Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/61ae21-8f63-4fd0-a6b5-d57255e25fee/1/aHyL8iKia_HJxmOMw1bSg1UC8tY.mft
File: aHyL8iKia_HJxmOMw1bSg1UC8tY.mft (raw, json)
Hash identifier: 1OdALMOdbu9P0SEt83UsQ29Jd7f7YeXPJrM71D+Xb24=
Subject key identifier: 23:10:A7:F7:DA:CD:5B:92:F0:72:E2:69:FA:75:5E:4C:FA:90:6B:37
Authority key identifier: 68:7C:8B:F2:22:A2:6B:F1:C9:C6:63:8C:C3:56:D2:83:55:02:F2:D6
Certificate issuer: /CN=687c8bf222a26bf1c9c6638cc356d2835502f2d6
Certificate serial: 019D2A050B04C3C5F1F7B91671B23152D6FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aHyL8iKia_HJxmOMw1bSg1UC8tY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/61ae21-8f63-4fd0-a6b5-d57255e25fee/1/aHyL8iKia_HJxmOMw1bSg1UC8tY.mft
Manifest number: 09C8
Signing time: Thu 26 Mar 2026 12:01:06 +0000
Manifest this update: Thu 26 Mar 2026 12:01:06 +0000
Manifest next update: Fri 27 Mar 2026 12:01:06 +0000
Files and hashes: 1: aHyL8iKia_HJxmOMw1bSg1UC8tY.crl (hash: hA6Gb4DrTi1D2lihA+zge893uvk1EICjWTXRMqPGmdI=)
2: aTVTcaHfSKBoGEQhyNKYBwoJu-0.roa (hash: rT/Vj6/a6YnM9d3VVAjTqdJg4CGPx8A6IhEaB6Bvdck=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/61ae21-8f63-4fd0-a6b5-d57255e25fee/1/aHyL8iKia_HJxmOMw1bSg1UC8tY.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/61ae21-8f63-4fd0-a6b5-d57255e25fee/1/aHyL8iKia_HJxmOMw1bSg1UC8tY.mft
rsync://rpki.ripe.net/repository/DEFAULT/aHyL8iKia_HJxmOMw1bSg1UC8tY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:05:0b:04:c3:c5:f1:f7:b9:16:71:b2:31:52:d6:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=687c8bf222a26bf1c9c6638cc356d2835502f2d6
Validity
Not Before: Mar 26 12:01:06 2026 GMT
Not After : Mar 27 12:01:06 2026 GMT
Subject: CN=2310a7f7dacd5b92f072e269fa755e4cfa906b37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:9d:64:0a:ed:49:04:28:1d:0a:ad:7d:40:d2:
fc:f2:90:f9:8d:45:38:46:39:73:66:34:d6:3f:06:
cf:13:5a:c2:c1:4b:c3:83:7e:4b:1b:24:e3:0d:ae:
75:c4:14:cc:dc:ce:71:e2:b9:1c:6d:7b:9b:bf:96:
e9:32:db:ce:69:76:e4:21:ed:24:e2:7d:12:2b:c8:
21:08:50:8d:ac:28:52:a1:de:6f:f8:44:55:2b:d7:
ab:96:27:33:75:fd:c5:e4:7b:bd:9e:3e:f7:16:d3:
ca:cf:f4:ff:42:d3:df:f8:92:3c:9c:98:81:0b:a5:
e9:80:0a:7d:9c:cc:9f:6c:27:68:01:54:a5:91:6d:
68:38:5d:c5:73:25:cd:f1:3e:45:94:5c:dd:1c:dd:
a1:66:f9:e3:91:7e:92:c8:cf:52:e3:f9:8f:8a:5e:
43:af:d3:99:8f:60:d8:2c:b8:c4:0b:25:30:e8:b2:
39:96:66:1b:a0:31:64:9d:82:8f:2f:df:ec:36:b1:
dc:74:42:09:b4:5a:1b:6a:8b:d5:7e:f0:76:35:dd:
7d:1b:83:35:7f:e3:19:50:55:1f:5f:06:de:de:1e:
9e:3b:46:9f:f8:be:15:34:93:e9:04:2a:18:d3:d4:
9d:40:d0:f8:d4:7f:4f:82:9e:4d:73:cd:bb:e8:46:
e7:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:10:A7:F7:DA:CD:5B:92:F0:72:E2:69:FA:75:5E:4C:FA:90:6B:37
X509v3 Authority Key Identifier:
keyid:68:7C:8B:F2:22:A2:6B:F1:C9:C6:63:8C:C3:56:D2:83:55:02:F2:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aHyL8iKia_HJxmOMw1bSg1UC8tY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/61ae21-8f63-4fd0-a6b5-d57255e25fee/1/aHyL8iKia_HJxmOMw1bSg1UC8tY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/61ae21-8f63-4fd0-a6b5-d57255e25fee/1/aHyL8iKia_HJxmOMw1bSg1UC8tY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
08:1f:20:94:5c:75:d5:e7:94:d3:f6:23:04:6a:49:98:fe:70:
e1:79:0b:98:3b:59:f0:db:a9:6b:2c:3b:77:97:a5:f5:e0:45:
35:ed:ce:3a:af:23:bd:71:0f:6a:5d:42:20:1a:95:c4:68:b4:
34:5b:d3:c4:79:79:7e:f3:c8:9b:a3:c9:f0:33:e4:7a:b1:6d:
5d:4b:fe:44:f4:f2:2f:67:a2:d0:a6:59:ee:95:76:51:d0:25:
68:19:cd:88:76:01:ad:a6:d7:d0:25:c4:4b:de:b7:f6:96:ed:
b1:b8:fd:24:3e:66:ae:6a:e8:c1:5b:3b:4b:69:40:3b:e5:cc:
e3:0b:9d:20:8e:0b:ba:17:48:b8:0e:ce:ee:76:f4:38:ed:f9:
9d:09:24:c6:0a:f3:02:dd:6c:52:8a:f3:67:16:05:29:6f:de:
0d:cd:88:9e:fd:8f:09:7f:c7:0a:e3:9a:78:e0:88:88:fc:2d:
54:8b:ea:ec:7f:a8:ff:34:1e:a4:c6:43:00:7a:7a:34:12:ea:
98:3b:9e:e1:9f:23:07:a7:74:21:59:c3:fb:75:be:3d:6c:58:
82:ad:7a:40:02:65:af:a4:c2:ef:51:57:19:46:81:86:3d:91:
3e:b0:5d:d4:d9:33:c8:a0:88:fe:54:4d:8e:a9:09:87:b4:35:
35:50:75:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qBQsEw8Xx97kWcbIxUtb6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4N2M4YmYyMjJhMjZiZjFjOWM2NjM4Y2MzNTZkMjgzNTUw
MmYyZDYwHhcNMjYwMzI2MTIwMTA2WhcNMjYwMzI3MTIwMTA2WjAzMTEwLwYDVQQD
EygyMzEwYTdmN2RhY2Q1YjkyZjA3MmUyNjlmYTc1NWU0Y2ZhOTA2YjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJ1kCu1JBCgdCq19QNL88pD5jUU4
RjlzZjTWPwbPE1rCwUvDg35LGyTjDa51xBTM3M5x4rkcbXubv5bpMtvOaXbkIe0k
4n0SK8ghCFCNrChSod5v+ERVK9erliczdf3F5Hu9nj73FtPKz/T/QtPf+JI8nJiB
C6XpgAp9nMyfbCdoAVSlkW1oOF3FcyXN8T5FlFzdHN2hZvnjkX6SyM9S4/mPil5D
r9OZj2DYLLjECyUw6LI5lmYboDFknYKPL9/sNrHcdEIJtFobaovVfvB2Nd19G4M1
f+MZUFUfXwbe3h6eO0af+L4VNJPpBCoY09SdQND41H9Pgp5Nc8276EbnCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCMQp/fazVuS8HLiafp1Xkz6kGs3MB8GA1UdIwQY
MBaAFGh8i/IiomvxycZjjMNW0oNVAvLWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUh5TDhpS2lhX0hKeG1PTXcxYlNnMVVDOHRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC82MWFlMjEtOGY2My00ZmQwLWE2YjUt
ZDU3MjU1ZTI1ZmVlLzEvYUh5TDhpS2lhX0hKeG1PTXcxYlNnMVVDOHRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC82MWFlMjEtOGY2My00ZmQwLWE2YjUtZDU3MjU1ZTI1ZmVl
LzEvYUh5TDhpS2lhX0hKeG1PTXcxYlNnMVVDOHRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACB8glFx1
1eeU0/YjBGpJmP5w4XkLmDtZ8Nupayw7d5el9eBFNe3OOq8jvXEPal1CIBqVxGi0
NFvTxHl5fvPIm6PJ8DPkerFtXUv+RPTyL2ei0KZZ7pV2UdAlaBnNiHYBrabX0CXE
S9639pbtsbj9JD5mrmrowVs7S2lAO+XM4wudII4LuhdIuA7O7nb0OO35nQkkxgrz
At1sUorzZxYFKW/eDc2Inv2PCX/HCuOaeOCIiPwtVIvq7H+o/zQepMZDAHp6NBLq
mDue4Z8jB6d0IVnD+3W+PWxYgq16QAJlr6TC71FXGUaBhj2RPrBd1NkzyKCI/lRN
jqkJh7Q1NVB16g==
-----END CERTIFICATE-----
Generated at Thu Mar 26 15:41:39 2026 by rpki-client