Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft
File: aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft (raw, json)
Hash identifier: cwEcVPWW4/NuW8fkJwOc9mfIlaeKdAFO87PBlNy8I9A=
Subject key identifier: B0:DD:7D:00:B7:00:71:C9:C3:D3:F8:A1:A7:6C:02:D1:42:0C:41:A6
Authority key identifier: 68:6D:18:40:49:3E:EE:34:5F:8C:02:AD:8A:A7:F0:F0:F4:1B:A4:50
Certificate issuer: /CN=686d1840493eee345f8c02ad8aa7f0f0f41ba450
Certificate serial: 019D27048E5F2D5F5C8483ACA3DD3B0FE89D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aG0YQEk-7jRfjAKtiqfw8PQbpFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft
Manifest number: 1889
Signing time: Wed 25 Mar 2026 22:01:43 +0000
Manifest this update: Wed 25 Mar 2026 22:01:43 +0000
Manifest next update: Thu 26 Mar 2026 22:01:43 +0000
Files and hashes: 1: Uocr9SIrv8jbsgJXhQAIDOX3hGs.roa (hash: 4iPmjoYeqHL7835MhflNIw3FaZg4Ojg4Y6QdIx6OiEc=)
2: aG0YQEk-7jRfjAKtiqfw8PQbpFA.crl (hash: bhUW8OoVuacr662HzrJlbN0Eg8iyhXlEDx7ABX0YBvU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft
rsync://rpki.ripe.net/repository/DEFAULT/aG0YQEk-7jRfjAKtiqfw8PQbpFA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 22:01:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:04:8e:5f:2d:5f:5c:84:83:ac:a3:dd:3b:0f:e8:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=686d1840493eee345f8c02ad8aa7f0f0f41ba450
Validity
Not Before: Mar 25 22:01:43 2026 GMT
Not After : Mar 26 22:01:43 2026 GMT
Subject: CN=b0dd7d00b70071c9c3d3f8a1a76c02d1420c41a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:72:e2:a5:2e:b2:95:ba:4f:19:c7:53:6a:23:
fe:1e:c3:46:2e:f7:36:a8:a7:39:3b:19:61:5b:78:
1b:0c:e9:5c:39:ac:c0:59:5f:e7:e8:c5:c6:ec:6f:
c8:69:21:de:dd:bc:9e:53:e2:bf:79:34:ef:d0:6e:
81:6b:b6:a5:53:52:77:9e:47:a1:f9:54:d7:c7:bf:
96:0c:87:88:c1:e7:29:75:ae:5f:7c:da:42:eb:16:
29:92:9f:8a:6a:0f:1b:a1:be:34:84:2f:57:a6:9c:
e8:b9:5f:e1:33:3f:fb:8b:19:05:c0:6b:53:e0:85:
ae:04:37:d5:4f:03:8e:67:c8:f7:42:3c:72:c5:9e:
89:22:82:1a:47:2c:5e:40:3c:6f:4e:6a:27:88:01:
c5:3a:3f:1d:cb:38:32:36:3f:85:65:f3:e4:17:0a:
3b:0f:2e:5b:69:89:77:08:01:b7:32:10:f8:7a:a4:
80:6e:ad:2a:ec:f0:93:8f:dd:33:e4:91:b4:f7:94:
54:0e:60:e9:b6:e6:e3:5a:7e:82:11:bb:29:c8:05:
f2:58:0e:f2:bb:1e:2d:11:68:f0:11:0f:11:bc:35:
42:00:16:1b:c9:b7:f4:c4:f8:5f:ad:f5:04:50:05:
26:ca:7e:0b:0c:63:15:05:d7:df:40:03:22:88:56:
cb:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:DD:7D:00:B7:00:71:C9:C3:D3:F8:A1:A7:6C:02:D1:42:0C:41:A6
X509v3 Authority Key Identifier:
keyid:68:6D:18:40:49:3E:EE:34:5F:8C:02:AD:8A:A7:F0:F0:F4:1B:A4:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aG0YQEk-7jRfjAKtiqfw8PQbpFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5f:98:fd:65:19:46:a9:21:a7:65:a8:c8:d0:fb:66:bc:23:b3:
11:f5:c0:53:2e:70:f9:15:86:c2:a3:69:bf:c7:8c:ea:1d:63:
4e:c6:f7:1d:e0:4e:52:5f:ad:de:21:e6:3c:9c:d0:5d:3e:bb:
20:77:3b:46:de:58:ca:81:6d:9e:36:fa:a2:96:d7:24:cf:27:
8c:f0:72:12:8e:eb:6d:2c:e9:25:80:98:9e:45:ee:7e:56:21:
ae:1c:ca:eb:71:e4:d8:c8:5b:8c:cb:8e:26:a9:10:82:e2:5e:
2d:a9:b5:2c:0e:1a:fc:2c:ba:d8:a2:cf:4c:ac:b1:6f:8a:26:
88:e1:8e:c2:0d:03:08:54:b2:c0:67:67:cf:5d:5a:c7:d7:b4:
c8:6c:f1:d5:3e:79:01:f2:5d:49:07:d8:54:74:6a:0c:63:8b:
e7:a2:4b:f7:eb:0a:0e:34:6d:50:e5:78:d2:88:c2:9e:94:35:
0d:67:e5:d2:c6:bd:56:3f:2d:d6:55:4b:12:26:b7:df:b3:8f:
a1:5b:19:94:ec:1a:18:03:d1:eb:f6:b9:79:6d:1f:85:9b:7d:
9d:1d:ee:c9:6d:68:03:18:dd:fd:15:c6:77:eb:a8:93:e2:12:
45:cf:53:56:08:4a:8d:4d:ce:ec:06:ba:c8:38:c8:7a:24:69:
6d:89:6b:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBI5fLV9chIOso907D+idMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NmQxODQwNDkzZWVlMzQ1ZjhjMDJhZDhhYTdmMGYwZjQx
YmE0NTAwHhcNMjYwMzI1MjIwMTQzWhcNMjYwMzI2MjIwMTQzWjAzMTEwLwYDVQQD
EyhiMGRkN2QwMGI3MDA3MWM5YzNkM2Y4YTFhNzZjMDJkMTQyMGM0MWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2nLipS6ylbpPGcdTaiP+HsNGLvc2
qKc5OxlhW3gbDOlcOazAWV/n6MXG7G/IaSHe3byeU+K/eTTv0G6Ba7alU1J3nkeh
+VTXx7+WDIeIwecpda5ffNpC6xYpkp+Kag8bob40hC9XppzouV/hMz/7ixkFwGtT
4IWuBDfVTwOOZ8j3QjxyxZ6JIoIaRyxeQDxvTmoniAHFOj8dyzgyNj+FZfPkFwo7
Dy5baYl3CAG3MhD4eqSAbq0q7PCTj90z5JG095RUDmDptubjWn6CEbspyAXyWA7y
ux4tEWjwEQ8RvDVCABYbybf0xPhfrfUEUAUmyn4LDGMVBdffQAMiiFbLDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLDdfQC3AHHJw9P4oadsAtFCDEGmMB8GA1UdIwQY
MBaAFGhtGEBJPu40X4wCrYqn8PD0G6RQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUcwWVFFay03alJmakFLdGlxZnc4UFFicEZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9lNDJlY2YtNzhmZi00YjU4LTg3NjAt
ODI2ZDA1Y2NmZTI1LzEvYUcwWVFFay03alJmakFLdGlxZnc4UFFicEZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9lNDJlY2YtNzhmZi00YjU4LTg3NjAtODI2ZDA1Y2NmZTI1
LzEvYUcwWVFFay03alJmakFLdGlxZnc4UFFicEZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX5j9ZRlG
qSGnZajI0PtmvCOzEfXAUy5w+RWGwqNpv8eM6h1jTsb3HeBOUl+t3iHmPJzQXT67
IHc7Rt5YyoFtnjb6opbXJM8njPByEo7rbSzpJYCYnkXuflYhrhzK63Hk2MhbjMuO
JqkQguJeLam1LA4a/Cy62KLPTKyxb4omiOGOwg0DCFSywGdnz11ax9e0yGzx1T55
AfJdSQfYVHRqDGOL56JL9+sKDjRtUOV40ojCnpQ1DWfl0sa9Vj8t1lVLEia337OP
oVsZlOwaGAPR6/a5eW0fhZt9nR3uyW1oAxjd/RXGd+uok+ISRc9TVghKjU3O7Aa6
yDjIeiRpbYlrhQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 07:53:44 2026 by rpki-client