Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft
File: aLw5QAVdFXTyY7X5arCQDGu0xfk.mft (raw, json)
Hash identifier: LDUNmLix8trb10RqXRQH0fptE3v/DGQWraNrof8NUB8=
Subject key identifier: 70:DB:C1:1B:EB:E5:49:96:5D:E7:FE:85:8D:62:84:A4:3F:CC:7B:FE
Authority key identifier: 68:BC:39:40:05:5D:15:74:F2:63:B5:F9:6A:B0:90:0C:6B:B4:C5:F9
Certificate issuer: /CN=68bc3940055d1574f263b5f96ab0900c6bb4c5f9
Certificate serial: 019E1E3556D02082E5690C9BE2C5BD331661
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft
Manifest number: 0672
Signing time: Tue 12 May 2026 22:01:12 +0000
Manifest this update: Tue 12 May 2026 22:01:12 +0000
Manifest next update: Wed 13 May 2026 22:01:12 +0000
Files and hashes: 1: BcT1YlHw7D1Dk2z_LIFmn3rThJY.roa (hash: Eovd3kGKSBHE8soZjKT4R8yDeoxnP/onLhr4NTs+e6o=)
2: aLw5QAVdFXTyY7X5arCQDGu0xfk.crl (hash: sGbeOg/OaViludXiNxCJSBC0rO1IgelH29P2czdjBT0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft
rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 22:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1e:35:56:d0:20:82:e5:69:0c:9b:e2:c5:bd:33:16:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68bc3940055d1574f263b5f96ab0900c6bb4c5f9
Validity
Not Before: May 12 22:01:12 2026 GMT
Not After : May 13 22:01:12 2026 GMT
Subject: CN=70dbc11bebe549965de7fe858d6284a43fcc7bfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d1:6d:45:50:fd:af:54:23:1c:b3:fa:b5:ad:
4b:a4:88:eb:fc:97:a2:e9:c3:0b:d4:56:bd:e9:f4:
ec:b1:22:61:d4:7a:51:c2:e4:72:a6:db:8e:ee:86:
70:d6:ad:3f:28:da:47:77:d0:43:da:c8:2d:df:2a:
63:b9:5c:3a:1f:8d:ae:8d:1c:96:d3:6e:fe:91:06:
32:00:65:1b:ca:05:e9:86:f6:ae:dd:1f:29:16:18:
19:f2:88:a5:37:ae:03:e4:e3:38:6e:df:77:45:0c:
39:2f:ba:af:91:33:a1:a7:16:5f:51:67:17:91:fc:
dd:05:0b:05:db:c1:bb:6a:4f:b2:7a:50:72:00:6e:
a1:d2:2c:ac:2a:2d:4e:c3:e2:85:a9:7c:b2:f9:cc:
4d:7a:fc:15:f6:9c:0f:a8:46:f9:5b:da:a7:2a:ce:
c8:43:fe:f1:b9:da:b0:90:e1:07:2f:52:d7:22:5c:
31:66:6f:1f:cd:54:bb:28:c2:b3:6e:80:62:ac:13:
fd:2f:1e:fe:42:dc:78:63:3b:e3:33:03:63:03:6c:
78:9a:c5:18:1e:ab:f9:ae:67:c6:e6:9d:86:3f:2d:
28:f2:8b:ad:59:44:69:2a:73:11:56:bd:54:a3:ff:
49:99:31:ac:58:90:24:42:cb:ea:29:06:b5:c1:4b:
a9:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:DB:C1:1B:EB:E5:49:96:5D:E7:FE:85:8D:62:84:A4:3F:CC:7B:FE
X509v3 Authority Key Identifier:
keyid:68:BC:39:40:05:5D:15:74:F2:63:B5:F9:6A:B0:90:0C:6B:B4:C5:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
16:7e:77:c3:a5:5e:38:bd:35:52:e9:79:58:11:8f:ec:7b:51:
b2:1e:70:4b:4e:b7:7f:a4:a7:82:35:7f:03:92:a8:a4:49:82:
b7:1e:e0:5c:4b:8a:3c:d7:96:53:d1:9b:39:dc:12:70:bc:ab:
30:61:f1:c1:47:25:2a:1d:46:25:6f:1d:68:10:99:1d:6e:e3:
be:64:5c:58:7f:55:d0:94:dd:17:c1:c3:25:b6:5e:21:97:61:
4c:f4:6f:df:00:30:c5:c8:57:7b:67:81:77:db:80:c4:76:d2:
85:f8:c4:4c:f8:49:fe:1c:b9:7f:ef:0f:77:e0:58:44:36:d6:
91:bb:b8:47:7b:7f:c0:1b:ba:4c:aa:9d:ce:75:9a:e7:e3:a5:
c5:28:5f:de:ac:61:3a:fe:c9:3c:f1:97:42:c4:e0:68:24:7b:
70:1b:cb:7b:67:17:e4:ef:01:d5:4d:7d:58:83:12:03:ae:69:
be:c8:cf:50:2b:44:66:3c:6b:26:85:4b:b2:0e:1a:c7:27:7a:
24:19:ac:d4:22:ad:58:14:8b:84:80:ba:be:54:61:90:80:41:
0d:9f:97:6b:59:52:db:ae:85:e8:d9:95:e3:a8:14:74:b1:f9:
c9:00:ae:a9:fd:dc:63:cc:b6:d7:93:b9:8d:7d:b8:74:22:76:
b9:78:cb:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4eNVbQIILlaQyb4sW9MxZhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YmMzOTQwMDU1ZDE1NzRmMjYzYjVmOTZhYjA5MDBjNmJi
NGM1ZjkwHhcNMjYwNTEyMjIwMTEyWhcNMjYwNTEzMjIwMTEyWjAzMTEwLwYDVQQD
Eyg3MGRiYzExYmViZTU0OTk2NWRlN2ZlODU4ZDYyODRhNDNmY2M3YmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttFtRVD9r1QjHLP6ta1LpIjr/Jei
6cML1Fa96fTssSJh1HpRwuRyptuO7oZw1q0/KNpHd9BD2sgt3ypjuVw6H42ujRyW
027+kQYyAGUbygXphvau3R8pFhgZ8oilN64D5OM4bt93RQw5L7qvkTOhpxZfUWcX
kfzdBQsF28G7ak+yelByAG6h0iysKi1Ow+KFqXyy+cxNevwV9pwPqEb5W9qnKs7I
Q/7xudqwkOEHL1LXIlwxZm8fzVS7KMKzboBirBP9Lx7+Qtx4YzvjMwNjA2x4msUY
Hqv5rmfG5p2GPy0o8outWURpKnMRVr1Uo/9JmTGsWJAkQsvqKQa1wUupyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHDbwRvr5UmWXef+hY1ihKQ/zHv+MB8GA1UdIwQY
MBaAFGi8OUAFXRV08mO1+WqwkAxrtMX5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9kMDJiMzItOTY3ZC00NzUxLTgyZDMt
MTIxYTE0YTlhNDBlLzEvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9kMDJiMzItOTY3ZC00NzUxLTgyZDMtMTIxYTE0YTlhNDBl
LzEvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFn53w6Ve
OL01Uul5WBGP7HtRsh5wS063f6SngjV/A5KopEmCtx7gXEuKPNeWU9GbOdwScLyr
MGHxwUclKh1GJW8daBCZHW7jvmRcWH9V0JTdF8HDJbZeIZdhTPRv3wAwxchXe2eB
d9uAxHbShfjETPhJ/hy5f+8Pd+BYRDbWkbu4R3t/wBu6TKqdznWa5+OlxShf3qxh
Ov7JPPGXQsTgaCR7cBvLe2cX5O8B1U19WIMSA65pvsjPUCtEZjxrJoVLsg4axyd6
JBms1CKtWBSLhIC6vlRhkIBBDZ+Xa1lS266F6NmV46gUdLH5yQCuqf3cY8y215O5
jX24dCJ2uXjLSQ==
-----END CERTIFICATE-----
Generated at Wed May 13 07:19:36 2026 by rpki-client