Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/56f2a3-7eb7-4513-9f55-677871a03355/1/rAiBXoxlA2AfJUyrNxvsRxvX6qY.mft
File: rAiBXoxlA2AfJUyrNxvsRxvX6qY.mft (raw, json)
Hash identifier: 1rimQ41GBSZNIwvUeERzjVkI1R/0Q/ukOWXxYN3b3QE=
Subject key identifier: 3B:14:E5:0C:58:F5:1E:7A:42:87:C9:8F:D1:46:8B:DB:2A:C3:A1:59
Authority key identifier: AC:08:81:5E:8C:65:03:60:1F:25:4C:AB:37:1B:EC:47:1B:D7:EA:A6
Certificate issuer: /CN=ac08815e8c6503601f254cab371bec471bd7eaa6
Certificate serial: 019D2696372B052E9296B260E8EDFE0F8A0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rAiBXoxlA2AfJUyrNxvsRxvX6qY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/56f2a3-7eb7-4513-9f55-677871a03355/1/rAiBXoxlA2AfJUyrNxvsRxvX6qY.mft
Manifest number: 0C95
Signing time: Wed 25 Mar 2026 20:01:11 +0000
Manifest this update: Wed 25 Mar 2026 20:01:11 +0000
Manifest next update: Thu 26 Mar 2026 20:01:11 +0000
Files and hashes: 1: 24WxHxaeAmm5E1Q3Id3rg_qvvPY.roa (hash: cVrKb1vSqi82yPVZCgvu5xU3xXbeXHexmU9eyiwbU3E=)
2: rAiBXoxlA2AfJUyrNxvsRxvX6qY.crl (hash: 2C/lelTrurYDdZ79l2VuT4MemHWPEX1I45adZoI6GLM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/56f2a3-7eb7-4513-9f55-677871a03355/1/rAiBXoxlA2AfJUyrNxvsRxvX6qY.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/56f2a3-7eb7-4513-9f55-677871a03355/1/rAiBXoxlA2AfJUyrNxvsRxvX6qY.mft
rsync://rpki.ripe.net/repository/DEFAULT/rAiBXoxlA2AfJUyrNxvsRxvX6qY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 20:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:96:37:2b:05:2e:92:96:b2:60:e8:ed:fe:0f:8a:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac08815e8c6503601f254cab371bec471bd7eaa6
Validity
Not Before: Mar 25 20:01:11 2026 GMT
Not After : Mar 26 20:01:11 2026 GMT
Subject: CN=3b14e50c58f51e7a4287c98fd1468bdb2ac3a159
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ca:22:07:a3:b6:e3:03:30:f8:1f:1d:84:3f:
97:1d:65:b0:4f:42:e9:db:32:c4:e7:5a:41:5b:e3:
83:6e:90:d8:80:4b:07:0c:cc:09:96:f9:78:30:7d:
4e:2a:51:7f:76:65:ec:c6:d4:58:94:6b:d0:73:22:
e7:c5:28:96:4c:3e:b4:d9:94:6a:a8:6f:d2:cb:21:
53:79:ce:ca:d4:a7:30:72:2b:1c:67:77:b3:34:20:
38:08:d6:a1:e1:44:cd:85:10:87:6d:d2:de:c8:22:
ea:ae:a9:4a:54:39:c7:1c:fc:91:fa:99:b0:46:5e:
28:6b:ab:90:56:a0:17:59:07:4e:79:41:d2:c9:f2:
6f:8a:f4:43:42:fc:75:59:4f:73:3d:c4:9d:ea:4c:
fb:22:cd:2e:c3:a1:9e:d4:0c:9a:57:9d:f7:76:40:
7b:bc:70:f7:17:5a:66:b8:51:9b:dc:ff:83:56:49:
8e:4a:3f:de:ad:15:1a:68:29:9b:98:7e:0f:a6:40:
cd:c5:dd:8f:0e:16:83:31:61:ac:50:ef:b5:83:c6:
5e:23:a2:ca:da:9a:43:04:a3:36:6a:46:c4:82:67:
83:52:c2:6b:45:5c:0a:2e:d4:62:85:57:30:8a:79:
bc:af:cd:68:22:dd:e8:5f:81:ec:52:b9:a0:93:57:
37:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:14:E5:0C:58:F5:1E:7A:42:87:C9:8F:D1:46:8B:DB:2A:C3:A1:59
X509v3 Authority Key Identifier:
keyid:AC:08:81:5E:8C:65:03:60:1F:25:4C:AB:37:1B:EC:47:1B:D7:EA:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rAiBXoxlA2AfJUyrNxvsRxvX6qY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/56f2a3-7eb7-4513-9f55-677871a03355/1/rAiBXoxlA2AfJUyrNxvsRxvX6qY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/56f2a3-7eb7-4513-9f55-677871a03355/1/rAiBXoxlA2AfJUyrNxvsRxvX6qY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
37:f8:40:06:8f:79:c2:22:a2:b9:1d:f9:79:d4:75:ad:cc:7d:
85:b3:12:f2:e3:b8:1c:67:d3:28:03:11:66:48:00:62:23:f2:
0b:21:64:be:2c:cf:ed:44:92:69:ab:f3:fb:46:96:86:00:1e:
0e:6d:3f:e6:49:4b:a9:0c:6d:4e:28:32:29:61:c3:66:cf:02:
c7:2c:35:ef:17:8c:d1:36:9e:fc:51:83:1f:40:c0:52:7d:43:
dc:e7:32:38:7d:59:0e:ad:9b:3e:d8:81:3d:61:8f:ce:bb:8f:
bf:29:25:33:96:46:3f:38:93:b2:a6:32:fb:97:90:82:c9:95:
d2:15:f0:03:0b:6f:d7:5e:0a:18:ff:18:28:e4:30:3f:ec:0b:
a5:63:a1:b9:ab:64:9e:23:9f:c4:28:d9:d5:a8:22:90:66:b4:
6a:bc:ab:56:d6:c1:f6:03:81:23:7c:f6:21:e6:d4:f5:6b:5d:
80:57:aa:c9:0a:a9:27:f2:b9:f3:37:c8:d6:95:75:91:a6:bc:
90:5b:df:0b:d6:c8:f6:3b:79:65:05:0b:1b:39:be:06:ca:c5:
cd:65:4b:6f:7f:13:48:a6:e9:17:4c:4a:f1:95:46:69:1d:87:
33:58:1a:85:42:8b:3b:72:c6:f4:77:f5:9e:33:05:5e:d3:1d:
90:52:88:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mljcrBS6SlrJg6O3+D4oOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMDg4MTVlOGM2NTAzNjAxZjI1NGNhYjM3MWJlYzQ3MWJk
N2VhYTYwHhcNMjYwMzI1MjAwMTExWhcNMjYwMzI2MjAwMTExWjAzMTEwLwYDVQQD
EygzYjE0ZTUwYzU4ZjUxZTdhNDI4N2M5OGZkMTQ2OGJkYjJhYzNhMTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMoiB6O24wMw+B8dhD+XHWWwT0Lp
2zLE51pBW+ODbpDYgEsHDMwJlvl4MH1OKlF/dmXsxtRYlGvQcyLnxSiWTD602ZRq
qG/SyyFTec7K1KcwciscZ3ezNCA4CNah4UTNhRCHbdLeyCLqrqlKVDnHHPyR+pmw
Rl4oa6uQVqAXWQdOeUHSyfJvivRDQvx1WU9zPcSd6kz7Is0uw6Ge1AyaV533dkB7
vHD3F1pmuFGb3P+DVkmOSj/erRUaaCmbmH4PpkDNxd2PDhaDMWGsUO+1g8ZeI6LK
2ppDBKM2akbEgmeDUsJrRVwKLtRihVcwinm8r81oIt3oX4HsUrmgk1c3BQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDsU5QxY9R56QofJj9FGi9sqw6FZMB8GA1UdIwQY
MBaAFKwIgV6MZQNgHyVMqzcb7Ecb1+qmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckFpQlhveGxBMkFmSlV5ck54dnNSeHZYNnFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC81NmYyYTMtN2ViNy00NTEzLTlmNTUt
Njc3ODcxYTAzMzU1LzEvckFpQlhveGxBMkFmSlV5ck54dnNSeHZYNnFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC81NmYyYTMtN2ViNy00NTEzLTlmNTUtNjc3ODcxYTAzMzU1
LzEvckFpQlhveGxBMkFmSlV5ck54dnNSeHZYNnFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN/hABo95
wiKiuR35edR1rcx9hbMS8uO4HGfTKAMRZkgAYiPyCyFkvizP7USSaavz+0aWhgAe
Dm0/5klLqQxtTigyKWHDZs8Cxyw17xeM0Tae/FGDH0DAUn1D3OcyOH1ZDq2bPtiB
PWGPzruPvyklM5ZGPziTsqYy+5eQgsmV0hXwAwtv114KGP8YKOQwP+wLpWOhuatk
niOfxCjZ1agikGa0aryrVtbB9gOBI3z2IebU9WtdgFeqyQqpJ/K58zfI1pV1kaa8
kFvfC9bI9jt5ZQULGzm+BsrFzWVLb38TSKbpF0xK8ZVGaR2HM1gahUKLO3LG9Hf1
njMFXtMdkFKImw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 05:20:27 2026 by rpki-client