Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/27294e-b9e7-4660-932d-21048a734a46/1/0aiWnX4yy_knZkstxDa5bnFJpis.mft
File: 0aiWnX4yy_knZkstxDa5bnFJpis.mft (raw, json)
Hash identifier: rx1IcmUhWsbaxyQJ+BfqmD6mlB40a9m0BtYlLu/8uR0=
Subject key identifier: 84:A2:57:2E:EE:8D:4B:83:95:5F:FE:C2:42:B7:74:FE:16:8C:0D:D0
Authority key identifier: D1:A8:96:9D:7E:32:CB:F9:27:66:4B:2D:C4:36:B9:6E:71:49:A6:2B
Certificate issuer: /CN=d1a8969d7e32cbf927664b2dc436b96e7149a62b
Certificate serial: 019E1E6C7547B2B402F236E8C4B351CD5C54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0aiWnX4yy_knZkstxDa5bnFJpis.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/27294e-b9e7-4660-932d-21048a734a46/1/0aiWnX4yy_knZkstxDa5bnFJpis.mft
Manifest number: 123D
Signing time: Tue 12 May 2026 23:01:24 +0000
Manifest this update: Tue 12 May 2026 23:01:24 +0000
Manifest next update: Wed 13 May 2026 23:01:24 +0000
Files and hashes: 1: 0aiWnX4yy_knZkstxDa5bnFJpis.crl (hash: fxyFMPdAIPoZmi0RdezCgWpPzuhJPmY6O+MaQn1pZIc=)
2: FSxy8Ovh14yqtFHhoBFX5nBXdNU.roa (hash: duw06+xYQMFPNJS8Nqk1JSY0w1hNxbHtXY/z+S+qyJI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/27294e-b9e7-4660-932d-21048a734a46/1/0aiWnX4yy_knZkstxDa5bnFJpis.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/27294e-b9e7-4660-932d-21048a734a46/1/0aiWnX4yy_knZkstxDa5bnFJpis.mft
rsync://rpki.ripe.net/repository/DEFAULT/0aiWnX4yy_knZkstxDa5bnFJpis.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1e:6c:75:47:b2:b4:02:f2:36:e8:c4:b3:51:cd:5c:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1a8969d7e32cbf927664b2dc436b96e7149a62b
Validity
Not Before: May 12 23:01:24 2026 GMT
Not After : May 13 23:01:24 2026 GMT
Subject: CN=84a2572eee8d4b83955ffec242b774fe168c0dd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:55:07:18:46:21:98:e1:f9:99:87:be:11:2b:
25:58:65:4f:7a:4d:93:7b:ed:f0:18:1e:00:20:ef:
63:03:60:49:71:8c:bc:5c:7c:da:7f:19:cc:19:b7:
72:f8:e3:d1:2a:c8:7e:b7:92:75:6c:7f:de:3a:19:
54:60:4d:33:d8:2f:0f:36:47:fe:6e:c4:42:12:be:
8f:33:89:f1:bf:8b:5a:72:96:68:9c:6b:7c:b7:24:
bd:e6:fa:a1:62:04:10:87:e2:86:36:e0:61:4f:28:
3d:79:75:0b:d1:e5:16:41:91:be:96:af:d6:2f:10:
95:a4:fa:e3:b7:ae:2a:97:bf:0e:7f:e8:0a:d0:db:
fb:b8:c3:09:a5:ce:3d:a1:6d:69:aa:17:5b:99:0b:
fd:da:93:c6:77:3f:6f:86:f7:e0:77:91:5a:14:ac:
82:a6:d5:e0:83:5a:4d:bf:fd:84:8f:69:98:e9:20:
cd:19:ec:4f:d0:93:b4:8c:e0:4c:03:ae:1f:fb:8b:
b9:6d:9e:2f:35:04:af:09:d1:b5:2d:4d:ff:fd:41:
44:c6:78:25:22:82:46:e8:d1:71:6d:cd:72:70:17:
b1:78:9e:cb:00:75:80:21:b8:49:e2:d9:fe:de:27:
f1:40:4b:0f:b3:c6:0f:ee:0e:e7:51:56:73:a3:d4:
4d:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:A2:57:2E:EE:8D:4B:83:95:5F:FE:C2:42:B7:74:FE:16:8C:0D:D0
X509v3 Authority Key Identifier:
keyid:D1:A8:96:9D:7E:32:CB:F9:27:66:4B:2D:C4:36:B9:6E:71:49:A6:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0aiWnX4yy_knZkstxDa5bnFJpis.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/27294e-b9e7-4660-932d-21048a734a46/1/0aiWnX4yy_knZkstxDa5bnFJpis.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/27294e-b9e7-4660-932d-21048a734a46/1/0aiWnX4yy_knZkstxDa5bnFJpis.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
36:3e:9f:7d:02:80:fa:07:64:53:8a:6e:b9:fc:3c:33:bb:27:
83:33:53:51:37:3f:e9:4d:fd:2c:0c:da:86:10:96:2b:09:09:
06:a0:27:1c:7a:41:62:7b:10:59:d8:81:a6:88:8c:18:36:ad:
20:70:90:51:49:3e:72:20:14:69:e7:f3:c1:05:63:9d:cc:27:
f3:fc:21:ff:bc:94:63:de:5b:9e:ff:60:48:ba:83:86:e7:31:
c1:1c:10:34:0f:c6:82:0c:d9:24:bd:57:0d:7f:27:8b:af:25:
3b:8d:c0:5a:b4:7d:26:2e:3e:92:f3:5d:92:c8:c1:63:8b:ed:
bb:2e:c6:b9:93:b5:4e:1d:c8:a2:47:f4:3b:36:b6:52:b2:d2:
44:c9:4c:cd:ee:e6:67:aa:5b:8b:a5:4a:9b:e1:72:38:59:73:
e0:25:9b:1d:29:e8:6d:b2:ec:5f:49:8e:a4:1d:31:59:f3:2d:
1b:7e:50:97:72:66:1d:14:9f:e8:8c:42:e6:df:4b:3c:18:89:
e7:50:a1:11:fa:82:49:fc:b3:48:83:d9:be:59:dd:92:89:6b:
ad:3e:99:39:f3:d3:e0:56:74:62:7e:00:27:39:2d:12:ca:e3:
b6:8c:0b:36:66:4f:b9:68:cc:da:1f:f8:8a:84:12:f1:07:10:
44:60:85:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4ebHVHsrQC8jboxLNRzVxUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxYTg5NjlkN2UzMmNiZjkyNzY2NGIyZGM0MzZiOTZlNzE0
OWE2MmIwHhcNMjYwNTEyMjMwMTI0WhcNMjYwNTEzMjMwMTI0WjAzMTEwLwYDVQQD
Eyg4NGEyNTcyZWVlOGQ0YjgzOTU1ZmZlYzI0MmI3NzRmZTE2OGMwZGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFUHGEYhmOH5mYe+ESslWGVPek2T
e+3wGB4AIO9jA2BJcYy8XHzafxnMGbdy+OPRKsh+t5J1bH/eOhlUYE0z2C8PNkf+
bsRCEr6PM4nxv4tacpZonGt8tyS95vqhYgQQh+KGNuBhTyg9eXUL0eUWQZG+lq/W
LxCVpPrjt64ql78Of+gK0Nv7uMMJpc49oW1pqhdbmQv92pPGdz9vhvfgd5FaFKyC
ptXgg1pNv/2Ej2mY6SDNGexP0JO0jOBMA64f+4u5bZ4vNQSvCdG1LU3//UFExngl
IoJG6NFxbc1ycBexeJ7LAHWAIbhJ4tn+3ifxQEsPs8YP7g7nUVZzo9RNaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFISiVy7ujUuDlV/+wkK3dP4WjA3QMB8GA1UdIwQY
MBaAFNGolp1+Msv5J2ZLLcQ2uW5xSaYrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGFpV25YNHl5X2tuWmtzdHhEYTVibkZKcGlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8yNzI5NGUtYjllNy00NjYwLTkzMmQt
MjEwNDhhNzM0YTQ2LzEvMGFpV25YNHl5X2tuWmtzdHhEYTVibkZKcGlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8yNzI5NGUtYjllNy00NjYwLTkzMmQtMjEwNDhhNzM0YTQ2
LzEvMGFpV25YNHl5X2tuWmtzdHhEYTVibkZKcGlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANj6ffQKA
+gdkU4puufw8M7sngzNTUTc/6U39LAzahhCWKwkJBqAnHHpBYnsQWdiBpoiMGDat
IHCQUUk+ciAUaefzwQVjncwn8/wh/7yUY95bnv9gSLqDhucxwRwQNA/GggzZJL1X
DX8ni68lO43AWrR9Ji4+kvNdksjBY4vtuy7GuZO1Th3Iokf0Oza2UrLSRMlMze7m
Z6pbi6VKm+FyOFlz4CWbHSnobbLsX0mOpB0xWfMtG35Ql3JmHRSf6IxC5t9LPBiJ
51ChEfqCSfyzSIPZvlndkolrrT6ZOfPT4FZ0Yn4AJzktEsrjtowLNmZPuWjM2h/4
ioQS8QcQRGCF/w==
-----END CERTIFICATE-----
Generated at Wed May 13 07:57:57 2026 by rpki-client