Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.mft
File: aPYGg7N3JXQn279uzjXixYWjsB0.mft (raw, json)
Hash identifier: eyjlNBjnyxhyfEQ2GJ+KInizJ4wjhdjDZxymrCfkZnc=
Subject key identifier: A1:A1:40:F7:85:29:6F:98:C6:3E:DF:BB:7C:8F:90:3E:3D:63:52:4D
Authority key identifier: 68:F6:06:83:B3:77:25:74:27:DB:BF:6E:CE:35:E2:C5:85:A3:B0:1D
Certificate issuer: /CN=68f60683b377257427dbbf6ece35e2c585a3b01d
Certificate serial: 019D27A87B95B73A967D2FCB4912A8D875E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aPYGg7N3JXQn279uzjXixYWjsB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.mft
Manifest number: 1887
Signing time: Thu 26 Mar 2026 01:00:46 +0000
Manifest this update: Thu 26 Mar 2026 01:00:46 +0000
Manifest next update: Fri 27 Mar 2026 01:00:46 +0000
Files and hashes: 1: aPYGg7N3JXQn279uzjXixYWjsB0.crl (hash: TFMgbVDveHBcxC0ux+WZsutG682+8C/iC/e99EOnwxI=)
2: eJ3f1i44Rqh5dEICPulbHl4WkkI.roa (hash: kZed20xL2+OJp4rVcGTuqnAX+7hPge7JicJ6LEk/ItE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/aPYGg7N3JXQn279uzjXixYWjsB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:a8:7b:95:b7:3a:96:7d:2f:cb:49:12:a8:d8:75:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68f60683b377257427dbbf6ece35e2c585a3b01d
Validity
Not Before: Mar 26 01:00:46 2026 GMT
Not After : Mar 27 01:00:46 2026 GMT
Subject: CN=a1a140f785296f98c63edfbb7c8f903e3d63524d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:8f:d3:64:cb:5f:ab:2b:71:92:d1:87:97:ca:
c4:10:17:3b:ef:9c:3e:2c:e5:0b:4b:06:f1:47:59:
70:89:a4:37:a4:d7:76:5c:bc:f2:2f:cf:2f:38:72:
f9:60:6c:e6:ac:e9:e4:2e:10:5b:17:60:2c:b2:07:
b5:e4:b1:7d:85:8a:ef:02:71:98:dc:eb:52:7e:1c:
8c:ce:e9:74:6b:0e:f5:69:bd:cf:8c:15:78:71:b1:
f8:1b:49:80:19:8c:90:75:9e:fd:e1:c1:b5:49:38:
21:87:97:b9:bf:0f:fc:59:5d:3a:3b:40:24:1b:65:
a7:cf:2b:25:ae:7d:de:ec:76:3a:22:d4:e2:55:ce:
a3:cc:23:cd:4b:27:81:8e:ee:55:d5:5d:98:a9:dc:
ca:04:13:1f:37:1a:83:0c:e4:31:25:1f:60:aa:7c:
19:95:6a:80:47:bf:30:79:84:7c:dd:88:2a:55:37:
74:73:69:07:2a:a4:82:f7:f1:30:d9:a8:3c:1f:a1:
4c:73:26:c5:db:62:79:d1:ff:b1:aa:ee:0c:72:b0:
80:1c:2a:bf:3a:82:10:a8:8c:96:fb:f5:c0:a8:cd:
1f:53:6f:5c:bb:82:bd:28:17:c7:20:72:42:49:56:
f9:0e:fe:4d:00:44:25:c6:1d:1c:7b:36:95:95:94:
87:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:A1:40:F7:85:29:6F:98:C6:3E:DF:BB:7C:8F:90:3E:3D:63:52:4D
X509v3 Authority Key Identifier:
keyid:68:F6:06:83:B3:77:25:74:27:DB:BF:6E:CE:35:E2:C5:85:A3:B0:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aPYGg7N3JXQn279uzjXixYWjsB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
10:30:93:e5:ef:da:57:58:fc:41:63:8f:64:12:ab:9f:bd:db:
45:62:34:c7:f4:55:f2:f5:bd:77:94:3c:f6:01:3b:08:7f:7f:
58:05:2e:bf:b3:67:4d:00:c6:66:21:a0:00:52:94:3b:19:d8:
e9:11:53:73:9c:2f:bf:d8:2e:7f:bf:db:1e:07:42:65:38:e6:
b1:ab:b9:47:77:74:07:36:c6:69:9f:5c:e6:04:bd:e8:ba:e6:
9c:fb:df:ed:7f:da:85:5d:da:f9:f2:09:70:07:8c:0e:24:74:
a9:11:3f:75:df:b7:e1:15:c9:47:93:15:d9:e1:69:97:a7:8f:
45:f5:23:83:8b:e5:99:ae:e9:c8:35:17:49:4f:83:2f:8d:f9:
7a:0c:a9:1f:86:62:0c:7a:02:cf:0e:8e:a1:16:03:ae:91:97:
c4:c4:6a:fd:fd:60:ee:67:19:fd:d1:c6:0c:a0:27:6b:d0:fd:
55:70:8f:98:4b:85:7f:8f:71:00:6e:2f:b6:0e:cf:b7:40:4e:
06:70:8a:40:01:2e:2b:48:03:a8:05:2f:83:83:f3:ed:7d:e6:
63:83:de:8a:be:6c:33:11:22:a2:20:a3:d4:9b:da:b7:e8:7e:
17:c8:da:34:c5:fc:df:eb:86:95:28:10:fa:e6:b1:81:9f:b1:
86:3b:0c:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nqHuVtzqWfS/LSRKo2HXhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZjYwNjgzYjM3NzI1NzQyN2RiYmY2ZWNlMzVlMmM1ODVh
M2IwMWQwHhcNMjYwMzI2MDEwMDQ2WhcNMjYwMzI3MDEwMDQ2WjAzMTEwLwYDVQQD
EyhhMWExNDBmNzg1Mjk2Zjk4YzYzZWRmYmI3YzhmOTAzZTNkNjM1MjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsI/TZMtfqytxktGHl8rEEBc775w+
LOULSwbxR1lwiaQ3pNd2XLzyL88vOHL5YGzmrOnkLhBbF2Assge15LF9hYrvAnGY
3OtSfhyMzul0aw71ab3PjBV4cbH4G0mAGYyQdZ794cG1STghh5e5vw/8WV06O0Ak
G2Wnzyslrn3e7HY6ItTiVc6jzCPNSyeBju5V1V2YqdzKBBMfNxqDDOQxJR9gqnwZ
lWqAR78weYR83YgqVTd0c2kHKqSC9/Ew2ag8H6FMcybF22J50f+xqu4McrCAHCq/
OoIQqIyW+/XAqM0fU29cu4K9KBfHIHJCSVb5Dv5NAEQlxh0cezaVlZSHOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKGhQPeFKW+Yxj7fu3yPkD49Y1JNMB8GA1UdIwQY
MBaAFGj2BoOzdyV0J9u/bs414sWFo7AdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVBZR2c3TjNKWFFuMjc5dXpqWGl4WVdqc0IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8yZWI5NjktODYzYS00NjJkLTlmOWQt
MzU0NzQwMzZhOWQ3LzEvYVBZR2c3TjNKWFFuMjc5dXpqWGl4WVdqc0IwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi8yZWI5NjktODYzYS00NjJkLTlmOWQtMzU0NzQwMzZhOWQ3
LzEvYVBZR2c3TjNKWFFuMjc5dXpqWGl4WVdqc0IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEDCT5e/a
V1j8QWOPZBKrn73bRWI0x/RV8vW9d5Q89gE7CH9/WAUuv7NnTQDGZiGgAFKUOxnY
6RFTc5wvv9guf7/bHgdCZTjmsau5R3d0BzbGaZ9c5gS96LrmnPvf7X/ahV3a+fIJ
cAeMDiR0qRE/dd+34RXJR5MV2eFpl6ePRfUjg4vlma7pyDUXSU+DL435egypH4Zi
DHoCzw6OoRYDrpGXxMRq/f1g7mcZ/dHGDKAna9D9VXCPmEuFf49xAG4vtg7Pt0BO
BnCKQAEuK0gDqAUvg4Pz7X3mY4Peir5sMxEioiCj1Jvat+h+F8jaNMX83+uGlSgQ
+uaxgZ+xhjsMvw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 07:01:37 2026 by rpki-client