Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.mft
File: aOlYF0Bglex8tceyhrETM0l7lFE.mft (raw, json)
Hash identifier: qy9VcOW9Xmu2hu01XIvOES5nK6LVDpGw/ti68X27iUU=
Subject key identifier: 21:08:AA:45:53:59:DC:42:0A:3F:5E:F5:D3:9D:8D:6C:E3:E7:FA:65
Authority key identifier: 68:E9:58:17:40:60:95:EC:7C:B5:C7:B2:86:B1:13:33:49:7B:94:51
Certificate issuer: /CN=68e95817406095ec7cb5c7b286b11333497b9451
Certificate serial: 019D284DF3382CF6419A8C1E7CD1CB5FDE6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aOlYF0Bglex8tceyhrETM0l7lFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.mft
Manifest number: 0A93
Signing time: Thu 26 Mar 2026 04:01:30 +0000
Manifest this update: Thu 26 Mar 2026 04:01:30 +0000
Manifest next update: Fri 27 Mar 2026 04:01:30 +0000
Files and hashes: 1: MCQJgOH0F61zyqort3aDkrCqcME.roa (hash: dFlLGTPXyNVZq9IJXBt9j7cJ/cyhu9qP1civtpo4hwY=)
2: aOlYF0Bglex8tceyhrETM0l7lFE.crl (hash: Rgv8GL0tseb+alblyMW0gf2NsQ2gAaCv5Akrpt1Kt3A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.mft
rsync://rpki.ripe.net/repository/DEFAULT/aOlYF0Bglex8tceyhrETM0l7lFE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 04:01:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:4d:f3:38:2c:f6:41:9a:8c:1e:7c:d1:cb:5f:de:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68e95817406095ec7cb5c7b286b11333497b9451
Validity
Not Before: Mar 26 04:01:30 2026 GMT
Not After : Mar 27 04:01:30 2026 GMT
Subject: CN=2108aa455359dc420a3f5ef5d39d8d6ce3e7fa65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:31:d3:30:ee:1e:c1:01:ae:98:44:54:13:41:
1a:af:8d:a7:9d:73:41:c4:4e:45:17:13:cb:2b:45:
3d:23:8a:81:2c:93:27:be:ec:24:da:60:21:c1:3e:
ca:9d:7a:6f:1a:5f:a9:7c:c1:2d:06:d6:74:2f:08:
ea:b1:a5:41:c4:83:c7:3b:d4:48:5c:28:8f:25:d9:
1e:2a:c5:10:c8:74:59:cc:3d:ff:8d:76:ec:42:14:
fb:d6:9b:5b:ed:27:45:fe:ac:00:17:72:ab:fe:22:
64:0b:58:c0:ba:66:94:29:b1:8d:cf:ce:e2:0a:84:
cd:c1:a6:be:4a:47:9f:5e:71:6b:63:66:6e:1a:26:
02:bc:39:33:25:ba:dc:46:d1:ff:5e:52:6a:61:8b:
19:60:d5:db:7d:7c:2f:8b:c1:dc:ba:d6:a0:67:07:
23:f6:95:34:46:67:86:40:94:75:89:48:4a:0f:ed:
2a:74:e6:2f:17:88:6a:46:11:5f:fb:89:45:d7:19:
dd:8d:d5:53:12:a8:03:48:b7:31:49:5a:a6:ff:78:
39:43:4b:76:1d:90:dc:9e:78:b5:93:21:d0:ff:8d:
9a:24:00:1e:06:1a:ae:0b:5b:92:a3:86:3e:75:f5:
72:04:7e:7c:af:10:5c:e9:56:7d:52:bb:85:38:58:
5b:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:08:AA:45:53:59:DC:42:0A:3F:5E:F5:D3:9D:8D:6C:E3:E7:FA:65
X509v3 Authority Key Identifier:
keyid:68:E9:58:17:40:60:95:EC:7C:B5:C7:B2:86:B1:13:33:49:7B:94:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aOlYF0Bglex8tceyhrETM0l7lFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5b:4c:e1:aa:c7:d5:7e:01:a2:30:eb:67:af:ca:05:5e:14:f0:
f4:0a:95:3e:37:ae:bd:e7:5a:76:0b:99:43:f4:f5:a4:ba:b9:
95:a1:2d:8a:5f:63:7d:51:8e:51:56:8d:75:e6:8e:ea:a7:7f:
0a:98:aa:40:1b:73:8c:6f:21:9d:fe:cc:12:84:8d:d6:e0:1d:
d3:08:ff:7e:4c:7d:15:50:c6:50:55:4c:75:af:19:5d:c7:d1:
64:bc:07:cf:7a:85:8b:28:1c:d7:96:3c:a7:f1:5d:95:88:1f:
ff:ac:0d:a2:bf:b1:5c:85:d5:8a:a9:c2:24:fe:c0:18:e3:f3:
91:9f:1b:c7:85:c6:e1:f0:4b:1d:b7:2b:9a:d7:3a:38:2a:24:
b0:93:1d:88:3b:62:dc:4d:c9:55:81:df:e4:52:ce:ba:86:41:
a5:d6:85:50:44:ed:1e:a1:74:4f:06:47:44:81:81:7c:41:64:
85:a8:a4:05:d9:63:6f:95:db:1b:ef:cd:78:d4:f7:01:0e:b9:
3b:c6:6d:33:9d:62:66:60:14:a1:46:9b:2d:e0:a0:94:d3:13:
6c:8a:e3:85:2b:8d:03:21:55:72:b4:3a:5d:90:6f:79:0c:50:
76:6f:2e:41:fc:0e:f3:93:7b:44:c1:14:c1:2c:99:63:f5:68:
89:fb:74:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oTfM4LPZBmowefNHLX95tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZTk1ODE3NDA2MDk1ZWM3Y2I1YzdiMjg2YjExMzMzNDk3
Yjk0NTEwHhcNMjYwMzI2MDQwMTMwWhcNMjYwMzI3MDQwMTMwWjAzMTEwLwYDVQQD
EygyMTA4YWE0NTUzNTlkYzQyMGEzZjVlZjVkMzlkOGQ2Y2UzZTdmYTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjHTMO4ewQGumERUE0Ear42nnXNB
xE5FFxPLK0U9I4qBLJMnvuwk2mAhwT7KnXpvGl+pfMEtBtZ0LwjqsaVBxIPHO9RI
XCiPJdkeKsUQyHRZzD3/jXbsQhT71ptb7SdF/qwAF3Kr/iJkC1jAumaUKbGNz87i
CoTNwaa+SkefXnFrY2ZuGiYCvDkzJbrcRtH/XlJqYYsZYNXbfXwvi8HcutagZwcj
9pU0RmeGQJR1iUhKD+0qdOYvF4hqRhFf+4lF1xndjdVTEqgDSLcxSVqm/3g5Q0t2
HZDcnni1kyHQ/42aJAAeBhquC1uSo4Y+dfVyBH58rxBc6VZ9UruFOFhbVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCEIqkVTWdxCCj9e9dOdjWzj5/plMB8GA1UdIwQY
MBaAFGjpWBdAYJXsfLXHsoaxEzNJe5RRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU9sWUYwQmdsZXg4dGNleWhyRVRNMGw3bEZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy80YTVkNzEtZTExZC00ZDMyLWI1OTct
MDE5ZWM5ZDlhNzU4LzEvYU9sWUYwQmdsZXg4dGNleWhyRVRNMGw3bEZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy80YTVkNzEtZTExZC00ZDMyLWI1OTctMDE5ZWM5ZDlhNzU4
LzEvYU9sWUYwQmdsZXg4dGNleWhyRVRNMGw3bEZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW0zhqsfV
fgGiMOtnr8oFXhTw9AqVPjeuvedadguZQ/T1pLq5laEtil9jfVGOUVaNdeaO6qd/
CpiqQBtzjG8hnf7MEoSN1uAd0wj/fkx9FVDGUFVMda8ZXcfRZLwHz3qFiygc15Y8
p/FdlYgf/6wNor+xXIXViqnCJP7AGOPzkZ8bx4XG4fBLHbcrmtc6OCoksJMdiDti
3E3JVYHf5FLOuoZBpdaFUETtHqF0TwZHRIGBfEFkhaikBdljb5XbG+/NeNT3AQ65
O8ZtM51iZmAUoUabLeCglNMTbIrjhSuNAyFVcrQ6XZBveQxQdm8uQfwO85N7RMEU
wSyZY/Voift0zw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 12:58:47 2026 by rpki-client