Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/c485d9-2736-49b1-9a44-1b95819cfc9c/1/kXWIXPl40u9mE3YhRTC57WjFtFg.mft
File: kXWIXPl40u9mE3YhRTC57WjFtFg.mft (raw, json)
Hash identifier: VN961A16kHikqp2c84IU83vGd1AyNAB8XETJZWD//u0=
Subject key identifier: 61:B2:5B:F9:5B:F2:B2:60:78:FA:03:75:2D:3F:00:0E:70:1B:07:E3
Authority key identifier: 91:75:88:5C:F9:78:D2:EF:66:13:76:21:45:30:B9:ED:68:C5:B4:58
Certificate issuer: /CN=9175885cf978d2ef661376214530b9ed68c5b458
Certificate serial: 019D38663C0BE8B226C2FF6D4060745F6F7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kXWIXPl40u9mE3YhRTC57WjFtFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/c485d9-2736-49b1-9a44-1b95819cfc9c/1/kXWIXPl40u9mE3YhRTC57WjFtFg.mft
Manifest number: 0BAC
Signing time: Sun 29 Mar 2026 07:01:57 +0000
Manifest this update: Sun 29 Mar 2026 07:01:57 +0000
Manifest next update: Mon 30 Mar 2026 07:01:57 +0000
Files and hashes: 1: kXWIXPl40u9mE3YhRTC57WjFtFg.crl (hash: 5w0p7B6PFzcPcE/lt8YG1k3IGyovaeGReVLhim1UJ9A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/c485d9-2736-49b1-9a44-1b95819cfc9c/1/kXWIXPl40u9mE3YhRTC57WjFtFg.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/c485d9-2736-49b1-9a44-1b95819cfc9c/1/kXWIXPl40u9mE3YhRTC57WjFtFg.mft
rsync://rpki.ripe.net/repository/DEFAULT/kXWIXPl40u9mE3YhRTC57WjFtFg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:66:3c:0b:e8:b2:26:c2:ff:6d:40:60:74:5f:6f:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9175885cf978d2ef661376214530b9ed68c5b458
Validity
Not Before: Mar 29 07:01:57 2026 GMT
Not After : Mar 30 07:01:57 2026 GMT
Subject: CN=61b25bf95bf2b26078fa03752d3f000e701b07e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f4:b9:a8:aa:c2:aa:a1:48:7a:8b:53:94:bb:
56:83:01:6b:93:0d:0a:0c:78:58:ad:5d:07:01:ea:
31:19:78:91:e3:10:1c:13:06:cf:5a:f6:53:a8:d7:
d5:b4:97:83:5e:a8:84:d1:f1:fd:6a:82:84:1c:c5:
81:13:43:a4:1b:9e:4b:13:34:22:0e:4c:85:10:45:
78:c2:dc:2a:5c:a5:f2:e7:e1:95:77:b3:a3:1f:0b:
5b:a7:01:1d:22:2f:b2:ef:8d:9e:fd:6f:88:2e:82:
c1:47:11:0c:cf:2e:53:85:ba:29:11:93:ad:b6:5a:
46:51:2a:21:df:29:a3:a0:8c:3b:7d:e9:77:b3:07:
72:88:73:af:5d:5b:91:f6:fb:aa:4a:05:2c:cd:3a:
43:f1:40:0c:8c:fa:af:92:14:3a:9d:55:29:38:ea:
1e:20:4f:fb:56:71:c0:e9:37:f5:22:9d:33:b6:72:
42:d8:96:b1:b4:69:03:c8:e1:2f:1c:d3:43:24:57:
3b:1b:4d:d8:cb:aa:de:b4:82:da:b2:ad:58:84:ad:
78:97:22:60:ec:45:f9:79:c9:fa:39:0c:34:d3:c8:
63:75:64:33:a0:6e:3a:eb:79:0e:3b:48:0e:8c:2f:
37:d2:c4:54:8f:18:7f:7b:9b:83:5e:06:39:2b:4b:
fc:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:B2:5B:F9:5B:F2:B2:60:78:FA:03:75:2D:3F:00:0E:70:1B:07:E3
X509v3 Authority Key Identifier:
keyid:91:75:88:5C:F9:78:D2:EF:66:13:76:21:45:30:B9:ED:68:C5:B4:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kXWIXPl40u9mE3YhRTC57WjFtFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c485d9-2736-49b1-9a44-1b95819cfc9c/1/kXWIXPl40u9mE3YhRTC57WjFtFg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c485d9-2736-49b1-9a44-1b95819cfc9c/1/kXWIXPl40u9mE3YhRTC57WjFtFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6f:62:61:6b:17:c3:f0:24:9b:f0:d5:16:a5:bc:13:a1:2b:65:
5d:b2:52:e6:e9:64:4f:27:2e:a3:b2:f5:59:2e:4c:db:2d:22:
02:49:bb:c6:8b:da:51:d1:8f:61:42:f1:c4:4e:70:a5:b4:23:
45:d3:ce:e8:17:4e:87:c7:8b:ae:3b:39:d4:80:6d:04:bd:73:
17:00:d7:b8:19:7e:16:17:d0:b7:e1:04:0f:c7:c7:7b:cc:d1:
61:33:60:16:b1:e8:52:c6:2f:39:56:24:ab:a9:ae:55:32:8b:
24:6b:18:10:79:10:86:50:62:1c:a9:1a:9b:8c:4e:37:ee:ed:
da:11:8f:da:89:d5:21:79:0b:17:94:18:c0:db:c2:bd:57:ca:
f5:f5:8b:3f:ed:d2:aa:50:68:16:23:b5:9e:10:1c:6a:aa:1b:
93:eb:b4:95:2f:7f:f1:38:e5:bf:3b:16:e2:7a:55:1e:db:68:
a6:76:04:5a:fc:d9:77:79:35:b9:05:f8:11:e6:f1:fd:b5:d2:
4a:5c:86:54:52:ad:34:d6:40:cb:3c:45:10:a7:ae:93:8e:04:
69:25:58:7c:25:d0:fb:12:66:3c:1d:39:37:cc:01:56:ba:82:
8d:25:32:b2:d5:52:d5:84:07:5a:de:6d:08:50:a8:e0:29:f4:
0a:b8:7a:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZjwL6LImwv9tQGB0X29/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNzU4ODVjZjk3OGQyZWY2NjEzNzYyMTQ1MzBiOWVkNjhj
NWI0NTgwHhcNMjYwMzI5MDcwMTU3WhcNMjYwMzMwMDcwMTU3WjAzMTEwLwYDVQQD
Eyg2MWIyNWJmOTViZjJiMjYwNzhmYTAzNzUyZDNmMDAwZTcwMWIwN2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfS5qKrCqqFIeotTlLtWgwFrkw0K
DHhYrV0HAeoxGXiR4xAcEwbPWvZTqNfVtJeDXqiE0fH9aoKEHMWBE0OkG55LEzQi
DkyFEEV4wtwqXKXy5+GVd7OjHwtbpwEdIi+y742e/W+ILoLBRxEMzy5ThbopEZOt
tlpGUSoh3ymjoIw7fel3swdyiHOvXVuR9vuqSgUszTpD8UAMjPqvkhQ6nVUpOOoe
IE/7VnHA6Tf1Ip0ztnJC2JaxtGkDyOEvHNNDJFc7G03Yy6retILasq1YhK14lyJg
7EX5ecn6OQw008hjdWQzoG4663kOO0gOjC830sRUjxh/e5uDXgY5K0v8IwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGGyW/lb8rJgePoDdS0/AA5wGwfjMB8GA1UdIwQY
MBaAFJF1iFz5eNLvZhN2IUUwue1oxbRYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1hXSVhQbDQwdTltRTNZaFJUQzU3V2pGdEZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9jNDg1ZDktMjczNi00OWIxLTlhNDQt
MWI5NTgxOWNmYzljLzEva1hXSVhQbDQwdTltRTNZaFJUQzU3V2pGdEZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9jNDg1ZDktMjczNi00OWIxLTlhNDQtMWI5NTgxOWNmYzlj
LzEva1hXSVhQbDQwdTltRTNZaFJUQzU3V2pGdEZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb2JhaxfD
8CSb8NUWpbwToStlXbJS5ulkTycuo7L1WS5M2y0iAkm7xovaUdGPYULxxE5wpbQj
RdPO6BdOh8eLrjs51IBtBL1zFwDXuBl+FhfQt+EED8fHe8zRYTNgFrHoUsYvOVYk
q6muVTKLJGsYEHkQhlBiHKkam4xON+7t2hGP2onVIXkLF5QYwNvCvVfK9fWLP+3S
qlBoFiO1nhAcaqobk+u0lS9/8TjlvzsW4npVHttopnYEWvzZd3k1uQX4Eebx/bXS
SlyGVFKtNNZAyzxFEKeuk44EaSVYfCXQ+xJmPB05N8wBVrqCjSUystVS1YQHWt5t
CFCo4Cn0Crh6OA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 15:01:06 2026 by rpki-client