Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft
File: XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft (raw, json)
Hash identifier: CGuRHs2YJmL5jUtWXHEBaVIKWT6nEsLEeuqmTxIRP5A=
Subject key identifier: 48:40:87:95:DB:C0:C9:4C:FD:23:56:C1:D2:F8:BE:04:D2:26:8B:3E
Authority key identifier: 5C:DF:30:1A:C0:15:26:D0:8C:DE:C2:42:CC:5A:14:01:41:FB:15:3D
Certificate issuer: /CN=5cdf301ac01526d08cdec242cc5a140141fb153d
Certificate serial: 019D37F78413E8D70F35A8EEDF00510127D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft
Manifest number: 04B3
Signing time: Sun 29 Mar 2026 05:01:01 +0000
Manifest this update: Sun 29 Mar 2026 05:01:01 +0000
Manifest next update: Mon 30 Mar 2026 05:01:01 +0000
Files and hashes: 1: XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl (hash: qHOjeU4quDc4fircCvgMyCFIQXNKvpQXYNCEvCm68Cc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft
rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 05:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:f7:84:13:e8:d7:0f:35:a8:ee:df:00:51:01:27:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cdf301ac01526d08cdec242cc5a140141fb153d
Validity
Not Before: Mar 29 05:01:01 2026 GMT
Not After : Mar 30 05:01:01 2026 GMT
Subject: CN=48408795dbc0c94cfd2356c1d2f8be04d2268b3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:7f:d8:35:5a:71:08:a1:85:c9:59:d2:25:b7:
d5:57:4e:12:3c:32:08:69:0c:93:2c:34:64:c9:6f:
91:f7:90:aa:af:45:15:1c:b5:1a:e5:27:e7:be:9f:
79:0f:10:81:52:9a:4b:82:a0:33:cb:ec:42:d2:e8:
d7:d3:f4:f4:f8:50:54:a1:a5:a7:e7:c7:76:c3:a2:
77:ca:2a:cf:1c:f9:17:5d:59:8d:46:03:05:29:61:
a2:55:a6:94:54:48:80:f2:10:33:09:b8:8c:35:b5:
d0:75:cd:62:b7:3f:33:8f:c8:97:a0:0f:f3:54:7e:
52:d4:53:7a:cc:f9:ee:56:d5:3b:1a:92:b5:16:f7:
b4:e6:51:ae:5a:de:d3:01:e8:0b:2e:19:98:9a:7c:
9d:15:0c:8d:40:ea:f2:19:63:ae:d0:f1:f9:f4:e0:
bf:11:2e:e7:5b:c4:99:21:3a:38:27:ba:e2:8c:a1:
a9:2e:3a:fd:1c:6d:1b:d9:a1:d5:f0:9e:e9:ee:93:
d7:c7:c4:23:5a:9e:c2:04:4d:2b:7d:4a:b1:fb:0a:
88:8b:de:2e:d5:89:e2:0c:06:78:44:df:7e:fa:b4:
8f:7f:bf:58:94:3e:9f:5e:98:2f:6a:1f:63:78:e7:
57:e2:6e:18:a5:d6:e5:90:66:5d:a4:19:68:d8:7a:
38:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:40:87:95:DB:C0:C9:4C:FD:23:56:C1:D2:F8:BE:04:D2:26:8B:3E
X509v3 Authority Key Identifier:
keyid:5C:DF:30:1A:C0:15:26:D0:8C:DE:C2:42:CC:5A:14:01:41:FB:15:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
66:96:a3:ca:50:d2:75:71:ba:e9:26:ac:87:83:8a:b8:24:3e:
23:33:db:f3:ea:fe:9d:94:43:6e:9d:56:da:36:15:ee:ed:da:
ca:bf:ba:a8:41:71:49:d5:ea:92:6a:2a:9c:f5:1b:be:46:23:
2f:bb:c9:9c:a8:c8:77:6f:e6:9b:5e:d8:d9:da:c5:a4:61:cf:
57:94:63:02:81:b6:6f:55:25:91:58:62:fe:dd:23:8f:db:3a:
20:35:28:03:61:f2:30:f7:43:57:f8:9c:ce:13:04:b6:4b:09:
c0:93:c5:b3:e1:f6:8d:cc:f1:6d:7c:33:87:f4:af:98:15:99:
80:1d:e6:8c:ea:f3:71:cf:ff:85:64:44:d2:d6:39:ef:74:84:
d5:8e:0f:a6:43:9a:0c:a4:e2:d1:77:80:43:77:de:c8:11:c7:
dc:67:56:6e:ab:14:8b:41:d6:56:da:70:e0:9d:7b:74:4c:04:
54:4a:c7:e7:1b:79:e3:d2:c7:4d:43:11:3e:c2:db:b1:ba:4f:
80:24:24:8f:d5:eb:49:88:e9:7c:6b:b7:b0:4b:55:76:68:68:
b2:10:3b:7e:b4:59:29:c6:12:d1:3e:47:bf:5f:9a:e9:85:3a:
e7:8c:a4:cd:93:c1:ec:54:5e:db:cc:ee:f8:76:03:06:4f:0a:
a1:e0:82:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0394QT6NcPNaju3wBRASfXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZGYzMDFhYzAxNTI2ZDA4Y2RlYzI0MmNjNWExNDAxNDFm
YjE1M2QwHhcNMjYwMzI5MDUwMTAxWhcNMjYwMzMwMDUwMTAxWjAzMTEwLwYDVQQD
Eyg0ODQwODc5NWRiYzBjOTRjZmQyMzU2YzFkMmY4YmUwNGQyMjY4YjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3/YNVpxCKGFyVnSJbfVV04SPDII
aQyTLDRkyW+R95Cqr0UVHLUa5Sfnvp95DxCBUppLgqAzy+xC0ujX0/T0+FBUoaWn
58d2w6J3yirPHPkXXVmNRgMFKWGiVaaUVEiA8hAzCbiMNbXQdc1itz8zj8iXoA/z
VH5S1FN6zPnuVtU7GpK1Fve05lGuWt7TAegLLhmYmnydFQyNQOryGWOu0PH59OC/
ES7nW8SZITo4J7rijKGpLjr9HG0b2aHV8J7p7pPXx8QjWp7CBE0rfUqx+wqIi94u
1YniDAZ4RN9++rSPf79YlD6fXpgvah9jeOdX4m4YpdblkGZdpBlo2Ho41QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEhAh5XbwMlM/SNWwdL4vgTSJos+MB8GA1UdIwQY
MBaAFFzfMBrAFSbQjN7CQsxaFAFB+xU9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9jMjRjYmUtMzM3NS00NGMzLWJhNjMt
Yzk2NDIyMGJhZTgwLzEvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9jMjRjYmUtMzM3NS00NGMzLWJhNjMtYzk2NDIyMGJhZTgw
LzEvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZpajylDS
dXG66Sash4OKuCQ+IzPb8+r+nZRDbp1W2jYV7u3ayr+6qEFxSdXqkmoqnPUbvkYj
L7vJnKjId2/mm17Y2drFpGHPV5RjAoG2b1UlkVhi/t0jj9s6IDUoA2HyMPdDV/ic
zhMEtksJwJPFs+H2jczxbXwzh/SvmBWZgB3mjOrzcc//hWRE0tY573SE1Y4PpkOa
DKTi0XeAQ3feyBHH3GdWbqsUi0HWVtpw4J17dEwEVErH5xt549LHTUMRPsLbsbpP
gCQkj9XrSYjpfGu3sEtVdmhoshA7frRZKcYS0T5Hv1+a6YU654ykzZPB7FRe28zu
+HYDBk8KoeCCXA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:26:52 2026 by rpki-client