Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.mft
File: aaKML4THXo0DiGlDVRUt0rcx8kk.mft (raw, json)
Hash identifier: dD+nyXQBHxBNz/4YbyRKV8EzfKALKoyx+fyS+RxdHNk=
Subject key identifier: 82:86:39:70:77:34:AE:16:B5:4D:36:DC:AE:3A:E2:52:67:E1:95:CB
Authority key identifier: 69:A2:8C:2F:84:C7:5E:8D:03:88:69:43:55:15:2D:D2:B7:31:F2:49
Certificate issuer: /CN=69a28c2f84c75e8d0388694355152dd2b731f249
Certificate serial: 019E1ED9CB61F19EBD462955039E4A4C5780
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aaKML4THXo0DiGlDVRUt0rcx8kk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.mft
Manifest number: 1909
Signing time: Wed 13 May 2026 01:00:50 +0000
Manifest this update: Wed 13 May 2026 01:00:50 +0000
Manifest next update: Thu 14 May 2026 01:00:50 +0000
Files and hashes: 1: MB0uTApSO8m5vg_bm9trr3XpjgU.roa (hash: 2eNykuyF9+3yCGYPE8lH28bjQtkNd0f4qvsTFx03Ijs=)
2: aaKML4THXo0DiGlDVRUt0rcx8kk.crl (hash: xdOlhmAuGtEeJ9cBHTr4A/1nBV8EGR9vCrBXRPIoem8=)
3: xg2vmPZnFpWKOjIR5eQ7FMGT8aE.roa (hash: hPOQooNWczBMB25D+ekEfhNU7YNSFMQ+pTU+YyTaGew=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.mft
rsync://rpki.ripe.net/repository/DEFAULT/aaKML4THXo0DiGlDVRUt0rcx8kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1e:d9:cb:61:f1:9e:bd:46:29:55:03:9e:4a:4c:57:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69a28c2f84c75e8d0388694355152dd2b731f249
Validity
Not Before: May 13 01:00:50 2026 GMT
Not After : May 14 01:00:50 2026 GMT
Subject: CN=828639707734ae16b54d36dcae3ae25267e195cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:65:c5:a9:1b:f8:af:95:00:51:9b:61:6b:d3:
1d:d9:c3:0a:cf:bb:bb:09:85:cc:64:81:f8:00:d8:
a4:73:f4:e9:ba:b9:4d:8f:e3:94:67:de:3b:00:56:
c2:f4:9a:ae:f4:96:91:fe:d5:0e:53:a3:98:47:74:
5e:ea:dc:7d:12:ce:07:39:d5:48:8f:59:8e:20:f3:
aa:0b:70:42:f1:74:f3:6a:c5:5a:2e:64:3b:cc:a8:
63:39:00:7e:0b:2e:bb:c1:72:e9:76:53:a4:11:84:
64:39:ec:2b:f8:9c:55:21:38:f8:5c:09:d7:61:df:
52:75:9d:c5:59:ea:40:18:68:24:ff:46:21:0b:c3:
cf:07:0c:ea:7c:6a:86:ba:cc:64:ea:70:bd:00:83:
dd:d9:3b:68:56:03:d1:c5:f4:69:d0:bf:a9:94:61:
00:4d:80:a0:49:08:6c:e3:c6:43:74:b2:23:5b:92:
3c:0e:2e:68:36:af:19:2f:df:ab:96:cd:3d:7a:16:
92:c3:42:45:d3:a3:ab:bb:2a:8f:c0:c7:12:c9:34:
27:94:09:06:6a:e6:4c:a1:c6:51:71:6d:17:26:a3:
f9:54:7d:eb:b9:d0:c8:f0:aa:8b:4e:91:8e:01:1b:
c0:de:35:8b:48:99:59:d4:f7:ec:26:d2:9c:07:c6:
e8:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:86:39:70:77:34:AE:16:B5:4D:36:DC:AE:3A:E2:52:67:E1:95:CB
X509v3 Authority Key Identifier:
keyid:69:A2:8C:2F:84:C7:5E:8D:03:88:69:43:55:15:2D:D2:B7:31:F2:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aaKML4THXo0DiGlDVRUt0rcx8kk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8f:56:8a:fa:8b:c5:e3:34:e6:a2:c4:c6:3e:6d:f8:11:72:2b:
94:ff:fc:ce:6c:bb:14:bd:ff:c3:21:4e:90:b3:6e:fb:1e:66:
06:a0:99:f3:65:b1:96:cf:bb:18:a2:e1:b3:96:c2:5f:f9:10:
91:0a:95:88:9d:95:4f:f2:18:89:4c:48:1a:9f:4b:83:c3:d0:
a3:15:fb:75:89:62:f8:c6:70:d5:b6:1c:33:7e:ef:01:5b:21:
72:99:41:27:d5:9c:bb:23:b3:9c:05:98:e1:0c:dd:de:17:e2:
c8:71:dc:a4:ee:aa:b7:0c:72:13:8d:6e:cd:4b:71:af:ec:34:
ab:9c:20:2e:67:86:e5:a5:35:2b:81:b2:4c:1f:e8:36:5e:91:
24:a6:20:20:04:5f:4d:46:df:fd:77:06:aa:7e:8e:f4:2d:41:
bb:2e:d6:b5:ec:4a:62:ef:1f:fc:87:bc:68:cb:78:b0:b1:af:
0d:14:8d:85:a6:c9:25:2f:1d:43:41:12:fb:ce:f0:da:13:19:
27:15:ca:63:df:14:d0:36:15:65:f7:82:0b:e0:0d:aa:90:e0:
22:65:3d:a1:2c:cd:41:7c:a1:76:25:91:37:5e:d8:d3:f0:43:
08:bb:16:7f:31:90:9f:02:ae:89:25:ca:c0:40:db:6b:06:b6:
f0:10:8a:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4e2cth8Z69RilVA55KTFeAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YTI4YzJmODRjNzVlOGQwMzg4Njk0MzU1MTUyZGQyYjcz
MWYyNDkwHhcNMjYwNTEzMDEwMDUwWhcNMjYwNTE0MDEwMDUwWjAzMTEwLwYDVQQD
Eyg4Mjg2Mzk3MDc3MzRhZTE2YjU0ZDM2ZGNhZTNhZTI1MjY3ZTE5NWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmXFqRv4r5UAUZtha9Md2cMKz7u7
CYXMZIH4ANikc/TpurlNj+OUZ947AFbC9Jqu9JaR/tUOU6OYR3Re6tx9Es4HOdVI
j1mOIPOqC3BC8XTzasVaLmQ7zKhjOQB+Cy67wXLpdlOkEYRkOewr+JxVITj4XAnX
Yd9SdZ3FWepAGGgk/0YhC8PPBwzqfGqGusxk6nC9AIPd2TtoVgPRxfRp0L+plGEA
TYCgSQhs48ZDdLIjW5I8Di5oNq8ZL9+rls09ehaSw0JF06OruyqPwMcSyTQnlAkG
auZMocZRcW0XJqP5VH3rudDI8KqLTpGOARvA3jWLSJlZ1PfsJtKcB8boSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIKGOXB3NK4WtU023K464lJn4ZXLMB8GA1UdIwQY
MBaAFGmijC+Ex16NA4hpQ1UVLdK3MfJJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWFLTUw0VEhYbzBEaUdsRFZSVXQwcmN4OGtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS84OWZmNDctMGI3Yi00MzA5LWE4YWYt
MmNiZDU1ZjlhOGVlLzEvYWFLTUw0VEhYbzBEaUdsRFZSVXQwcmN4OGtrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS84OWZmNDctMGI3Yi00MzA5LWE4YWYtMmNiZDU1ZjlhOGVl
LzEvYWFLTUw0VEhYbzBEaUdsRFZSVXQwcmN4OGtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj1aK+ovF
4zTmosTGPm34EXIrlP/8zmy7FL3/wyFOkLNu+x5mBqCZ82Wxls+7GKLhs5bCX/kQ
kQqViJ2VT/IYiUxIGp9Lg8PQoxX7dYli+MZw1bYcM37vAVshcplBJ9WcuyOznAWY
4Qzd3hfiyHHcpO6qtwxyE41uzUtxr+w0q5wgLmeG5aU1K4GyTB/oNl6RJKYgIARf
TUbf/XcGqn6O9C1Buy7WtexKYu8f/Ie8aMt4sLGvDRSNhabJJS8dQ0ES+87w2hMZ
JxXKY98U0DYVZfeCC+ANqpDgImU9oSzNQXyhdiWRN17Y0/BDCLsWfzGQnwKuiSXK
wEDbawa28BCKcA==
-----END CERTIFICATE-----
Generated at Wed May 13 06:34:29 2026 by rpki-client