Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
File: aAONTKy9QZGZUus3CcFlM4OJAOM.mft (raw, json)
Hash identifier: imsGr8275bkusfzyNKNxax3V8g2eGhBli1m70yEbYOo=
Subject key identifier: D7:09:AF:3B:F4:83:13:8C:32:C5:80:7C:A9:1F:F9:90:B0:CA:DF:B4
Authority key identifier: 68:03:8D:4C:AC:BD:41:91:99:52:EB:37:09:C1:65:33:83:89:00:E3
Certificate issuer: /CN=68038d4cacbd41919952eb3709c16533838900e3
Certificate serial: 019D29CEB4951B95309C058BE42D976A2656
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
Manifest number: 188B
Signing time: Thu 26 Mar 2026 11:01:45 +0000
Manifest this update: Thu 26 Mar 2026 11:01:45 +0000
Manifest next update: Fri 27 Mar 2026 11:01:45 +0000
Files and hashes: 1: VUWyLZ0rJ2KWNFwxw_bl1XOWT5Y.roa (hash: h6fu2o5gEs54ynuGXWVxljJh43rB4bmU8/bT0YsjVoE=)
2: aAONTKy9QZGZUus3CcFlM4OJAOM.crl (hash: uZHxUGsIajbaxGtrqoxzXLNGcSco4xdQkeR1qHeKWVM=)
3: tp0SOw0ReetfWj-1nSTTgqHkwxM.roa (hash: XzLhvr/WPwVDdpz3jGaEEAicJMQsJQFmkLSa5mS4sUM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:ce:b4:95:1b:95:30:9c:05:8b:e4:2d:97:6a:26:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68038d4cacbd41919952eb3709c16533838900e3
Validity
Not Before: Mar 26 11:01:45 2026 GMT
Not After : Mar 27 11:01:45 2026 GMT
Subject: CN=d709af3bf483138c32c5807ca91ff990b0cadfb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:68:2d:5d:f5:82:e0:51:ca:bb:59:a2:cd:9f:
b1:cb:81:8a:6a:78:15:1f:96:43:27:88:0e:a4:f4:
01:d8:53:e1:bf:6c:e9:39:b7:55:88:c0:96:ae:da:
d7:31:df:35:aa:6b:f2:b5:40:a2:eb:0e:42:60:f9:
5e:6d:10:03:16:fc:12:4d:df:f1:9b:87:d3:a9:0a:
f4:7f:b3:2f:4d:28:f7:37:1c:e0:7d:5c:4a:eb:87:
dd:f1:4d:eb:eb:13:17:9f:71:5a:cf:f8:23:c7:5c:
95:6e:b1:28:7a:d0:07:b1:e8:81:f7:58:be:31:b7:
84:3d:91:f0:42:34:83:49:c3:a9:41:24:4a:d5:b3:
e1:2d:1b:10:b6:bd:3e:68:ab:f8:0d:a2:91:2f:cc:
15:29:e1:e2:0a:ea:c9:5e:5b:de:e6:16:88:9d:4e:
29:b8:89:71:cd:54:45:bb:78:68:6d:1d:65:15:41:
54:a2:5c:4a:82:9e:00:38:7d:ea:bb:12:e1:b0:f2:
ce:1c:62:c3:aa:80:87:94:e2:23:00:b7:d5:7c:80:
c3:3a:48:0b:72:68:27:e7:2e:76:2e:15:ce:94:50:
e3:df:c8:72:2e:42:3e:9f:a7:0f:e1:7e:52:92:d9:
84:29:0e:91:96:c2:e1:ab:9b:3a:e6:12:d5:1d:72:
43:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:09:AF:3B:F4:83:13:8C:32:C5:80:7C:A9:1F:F9:90:B0:CA:DF:B4
X509v3 Authority Key Identifier:
keyid:68:03:8D:4C:AC:BD:41:91:99:52:EB:37:09:C1:65:33:83:89:00:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
01:ed:75:cb:7a:c9:0d:83:11:da:c0:b6:6a:ce:b1:6e:26:a8:
3f:c2:19:89:b1:82:93:27:cf:68:68:97:ef:a2:88:d0:f9:20:
8c:2c:1e:6d:11:98:67:d5:29:6d:16:e4:6c:0d:0f:c2:3e:4f:
61:e6:b0:57:f8:6c:77:49:58:c8:96:21:b1:24:a3:bf:e7:94:
4a:bc:c8:33:f2:42:65:1e:dd:dc:74:62:d9:f8:bd:66:bd:48:
70:71:9a:27:e2:ea:85:96:d6:c9:2c:34:79:3b:db:73:7d:20:
fc:ff:c2:03:b2:8e:83:cd:b8:fd:96:91:65:3b:1f:74:ca:e3:
ff:63:db:4f:b7:55:24:df:d3:e9:8e:2a:90:29:cd:e7:33:bb:
de:71:3d:f9:2d:54:f0:4a:36:89:f1:57:c0:28:63:f2:66:1d:
00:10:25:b9:18:b9:4f:a2:60:2a:40:01:fd:70:e0:3f:66:22:
36:2c:d8:06:9d:e0:9e:c0:15:ff:1b:4c:98:11:e1:88:60:87:
41:c4:f2:74:54:f1:bd:ac:39:80:5f:b8:69:e8:0c:db:e5:23:
cc:3f:e5:99:41:10:4e:84:da:b7:7d:a8:a9:ee:5e:40:a0:b6:
43:f3:96:93:70:4a:64:88:4c:73:7a:fa:44:58:e8:45:f4:bd:
d7:50:a8:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pzrSVG5UwnAWL5C2XaiZWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MDM4ZDRjYWNiZDQxOTE5OTUyZWIzNzA5YzE2NTMzODM4
OTAwZTMwHhcNMjYwMzI2MTEwMTQ1WhcNMjYwMzI3MTEwMTQ1WjAzMTEwLwYDVQQD
EyhkNzA5YWYzYmY0ODMxMzhjMzJjNTgwN2NhOTFmZjk5MGIwY2FkZmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2gtXfWC4FHKu1mizZ+xy4GKangV
H5ZDJ4gOpPQB2FPhv2zpObdViMCWrtrXMd81qmvytUCi6w5CYPlebRADFvwSTd/x
m4fTqQr0f7MvTSj3NxzgfVxK64fd8U3r6xMXn3Faz/gjx1yVbrEoetAHseiB91i+
MbeEPZHwQjSDScOpQSRK1bPhLRsQtr0+aKv4DaKRL8wVKeHiCurJXlve5haInU4p
uIlxzVRFu3hobR1lFUFUolxKgp4AOH3quxLhsPLOHGLDqoCHlOIjALfVfIDDOkgL
cmgn5y52LhXOlFDj38hyLkI+n6cP4X5SktmEKQ6RlsLhq5s65hLVHXJD/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNcJrzv0gxOMMsWAfKkf+ZCwyt+0MB8GA1UdIwQY
MBaAFGgDjUysvUGRmVLrNwnBZTODiQDjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMDcxNjctZDU1MS00MWJhLTg2YTgt
MmY1MGVhMjcyMTNjLzEvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMDcxNjctZDU1MS00MWJhLTg2YTgtMmY1MGVhMjcyMTNj
LzEvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAe11y3rJ
DYMR2sC2as6xbiaoP8IZibGCkyfPaGiX76KI0PkgjCwebRGYZ9UpbRbkbA0Pwj5P
YeawV/hsd0lYyJYhsSSjv+eUSrzIM/JCZR7d3HRi2fi9Zr1IcHGaJ+LqhZbWySw0
eTvbc30g/P/CA7KOg824/ZaRZTsfdMrj/2PbT7dVJN/T6Y4qkCnN5zO73nE9+S1U
8Eo2ifFXwChj8mYdABAluRi5T6JgKkAB/XDgP2YiNizYBp3gnsAV/xtMmBHhiGCH
QcTydFTxvaw5gF+4aegM2+UjzD/lmUEQToTat32oqe5eQKC2Q/OWk3BKZIhMc3r6
RFjoRfS911CoOg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:55:47 2026 by rpki-client