Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/bd8ec1-17a4-44df-883d-e97d226fbeea/1/aeOtiwIkUhzQrnSSxpS8LU7h_bI.mft
File: aeOtiwIkUhzQrnSSxpS8LU7h_bI.mft (raw, json)
Hash identifier: ySR7taXpUapsNnAiEx8BcCt3wm18+tLurv/N6sDzM+0=
Subject key identifier: 76:66:34:C9:4E:81:70:85:18:5F:21:4F:F2:A0:66:C3:14:FD:2E:8C
Authority key identifier: 69:E3:AD:8B:02:24:52:1C:D0:AE:74:92:C6:94:BC:2D:4E:E1:FD:B2
Certificate issuer: /CN=69e3ad8b0224521cd0ae7492c694bc2d4ee1fdb2
Certificate serial: 019D2703FE1C4121A481E08AE5E72009C07E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aeOtiwIkUhzQrnSSxpS8LU7h_bI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/bd8ec1-17a4-44df-883d-e97d226fbeea/1/aeOtiwIkUhzQrnSSxpS8LU7h_bI.mft
Manifest number: 0D0D
Signing time: Wed 25 Mar 2026 22:01:06 +0000
Manifest this update: Wed 25 Mar 2026 22:01:06 +0000
Manifest next update: Thu 26 Mar 2026 22:01:06 +0000
Files and hashes: 1: aeOtiwIkUhzQrnSSxpS8LU7h_bI.crl (hash: pOJXgxjLtMztQeNavjyKjehuVwf67IELbo3IfD8FV2s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/bd8ec1-17a4-44df-883d-e97d226fbeea/1/aeOtiwIkUhzQrnSSxpS8LU7h_bI.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/bd8ec1-17a4-44df-883d-e97d226fbeea/1/aeOtiwIkUhzQrnSSxpS8LU7h_bI.mft
rsync://rpki.ripe.net/repository/DEFAULT/aeOtiwIkUhzQrnSSxpS8LU7h_bI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 22:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:03:fe:1c:41:21:a4:81:e0:8a:e5:e7:20:09:c0:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69e3ad8b0224521cd0ae7492c694bc2d4ee1fdb2
Validity
Not Before: Mar 25 22:01:06 2026 GMT
Not After : Mar 26 22:01:06 2026 GMT
Subject: CN=766634c94e817085185f214ff2a066c314fd2e8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b2:8f:37:1d:cc:a7:bf:0b:13:a2:31:39:d1:
86:4e:57:9a:18:0f:fe:f1:81:da:e9:d3:45:f5:8a:
64:30:2a:94:62:6d:65:91:ea:4d:21:8c:13:6a:23:
4b:9e:3f:2a:09:b4:53:60:3b:ed:9c:7a:22:7a:32:
27:20:48:fa:52:87:de:61:cc:64:5e:90:66:65:b0:
ac:c5:51:b0:f9:62:98:d7:4f:1b:01:8d:42:1d:77:
34:72:13:a9:4a:64:10:e3:a3:75:36:6c:11:e9:f4:
ab:5f:9f:11:a0:67:d2:45:b3:68:ef:85:14:32:13:
32:6b:72:8e:8b:e3:f1:8a:0a:47:44:71:36:fe:53:
55:e4:cd:2f:be:b1:1d:18:6e:d1:0d:d8:32:e9:6f:
22:e6:3a:c3:17:a1:90:87:e8:82:26:8f:dd:b7:b4:
88:17:b0:9d:b7:50:24:fb:be:35:12:27:8d:72:58:
4b:4e:22:22:d2:7d:d9:2d:6e:1b:23:30:78:86:af:
a7:f4:d4:85:8f:4a:3a:07:0f:48:63:ca:88:d8:4b:
10:ed:54:48:e7:14:44:f4:2a:8b:1d:19:15:42:09:
d9:71:37:7c:98:14:bb:cb:00:7e:c3:1f:da:93:87:
11:f2:d5:6a:78:a5:0a:18:5d:3f:9c:29:15:a6:a9:
55:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:66:34:C9:4E:81:70:85:18:5F:21:4F:F2:A0:66:C3:14:FD:2E:8C
X509v3 Authority Key Identifier:
keyid:69:E3:AD:8B:02:24:52:1C:D0:AE:74:92:C6:94:BC:2D:4E:E1:FD:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aeOtiwIkUhzQrnSSxpS8LU7h_bI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/bd8ec1-17a4-44df-883d-e97d226fbeea/1/aeOtiwIkUhzQrnSSxpS8LU7h_bI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/bd8ec1-17a4-44df-883d-e97d226fbeea/1/aeOtiwIkUhzQrnSSxpS8LU7h_bI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
91:da:ef:3f:36:25:9b:c8:39:72:2c:a2:df:bd:b5:95:d4:cc:
dc:aa:fc:08:64:a0:a8:e4:c3:b8:db:b9:79:1a:84:94:1f:b6:
f1:39:85:e6:9c:6f:04:e5:22:6e:55:37:10:b6:18:2d:a6:24:
bd:d9:4d:0f:ba:f0:46:a0:e9:e3:d8:64:c6:70:c3:ac:5b:81:
e0:50:f0:12:3d:8a:7d:c8:0d:92:e8:95:1a:57:22:cd:39:5c:
bd:cd:a6:65:72:84:7c:b0:59:3b:af:ca:7d:e7:de:f1:f0:43:
3a:27:ab:35:f9:0a:c3:de:63:a9:24:01:84:83:53:52:1d:41:
d4:de:39:74:70:cd:8c:5d:b6:4e:36:37:17:6c:94:56:1c:1a:
34:7e:95:e9:98:01:a0:5b:96:ee:7b:c7:c0:03:ed:92:1e:b7:
8c:36:22:b7:67:7b:0d:ec:9a:89:de:e6:03:6d:6a:a5:2b:1f:
ab:f8:c8:e0:e2:0d:02:da:57:92:c2:ce:e3:b9:8a:52:50:59:
7a:f6:49:fc:64:5f:a8:c4:8c:17:6a:a7:4a:0f:22:ef:4a:e1:
d8:d1:06:35:b0:65:32:f0:ca:b1:58:c3:24:7c:15:69:ad:50:
ff:81:a9:5c:d4:a1:de:1f:16:9e:79:85:7a:63:2a:74:e8:62:
5b:ec:82:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA/4cQSGkgeCK5ecgCcB+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZTNhZDhiMDIyNDUyMWNkMGFlNzQ5MmM2OTRiYzJkNGVl
MWZkYjIwHhcNMjYwMzI1MjIwMTA2WhcNMjYwMzI2MjIwMTA2WjAzMTEwLwYDVQQD
Eyg3NjY2MzRjOTRlODE3MDg1MTg1ZjIxNGZmMmEwNjZjMzE0ZmQyZThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprKPNx3Mp78LE6IxOdGGTleaGA/+
8YHa6dNF9YpkMCqUYm1lkepNIYwTaiNLnj8qCbRTYDvtnHoiejInIEj6UofeYcxk
XpBmZbCsxVGw+WKY108bAY1CHXc0chOpSmQQ46N1NmwR6fSrX58RoGfSRbNo74UU
MhMya3KOi+PxigpHRHE2/lNV5M0vvrEdGG7RDdgy6W8i5jrDF6GQh+iCJo/dt7SI
F7Cdt1Ak+741EieNclhLTiIi0n3ZLW4bIzB4hq+n9NSFj0o6Bw9IY8qI2EsQ7VRI
5xRE9CqLHRkVQgnZcTd8mBS7ywB+wx/ak4cR8tVqeKUKGF0/nCkVpqlVEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHZmNMlOgXCFGF8hT/KgZsMU/S6MMB8GA1UdIwQY
MBaAFGnjrYsCJFIc0K50ksaUvC1O4f2yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWVPdGl3SWtVaHpRcm5TU3hwUzhMVTdoX2JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9iZDhlYzEtMTdhNC00NGRmLTg4M2Qt
ZTk3ZDIyNmZiZWVhLzEvYWVPdGl3SWtVaHpRcm5TU3hwUzhMVTdoX2JJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9iZDhlYzEtMTdhNC00NGRmLTg4M2QtZTk3ZDIyNmZiZWVh
LzEvYWVPdGl3SWtVaHpRcm5TU3hwUzhMVTdoX2JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkdrvPzYl
m8g5ciyi3721ldTM3Kr8CGSgqOTDuNu5eRqElB+28TmF5pxvBOUiblU3ELYYLaYk
vdlND7rwRqDp49hkxnDDrFuB4FDwEj2KfcgNkuiVGlcizTlcvc2mZXKEfLBZO6/K
fefe8fBDOierNfkKw95jqSQBhINTUh1B1N45dHDNjF22TjY3F2yUVhwaNH6V6ZgB
oFuW7nvHwAPtkh63jDYit2d7Deyaid7mA21qpSsfq/jI4OINAtpXksLO47mKUlBZ
evZJ/GRfqMSMF2qnSg8i70rh2NEGNbBlMvDKsVjDJHwVaa1Q/4GpXNSh3h8WnnmF
emMqdOhiW+yCGg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:40:09 2026 by rpki-client