Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.mft
File: aNLCXQU0pAJ8aVViqM5PABzVOW8.mft (raw, json)
Hash identifier: grTJ0kvJRfV7xUX+nOYV5rV8Y87TClmcgOz56vwQcBw=
Subject key identifier: 3D:07:E7:1B:DF:6F:5F:56:44:AB:80:29:D1:07:DD:33:54:D0:41:00
Authority key identifier: 68:D2:C2:5D:05:34:A4:02:7C:69:55:62:A8:CE:4F:00:1C:D5:39:6F
Certificate issuer: /CN=68d2c25d0534a4027c695562a8ce4f001cd5396f
Certificate serial: 019D33762D390960FECAFB71B4B491101F55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNLCXQU0pAJ8aVViqM5PABzVOW8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.mft
Manifest number: 14E0
Signing time: Sat 28 Mar 2026 08:01:16 +0000
Manifest this update: Sat 28 Mar 2026 08:01:16 +0000
Manifest next update: Sun 29 Mar 2026 08:01:16 +0000
Files and hashes: 1: URwUlX1aGUQjALJuv2b7NQZnlQY.roa (hash: tfOWykptTnti4HmolEIB0RYCOL60/EO4faOftMz4e/U=)
2: aNLCXQU0pAJ8aVViqM5PABzVOW8.crl (hash: O8ri8xoyiyQuyDRgwSEUIpL9dnLM2qLbOftT8AeDlZo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.mft
rsync://rpki.ripe.net/repository/DEFAULT/aNLCXQU0pAJ8aVViqM5PABzVOW8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 08:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:33:76:2d:39:09:60:fe:ca:fb:71:b4:b4:91:10:1f:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68d2c25d0534a4027c695562a8ce4f001cd5396f
Validity
Not Before: Mar 28 08:01:16 2026 GMT
Not After : Mar 29 08:01:16 2026 GMT
Subject: CN=3d07e71bdf6f5f5644ab8029d107dd3354d04100
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ee:11:bc:d7:42:10:84:18:5d:a2:57:ac:36:
af:b0:5f:11:95:e1:c6:e4:2e:a4:4f:44:18:19:e4:
90:c9:53:b4:87:73:73:90:63:f3:62:a3:91:ed:e6:
4c:bf:9c:f3:86:f3:2a:ed:20:76:75:33:91:37:fb:
71:04:84:0f:70:a6:22:98:1d:5e:e2:94:a0:80:68:
63:4e:75:5b:64:6a:30:85:55:80:e5:ac:0f:2c:a2:
80:de:21:2c:7f:37:2d:80:2d:00:bc:f5:2b:7f:6c:
9c:ef:6d:4e:2d:c4:c1:30:c6:11:d5:92:63:c6:f3:
4a:ff:f8:80:ee:8e:1f:ca:28:d2:35:74:d6:ae:e4:
f0:58:f0:b3:8b:cf:31:e4:e0:69:9c:97:d1:c3:1e:
92:85:54:fb:7b:73:98:b8:60:27:23:d6:4a:da:84:
ee:bf:84:9d:ea:17:fc:fd:b9:33:c3:25:3a:65:40:
7d:f4:58:bf:0b:19:d6:d8:10:44:b9:88:88:1a:c9:
52:32:de:a4:56:fb:ba:4b:97:ad:0e:38:b8:8a:db:
b9:ca:3c:d9:e0:57:71:6d:4c:a6:0b:af:47:f5:a6:
e3:9a:90:3f:6d:0f:5e:84:23:29:75:59:29:ae:67:
4d:4a:7f:68:19:7b:9e:f6:5a:6b:c2:19:ab:03:af:
8f:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:07:E7:1B:DF:6F:5F:56:44:AB:80:29:D1:07:DD:33:54:D0:41:00
X509v3 Authority Key Identifier:
keyid:68:D2:C2:5D:05:34:A4:02:7C:69:55:62:A8:CE:4F:00:1C:D5:39:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNLCXQU0pAJ8aVViqM5PABzVOW8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0b:a4:ee:c9:08:5b:f8:f1:e6:35:55:ac:38:59:fa:e8:20:e8:
68:c7:40:0b:54:5a:f0:1d:dc:81:9a:08:5a:65:46:13:f7:f1:
5b:c3:e3:35:5a:10:0e:09:a9:09:eb:1a:0a:2b:7b:e0:80:40:
aa:14:86:ce:9c:7d:2b:03:4d:44:75:12:69:1d:ff:90:b2:2f:
11:0a:a4:ee:25:3f:95:df:4e:2a:e3:18:be:fb:4b:97:9b:6d:
5a:70:26:ed:70:f2:e7:42:9c:16:a7:ae:42:cc:88:c2:0c:15:
e5:5b:c0:3b:71:3d:7f:c2:74:68:55:ea:42:d3:91:7f:76:d4:
32:e5:8d:28:ff:17:7b:f4:3d:24:97:4a:7a:14:ef:70:ad:ab:
4d:ca:be:44:ef:7a:ce:f6:62:18:96:e4:1c:55:59:e3:6d:27:
e9:4d:3f:c8:13:4d:a6:8d:8c:4b:5b:36:c2:f6:cb:32:10:a8:
c2:9e:bf:0f:d6:fd:3a:34:4b:88:9b:d8:e6:c1:3a:ac:b3:e6:
3d:40:22:5c:3d:e2:20:17:17:9c:3c:f2:e5:41:74:8a:68:e9:
91:b3:1c:e4:7e:7e:86:76:15:99:b0:bc:46:ba:a6:89:d5:49:
6b:ad:70:36:f5:67:f3:2b:bb:2e:f4:22:ed:c9:92:24:2a:74:
6f:47:9f:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0zdi05CWD+yvtxtLSREB9VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZDJjMjVkMDUzNGE0MDI3YzY5NTU2MmE4Y2U0ZjAwMWNk
NTM5NmYwHhcNMjYwMzI4MDgwMTE2WhcNMjYwMzI5MDgwMTE2WjAzMTEwLwYDVQQD
EygzZDA3ZTcxYmRmNmY1ZjU2NDRhYjgwMjlkMTA3ZGQzMzU0ZDA0MTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+4RvNdCEIQYXaJXrDavsF8RleHG
5C6kT0QYGeSQyVO0h3NzkGPzYqOR7eZMv5zzhvMq7SB2dTORN/txBIQPcKYimB1e
4pSggGhjTnVbZGowhVWA5awPLKKA3iEsfzctgC0AvPUrf2yc721OLcTBMMYR1ZJj
xvNK//iA7o4fyijSNXTWruTwWPCzi88x5OBpnJfRwx6ShVT7e3OYuGAnI9ZK2oTu
v4Sd6hf8/bkzwyU6ZUB99Fi/CxnW2BBEuYiIGslSMt6kVvu6S5etDji4itu5yjzZ
4FdxbUymC69H9abjmpA/bQ9ehCMpdVkprmdNSn9oGXue9lprwhmrA6+PowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD0H5xvfb19WRKuAKdEH3TNU0EEAMB8GA1UdIwQY
MBaAFGjSwl0FNKQCfGlVYqjOTwAc1TlvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU5MQ1hRVTBwQUo4YVZWaXFNNVBBQnpWT1c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9hZDk3NTYtODRkMS00YWI5LTk2ZTEt
MTQ3OTdlYWM1MjJlLzEvYU5MQ1hRVTBwQUo4YVZWaXFNNVBBQnpWT1c4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9hZDk3NTYtODRkMS00YWI5LTk2ZTEtMTQ3OTdlYWM1MjJl
LzEvYU5MQ1hRVTBwQUo4YVZWaXFNNVBBQnpWT1c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC6TuyQhb
+PHmNVWsOFn66CDoaMdAC1Ra8B3cgZoIWmVGE/fxW8PjNVoQDgmpCesaCit74IBA
qhSGzpx9KwNNRHUSaR3/kLIvEQqk7iU/ld9OKuMYvvtLl5ttWnAm7XDy50KcFqeu
QsyIwgwV5VvAO3E9f8J0aFXqQtORf3bUMuWNKP8Xe/Q9JJdKehTvcK2rTcq+RO96
zvZiGJbkHFVZ420n6U0/yBNNpo2MS1s2wvbLMhCowp6/D9b9OjRLiJvY5sE6rLPm
PUAiXD3iIBcXnDzy5UF0imjpkbMc5H5+hnYVmbC8RrqmidVJa61wNvVn8yu7LvQi
7cmSJCp0b0efrw==
-----END CERTIFICATE-----
Generated at Sat Mar 28 15:56:28 2026 by rpki-client