Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/AaVsQu18uWPyhVA87AYG1g0Ks4c.mft
File: AaVsQu18uWPyhVA87AYG1g0Ks4c.mft (raw, json)
Hash identifier: BlJci5Ih/6dR/dC6sqxvNmD+/3u6ThpYzWXMgTc1FAE=
Subject key identifier: B1:DA:3D:A9:AF:F6:8A:28:FD:8D:F9:CA:47:C9:B7:79:43:BB:37:AF
Authority key identifier: 01:A5:6C:42:ED:7C:B9:63:F2:85:50:3C:EC:06:06:D6:0D:0A:B3:87
Certificate issuer: /CN=01a56c42ed7cb963f285503cec0606d60d0ab387
Certificate serial: 019D28BB33CCAFAEFCDA702AD0C29F1CA39D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AaVsQu18uWPyhVA87AYG1g0Ks4c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/AaVsQu18uWPyhVA87AYG1g0Ks4c.mft
Manifest number: 1153
Signing time: Thu 26 Mar 2026 06:00:50 +0000
Manifest this update: Thu 26 Mar 2026 06:00:50 +0000
Manifest next update: Fri 27 Mar 2026 06:00:50 +0000
Files and hashes: 1: AaVsQu18uWPyhVA87AYG1g0Ks4c.crl (hash: qk94q+i7ql5MbYiXuuQjC+nTL4sLL3niHsuig8HrIuo=)
2: NSYoMgdv_GgQV27_GIPye5U9jPQ.roa (hash: 4AlK45WxtVu086BCXSG5HnwL06CQHoIesX5EAX9HMxU=)
3: RQ8JIGxsT6j17dfeEPWw2-YRi2c.roa (hash: qbacCBbHQjk4PtD2GWcsUuyb/kcc9ZQ6pfK2TjjwNeA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/AaVsQu18uWPyhVA87AYG1g0Ks4c.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/AaVsQu18uWPyhVA87AYG1g0Ks4c.mft
rsync://rpki.ripe.net/repository/DEFAULT/AaVsQu18uWPyhVA87AYG1g0Ks4c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:bb:33:cc:af:ae:fc:da:70:2a:d0:c2:9f:1c:a3:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01a56c42ed7cb963f285503cec0606d60d0ab387
Validity
Not Before: Mar 26 06:00:50 2026 GMT
Not After : Mar 27 06:00:50 2026 GMT
Subject: CN=b1da3da9aff68a28fd8df9ca47c9b77943bb37af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a1:b5:11:6f:86:48:04:3d:bd:48:bb:26:9f:
b5:8c:82:c9:71:d9:83:83:10:18:b0:5f:ca:53:c2:
b5:e3:6f:5d:f0:3f:f2:83:25:e5:9f:0d:e8:8c:ee:
da:25:32:57:d4:f2:1f:45:9c:46:1a:ab:fd:50:44:
8d:c0:dd:54:74:74:bf:e5:53:ba:54:60:4d:5c:04:
d0:29:9b:a1:bb:f6:93:10:fe:dc:98:a1:3d:c3:cd:
b9:19:d5:8d:a5:4d:a7:ed:2b:9c:04:61:f3:78:db:
b3:f8:e7:04:a5:0e:66:82:93:01:53:4c:91:36:81:
8e:eb:a5:3e:02:2e:ca:a2:2c:44:7a:dd:36:fa:ae:
0d:e5:4f:29:15:43:16:de:f0:05:eb:73:95:42:00:
8e:7c:70:83:ae:6c:1c:ed:40:8f:9c:6c:69:d2:cc:
56:33:07:40:ed:34:74:69:37:8e:ac:45:51:90:58:
01:b3:14:95:65:1c:1e:89:aa:ff:cb:46:3a:12:20:
f7:9c:c4:93:d6:82:d1:db:6e:5d:d8:12:6c:3c:de:
fb:25:3e:fe:a6:b8:13:4f:c6:c5:43:e5:5a:b7:ac:
63:0d:33:f9:c2:cd:68:a0:26:75:ae:c3:48:4c:61:
60:0f:af:d3:86:b9:00:ca:48:03:77:63:f8:0e:1e:
9c:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:DA:3D:A9:AF:F6:8A:28:FD:8D:F9:CA:47:C9:B7:79:43:BB:37:AF
X509v3 Authority Key Identifier:
keyid:01:A5:6C:42:ED:7C:B9:63:F2:85:50:3C:EC:06:06:D6:0D:0A:B3:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AaVsQu18uWPyhVA87AYG1g0Ks4c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/AaVsQu18uWPyhVA87AYG1g0Ks4c.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/AaVsQu18uWPyhVA87AYG1g0Ks4c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
26:a3:84:3f:d6:6d:ef:e5:27:90:ab:5b:2c:10:9e:7d:79:97:
d2:b7:ca:4f:2d:3f:ac:1e:58:8b:d5:90:f3:59:eb:a0:43:18:
e2:b8:7e:6b:ac:59:60:da:8f:1c:63:a1:9f:60:f4:57:e7:7c:
4b:d3:b5:58:e0:71:28:39:01:4e:57:24:bd:bf:23:7c:b7:9e:
7b:8a:ac:cc:c6:5c:df:00:b1:aa:e1:71:02:dc:c7:f9:71:cc:
c3:e7:12:f3:6a:17:e5:73:da:63:50:b4:ce:2d:41:a6:9d:e4:
8d:fa:25:ac:b0:3b:d1:39:16:c5:59:be:4f:8d:b9:9d:07:64:
d8:93:27:d3:43:9a:0d:40:f7:4a:6a:4f:2b:f7:a0:bf:9c:ce:
27:93:0b:fa:b4:eb:5d:f5:b9:32:c3:b7:16:41:af:6a:bd:20:
07:74:1c:b8:2e:c3:e1:6b:e9:c1:ea:59:ef:73:7c:56:0e:d2:
4e:72:1d:9d:ad:10:35:a6:fd:55:48:a8:60:df:d0:49:41:fa:
95:66:1d:5f:47:9b:13:a5:b1:69:cf:09:00:ae:ce:59:d2:a3:
4e:3a:b9:d8:55:6c:84:d0:64:9e:52:dd:cc:d9:0a:bd:7c:ad:
2d:e3:cc:d2:ec:c1:3f:74:f2:0e:ed:2d:da:59:06:85:f9:38:
12:c7:5d:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ouzPMr6782nAq0MKfHKOdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxYTU2YzQyZWQ3Y2I5NjNmMjg1NTAzY2VjMDYwNmQ2MGQw
YWIzODcwHhcNMjYwMzI2MDYwMDUwWhcNMjYwMzI3MDYwMDUwWjAzMTEwLwYDVQQD
EyhiMWRhM2RhOWFmZjY4YTI4ZmQ4ZGY5Y2E0N2M5Yjc3OTQzYmIzN2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqG1EW+GSAQ9vUi7Jp+1jILJcdmD
gxAYsF/KU8K1429d8D/ygyXlnw3ojO7aJTJX1PIfRZxGGqv9UESNwN1UdHS/5VO6
VGBNXATQKZuhu/aTEP7cmKE9w825GdWNpU2n7SucBGHzeNuz+OcEpQ5mgpMBU0yR
NoGO66U+Ai7KoixEet02+q4N5U8pFUMW3vAF63OVQgCOfHCDrmwc7UCPnGxp0sxW
MwdA7TR0aTeOrEVRkFgBsxSVZRweiar/y0Y6EiD3nMST1oLR225d2BJsPN77JT7+
prgTT8bFQ+Vat6xjDTP5ws1ooCZ1rsNITGFgD6/ThrkAykgDd2P4Dh6cMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLHaPamv9ooo/Y35ykfJt3lDuzevMB8GA1UdIwQY
MBaAFAGlbELtfLlj8oVQPOwGBtYNCrOHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWFWc1F1MTh1V1B5aFZBODdBWUcxZzBLczRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC85OWNmZTUtNGIzNS00OWM3LTlhNzMt
ZWQwN2Y1Y2FkNmQ3LzEvQWFWc1F1MTh1V1B5aFZBODdBWUcxZzBLczRjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC85OWNmZTUtNGIzNS00OWM3LTlhNzMtZWQwN2Y1Y2FkNmQ3
LzEvQWFWc1F1MTh1V1B5aFZBODdBWUcxZzBLczRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJqOEP9Zt
7+UnkKtbLBCefXmX0rfKTy0/rB5Yi9WQ81nroEMY4rh+a6xZYNqPHGOhn2D0V+d8
S9O1WOBxKDkBTlckvb8jfLeee4qszMZc3wCxquFxAtzH+XHMw+cS82oX5XPaY1C0
zi1Bpp3kjfolrLA70TkWxVm+T425nQdk2JMn00OaDUD3SmpPK/egv5zOJ5ML+rTr
XfW5MsO3FkGvar0gB3QcuC7D4WvpwepZ73N8Vg7STnIdna0QNab9VUioYN/QSUH6
lWYdX0ebE6Wxac8JAK7OWdKjTjq52FVshNBknlLdzNkKvXytLePM0uzBP3TyDu0t
2lkGhfk4EsddBQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 10:30:45 2026 by rpki-client