Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/d3e682-3370-4271-9437-785475c22c9b/1/aesALwAL1CbkpkDHHWwCAbUFDjQ.mft
File: aesALwAL1CbkpkDHHWwCAbUFDjQ.mft (raw, json)
Hash identifier: 6fJS++63bAoIrnc4Oh1djAQszj8DQ/Zwv2nyY85oFj8=
Subject key identifier: 32:8C:24:45:40:3B:01:84:D4:9D:81:E5:61:C6:78:08:73:C1:ED:8B
Authority key identifier: 69:EB:00:2F:00:0B:D4:26:E4:A6:40:C7:1D:6C:02:01:B5:05:0E:34
Certificate issuer: /CN=69eb002f000bd426e4a640c71d6c0201b5050e34
Certificate serial: 019D25BA1D4BB7B6E519896E7A1732355199
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aesALwAL1CbkpkDHHWwCAbUFDjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/d3e682-3370-4271-9437-785475c22c9b/1/aesALwAL1CbkpkDHHWwCAbUFDjQ.mft
Manifest number: 17CB
Signing time: Wed 25 Mar 2026 16:00:47 +0000
Manifest this update: Wed 25 Mar 2026 16:00:47 +0000
Manifest next update: Thu 26 Mar 2026 16:00:47 +0000
Files and hashes: 1: Y8aRMIYRH1jVjryKKP1v8mGsOdc.roa (hash: 3j6bnXLc/3ckyPdMqKUjErtfoWBW1SDwWHfzwh4ftiY=)
2: aesALwAL1CbkpkDHHWwCAbUFDjQ.crl (hash: E1/rWUSJncBvqTelLWOHuJgocMczEEzgrjpmyoF3ZAs=)
3: uFe4cVHbxr_G6s1--UuURiKCbYs.roa (hash: Fv5WNCecba9l/1dLNg+gP0QmW1CKOnk01tR8y8gBZWE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/d3e682-3370-4271-9437-785475c22c9b/1/aesALwAL1CbkpkDHHWwCAbUFDjQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/d3e682-3370-4271-9437-785475c22c9b/1/aesALwAL1CbkpkDHHWwCAbUFDjQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/aesALwAL1CbkpkDHHWwCAbUFDjQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:25:ba:1d:4b:b7:b6:e5:19:89:6e:7a:17:32:35:51:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69eb002f000bd426e4a640c71d6c0201b5050e34
Validity
Not Before: Mar 25 16:00:47 2026 GMT
Not After : Mar 26 16:00:47 2026 GMT
Subject: CN=328c2445403b0184d49d81e561c6780873c1ed8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:fa:c3:24:c4:3e:2f:c3:97:50:d6:67:94:ff:
06:2d:76:58:41:66:47:66:b3:8a:b7:0a:09:a3:52:
0f:36:83:13:2e:61:cc:5c:ec:e9:0b:aa:de:eb:c5:
1e:42:6c:1b:c2:35:3d:65:56:b2:f4:7b:cb:d6:55:
45:f8:e3:51:75:df:45:14:0e:24:3f:6f:5b:8b:3a:
29:4f:ef:57:f3:5f:0e:18:7d:36:87:cd:de:b7:ce:
6b:8e:78:3a:98:52:76:28:92:8f:06:fb:05:9b:d1:
32:f8:fe:98:3d:6b:16:5c:55:05:df:07:53:c0:d1:
59:cd:12:9c:b0:6e:51:7b:69:46:0b:7c:c6:3c:37:
5f:e8:84:48:fa:bd:86:c9:3d:1f:bf:86:64:03:f1:
ca:7a:07:9f:db:ac:be:6d:85:64:b6:f4:22:29:6e:
01:b6:6c:46:6d:a1:99:a8:f2:7f:7b:b7:0b:c5:5c:
dc:db:ba:1a:8b:e6:1e:0c:ed:00:c0:b1:61:3e:1a:
37:ca:75:aa:c2:63:c5:9f:57:68:5a:17:f8:6d:75:
96:7d:da:02:bb:80:4e:1b:00:48:e0:82:f6:d1:f4:
c4:09:59:b8:a6:bd:2d:e1:f3:e6:15:28:42:7a:4e:
96:3b:da:d8:04:bd:5d:98:69:84:00:19:2b:b8:17:
84:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:8C:24:45:40:3B:01:84:D4:9D:81:E5:61:C6:78:08:73:C1:ED:8B
X509v3 Authority Key Identifier:
keyid:69:EB:00:2F:00:0B:D4:26:E4:A6:40:C7:1D:6C:02:01:B5:05:0E:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aesALwAL1CbkpkDHHWwCAbUFDjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/d3e682-3370-4271-9437-785475c22c9b/1/aesALwAL1CbkpkDHHWwCAbUFDjQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/d3e682-3370-4271-9437-785475c22c9b/1/aesALwAL1CbkpkDHHWwCAbUFDjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
91:00:79:87:16:7f:d0:98:01:12:9a:4a:7c:65:c6:e3:8a:8c:
ba:32:31:45:0d:e8:c7:5a:c5:24:7a:d2:8b:fb:14:93:f6:64:
1f:10:72:c0:12:7e:7d:84:f2:91:b0:e4:54:18:d1:cd:fd:56:
60:7d:2d:82:13:47:21:8c:84:c1:18:25:6c:18:75:1c:8c:e5:
7c:5c:c5:8c:0b:eb:3b:87:78:ee:de:7c:7c:89:ca:13:73:30:
3d:bf:27:7e:d1:5e:b5:7f:90:06:96:a0:5a:52:c0:bc:d2:d5:
63:74:63:60:f6:ac:7f:7f:5f:27:6e:c4:36:3c:b5:43:0e:0f:
12:1e:a1:5d:28:e6:c5:7e:53:de:fb:cd:5e:3f:0d:8a:d7:24:
a5:f1:f9:b8:18:57:a8:69:49:32:cf:ca:b6:bc:59:e0:3c:07:
66:cc:60:86:45:09:25:eb:f5:67:97:82:97:b2:dc:c1:d8:1d:
cb:4d:a7:ad:dc:84:35:ef:fe:7e:28:fd:09:26:53:7a:b5:b7:
2f:78:fa:24:72:e4:de:bc:90:72:6c:ef:e3:ce:fc:92:d7:3b:
5d:43:9d:92:ae:58:89:00:eb:35:7c:5e:ee:66:df:7e:02:9c:
31:21:d1:14:16:43:88:16:01:26:21:8f:dc:8b:ef:4c:3a:8b:
fd:47:09:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0luh1Lt7blGYluehcyNVGZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZWIwMDJmMDAwYmQ0MjZlNGE2NDBjNzFkNmMwMjAxYjUw
NTBlMzQwHhcNMjYwMzI1MTYwMDQ3WhcNMjYwMzI2MTYwMDQ3WjAzMTEwLwYDVQQD
EygzMjhjMjQ0NTQwM2IwMTg0ZDQ5ZDgxZTU2MWM2NzgwODczYzFlZDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7PrDJMQ+L8OXUNZnlP8GLXZYQWZH
ZrOKtwoJo1IPNoMTLmHMXOzpC6re68UeQmwbwjU9ZVay9HvL1lVF+ONRdd9FFA4k
P29bizopT+9X818OGH02h83et85rjng6mFJ2KJKPBvsFm9Ey+P6YPWsWXFUF3wdT
wNFZzRKcsG5Re2lGC3zGPDdf6IRI+r2GyT0fv4ZkA/HKegef26y+bYVktvQiKW4B
tmxGbaGZqPJ/e7cLxVzc27oai+YeDO0AwLFhPho3ynWqwmPFn1doWhf4bXWWfdoC
u4BOGwBI4IL20fTECVm4pr0t4fPmFShCek6WO9rYBL1dmGmEABkruBeEewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDKMJEVAOwGE1J2B5WHGeAhzwe2LMB8GA1UdIwQY
MBaAFGnrAC8AC9Qm5KZAxx1sAgG1BQ40MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWVzQUx3QUwxQ2JrcGtESEhXd0NBYlVGRGpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9kM2U2ODItMzM3MC00MjcxLTk0Mzct
Nzg1NDc1YzIyYzliLzEvYWVzQUx3QUwxQ2JrcGtESEhXd0NBYlVGRGpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9kM2U2ODItMzM3MC00MjcxLTk0MzctNzg1NDc1YzIyYzli
LzEvYWVzQUx3QUwxQ2JrcGtESEhXd0NBYlVGRGpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkQB5hxZ/
0JgBEppKfGXG44qMujIxRQ3ox1rFJHrSi/sUk/ZkHxBywBJ+fYTykbDkVBjRzf1W
YH0tghNHIYyEwRglbBh1HIzlfFzFjAvrO4d47t58fInKE3MwPb8nftFetX+QBpag
WlLAvNLVY3RjYPasf39fJ27ENjy1Qw4PEh6hXSjmxX5T3vvNXj8NitckpfH5uBhX
qGlJMs/KtrxZ4DwHZsxghkUJJev1Z5eCl7Lcwdgdy02nrdyENe/+fij9CSZTerW3
L3j6JHLk3ryQcmzv4878ktc7XUOdkq5YiQDrNXxe7mbffgKcMSHRFBZDiBYBJiGP
3IvvTDqL/UcJ8A==
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:36:07 2026 by rpki-client