Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
File: aAONTKy9QZGZUus3CcFlM4OJAOM.mft (raw, json)
Hash identifier: huTZPVyrOtfQ60VZulZ3jwSh60P+5jNFJ4S6Kka7Ckg=
Subject key identifier: 32:62:BC:3C:AE:56:4C:58:F5:93:F1:D2:D4:BB:EE:A7:B8:6E:B1:CE
Authority key identifier: 68:03:8D:4C:AC:BD:41:91:99:52:EB:37:09:C1:65:33:83:89:00:E3
Certificate issuer: /CN=68038d4cacbd41919952eb3709c16533838900e3
Certificate serial: 019E1F112967C6150F5125D4913B8FDA04EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
Manifest number: 190A
Signing time: Wed 13 May 2026 02:01:18 +0000
Manifest this update: Wed 13 May 2026 02:01:18 +0000
Manifest next update: Thu 14 May 2026 02:01:18 +0000
Files and hashes: 1: VUWyLZ0rJ2KWNFwxw_bl1XOWT5Y.roa (hash: h6fu2o5gEs54ynuGXWVxljJh43rB4bmU8/bT0YsjVoE=)
2: aAONTKy9QZGZUus3CcFlM4OJAOM.crl (hash: OzKT1Cwo2bn7gbgkDq5zIIJe6bs4aU3CHi9Br/Crh0Q=)
3: tp0SOw0ReetfWj-1nSTTgqHkwxM.roa (hash: XzLhvr/WPwVDdpz3jGaEEAicJMQsJQFmkLSa5mS4sUM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1f:11:29:67:c6:15:0f:51:25:d4:91:3b:8f:da:04:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68038d4cacbd41919952eb3709c16533838900e3
Validity
Not Before: May 13 02:01:18 2026 GMT
Not After : May 14 02:01:18 2026 GMT
Subject: CN=3262bc3cae564c58f593f1d2d4bbeea7b86eb1ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:36:12:c0:4f:42:19:23:76:6f:11:46:3e:d6:
ca:92:3e:27:dc:9c:3e:f3:a2:aa:ca:40:32:db:67:
64:c3:00:66:9e:93:db:38:ca:30:e1:06:66:e7:ad:
d9:71:33:6b:fa:de:5b:2f:99:ed:da:82:54:af:25:
21:fc:3d:03:95:09:4c:7b:af:d4:ea:f4:84:4d:cf:
56:37:28:c0:dc:c6:98:a3:71:f1:e0:e5:8c:51:02:
ac:dd:09:e0:44:57:73:c3:52:c6:0c:6f:d5:78:03:
a7:1b:68:b3:7d:88:8d:76:eb:fc:13:47:44:82:94:
cf:11:23:39:77:8e:e7:de:8d:6a:b4:31:f4:a3:f7:
a2:a6:8d:1c:a9:68:7d:29:1d:89:ee:3f:d2:cc:67:
d0:78:58:30:d3:b8:fd:8c:e3:9e:b2:12:0d:13:ad:
b1:ea:1d:6a:7c:d9:c2:c3:9d:03:aa:0b:27:c9:c9:
f0:24:b0:7b:0d:b0:02:c8:3b:1e:30:7a:79:fc:86:
71:6d:f4:f2:6b:23:39:11:04:25:a9:5f:84:13:0d:
96:66:1c:52:61:3e:e7:fe:97:c4:5b:46:b2:d6:c1:
ae:d1:90:49:b6:86:19:e6:16:d6:5b:b8:c4:0d:ac:
31:1b:4e:b3:80:77:b9:17:fd:42:b7:1a:c5:f1:e9:
84:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:62:BC:3C:AE:56:4C:58:F5:93:F1:D2:D4:BB:EE:A7:B8:6E:B1:CE
X509v3 Authority Key Identifier:
keyid:68:03:8D:4C:AC:BD:41:91:99:52:EB:37:09:C1:65:33:83:89:00:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
21:eb:6d:b0:9a:ce:02:d2:2e:af:20:df:ff:65:fe:67:52:e6:
a3:dc:ef:bc:47:5e:c5:c0:94:d4:68:39:28:95:4c:b7:88:fa:
47:5a:49:1f:1a:e7:5a:67:96:18:2b:a7:8b:25:1d:6a:f7:96:
ac:11:70:47:63:86:44:39:05:b3:3e:6b:0b:07:29:e3:75:3b:
e4:88:23:5b:fa:bf:ff:65:5b:f4:22:05:68:7f:5e:54:70:e6:
78:87:ad:44:a8:60:e4:c8:2d:ba:34:24:a1:69:12:41:0b:92:
f9:cf:79:70:ff:a1:7f:f5:fa:ee:c3:34:f8:57:5f:17:a2:fd:
cf:bb:f3:8c:a0:d1:9b:bc:01:b1:5e:0c:43:0f:8d:ea:16:23:
24:4c:14:bd:c1:ef:f5:fe:54:d3:8d:ff:31:cd:72:ef:7b:7d:
9c:d6:df:53:70:15:7c:f4:d7:85:3c:b9:ab:2c:84:b2:15:99:
ed:72:63:8e:a3:ec:30:14:13:30:a4:28:60:15:5e:88:c6:21:
61:ab:cb:e1:90:6e:0b:eb:f7:ba:8a:71:0c:b9:b9:3d:3b:0f:
62:01:ca:6c:a9:86:14:0d:7e:05:30:43:01:4f:5d:78:fc:dd:
cb:ea:0f:69:a6:c8:9c:d4:3c:6f:19:e5:dd:69:22:02:95:b7:
2c:05:0f:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4fESlnxhUPUSXUkTuP2gTqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MDM4ZDRjYWNiZDQxOTE5OTUyZWIzNzA5YzE2NTMzODM4
OTAwZTMwHhcNMjYwNTEzMDIwMTE4WhcNMjYwNTE0MDIwMTE4WjAzMTEwLwYDVQQD
EygzMjYyYmMzY2FlNTY0YzU4ZjU5M2YxZDJkNGJiZWVhN2I4NmViMWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTYSwE9CGSN2bxFGPtbKkj4n3Jw+
86KqykAy22dkwwBmnpPbOMow4QZm563ZcTNr+t5bL5nt2oJUryUh/D0DlQlMe6/U
6vSETc9WNyjA3MaYo3Hx4OWMUQKs3QngRFdzw1LGDG/VeAOnG2izfYiNduv8E0dE
gpTPESM5d47n3o1qtDH0o/eipo0cqWh9KR2J7j/SzGfQeFgw07j9jOOeshINE62x
6h1qfNnCw50DqgsnycnwJLB7DbACyDseMHp5/IZxbfTyayM5EQQlqV+EEw2WZhxS
YT7n/pfEW0ay1sGu0ZBJtoYZ5hbWW7jEDawxG06zgHe5F/1CtxrF8emE1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDJivDyuVkxY9ZPx0tS77qe4brHOMB8GA1UdIwQY
MBaAFGgDjUysvUGRmVLrNwnBZTODiQDjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMDcxNjctZDU1MS00MWJhLTg2YTgt
MmY1MGVhMjcyMTNjLzEvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMDcxNjctZDU1MS00MWJhLTg2YTgtMmY1MGVhMjcyMTNj
LzEvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIettsJrO
AtIuryDf/2X+Z1Lmo9zvvEdexcCU1Gg5KJVMt4j6R1pJHxrnWmeWGCuniyUdaveW
rBFwR2OGRDkFsz5rCwcp43U75IgjW/q//2Vb9CIFaH9eVHDmeIetRKhg5MgtujQk
oWkSQQuS+c95cP+hf/X67sM0+FdfF6L9z7vzjKDRm7wBsV4MQw+N6hYjJEwUvcHv
9f5U043/Mc1y73t9nNbfU3AVfPTXhTy5qyyEshWZ7XJjjqPsMBQTMKQoYBVeiMYh
YavL4ZBuC+v3uopxDLm5PTsPYgHKbKmGFA1+BTBDAU9dePzdy+oPaabInNQ8bxnl
3WkiApW3LAUP/w==
-----END CERTIFICATE-----
Generated at Wed May 13 08:44:17 2026 by rpki-client