Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/3bafd8-c34e-4890-b4cf-73db0f2841c9/1/AlO5GdddwgTZyjjbeyihdINLOz0.mft
File: AlO5GdddwgTZyjjbeyihdINLOz0.mft (raw, json)
Hash identifier: CUxCzVXFm/18ZY13JBbJCTWccdtZyebu0koJY1twzTI=
Subject key identifier: 6B:F4:B2:05:60:8E:02:07:6D:AE:6E:EA:38:02:E4:BA:70:56:C9:01
Authority key identifier: 02:53:B9:19:D7:5D:C2:04:D9:CA:38:DB:7B:28:A1:74:83:4B:3B:3D
Certificate issuer: /CN=0253b919d75dc204d9ca38db7b28a174834b3b3d
Certificate serial: 019D2816F1907F7AA89D5E538AB34721341C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AlO5GdddwgTZyjjbeyihdINLOz0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/3bafd8-c34e-4890-b4cf-73db0f2841c9/1/AlO5GdddwgTZyjjbeyihdINLOz0.mft
Manifest number: 08A8
Signing time: Thu 26 Mar 2026 03:01:25 +0000
Manifest this update: Thu 26 Mar 2026 03:01:25 +0000
Manifest next update: Fri 27 Mar 2026 03:01:25 +0000
Files and hashes: 1: AlO5GdddwgTZyjjbeyihdINLOz0.crl (hash: 4pvN2I6c8KWKCjyr+xSGHhwcfur070jdgLObnkEDlis=)
2: PMWWklW51anXq7aRQXkdao86Jek.roa (hash: +f085vkz6griqp0/YZpf7yExFFEfbfc0Y85L8JbYisc=)
3: h3tLHRWk_OmFsZTg_jd5-mdYTds.roa (hash: xHXqRtgjeuL+vMeMb7Pl+kHYtqxysXcomaAK0drp85s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/3bafd8-c34e-4890-b4cf-73db0f2841c9/1/AlO5GdddwgTZyjjbeyihdINLOz0.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/3bafd8-c34e-4890-b4cf-73db0f2841c9/1/AlO5GdddwgTZyjjbeyihdINLOz0.mft
rsync://rpki.ripe.net/repository/DEFAULT/AlO5GdddwgTZyjjbeyihdINLOz0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:16:f1:90:7f:7a:a8:9d:5e:53:8a:b3:47:21:34:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0253b919d75dc204d9ca38db7b28a174834b3b3d
Validity
Not Before: Mar 26 03:01:25 2026 GMT
Not After : Mar 27 03:01:25 2026 GMT
Subject: CN=6bf4b205608e02076dae6eea3802e4ba7056c901
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f3:1d:bc:96:73:40:a1:8a:c3:30:14:5a:c8:
f6:91:72:84:55:7f:63:be:87:62:d2:7b:92:54:6f:
97:18:ff:2c:48:f4:00:72:98:44:f9:07:b6:98:78:
35:c8:26:b4:04:57:7e:6a:6e:c4:1c:d6:7f:18:20:
8f:e9:9f:06:13:dd:15:be:19:db:b7:9b:5d:7b:e4:
8c:dc:9e:c8:d9:ff:6e:d4:17:bc:9e:5a:e4:00:72:
ac:50:3d:99:37:5e:c8:31:c9:64:6f:6d:b7:2e:64:
ca:78:11:11:f9:1f:df:77:99:ee:01:83:21:e0:af:
36:81:78:84:6a:1c:c1:ee:7f:b8:a8:2b:7d:3a:76:
8c:d4:e5:05:c9:13:bb:f4:d3:60:ec:20:89:d9:5f:
c9:ea:ec:6d:80:a7:a5:47:15:e3:3d:4d:a3:da:73:
f5:bf:9b:b0:fd:83:f3:d9:6b:f5:7b:32:1d:a0:08:
29:66:60:8d:d7:34:a3:5e:fb:2d:58:37:43:e2:fd:
49:bc:87:53:52:2c:aa:ff:96:b1:28:8b:42:da:b9:
47:b7:0d:82:8d:49:a7:7f:2f:14:3a:16:3b:eb:c1:
cf:b5:3f:eb:46:8c:85:e6:8d:81:3c:9d:8f:b8:37:
00:43:cd:40:2d:b5:b2:2e:90:6b:79:08:b7:47:45:
51:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:F4:B2:05:60:8E:02:07:6D:AE:6E:EA:38:02:E4:BA:70:56:C9:01
X509v3 Authority Key Identifier:
keyid:02:53:B9:19:D7:5D:C2:04:D9:CA:38:DB:7B:28:A1:74:83:4B:3B:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AlO5GdddwgTZyjjbeyihdINLOz0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/3bafd8-c34e-4890-b4cf-73db0f2841c9/1/AlO5GdddwgTZyjjbeyihdINLOz0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/3bafd8-c34e-4890-b4cf-73db0f2841c9/1/AlO5GdddwgTZyjjbeyihdINLOz0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
45:da:90:21:b0:99:26:6a:64:7d:45:ba:df:96:06:8f:c1:5e:
f5:0e:19:62:86:78:47:ca:d9:87:8c:91:b1:a6:29:ad:7f:5d:
36:1b:fb:fd:11:ee:7c:75:e5:6f:a9:55:3d:a1:62:26:5d:e7:
8c:20:67:f3:f5:28:90:09:ff:ee:09:c5:03:ab:d8:24:d7:df:
2d:96:04:c3:69:dd:aa:db:fd:a7:f4:1f:dd:44:14:a0:22:36:
ec:d5:37:fb:13:8f:db:89:e1:3f:e8:93:48:30:38:16:e6:8b:
a0:f1:d1:aa:96:bb:38:f2:bf:a1:ab:24:05:e0:0d:69:f3:fc:
ff:55:15:44:13:1a:de:9a:ab:6a:c8:15:9d:e3:b9:78:8e:b9:
02:1d:ac:b5:b8:ab:a1:3a:02:d2:57:07:70:5d:5c:20:7e:d1:
67:f5:c0:aa:6b:c7:df:6f:46:cd:30:b5:c6:25:10:93:74:95:
e0:5b:20:67:15:b7:ec:1c:5c:b8:ae:82:bf:02:65:b6:d7:13:
62:ce:50:1a:bc:2b:65:20:8b:6f:60:a2:ea:2b:76:39:e8:36:
fc:28:a4:19:97:96:50:2f:e2:a1:fd:f4:7c:32:8f:76:b5:60:
08:fd:db:fa:d2:86:16:f7:4d:a6:d9:ca:68:46:a2:92:fe:e1:
73:a0:49:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oFvGQf3qonV5TirNHITQcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNTNiOTE5ZDc1ZGMyMDRkOWNhMzhkYjdiMjhhMTc0ODM0
YjNiM2QwHhcNMjYwMzI2MDMwMTI1WhcNMjYwMzI3MDMwMTI1WjAzMTEwLwYDVQQD
Eyg2YmY0YjIwNTYwOGUwMjA3NmRhZTZlZWEzODAyZTRiYTcwNTZjOTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfMdvJZzQKGKwzAUWsj2kXKEVX9j
vodi0nuSVG+XGP8sSPQAcphE+Qe2mHg1yCa0BFd+am7EHNZ/GCCP6Z8GE90Vvhnb
t5tde+SM3J7I2f9u1Be8nlrkAHKsUD2ZN17IMclkb223LmTKeBER+R/fd5nuAYMh
4K82gXiEahzB7n+4qCt9OnaM1OUFyRO79NNg7CCJ2V/J6uxtgKelRxXjPU2j2nP1
v5uw/YPz2Wv1ezIdoAgpZmCN1zSjXvstWDdD4v1JvIdTUiyq/5axKItC2rlHtw2C
jUmnfy8UOhY768HPtT/rRoyF5o2BPJ2PuDcAQ81ALbWyLpBreQi3R0VRRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGv0sgVgjgIHba5u6jgC5LpwVskBMB8GA1UdIwQY
MBaAFAJTuRnXXcIE2co423sooXSDSzs9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWxPNUdkZGR3Z1RaeWpqYmV5aWhkSU5MT3owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8zYmFmZDgtYzM0ZS00ODkwLWI0Y2Yt
NzNkYjBmMjg0MWM5LzEvQWxPNUdkZGR3Z1RaeWpqYmV5aWhkSU5MT3owLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS8zYmFmZDgtYzM0ZS00ODkwLWI0Y2YtNzNkYjBmMjg0MWM5
LzEvQWxPNUdkZGR3Z1RaeWpqYmV5aWhkSU5MT3owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARdqQIbCZ
JmpkfUW635YGj8Fe9Q4ZYoZ4R8rZh4yRsaYprX9dNhv7/RHufHXlb6lVPaFiJl3n
jCBn8/UokAn/7gnFA6vYJNffLZYEw2ndqtv9p/Qf3UQUoCI27NU3+xOP24nhP+iT
SDA4FuaLoPHRqpa7OPK/oaskBeANafP8/1UVRBMa3pqrasgVneO5eI65Ah2stbir
oToC0lcHcF1cIH7RZ/XAqmvH329GzTC1xiUQk3SV4FsgZxW37BxcuK6CvwJlttcT
Ys5QGrwrZSCLb2Ci6it2Oeg2/CikGZeWUC/iof30fDKPdrVgCP3b+tKGFvdNptnK
aEaikv7hc6BJ0w==
-----END CERTIFICATE-----
Generated at Thu Mar 26 07:00:42 2026 by rpki-client