Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.mft
File: aMXwmzqQOVDz_NGyVQhu3kh26xE.mft (raw, json)
Hash identifier: iAi30k5q27zkBN7tyvXpZehUB5D6Y1BV+oRxzJSW2SU=
Subject key identifier: 1F:83:61:26:23:13:14:13:D5:AC:E1:23:CB:11:0C:CB:36:28:E0:6E
Authority key identifier: 68:C5:F0:9B:3A:90:39:50:F3:FC:D1:B2:55:08:6E:DE:48:76:EB:11
Certificate issuer: /CN=68c5f09b3a903950f3fcd1b255086ede4876eb11
Certificate serial: 019D2695FD46BF8BF89CCC9E14ED36511A71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMXwmzqQOVDz_NGyVQhu3kh26xE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.mft
Manifest number: 17DA
Signing time: Wed 25 Mar 2026 20:00:56 +0000
Manifest this update: Wed 25 Mar 2026 20:00:56 +0000
Manifest next update: Thu 26 Mar 2026 20:00:56 +0000
Files and hashes: 1: HqknbCtl1Axe3TPw1P6jDONpLVc.roa (hash: ZnfnJYZ+e5B0J97RREAVHfbNjcFtOONy33iXAx75Pag=)
2: XUSo3Kod1tZHWF61VODjOx3wrpM.roa (hash: QhGQD15vAX85W4GYn0mpZU7ZappGzzCqkYs2qWxrAto=)
3: aMXwmzqQOVDz_NGyVQhu3kh26xE.crl (hash: TQcXLy2PTi49VkFN2hB45aPlw7luIoWhUJL7bo6tlcE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.mft
rsync://rpki.ripe.net/repository/DEFAULT/aMXwmzqQOVDz_NGyVQhu3kh26xE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:95:fd:46:bf:8b:f8:9c:cc:9e:14:ed:36:51:1a:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c5f09b3a903950f3fcd1b255086ede4876eb11
Validity
Not Before: Mar 25 20:00:56 2026 GMT
Not After : Mar 26 20:00:56 2026 GMT
Subject: CN=1f83612623131413d5ace123cb110ccb3628e06e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:cf:db:78:74:61:9e:6f:78:71:38:09:80:6e:
b0:96:6f:33:87:58:ab:64:b2:bf:d0:d3:51:b0:af:
4d:ed:ca:66:93:78:87:0f:68:14:32:76:b2:aa:33:
cc:1c:07:6f:4b:26:08:eb:21:22:f6:0a:f9:0d:90:
aa:2d:4d:eb:af:2a:f7:46:8d:19:39:81:2b:b7:1e:
e5:8b:40:02:10:69:8b:81:76:12:74:75:d6:07:cf:
c8:0e:ad:75:30:e9:a1:5c:ab:08:4a:1c:5d:3d:31:
cc:4a:6c:1b:35:89:7a:20:11:1e:c9:b2:32:f7:ef:
c1:67:93:cb:68:16:7c:cb:ac:4d:b2:4f:50:2e:e9:
c5:4d:10:81:09:62:c3:49:0d:6b:0d:f4:59:e1:ec:
a5:19:66:d2:09:58:27:e5:0f:a8:d0:45:a2:f2:81:
dc:8a:97:b2:70:17:67:6b:d6:a1:e1:13:39:51:2c:
7f:12:d8:ad:18:8b:dd:1e:5b:68:23:12:17:1b:13:
96:74:1d:08:c9:d6:99:0d:d0:54:cd:cb:19:1e:88:
43:4f:d6:51:84:c5:5e:bc:7c:a8:27:e6:1f:8c:d5:
fb:06:f6:9c:b0:b4:19:fc:0e:0d:52:96:58:cc:a4:
ef:fb:5e:94:45:fc:51:2d:7c:5e:5a:0f:cd:31:c3:
e5:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:83:61:26:23:13:14:13:D5:AC:E1:23:CB:11:0C:CB:36:28:E0:6E
X509v3 Authority Key Identifier:
keyid:68:C5:F0:9B:3A:90:39:50:F3:FC:D1:B2:55:08:6E:DE:48:76:EB:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMXwmzqQOVDz_NGyVQhu3kh26xE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
89:cf:b8:5d:e4:2f:b2:e1:d6:64:78:2f:fb:ed:be:8a:ed:e9:
14:59:30:9c:bb:4f:35:9b:7a:fd:0f:c1:a0:a8:d3:8e:3c:99:
4c:13:81:8f:94:92:65:b2:72:e6:b7:0c:24:18:2e:17:18:59:
fc:9d:1f:4d:cc:22:09:3b:0b:56:75:8f:3b:aa:38:87:d1:59:
73:13:3d:cd:4d:39:8d:de:4e:c0:ac:ac:07:53:73:a6:00:00:
74:bb:21:fd:89:1e:38:67:23:d9:a6:37:cf:f1:fa:dd:bf:42:
09:d4:6b:9b:b6:3d:25:c8:7c:00:42:68:be:75:c9:34:66:19:
1e:7b:d9:6c:07:a6:64:38:aa:61:a9:df:fb:80:55:be:77:28:
1f:f2:04:b3:95:79:f3:b7:2b:e7:05:cf:b7:fa:d8:2e:0a:3f:
73:04:15:c5:04:04:c8:95:72:f5:20:8a:48:55:cf:bb:d7:6e:
62:07:6d:43:7f:fa:54:47:15:f1:c3:ed:5f:0f:cb:71:f8:d3:
1e:83:0f:ca:66:ec:70:4e:31:99:6e:67:17:26:a9:bb:7f:eb:
c7:ea:41:ad:f0:dc:c2:e9:ee:35:24:e3:4c:17:be:bb:79:33:
cf:6f:73:7e:cf:42:98:9a:05:cb:99:45:c7:6c:75:6e:dd:97:
33:41:82:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mlf1Gv4v4nMyeFO02URpxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzVmMDliM2E5MDM5NTBmM2ZjZDFiMjU1MDg2ZWRlNDg3
NmViMTEwHhcNMjYwMzI1MjAwMDU2WhcNMjYwMzI2MjAwMDU2WjAzMTEwLwYDVQQD
EygxZjgzNjEyNjIzMTMxNDEzZDVhY2UxMjNjYjExMGNjYjM2MjhlMDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtc/beHRhnm94cTgJgG6wlm8zh1ir
ZLK/0NNRsK9N7cpmk3iHD2gUMnayqjPMHAdvSyYI6yEi9gr5DZCqLU3rryr3Ro0Z
OYErtx7li0ACEGmLgXYSdHXWB8/IDq11MOmhXKsIShxdPTHMSmwbNYl6IBEeybIy
9+/BZ5PLaBZ8y6xNsk9QLunFTRCBCWLDSQ1rDfRZ4eylGWbSCVgn5Q+o0EWi8oHc
ipeycBdna9ah4RM5USx/EtitGIvdHltoIxIXGxOWdB0IydaZDdBUzcsZHohDT9ZR
hMVevHyoJ+YfjNX7BvacsLQZ/A4NUpZYzKTv+16URfxRLXxeWg/NMcPlCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB+DYSYjExQT1azhI8sRDMs2KOBuMB8GA1UdIwQY
MBaAFGjF8Js6kDlQ8/zRslUIbt5IdusRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1Yd216cVFPVkR6X05HeVZRaHUza2gyNnhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9lZmExOGQtMDkwNy00NTkzLWFiYjgt
OTQ4MDI2MzZiYWQ5LzEvYU1Yd216cVFPVkR6X05HeVZRaHUza2gyNnhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9lZmExOGQtMDkwNy00NTkzLWFiYjgtOTQ4MDI2MzZiYWQ5
LzEvYU1Yd216cVFPVkR6X05HeVZRaHUza2gyNnhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAic+4XeQv
suHWZHgv++2+iu3pFFkwnLtPNZt6/Q/BoKjTjjyZTBOBj5SSZbJy5rcMJBguFxhZ
/J0fTcwiCTsLVnWPO6o4h9FZcxM9zU05jd5OwKysB1NzpgAAdLsh/YkeOGcj2aY3
z/H63b9CCdRrm7Y9Jch8AEJovnXJNGYZHnvZbAemZDiqYanf+4BVvncoH/IEs5V5
87cr5wXPt/rYLgo/cwQVxQQEyJVy9SCKSFXPu9duYgdtQ3/6VEcV8cPtXw/LcfjT
HoMPymbscE4xmW5nFyapu3/rx+pBrfDcwunuNSTjTBe+u3kzz29zfs9CmJoFy5lF
x2x1bt2XM0GC2Q==
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:59:33 2026 by rpki-client