Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
File: aNQlzHsbeICodfdr7agP4xCTGe0.mft (raw, json)
Hash identifier: XscrLKJmHzC1c6jXwBK5274BWtZXLQK8b9AuqKHikX4=
Subject key identifier: AD:44:B0:D5:62:AD:12:EF:5E:B2:84:FB:71:74:04:9A:41:79:D1:B8
Authority key identifier: 68:D4:25:CC:7B:1B:78:80:A8:75:F7:6B:ED:A8:0F:E3:10:93:19:ED
Certificate issuer: /CN=68d425cc7b1b7880a875f76beda80fe3109319ed
Certificate serial: 019D2884B9203FB66BD18AE5BC2EF8AF38D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
Manifest number: 1888
Signing time: Thu 26 Mar 2026 05:01:19 +0000
Manifest this update: Thu 26 Mar 2026 05:01:19 +0000
Manifest next update: Fri 27 Mar 2026 05:01:19 +0000
Files and hashes: 1: 9V6-AqA_4zEech3d9e-zrslLlYg.roa (hash: 2ZWDpKA0ocbpi4aN6axitNn05JRLFs0cLkW8mMIC92U=)
2: aNQlzHsbeICodfdr7agP4xCTGe0.crl (hash: Vy7WEAphH408KxIMbifTyvmB1ItBXq4vy+kAaNaOio4=)
3: s_Oj6JBKTNB4x3fb0XdQ9zvwP1o.roa (hash: 0jQdDlhdIZaz2WGN97YHIXqbtv/kRGloASKQBe2397Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 05:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:84:b9:20:3f:b6:6b:d1:8a:e5:bc:2e:f8:af:38:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68d425cc7b1b7880a875f76beda80fe3109319ed
Validity
Not Before: Mar 26 05:01:19 2026 GMT
Not After : Mar 27 05:01:19 2026 GMT
Subject: CN=ad44b0d562ad12ef5eb284fb7174049a4179d1b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:15:71:08:45:4a:b0:a0:bb:e5:36:81:d6:89:
32:58:fa:ca:68:a4:c1:82:bd:f4:5f:4c:15:14:b3:
1d:30:c5:59:0d:9c:da:f6:9b:6c:51:e4:32:fe:22:
84:bb:fc:23:3e:49:d4:a1:9f:c5:88:6d:a2:3f:4b:
ca:d6:6b:33:c5:23:6f:33:e0:4b:2b:31:e3:2a:a0:
18:ae:c9:d6:b6:b8:e5:64:c2:08:59:9b:e9:0c:bc:
b9:33:69:26:c7:ba:58:9f:b5:9c:de:fa:f1:f9:92:
a2:e4:dd:a9:d3:95:ef:69:4b:7a:a3:65:94:1c:05:
5e:f6:a8:b6:84:f3:4d:12:d9:14:2c:87:73:83:d4:
bc:13:5a:87:6b:9c:9e:d9:c8:7b:e4:31:0e:f4:6a:
4a:ba:0d:69:4c:c1:9c:47:d3:d3:76:95:ba:46:be:
9d:0e:8a:43:3b:cf:df:29:6b:3c:84:17:b2:1d:28:
46:af:14:b4:26:07:f4:1e:07:df:e0:36:88:58:3d:
be:c1:7a:7c:76:9d:aa:b3:79:2e:48:5d:8b:86:c8:
28:8a:f2:bd:b1:6e:02:7e:ea:ac:d8:8f:fd:db:38:
53:92:7b:2b:b7:aa:be:55:d2:ff:17:e9:7b:6c:4c:
af:20:8c:23:3c:ac:fb:75:87:80:f6:54:14:fc:a3:
6c:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:44:B0:D5:62:AD:12:EF:5E:B2:84:FB:71:74:04:9A:41:79:D1:B8
X509v3 Authority Key Identifier:
keyid:68:D4:25:CC:7B:1B:78:80:A8:75:F7:6B:ED:A8:0F:E3:10:93:19:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
56:f8:fc:9f:a5:35:fd:e7:de:bc:38:67:e1:61:c4:a6:d2:93:
42:4e:33:5d:4c:22:e0:b3:ae:60:15:74:a9:76:e9:20:27:9c:
1a:95:c8:5a:a8:48:d3:de:db:39:1a:6d:27:34:ed:8d:40:d9:
f9:c4:a1:1d:3c:4a:3c:2e:37:ae:f2:de:36:56:e6:18:28:b4:
24:6d:ed:d7:85:66:c3:9c:8e:ba:fe:9d:2b:0f:bc:95:82:ac:
6e:9a:bc:e0:8c:be:ac:25:08:90:f3:7f:d7:0a:6e:e9:22:9d:
90:f7:8e:ec:ab:6e:44:e9:61:56:97:7c:93:a2:dc:e4:9f:c6:
6c:a6:0e:89:5b:35:60:2b:ba:ea:5a:d9:20:36:83:06:40:57:
03:4a:16:90:34:d1:96:0a:25:e7:8a:b6:a6:1b:c0:49:e3:69:
83:d3:34:bd:35:da:53:09:bd:dd:25:02:bc:14:32:35:74:26:
a2:a0:ce:46:d7:fd:23:01:71:1b:54:90:3d:f5:8a:ae:28:5b:
b5:0f:32:36:fb:4f:c3:13:08:4b:c5:6c:5c:04:e9:37:c4:a5:
bb:87:c0:38:82:5a:9c:e2:dc:55:a8:1b:34:0e:24:79:98:fe:
a0:c7:15:e4:54:d6:b8:26:35:a4:b8:a3:78:1f:10:d5:fa:99:
9d:f4:86:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ohLkgP7Zr0YrlvC74rzjYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZDQyNWNjN2IxYjc4ODBhODc1Zjc2YmVkYTgwZmUzMTA5
MzE5ZWQwHhcNMjYwMzI2MDUwMTE5WhcNMjYwMzI3MDUwMTE5WjAzMTEwLwYDVQQD
EyhhZDQ0YjBkNTYyYWQxMmVmNWViMjg0ZmI3MTc0MDQ5YTQxNzlkMWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6BVxCEVKsKC75TaB1okyWPrKaKTB
gr30X0wVFLMdMMVZDZza9ptsUeQy/iKEu/wjPknUoZ/FiG2iP0vK1mszxSNvM+BL
KzHjKqAYrsnWtrjlZMIIWZvpDLy5M2kmx7pYn7Wc3vrx+ZKi5N2p05XvaUt6o2WU
HAVe9qi2hPNNEtkULIdzg9S8E1qHa5ye2ch75DEO9GpKug1pTMGcR9PTdpW6Rr6d
DopDO8/fKWs8hBeyHShGrxS0Jgf0Hgff4DaIWD2+wXp8dp2qs3kuSF2LhsgoivK9
sW4Cfuqs2I/92zhTknsrt6q+VdL/F+l7bEyvIIwjPKz7dYeA9lQU/KNsjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK1EsNVirRLvXrKE+3F0BJpBedG4MB8GA1UdIwQY
MBaAFGjUJcx7G3iAqHX3a+2oD+MQkxntMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9jMGY3ZTMtNjNiOS00YTVmLTk2Y2Et
NWM0NWI2MThmOTkwLzEvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9jMGY3ZTMtNjNiOS00YTVmLTk2Y2EtNWM0NWI2MThmOTkw
LzEvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVvj8n6U1
/efevDhn4WHEptKTQk4zXUwi4LOuYBV0qXbpICecGpXIWqhI097bORptJzTtjUDZ
+cShHTxKPC43rvLeNlbmGCi0JG3t14Vmw5yOuv6dKw+8lYKsbpq84Iy+rCUIkPN/
1wpu6SKdkPeO7KtuROlhVpd8k6Lc5J/GbKYOiVs1YCu66lrZIDaDBkBXA0oWkDTR
lgol54q2phvASeNpg9M0vTXaUwm93SUCvBQyNXQmoqDORtf9IwFxG1SQPfWKrihb
tQ8yNvtPwxMIS8VsXATpN8Slu4fAOIJanOLcVagbNA4keZj+oMcV5FTWuCY1pLij
eB8Q1fqZnfSGlw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:51:48 2026 by rpki-client