Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/046ffe-05eb-4c8c-8545-02483e6482cb/1/aPQ7W7zEligG6pMi7Ckum2bdzMU.mft
File: aPQ7W7zEligG6pMi7Ckum2bdzMU.mft (raw, json)
Hash identifier: XQW14sXSf5CpJuHl2T9HEdVKovSKPtmevcI5yzo8uys=
Subject key identifier: DB:3E:7E:3A:91:28:49:4B:F3:25:6D:46:B8:9A:6E:95:72:AA:8C:30
Authority key identifier: 68:F4:3B:5B:BC:C4:96:28:06:EA:93:22:EC:29:2E:9B:66:DD:CC:C5
Certificate issuer: /CN=68f43b5bbcc4962806ea9322ec292e9b66ddccc5
Certificate serial: 019D273AF51FD31A112195E47AFBDA0F5753
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aPQ7W7zEligG6pMi7Ckum2bdzMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/046ffe-05eb-4c8c-8545-02483e6482cb/1/aPQ7W7zEligG6pMi7Ckum2bdzMU.mft
Manifest number: 02B9
Signing time: Wed 25 Mar 2026 23:01:08 +0000
Manifest this update: Wed 25 Mar 2026 23:01:08 +0000
Manifest next update: Thu 26 Mar 2026 23:01:08 +0000
Files and hashes: 1: A5tB2m_AKkFH2MRYLSZP1qj6r7Y.roa (hash: JU4CZpqlBacShwjyBoLo9X21T9K67+NvyzH3SwXTo+Y=)
2: XHzhckAnu87gDfunEM3sM2fHJc4.roa (hash: J4SR1s2pClNQQ3/S6LW+95K5vqFvopp0j499gt2QsWY=)
3: aPQ7W7zEligG6pMi7Ckum2bdzMU.crl (hash: bgAgka9tPi0owdX77UtrZC5X1rtn37gJDn4mLjpOjYI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/046ffe-05eb-4c8c-8545-02483e6482cb/1/aPQ7W7zEligG6pMi7Ckum2bdzMU.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/046ffe-05eb-4c8c-8545-02483e6482cb/1/aPQ7W7zEligG6pMi7Ckum2bdzMU.mft
rsync://rpki.ripe.net/repository/DEFAULT/aPQ7W7zEligG6pMi7Ckum2bdzMU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 23:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:3a:f5:1f:d3:1a:11:21:95:e4:7a:fb:da:0f:57:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68f43b5bbcc4962806ea9322ec292e9b66ddccc5
Validity
Not Before: Mar 25 23:01:08 2026 GMT
Not After : Mar 26 23:01:08 2026 GMT
Subject: CN=db3e7e3a9128494bf3256d46b89a6e9572aa8c30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:28:c0:47:7f:eb:cf:d7:0f:72:ce:2c:55:2e:
7e:e8:7d:d1:10:5e:84:3e:2a:5c:84:3b:90:fb:9c:
b0:39:34:00:d1:7e:4d:94:75:ee:ea:dc:5e:29:41:
a5:a0:0c:99:5e:fd:01:45:51:dd:a2:66:f5:5e:31:
56:14:a6:f0:46:15:ce:e9:b3:33:4f:66:9c:b4:29:
0b:76:8c:cc:b6:8d:7e:04:b1:1a:6e:dc:96:7b:c4:
29:ae:e0:85:23:d4:38:d6:d7:81:e7:34:50:b8:a4:
e5:97:f2:55:08:2b:fe:24:60:07:87:94:91:ae:aa:
d5:28:b3:c0:8a:d0:54:0d:65:28:8a:88:01:1d:b4:
b4:fd:f5:c7:08:36:c8:14:5b:fa:86:a2:e3:22:15:
af:b1:ad:fc:ce:ee:b4:35:c3:17:0f:d6:41:12:c7:
d1:bb:a8:a4:fb:d2:c1:f8:31:46:d4:b0:8c:c7:31:
83:72:0c:95:c0:ef:46:cd:65:83:22:94:f9:90:83:
51:20:5d:c6:69:e9:2c:00:96:65:3e:d8:36:d6:79:
33:2b:97:e1:3b:7a:54:21:8e:83:53:fb:cd:f2:cd:
f4:a0:fb:3b:fd:19:b9:2a:4a:e8:29:70:42:0b:c2:
a0:95:fc:df:91:ef:f1:02:04:e2:55:2b:f4:9b:cf:
1e:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:3E:7E:3A:91:28:49:4B:F3:25:6D:46:B8:9A:6E:95:72:AA:8C:30
X509v3 Authority Key Identifier:
keyid:68:F4:3B:5B:BC:C4:96:28:06:EA:93:22:EC:29:2E:9B:66:DD:CC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aPQ7W7zEligG6pMi7Ckum2bdzMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/046ffe-05eb-4c8c-8545-02483e6482cb/1/aPQ7W7zEligG6pMi7Ckum2bdzMU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/046ffe-05eb-4c8c-8545-02483e6482cb/1/aPQ7W7zEligG6pMi7Ckum2bdzMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
24:82:a3:93:3e:26:d9:63:9b:17:a1:02:88:f5:96:75:05:0c:
3c:cc:65:e8:43:49:4b:dc:c8:16:d8:b9:76:51:55:22:76:3b:
6a:4e:72:a2:84:02:f7:06:da:76:0c:4f:f1:a1:9e:74:36:81:
36:8b:e2:de:d5:df:ff:c8:4b:fa:77:59:c3:0b:f4:07:4d:e7:
b3:9b:1e:a1:14:9e:0f:30:a3:72:0a:ed:fe:4e:e6:5c:d0:8b:
90:ff:e6:64:a9:64:c8:16:fc:26:54:48:90:f1:2b:13:21:56:
cc:84:fb:9f:45:c6:c2:f7:a6:12:56:b8:02:7b:b7:87:07:01:
31:1e:22:c9:9f:93:d1:66:a2:b4:93:cc:29:29:d4:41:0c:30:
38:92:09:64:5c:b2:0e:c7:cb:0a:8d:3a:3d:12:dd:f3:e3:2f:
45:2f:d9:94:99:9b:f4:92:a5:59:c5:84:9f:22:3e:93:22:63:
80:54:90:be:8f:bf:35:bd:f9:60:ce:08:79:2e:48:51:44:11:
59:cd:a7:43:7d:b6:f3:13:76:07:f0:ed:b2:c2:51:03:8e:30:
be:66:1e:0f:d9:ed:41:30:45:0a:da:22:71:18:00:65:fe:ac:
8a:ed:88:4f:2d:b8:d8:6a:ee:b3:58:ca:95:f9:5e:87:b1:1e:
42:07:33:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nOvUf0xoRIZXkevvaD1dTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZjQzYjViYmNjNDk2MjgwNmVhOTMyMmVjMjkyZTliNjZk
ZGNjYzUwHhcNMjYwMzI1MjMwMTA4WhcNMjYwMzI2MjMwMTA4WjAzMTEwLwYDVQQD
EyhkYjNlN2UzYTkxMjg0OTRiZjMyNTZkNDZiODlhNmU5NTcyYWE4YzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSjAR3/rz9cPcs4sVS5+6H3REF6E
PipchDuQ+5ywOTQA0X5NlHXu6txeKUGloAyZXv0BRVHdomb1XjFWFKbwRhXO6bMz
T2actCkLdozMto1+BLEabtyWe8QpruCFI9Q41teB5zRQuKTll/JVCCv+JGAHh5SR
rqrVKLPAitBUDWUoiogBHbS0/fXHCDbIFFv6hqLjIhWvsa38zu60NcMXD9ZBEsfR
u6ik+9LB+DFG1LCMxzGDcgyVwO9GzWWDIpT5kINRIF3GaeksAJZlPtg21nkzK5fh
O3pUIY6DU/vN8s30oPs7/Rm5KkroKXBCC8Kglfzfke/xAgTiVSv0m88e0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNs+fjqRKElL8yVtRriabpVyqowwMB8GA1UdIwQY
MBaAFGj0O1u8xJYoBuqTIuwpLptm3czFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVBRN1c3ekVsaWdHNnBNaTdDa3VtMmJkek1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8wNDZmZmUtMDVlYi00YzhjLTg1NDUt
MDI0ODNlNjQ4MmNiLzEvYVBRN1c3ekVsaWdHNnBNaTdDa3VtMmJkek1VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8wNDZmZmUtMDVlYi00YzhjLTg1NDUtMDI0ODNlNjQ4MmNi
LzEvYVBRN1c3ekVsaWdHNnBNaTdDa3VtMmJkek1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJIKjkz4m
2WObF6ECiPWWdQUMPMxl6ENJS9zIFti5dlFVInY7ak5yooQC9wbadgxP8aGedDaB
Novi3tXf/8hL+ndZwwv0B03ns5seoRSeDzCjcgrt/k7mXNCLkP/mZKlkyBb8JlRI
kPErEyFWzIT7n0XGwvemEla4Anu3hwcBMR4iyZ+T0WaitJPMKSnUQQwwOJIJZFyy
DsfLCo06PRLd8+MvRS/ZlJmb9JKlWcWEnyI+kyJjgFSQvo+/Nb35YM4IeS5IUUQR
Wc2nQ3228xN2B/DtssJRA44wvmYeD9ntQTBFCtoicRgAZf6siu2ITy242Grus1jK
lfleh7EeQgczUw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:53:09 2026 by rpki-client