e:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:D5:71:42:4B:AE:5D:09:7A:0B:89:98:0A:A6:6B:5D:48:9C:67:BD
X509v3 Authority Key Identifier:
keyid:C4:13:D7:A3:76:5F:F9:A2:2B:BC:22:99:E0:49:69:1E:29:40:CB:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3b:72:f0:f6:84:0f:2a:21:d8:f6:91:25:51:30:46:33:50:6a:
e6:a2:24:c0:48:4e:8d:09:48:82:1c:02:79:ae:fe:06:0b:4b:
08:68:fc:41:23:8c:7a:4c:ba:5a:f7:50:99:2f:f9:72:b4:cf:
01:62:9a:7a:27:02:ba:ea:a1:1e:28:98:1e:aa:bb:2a:7a:57:
3d:8a:eb:ef:17:35:35:b5:75:be:9d:bb:69:7a:e4:88:3d:78:
23:ae:29:00:ca:59:75:63:71:50:cd:98:81:fc:e6:81:b6:97:
32:9f:c3:04:85:5f:f4:f6:40:7e:90:63:1e:81:7c:1d:be:b4:
0d:b4:39:54:09:35:d7:8b:58:ec:6c:2a:06:db:f1:a1:e8:5e:
36:02:11:60:6f:a4:4b:87:a4:88:bc:0e:fd:15:1d:74:8c:9d:
88:c1:c7:8b:00:de:1a:d9:34:85:6b:eb:66:10:ab:da:b0:be:
de:e0:fe:dc:c6:2e:be:a5:30:6c:bf:7a:3b:80:71:19:4f:3a:
e8:ea:59:6f:c2:99:91:4f:07:c9:60:19:53:aa:df:ea:10:dc:
ae:30:e4:b7:e5:68:da:40:18:89:3b:bf:95:ca:70:84:cb:06:
6f:84:05:a1:29:53:1b:92:7e:b3:24:67:d1:e2:14:2b:d5:8b:
b3:bd:05:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040vSDy51C3fo64paEpWL9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MTNkN2EzNzY1ZmY5YTIyYmJjMjI5OWUwNDk2OTFlMjk0
MGNiODIwHhcNMjYwMzI5MDkwMDQyWhcNMjYwMzMwMDkwMDQyWjAzMTEwLwYDVQQD
EyhkMWQ1NzE0MjRiYWU1ZDA5N2EwYjg5OTgwYWE2NmI1ZDQ4OWM2N2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/jpBpl3WR5QILSKwHWohlObhEtsB
o6xacdR2QSzDv7og3VWK3sRfuPWL46xNYG9qxEJy+lGVHCXGZTg5yhudvwtrCM6K
8kNgSeVhrsmAFRHInstcgPy8l2Bz2LYlNFzyIFpL27BrKJwIup24sNDqB8cxfB+4
HEMCqfntZolDmRvLAuDbaz1Fwed75/j0J29wOJshGlatM8PNC1MGzg5amfw9Cwhi
wvU6vYpL1Zd5+uWLa9MBAWhAQBL+bI7h3jaBw1+ntcf7BpMfiOswWDkuo0Q1OD7y
XZdIXJwpHqs8tU4fMLWyMurjwcuAnQp6ZQk4cfi1QUTMhlf9kiHF/UBOuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNHVcUJLrl0JeguJmAqma11InGe9MB8GA1UdIwQY
MBaAFMQT16N2X/miK7wimeBJaR4pQMuCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEJQWG8zWmYtYUlydkNLWjRFbHBIaWxBeTRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9hN2JjODYtMDk1NS00NjhiLTllYjUt
ZTg2MGJlN2U3YzU0LzEveEJQWG8zWmYtYUlydkNLWjRFbHBIaWxBeTRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9hN2JjODYtMDk1NS00NjhiLTllYjUtZTg2MGJlN2U3YzU0
LzEveEJQWG8zWmYtYUlydkNLWjRFbHBIaWxBeTRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO3Lw9oQP
KiHY9pElUTBGM1Bq5qIkwEhOjQlIghwCea7+BgtLCGj8QSOMeky6WvdQmS/5crTP
AWKaeicCuuqhHiiYHqq7KnpXPYrr7xc1NbV1vp27aXrkiD14I64pAMpZdWNxUM2Y
gfzmgbaXMp/DBIVf9PZAfpBjHoF8Hb60DbQ5VAk114tY7GwqBtvxoeheNgIRYG+k
S4ekiLwO/RUddIydiMHHiwDeGtk0hWvrZhCr2rC+3uD+3MYuvqUwbL96O4BxGU86
6OpZb8KZkU8HyWAZU6rf6hDcrjDkt+Vo2kAYiTu/lcpwhMsGb4QFoSlTG5J+syRn
0eIUK9WLs70Fow==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:25:19 2026 by rpki-client