Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
File: aAONTKy9QZGZUus3CcFlM4OJAOM.mft (raw, json)
Hash identifier: DSRc+HSOg2m3sdk84G/Rdc16U5x7BZ5u6TtcLHkQV5Y=
Subject key identifier: DF:D0:5E:4F:A1:4B:F4:46:EE:40:6E:5D:D3:C8:23:A3:5D:50:05:24
Authority key identifier: 68:03:8D:4C:AC:BD:41:91:99:52:EB:37:09:C1:65:33:83:89:00:E3
Certificate issuer: /CN=68038d4cacbd41919952eb3709c16533838900e3
Certificate serial: 019D27DFAE7467D0C867B6543B2D4A2E4A32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
Manifest number: 188A
Signing time: Thu 26 Mar 2026 02:01:03 +0000
Manifest this update: Thu 26 Mar 2026 02:01:03 +0000
Manifest next update: Fri 27 Mar 2026 02:01:03 +0000
Files and hashes: 1: VUWyLZ0rJ2KWNFwxw_bl1XOWT5Y.roa (hash: h6fu2o5gEs54ynuGXWVxljJh43rB4bmU8/bT0YsjVoE=)
2: aAONTKy9QZGZUus3CcFlM4OJAOM.crl (hash: Kh38DindlX5BFgirqE7kiCPSmagR3mupCTV7XL2Xp38=)
3: tp0SOw0ReetfWj-1nSTTgqHkwxM.roa (hash: XzLhvr/WPwVDdpz3jGaEEAicJMQsJQFmkLSa5mS4sUM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 02:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:df:ae:74:67:d0:c8:67:b6:54:3b:2d:4a:2e:4a:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68038d4cacbd41919952eb3709c16533838900e3
Validity
Not Before: Mar 26 02:01:03 2026 GMT
Not After : Mar 27 02:01:03 2026 GMT
Subject: CN=dfd05e4fa14bf446ee406e5dd3c823a35d500524
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:b4:25:f0:72:51:97:4c:b7:0b:67:ea:c5:6a:
6c:a0:26:c2:af:2e:81:f3:ae:4d:47:04:db:93:0c:
08:d0:8d:53:91:ae:c0:0d:f1:db:12:10:fd:af:52:
b6:a0:1b:4c:49:2a:27:b1:35:4b:65:6d:d3:1f:39:
4f:59:03:20:b5:33:28:44:c9:2e:95:bb:d3:68:b5:
86:cb:93:07:36:a8:35:e7:aa:9c:a1:cb:38:e6:f8:
5f:ae:bf:68:c7:e1:78:52:b1:4e:73:fa:d2:05:76:
7d:4a:d1:3e:e4:ad:66:f9:2c:da:b4:4d:49:e8:97:
49:15:87:b7:29:52:8a:79:9f:d5:b9:fa:58:b6:6f:
d0:1f:70:6d:6a:79:be:f1:d2:3f:16:ef:2c:22:24:
84:68:12:f5:4a:36:d4:05:1c:29:78:ec:6d:68:3b:
2c:40:3b:54:6e:62:75:39:6e:66:79:e6:0a:72:74:
a8:b3:95:5b:26:7d:1b:14:e1:a4:d3:4c:75:23:46:
46:8e:a8:01:11:07:32:41:67:10:ca:49:9b:16:5a:
46:77:fb:0c:2c:e7:7f:2d:06:d1:2e:1f:28:34:21:
dc:f1:f7:d9:64:76:50:c3:3b:ac:9d:fe:d0:3a:d1:
50:7b:f9:f4:e5:c3:d5:19:4f:48:9d:dc:56:fb:6b:
42:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:D0:5E:4F:A1:4B:F4:46:EE:40:6E:5D:D3:C8:23:A3:5D:50:05:24
X509v3 Authority Key Identifier:
keyid:68:03:8D:4C:AC:BD:41:91:99:52:EB:37:09:C1:65:33:83:89:00:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9b:0f:d8:79:62:2b:73:b2:c8:d3:17:7d:87:ef:46:7d:79:8d:
aa:2c:80:3a:35:28:1c:27:81:52:a6:7b:5a:92:17:62:07:6b:
c3:75:33:a5:c1:37:5d:e4:19:e2:b5:b1:02:15:24:27:e0:99:
41:07:fd:3f:97:cc:5d:a5:b1:aa:b6:6e:86:cb:30:db:83:4f:
8f:e7:00:77:45:2a:6a:4e:c8:6d:ac:e9:fc:53:0f:6f:d8:c1:
ab:0a:b6:54:e0:fe:06:d8:aa:6e:81:b9:89:a0:d7:17:e7:f4:
9b:34:5b:c9:a9:f6:65:6a:5b:a1:03:d3:40:56:0c:12:b3:82:
51:f4:64:1d:26:d6:a3:e1:3c:8c:55:bf:df:ea:dc:fe:8c:59:
62:f1:47:18:b0:72:5d:f5:0e:14:dd:ca:45:7c:b2:f2:19:c1:
a3:e3:3b:9b:ff:20:aa:35:06:33:71:9e:9a:08:d4:1e:88:d0:
47:a1:81:c8:58:63:0c:28:87:49:d1:f5:c2:a7:f1:c1:ba:54:
0f:c5:04:5c:ef:5c:06:97:8d:68:95:51:1d:4f:40:4d:a6:e6:
2e:28:27:51:e4:51:88:01:c8:e8:af:6c:6b:7f:c0:83:6d:b6:
b2:d5:1f:36:4d:77:43:51:50:66:b3:b3:65:89:93:d0:8b:b5:
4e:20:88:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n3650Z9DIZ7ZUOy1KLkoyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MDM4ZDRjYWNiZDQxOTE5OTUyZWIzNzA5YzE2NTMzODM4
OTAwZTMwHhcNMjYwMzI2MDIwMTAzWhcNMjYwMzI3MDIwMTAzWjAzMTEwLwYDVQQD
EyhkZmQwNWU0ZmExNGJmNDQ2ZWU0MDZlNWRkM2M4MjNhMzVkNTAwNTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLQl8HJRl0y3C2fqxWpsoCbCry6B
865NRwTbkwwI0I1Tka7ADfHbEhD9r1K2oBtMSSonsTVLZW3THzlPWQMgtTMoRMku
lbvTaLWGy5MHNqg156qcocs45vhfrr9ox+F4UrFOc/rSBXZ9StE+5K1m+SzatE1J
6JdJFYe3KVKKeZ/VufpYtm/QH3Btanm+8dI/Fu8sIiSEaBL1SjbUBRwpeOxtaDss
QDtUbmJ1OW5meeYKcnSos5VbJn0bFOGk00x1I0ZGjqgBEQcyQWcQykmbFlpGd/sM
LOd/LQbRLh8oNCHc8ffZZHZQwzusnf7QOtFQe/n05cPVGU9IndxW+2tCewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN/QXk+hS/RG7kBuXdPII6NdUAUkMB8GA1UdIwQY
MBaAFGgDjUysvUGRmVLrNwnBZTODiQDjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMDcxNjctZDU1MS00MWJhLTg2YTgt
MmY1MGVhMjcyMTNjLzEvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMDcxNjctZDU1MS00MWJhLTg2YTgtMmY1MGVhMjcyMTNj
LzEvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmw/YeWIr
c7LI0xd9h+9GfXmNqiyAOjUoHCeBUqZ7WpIXYgdrw3UzpcE3XeQZ4rWxAhUkJ+CZ
QQf9P5fMXaWxqrZuhssw24NPj+cAd0Uqak7Ibazp/FMPb9jBqwq2VOD+BtiqboG5
iaDXF+f0mzRbyan2ZWpboQPTQFYMErOCUfRkHSbWo+E8jFW/3+rc/oxZYvFHGLBy
XfUOFN3KRXyy8hnBo+M7m/8gqjUGM3GemgjUHojQR6GByFhjDCiHSdH1wqfxwbpU
D8UEXO9cBpeNaJVRHU9ATabmLignUeRRiAHI6K9sa3/Ag222stUfNk13Q1FQZrOz
ZYmT0Iu1TiCIvg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 13:02:00 2026 by rpki-client