Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
File: aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft (raw, json)
Hash identifier: v2FkeB3kedOR7qyKnhJyHPYfMOdod2Z0QS9HS0Pb940=
Subject key identifier: 66:B4:87:6A:96:3C:2C:E1:A6:69:E3:5C:5B:67:7B:4D:3A:3F:8A:18
Authority key identifier: 68:A8:E9:3D:3F:59:0F:44:50:D1:DB:3C:20:74:59:82:44:35:3E:93
Certificate issuer: /CN=68a8e93d3f590f4450d1db3c2074598244353e93
Certificate serial: 019D27046F8F1A2A1D6FF241D58D3253B99C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
Manifest number: 1892
Signing time: Wed 25 Mar 2026 22:01:35 +0000
Manifest this update: Wed 25 Mar 2026 22:01:35 +0000
Manifest next update: Thu 26 Mar 2026 22:01:35 +0000
Files and hashes: 1: aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl (hash: xD4hK+Q2IErcy1aDjJ2qMLmfXlGvejvo18SKOHV/s5Y=)
2: bKFR-ExETl9kc_NczqQy1RxK9rs.roa (hash: plcIB/DfvBpq4QLItxVjsjUSKb2BA3Zq8rL1ma4T6FY=)
3: pRSgM7v51dj4_nnKyTIe5vKbqck.roa (hash: zoPAj53DpixsBYDFs95Rz1APyotRYxKBCaNS8cQmVuY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 22:01:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:04:6f:8f:1a:2a:1d:6f:f2:41:d5:8d:32:53:b9:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68a8e93d3f590f4450d1db3c2074598244353e93
Validity
Not Before: Mar 25 22:01:35 2026 GMT
Not After : Mar 26 22:01:35 2026 GMT
Subject: CN=66b4876a963c2ce1a669e35c5b677b4d3a3f8a18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:bc:6c:a5:ed:c8:1e:7c:83:e9:e5:08:c6:93:
20:7c:0a:4c:4b:2b:a7:0f:80:09:33:f7:23:3f:b7:
b3:17:72:c1:a5:a0:c6:ea:b9:01:33:95:d6:bb:50:
99:d9:5c:f5:ed:4a:5f:3e:c6:de:37:d1:5a:17:bf:
98:f8:08:25:c5:d6:e6:1b:38:05:02:78:88:41:01:
71:88:2b:b2:4d:20:d8:4e:24:e7:5e:49:74:e4:e8:
2e:9b:5a:08:ea:ec:41:e2:85:65:89:d9:01:e2:18:
bc:67:08:f0:aa:95:78:9e:b2:2b:1e:46:ce:09:82:
69:b2:0a:14:90:04:5b:0b:45:5a:23:b2:ee:64:75:
c8:dd:5f:ac:42:70:68:e0:11:1b:39:eb:ff:57:2f:
a0:92:d2:ab:99:76:c4:3f:27:36:21:53:de:9b:d3:
08:94:f7:b2:73:03:8c:7a:1b:55:fe:5e:91:93:fb:
0e:a0:70:8c:50:ca:e8:0f:c1:29:9f:04:92:4e:48:
81:b3:8c:3d:76:9f:b2:88:00:54:38:bf:22:6e:dc:
6c:a6:fd:a9:bf:da:23:4c:7b:52:61:a6:23:17:2f:
31:1d:55:3c:89:63:92:b2:21:99:46:22:ab:9c:a4:
99:5b:02:e0:5a:8f:3a:cd:75:1b:22:60:78:7b:02:
0f:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:B4:87:6A:96:3C:2C:E1:A6:69:E3:5C:5B:67:7B:4D:3A:3F:8A:18
X509v3 Authority Key Identifier:
keyid:68:A8:E9:3D:3F:59:0F:44:50:D1:DB:3C:20:74:59:82:44:35:3E:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0e:c0:1b:30:ff:e8:1c:76:d6:d2:ad:67:88:77:cc:31:7d:45:
4c:18:40:4a:64:75:6c:46:01:80:49:b9:0c:08:e3:95:0c:10:
43:0b:8b:81:31:4e:db:35:5f:ce:4d:ca:f3:bb:8d:39:c3:dd:
92:9c:f8:e0:5a:ca:c1:21:60:e2:2d:e3:93:d0:e8:d6:37:31:
44:51:c1:a9:42:ef:89:65:b8:37:70:4a:c9:39:d8:28:ad:6d:
79:64:d4:80:85:64:25:94:f4:ca:29:4c:9e:b2:69:43:32:22:
40:55:06:c1:29:c9:c6:09:e0:74:b1:30:8b:2e:78:d2:18:d9:
22:ca:6d:42:c4:32:ef:62:25:b7:10:db:59:a7:41:e9:9a:f4:
a2:22:c7:74:68:32:2c:40:c3:c3:6b:59:17:fe:0a:5e:d7:09:
73:61:b0:a8:41:82:32:87:18:33:7e:bd:1c:f3:50:3e:3b:21:
bb:60:e0:0b:3f:11:5b:2d:40:2d:78:16:a8:d0:4e:49:1c:3d:
d9:dd:3c:aa:6d:7e:e9:4c:66:9d:ff:53:a4:ca:0c:be:8f:3e:
99:b3:a3:f3:8d:87:77:f0:1f:ce:f5:9a:14:4c:45:3f:ff:f8:
0d:8e:ee:16:bd:da:67:ec:90:b3:50:a4:51:42:95:cb:b0:55:
54:cd:9d:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBG+PGiodb/JB1Y0yU7mcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YThlOTNkM2Y1OTBmNDQ1MGQxZGIzYzIwNzQ1OTgyNDQz
NTNlOTMwHhcNMjYwMzI1MjIwMTM1WhcNMjYwMzI2MjIwMTM1WjAzMTEwLwYDVQQD
Eyg2NmI0ODc2YTk2M2MyY2UxYTY2OWUzNWM1YjY3N2I0ZDNhM2Y4YTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAybxspe3IHnyD6eUIxpMgfApMSyun
D4AJM/cjP7ezF3LBpaDG6rkBM5XWu1CZ2Vz17UpfPsbeN9FaF7+Y+AglxdbmGzgF
AniIQQFxiCuyTSDYTiTnXkl05Ogum1oI6uxB4oVlidkB4hi8ZwjwqpV4nrIrHkbO
CYJpsgoUkARbC0VaI7LuZHXI3V+sQnBo4BEbOev/Vy+gktKrmXbEPyc2IVPem9MI
lPeycwOMehtV/l6Rk/sOoHCMUMroD8EpnwSSTkiBs4w9dp+yiABUOL8ibtxspv2p
v9ojTHtSYaYjFy8xHVU8iWOSsiGZRiKrnKSZWwLgWo86zXUbImB4ewIPEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGa0h2qWPCzhpmnjXFtne006P4oYMB8GA1UdIwQY
MBaAFGio6T0/WQ9EUNHbPCB0WYJENT6TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9iYjNiMjktODFlNS00NWEyLTgxZWMt
MjVkZDRjYmIzNjk4LzEvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9iYjNiMjktODFlNS00NWEyLTgxZWMtMjVkZDRjYmIzNjk4
LzEvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADsAbMP/o
HHbW0q1niHfMMX1FTBhASmR1bEYBgEm5DAjjlQwQQwuLgTFO2zVfzk3K87uNOcPd
kpz44FrKwSFg4i3jk9Do1jcxRFHBqULviWW4N3BKyTnYKK1teWTUgIVkJZT0yilM
nrJpQzIiQFUGwSnJxgngdLEwiy540hjZIsptQsQy72IltxDbWadB6Zr0oiLHdGgy
LEDDw2tZF/4KXtcJc2GwqEGCMocYM369HPNQPjshu2DgCz8RWy1ALXgWqNBOSRw9
2d08qm1+6Uxmnf9TpMoMvo8+mbOj842Hd/AfzvWaFExFP//4DY7uFr3aZ+yQs1Ck
UUKVy7BVVM2dcA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:54:22 2026 by rpki-client