Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.mft
File: aaKML4THXo0DiGlDVRUt0rcx8kk.mft (raw, json)
Hash identifier: +0Yxa40F5PAfFMRnckaUIBcuP8x+wWdhV4VjNUSFFFg=
Subject key identifier: A7:AC:87:A2:2D:D7:00:26:EC:4B:F8:35:33:3E:78:89:68:54:46:0E
Authority key identifier: 69:A2:8C:2F:84:C7:5E:8D:03:88:69:43:55:15:2D:D2:B7:31:F2:49
Certificate issuer: /CN=69a28c2f84c75e8d0388694355152dd2b731f249
Certificate serial: 019D27A89AD10BE5C5CBEF23AA0154126B50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aaKML4THXo0DiGlDVRUt0rcx8kk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.mft
Manifest number: 1889
Signing time: Thu 26 Mar 2026 01:00:54 +0000
Manifest this update: Thu 26 Mar 2026 01:00:54 +0000
Manifest next update: Fri 27 Mar 2026 01:00:54 +0000
Files and hashes: 1: MB0uTApSO8m5vg_bm9trr3XpjgU.roa (hash: 2eNykuyF9+3yCGYPE8lH28bjQtkNd0f4qvsTFx03Ijs=)
2: aaKML4THXo0DiGlDVRUt0rcx8kk.crl (hash: Km6AoARq6H8yr6VHHsuo61aqazhK+JplAOOcsO1Sw+s=)
3: xg2vmPZnFpWKOjIR5eQ7FMGT8aE.roa (hash: hPOQooNWczBMB25D+ekEfhNU7YNSFMQ+pTU+YyTaGew=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.mft
rsync://rpki.ripe.net/repository/DEFAULT/aaKML4THXo0DiGlDVRUt0rcx8kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:a8:9a:d1:0b:e5:c5:cb:ef:23:aa:01:54:12:6b:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69a28c2f84c75e8d0388694355152dd2b731f249
Validity
Not Before: Mar 26 01:00:54 2026 GMT
Not After : Mar 27 01:00:54 2026 GMT
Subject: CN=a7ac87a22dd70026ec4bf835333e78896854460e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:9b:ce:ff:df:b8:5e:48:26:cf:fb:36:9d:11:
b0:c2:2c:22:99:49:41:8b:b7:92:d1:26:14:40:63:
5e:83:e7:db:a3:8e:a5:02:6e:57:cd:30:5a:1c:de:
20:38:bf:11:ef:43:8f:a4:e4:f2:83:ed:e5:22:87:
06:b4:a2:08:43:21:47:00:db:0b:24:cb:f8:e9:2b:
54:3e:79:39:fa:6e:92:8e:bd:ce:8c:ab:63:6d:e0:
03:9c:f5:d3:35:e7:d8:b9:93:4b:c3:31:f1:96:e7:
df:e6:c1:13:46:09:18:5a:d3:c9:bd:f1:95:66:8b:
59:22:f1:87:ec:72:d6:b3:6e:cd:ae:0a:0b:dc:0a:
fb:1d:69:da:49:aa:9b:5b:32:f3:84:0e:0d:d5:de:
74:73:06:e9:75:c9:17:82:31:5b:da:16:24:60:4e:
f8:21:ae:4c:63:1a:6a:30:ea:35:d4:28:22:b1:a7:
8f:29:47:db:97:be:ad:eb:0f:78:9e:b5:1a:3c:78:
de:cb:f9:b7:b7:94:67:df:7e:13:5d:ac:bf:0e:ab:
74:37:8f:a9:8f:a7:a3:66:73:59:7a:77:15:04:f3:
f1:45:bd:69:68:d8:ec:c0:d8:de:45:c1:52:61:71:
53:15:f3:33:bc:fd:0d:95:5e:62:11:23:55:f5:40:
c2:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:AC:87:A2:2D:D7:00:26:EC:4B:F8:35:33:3E:78:89:68:54:46:0E
X509v3 Authority Key Identifier:
keyid:69:A2:8C:2F:84:C7:5E:8D:03:88:69:43:55:15:2D:D2:B7:31:F2:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aaKML4THXo0DiGlDVRUt0rcx8kk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3b:e9:d7:88:18:f9:40:0c:c7:3e:1d:0a:8f:4c:29:ab:d9:25:
d2:50:eb:ba:0f:24:c9:31:fc:3a:53:68:b0:4c:c5:de:fd:fd:
4e:57:94:71:39:0b:5b:c1:35:c4:aa:0f:c3:1e:d7:a0:d7:3b:
d9:d1:5c:f3:66:73:df:9b:e3:52:7e:cf:b3:34:09:c8:08:c7:
9a:36:f2:2e:91:bf:70:6b:34:08:50:61:52:8c:ba:de:b0:7c:
fa:31:8f:1a:87:e8:e4:85:ab:f6:ec:d0:c0:10:ae:c2:5c:03:
dd:d0:e0:90:e3:99:f4:14:a1:32:1f:41:93:96:a8:98:84:b8:
06:35:6d:93:29:3f:19:19:2f:93:10:54:ac:71:86:9b:0f:b4:
1d:f3:e9:21:64:3a:68:13:e0:4f:8e:3a:72:d1:ea:5d:ff:fd:
23:9b:7d:28:94:e4:bb:37:07:c7:73:b3:67:d3:a3:03:4b:09:
ed:1f:9f:60:18:ad:21:a7:6c:74:aa:72:9c:af:27:b7:dc:6e:
a1:43:e1:29:36:23:4c:cc:aa:59:dc:b8:ba:1c:c6:28:9b:40:
e0:bc:d9:b2:ff:7f:06:29:e2:60:e9:59:a4:9d:53:20:21:b9:
e4:58:d8:4c:5e:b3:34:ab:22:c9:71:27:c4:16:88:70:f2:07:
08:fb:90:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nqJrRC+XFy+8jqgFUEmtQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YTI4YzJmODRjNzVlOGQwMzg4Njk0MzU1MTUyZGQyYjcz
MWYyNDkwHhcNMjYwMzI2MDEwMDU0WhcNMjYwMzI3MDEwMDU0WjAzMTEwLwYDVQQD
EyhhN2FjODdhMjJkZDcwMDI2ZWM0YmY4MzUzMzNlNzg4OTY4NTQ0NjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ZvO/9+4Xkgmz/s2nRGwwiwimUlB
i7eS0SYUQGNeg+fbo46lAm5XzTBaHN4gOL8R70OPpOTyg+3lIocGtKIIQyFHANsL
JMv46StUPnk5+m6Sjr3OjKtjbeADnPXTNefYuZNLwzHxluff5sETRgkYWtPJvfGV
ZotZIvGH7HLWs27NrgoL3Ar7HWnaSaqbWzLzhA4N1d50cwbpdckXgjFb2hYkYE74
Ia5MYxpqMOo11CgisaePKUfbl76t6w94nrUaPHjey/m3t5Rn334TXay/Dqt0N4+p
j6ejZnNZencVBPPxRb1paNjswNjeRcFSYXFTFfMzvP0NlV5iESNV9UDCawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKesh6It1wAm7Ev4NTM+eIloVEYOMB8GA1UdIwQY
MBaAFGmijC+Ex16NA4hpQ1UVLdK3MfJJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWFLTUw0VEhYbzBEaUdsRFZSVXQwcmN4OGtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS84OWZmNDctMGI3Yi00MzA5LWE4YWYt
MmNiZDU1ZjlhOGVlLzEvYWFLTUw0VEhYbzBEaUdsRFZSVXQwcmN4OGtrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS84OWZmNDctMGI3Yi00MzA5LWE4YWYtMmNiZDU1ZjlhOGVl
LzEvYWFLTUw0VEhYbzBEaUdsRFZSVXQwcmN4OGtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO+nXiBj5
QAzHPh0Kj0wpq9kl0lDrug8kyTH8OlNosEzF3v39TleUcTkLW8E1xKoPwx7XoNc7
2dFc82Zz35vjUn7PszQJyAjHmjbyLpG/cGs0CFBhUoy63rB8+jGPGofo5IWr9uzQ
wBCuwlwD3dDgkOOZ9BShMh9Bk5aomIS4BjVtkyk/GRkvkxBUrHGGmw+0HfPpIWQ6
aBPgT446ctHqXf/9I5t9KJTkuzcHx3OzZ9OjA0sJ7R+fYBitIadsdKpynK8nt9xu
oUPhKTYjTMyqWdy4uhzGKJtA4LzZsv9/BiniYOlZpJ1TICG55FjYTF6zNKsiyXEn
xBaIcPIHCPuQug==
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:47:25 2026 by rpki-client