Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/25e972-2842-4514-8ade-c0166d97010d/1/aXJqlhM2--eCCz10joEvSVyHLTU.mft
File: aXJqlhM2--eCCz10joEvSVyHLTU.mft (raw, json)
Hash identifier: ZR1luEU7PNnBeXWK80QLqa5lpyeuOSZqg2l+565PmPk=
Subject key identifier: 85:2D:08:E8:A0:BD:7C:64:7F:72:C7:29:31:D9:0D:E5:B7:9E:63:49
Authority key identifier: 69:72:6A:96:13:36:FB:E7:82:0B:3D:74:8E:81:2F:49:5C:87:2D:35
Certificate issuer: /CN=69726a961336fbe7820b3d748e812f495c872d35
Certificate serial: 019D28F2CF77973F7C46829AF1AFE6DCFFE6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aXJqlhM2--eCCz10joEvSVyHLTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/25e972-2842-4514-8ade-c0166d97010d/1/aXJqlhM2--eCCz10joEvSVyHLTU.mft
Manifest number: 1077
Signing time: Thu 26 Mar 2026 07:01:34 +0000
Manifest this update: Thu 26 Mar 2026 07:01:34 +0000
Manifest next update: Fri 27 Mar 2026 07:01:34 +0000
Files and hashes: 1: K9_4CpntBLOvMEDnKhqNBu7SoZA.roa (hash: OTRSlqVwxM3FVwoxRVSPz7oWV0SpiqYOgPWN/+iIXpM=)
2: aXJqlhM2--eCCz10joEvSVyHLTU.crl (hash: yTS5zwIEKdRNwSZIfOhQHOmBJeE6lEPqXrZ/t6gG/hA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/25e972-2842-4514-8ade-c0166d97010d/1/aXJqlhM2--eCCz10joEvSVyHLTU.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/25e972-2842-4514-8ade-c0166d97010d/1/aXJqlhM2--eCCz10joEvSVyHLTU.mft
rsync://rpki.ripe.net/repository/DEFAULT/aXJqlhM2--eCCz10joEvSVyHLTU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 07:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:f2:cf:77:97:3f:7c:46:82:9a:f1:af:e6:dc:ff:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69726a961336fbe7820b3d748e812f495c872d35
Validity
Not Before: Mar 26 07:01:34 2026 GMT
Not After : Mar 27 07:01:34 2026 GMT
Subject: CN=852d08e8a0bd7c647f72c72931d90de5b79e6349
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ec:85:9c:23:cf:ef:1c:17:03:3e:34:2a:43:
ba:bc:e4:5a:4c:ac:f7:4f:9c:a5:a9:10:48:a6:32:
ae:63:3a:f0:99:4c:50:38:b8:38:ef:a9:a3:fa:dc:
ca:46:a0:e4:a0:1d:7c:8e:c7:7b:64:46:55:0c:e0:
a1:ae:2e:e6:91:93:14:21:40:13:1f:2c:38:b3:cc:
50:62:5a:a0:4a:9e:a5:eb:5b:72:e9:99:f4:0c:4a:
b2:19:aa:13:1c:7d:b4:f1:35:3f:63:bb:59:8a:4a:
fa:75:d6:47:48:ef:f2:84:eb:1a:9d:92:2b:3a:63:
5a:c5:ae:3a:35:58:bc:57:78:e9:ca:84:3a:f0:1f:
cb:45:81:05:fe:1b:3e:58:89:ad:c1:0d:7d:4c:7d:
ec:93:0d:e8:31:c1:c3:f5:fc:6b:b3:3b:1d:47:46:
ac:8f:c4:10:aa:96:e6:f2:37:36:d4:b3:9f:62:d8:
80:ca:2f:86:17:74:82:0b:c1:c8:11:b8:d7:95:d4:
b6:86:ee:ef:ab:22:b8:70:6c:a1:7f:13:fe:af:e7:
69:4d:7e:1d:1d:56:84:d3:b1:83:e6:94:ea:6c:a6:
85:0c:c5:2c:c3:43:99:ad:ab:31:9e:35:eb:90:58:
af:aa:b8:69:bb:1b:ee:b4:8d:e3:a1:0a:9d:9d:fe:
b4:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:2D:08:E8:A0:BD:7C:64:7F:72:C7:29:31:D9:0D:E5:B7:9E:63:49
X509v3 Authority Key Identifier:
keyid:69:72:6A:96:13:36:FB:E7:82:0B:3D:74:8E:81:2F:49:5C:87:2D:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aXJqlhM2--eCCz10joEvSVyHLTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/25e972-2842-4514-8ade-c0166d97010d/1/aXJqlhM2--eCCz10joEvSVyHLTU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/25e972-2842-4514-8ade-c0166d97010d/1/aXJqlhM2--eCCz10joEvSVyHLTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
34:6d:52:f3:73:63:01:76:bf:ce:58:64:0c:97:e4:71:75:c2:
41:64:99:0d:93:a8:35:64:c0:87:7d:89:ae:a4:27:63:9d:ea:
6f:46:21:e0:5c:56:24:de:58:3a:72:79:f7:f7:cf:97:ad:70:
5e:92:f9:7d:67:9a:98:23:e0:46:53:35:87:54:11:0e:9a:68:
78:a1:cb:12:5c:00:88:8f:6a:fe:1d:98:50:53:9e:46:57:bf:
2d:dc:c3:8d:7d:b4:f0:06:07:ff:84:d9:aa:1f:66:9c:8e:cb:
b7:59:ea:6b:cf:3f:01:7c:df:56:85:66:4f:ee:30:ae:e9:8b:
81:15:e0:29:0d:a9:88:86:1b:b8:27:a3:2e:e2:9f:05:33:de:
07:e5:17:84:fd:36:5c:aa:47:a6:cc:96:78:6d:98:53:95:07:
c3:52:ad:44:34:bc:ed:b2:d4:99:70:23:8e:88:39:e3:11:67:
07:ef:47:47:c1:c3:6c:db:e3:0d:c6:64:7f:eb:02:7d:48:67:
a6:e3:25:1c:17:46:0d:d0:ae:29:21:7e:f7:71:d7:08:c4:8c:
58:a1:30:da:e3:61:3b:fb:19:4a:7a:59:c0:db:50:e6:77:5c:
2c:89:4f:40:2e:b2:08:b5:4e:f5:1f:c8:1b:af:51:a9:2d:dc:
41:11:a2:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8s93lz98RoKa8a/m3P/mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NzI2YTk2MTMzNmZiZTc4MjBiM2Q3NDhlODEyZjQ5NWM4
NzJkMzUwHhcNMjYwMzI2MDcwMTM0WhcNMjYwMzI3MDcwMTM0WjAzMTEwLwYDVQQD
Eyg4NTJkMDhlOGEwYmQ3YzY0N2Y3MmM3MjkzMWQ5MGRlNWI3OWU2MzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+yFnCPP7xwXAz40KkO6vORaTKz3
T5ylqRBIpjKuYzrwmUxQOLg476mj+tzKRqDkoB18jsd7ZEZVDOChri7mkZMUIUAT
Hyw4s8xQYlqgSp6l61ty6Zn0DEqyGaoTHH208TU/Y7tZikr6ddZHSO/yhOsanZIr
OmNaxa46NVi8V3jpyoQ68B/LRYEF/hs+WImtwQ19TH3skw3oMcHD9fxrszsdR0as
j8QQqpbm8jc21LOfYtiAyi+GF3SCC8HIEbjXldS2hu7vqyK4cGyhfxP+r+dpTX4d
HVaE07GD5pTqbKaFDMUsw0OZrasxnjXrkFivqrhpuxvutI3joQqdnf60uQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIUtCOigvXxkf3LHKTHZDeW3nmNJMB8GA1UdIwQY
MBaAFGlyapYTNvvnggs9dI6BL0lchy01MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVhKcWxoTTItLWVDQ3oxMGpvRXZTVnlITFRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8yNWU5NzItMjg0Mi00NTE0LThhZGUt
YzAxNjZkOTcwMTBkLzEvYVhKcWxoTTItLWVDQ3oxMGpvRXZTVnlITFRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8yNWU5NzItMjg0Mi00NTE0LThhZGUtYzAxNjZkOTcwMTBk
LzEvYVhKcWxoTTItLWVDQ3oxMGpvRXZTVnlITFRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANG1S83Nj
AXa/zlhkDJfkcXXCQWSZDZOoNWTAh32JrqQnY53qb0Yh4FxWJN5YOnJ59/fPl61w
XpL5fWeamCPgRlM1h1QRDppoeKHLElwAiI9q/h2YUFOeRle/LdzDjX208AYH/4TZ
qh9mnI7Lt1nqa88/AXzfVoVmT+4wrumLgRXgKQ2piIYbuCejLuKfBTPeB+UXhP02
XKpHpsyWeG2YU5UHw1KtRDS87bLUmXAjjog54xFnB+9HR8HDbNvjDcZkf+sCfUhn
puMlHBdGDdCuKSF+93HXCMSMWKEw2uNhO/sZSnpZwNtQ5ndcLIlPQC6yCLVO9R/I
G69RqS3cQRGiJQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 15:17:51 2026 by rpki-client