Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.mft
File: aCMaUAoKgQjcekNYsQArH9vweZU.mft (raw, json)
Hash identifier: qy2PnAKN1aTKqxPPwA+IxdiclSXnT3lJVgBUyZ8fHI8=
Subject key identifier: 59:7C:67:DF:B8:94:D2:F5:9C:4A:03:9F:E5:0E:3A:ED:85:4B:25:02
Authority key identifier: 68:23:1A:50:0A:0A:81:08:DC:7A:43:58:B1:00:2B:1F:DB:F0:79:95
Certificate issuer: /CN=68231a500a0a8108dc7a4358b1002b1fdbf07995
Certificate serial: 019D2A3B9C21D84A6511981F0FCAE8A1D55D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aCMaUAoKgQjcekNYsQArH9vweZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.mft
Manifest number: 1889
Signing time: Thu 26 Mar 2026 13:00:42 +0000
Manifest this update: Thu 26 Mar 2026 13:00:42 +0000
Manifest next update: Fri 27 Mar 2026 13:00:42 +0000
Files and hashes: 1: aCMaUAoKgQjcekNYsQArH9vweZU.crl (hash: 4kYUeh8leXeGFQDLzyUKomiNdmDPdC2cW26xu2VvcXY=)
2: hnuU_eck5x_jb8etQeMJYN7agCw.roa (hash: WjEdC6KQw2C4VlNncqPImg4Zkitm7oOt+PVE/RuPsE0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.mft
rsync://rpki.ripe.net/repository/DEFAULT/aCMaUAoKgQjcekNYsQArH9vweZU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:3b:9c:21:d8:4a:65:11:98:1f:0f:ca:e8:a1:d5:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68231a500a0a8108dc7a4358b1002b1fdbf07995
Validity
Not Before: Mar 26 13:00:42 2026 GMT
Not After : Mar 27 13:00:42 2026 GMT
Subject: CN=597c67dfb894d2f59c4a039fe50e3aed854b2502
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:64:bf:b9:1b:82:ce:c2:12:2a:3a:19:99:a8:
68:10:1e:aa:f4:9f:ac:bb:2d:f1:1e:b2:d6:69:e1:
16:c4:64:67:db:fe:a9:ee:71:64:ab:33:c0:e5:fe:
4a:d7:37:89:a9:c1:8e:6f:f4:8b:87:da:d8:21:c9:
72:72:63:ed:21:ff:35:0b:5e:aa:26:4d:99:e4:76:
57:8e:4d:fe:99:84:b8:9c:ba:5e:c1:d3:c2:36:0b:
69:5d:84:12:25:0d:62:de:ce:e2:3e:62:20:93:41:
8f:05:9a:50:7d:9e:de:0b:b7:51:e3:0f:be:5b:3a:
34:d5:36:0d:9f:d9:0e:7e:41:d6:7d:1e:4c:26:2e:
0f:12:af:50:37:b6:89:e4:29:2e:c3:dc:3f:ec:89:
8c:c8:46:42:c3:72:2c:11:a6:5d:98:79:84:f0:10:
01:78:fe:e6:fa:8f:19:50:9a:e6:bb:c7:43:12:a8:
87:44:72:0a:bb:28:c6:40:f0:94:d8:62:65:2a:67:
b0:9d:c3:23:08:63:19:66:64:a2:ab:d1:7f:db:72:
b1:a0:d0:9a:3c:a2:3b:c7:f3:5d:00:b1:d8:49:7b:
b6:43:ed:a0:02:35:6f:1b:c4:8c:32:d0:64:0c:24:
41:4a:b0:1c:27:d7:63:49:23:c8:74:22:03:b4:a6:
05:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:7C:67:DF:B8:94:D2:F5:9C:4A:03:9F:E5:0E:3A:ED:85:4B:25:02
X509v3 Authority Key Identifier:
keyid:68:23:1A:50:0A:0A:81:08:DC:7A:43:58:B1:00:2B:1F:DB:F0:79:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aCMaUAoKgQjcekNYsQArH9vweZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8a:3b:75:34:e9:0a:cf:75:7c:95:e1:5f:17:e8:56:c0:bb:da:
97:38:2d:5f:0f:b4:c7:20:b2:ee:e4:45:f9:79:ae:d9:6f:7e:
c0:c2:aa:49:a4:f9:e8:56:d5:a0:e6:12:9f:95:22:0f:f1:64:
d3:64:9e:26:11:e3:56:0c:ba:2d:e6:40:7f:6e:2f:3d:8a:c6:
59:6d:ec:25:24:23:1e:2e:67:7f:86:2b:83:f5:d7:14:17:68:
b5:68:81:f5:b8:52:8f:0f:96:4f:55:65:df:3e:b1:24:13:c4:
b4:ae:51:20:69:12:2c:58:97:93:71:15:1e:31:04:67:65:ef:
f4:25:c6:75:29:56:de:ac:03:0b:43:7c:58:2c:ae:9c:f8:11:
5a:5b:c5:41:45:0d:55:90:d5:37:63:d4:df:c8:17:d6:df:ac:
09:68:79:88:7d:ca:06:84:c2:0b:c9:11:a8:f6:04:72:e7:37:
ae:04:07:22:43:d1:c9:56:63:49:8c:51:b1:63:10:95:96:be:
b5:a9:fc:05:41:cc:9a:94:f6:4d:67:8e:43:7d:24:5b:1b:66:
fa:bc:61:97:34:1b:aa:01:94:3f:04:6b:0e:40:39:d1:ca:4e:
76:9e:5f:a9:5b:0c:ed:23:e1:c1:ff:93:26:6a:85:c8:d8:19:
30:1e:a2:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qO5wh2EplEZgfD8roodVdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MjMxYTUwMGEwYTgxMDhkYzdhNDM1OGIxMDAyYjFmZGJm
MDc5OTUwHhcNMjYwMzI2MTMwMDQyWhcNMjYwMzI3MTMwMDQyWjAzMTEwLwYDVQQD
Eyg1OTdjNjdkZmI4OTRkMmY1OWM0YTAzOWZlNTBlM2FlZDg1NGIyNTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2S/uRuCzsISKjoZmahoEB6q9J+s
uy3xHrLWaeEWxGRn2/6p7nFkqzPA5f5K1zeJqcGOb/SLh9rYIclycmPtIf81C16q
Jk2Z5HZXjk3+mYS4nLpewdPCNgtpXYQSJQ1i3s7iPmIgk0GPBZpQfZ7eC7dR4w++
Wzo01TYNn9kOfkHWfR5MJi4PEq9QN7aJ5Ckuw9w/7ImMyEZCw3IsEaZdmHmE8BAB
eP7m+o8ZUJrmu8dDEqiHRHIKuyjGQPCU2GJlKmewncMjCGMZZmSiq9F/23KxoNCa
PKI7x/NdALHYSXu2Q+2gAjVvG8SMMtBkDCRBSrAcJ9djSSPIdCIDtKYFnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFl8Z9+4lNL1nEoDn+UOOu2FSyUCMB8GA1UdIwQY
MBaAFGgjGlAKCoEI3HpDWLEAKx/b8HmVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUNNYVVBb0tnUWpjZWtOWXNRQXJIOXZ3ZVpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8wMGIwODUtOTk2Ni00Mjc1LWE1MmIt
N2YyM2IzNDY4NmMyLzEvYUNNYVVBb0tnUWpjZWtOWXNRQXJIOXZ3ZVpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8wMGIwODUtOTk2Ni00Mjc1LWE1MmItN2YyM2IzNDY4NmMy
LzEvYUNNYVVBb0tnUWpjZWtOWXNRQXJIOXZ3ZVpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAijt1NOkK
z3V8leFfF+hWwLvalzgtXw+0xyCy7uRF+Xmu2W9+wMKqSaT56FbVoOYSn5UiD/Fk
02SeJhHjVgy6LeZAf24vPYrGWW3sJSQjHi5nf4Yrg/XXFBdotWiB9bhSjw+WT1Vl
3z6xJBPEtK5RIGkSLFiXk3EVHjEEZ2Xv9CXGdSlW3qwDC0N8WCyunPgRWlvFQUUN
VZDVN2PU38gX1t+sCWh5iH3KBoTCC8kRqPYEcuc3rgQHIkPRyVZjSYxRsWMQlZa+
tan8BUHMmpT2TWeOQ30kWxtm+rxhlzQbqgGUPwRrDkA50cpOdp5fqVsM7SPhwf+T
JmqFyNgZMB6iww==
-----END CERTIFICATE-----
Generated at Thu Mar 26 16:28:49 2026 by rpki-client