Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/ae1166-d606-45b7-9a22-7bc83220fb62/1/l_aXATQzuJHWRpfZKGY75zTbpOc.mft
File: l_aXATQzuJHWRpfZKGY75zTbpOc.mft (raw, json)
Hash identifier: Dxx+182gUxCVSviBPQkBdiJBGdGPdfrbcXgAIYQj+1o=
Subject key identifier: 99:51:00:AB:A7:E0:D8:8B:7F:24:B1:E0:D4:73:51:FA:55:F7:51:85
Authority key identifier: 97:F6:97:01:34:33:B8:91:D6:46:97:D9:28:66:3B:E7:34:DB:A4:E7
Certificate issuer: /CN=97f697013433b891d64697d928663be734dba4e7
Certificate serial: 019D284DB68BF31A511D7D24EC54C0A9BB77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l_aXATQzuJHWRpfZKGY75zTbpOc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/ae1166-d606-45b7-9a22-7bc83220fb62/1/l_aXATQzuJHWRpfZKGY75zTbpOc.mft
Manifest number: 1888
Signing time: Thu 26 Mar 2026 04:01:14 +0000
Manifest this update: Thu 26 Mar 2026 04:01:14 +0000
Manifest next update: Fri 27 Mar 2026 04:01:14 +0000
Files and hashes: 1: CwgZcUkyKLt048Oqe9IkcFcNcGM.roa (hash: 863NNHY2dcVFVj1Sa4r+ACtbVTP+iPOTXWUzEVvig7k=)
2: l_aXATQzuJHWRpfZKGY75zTbpOc.crl (hash: FDU6Jgf4QUmoJjHmBEBYC5revcdgXezDUnjxMECUg78=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/ae1166-d606-45b7-9a22-7bc83220fb62/1/l_aXATQzuJHWRpfZKGY75zTbpOc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/ae1166-d606-45b7-9a22-7bc83220fb62/1/l_aXATQzuJHWRpfZKGY75zTbpOc.mft
rsync://rpki.ripe.net/repository/DEFAULT/l_aXATQzuJHWRpfZKGY75zTbpOc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:4d:b6:8b:f3:1a:51:1d:7d:24:ec:54:c0:a9:bb:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97f697013433b891d64697d928663be734dba4e7
Validity
Not Before: Mar 26 04:01:14 2026 GMT
Not After : Mar 27 04:01:14 2026 GMT
Subject: CN=995100aba7e0d88b7f24b1e0d47351fa55f75185
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ed:c7:0d:1e:5f:8b:c8:80:d5:63:8b:50:31:
06:68:5a:91:60:3c:5d:e7:95:07:87:bb:d2:1e:e5:
fc:14:b0:86:db:d2:97:1a:f7:84:f4:0e:c1:59:cb:
08:18:3e:39:17:20:ba:c5:aa:1f:75:fd:0d:17:84:
a8:e2:49:84:c0:fa:b0:e7:43:5d:86:16:43:d5:77:
b4:33:fc:7e:53:7c:48:56:67:8d:97:2e:3d:0e:3f:
15:06:a9:d4:d3:cf:e6:f4:4f:27:3d:54:8f:97:43:
fb:f0:69:b6:8f:fa:64:f2:d6:45:bf:3d:98:2e:a9:
e6:30:16:3c:93:9c:51:1f:09:d3:a7:6d:75:1d:e9:
10:16:11:14:e7:cc:16:d6:bb:08:f8:e1:60:82:fa:
4f:27:24:ec:65:8b:00:19:8b:43:e6:60:1f:aa:c7:
56:0a:41:c0:b7:c6:9b:40:86:ba:fd:1c:fe:47:bd:
b2:e3:8c:52:71:18:e6:1c:e9:76:0b:e8:56:c0:89:
a2:0a:b1:fc:8f:22:db:12:a6:f9:84:0e:f8:11:0f:
07:f4:a8:4a:f7:c4:9f:68:ae:98:90:f6:36:98:ef:
bc:ea:09:a5:14:39:1a:f2:b3:f7:77:39:35:00:21:
ad:56:a0:75:a2:ff:12:31:57:b7:98:d5:ee:46:0e:
a1:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:51:00:AB:A7:E0:D8:8B:7F:24:B1:E0:D4:73:51:FA:55:F7:51:85
X509v3 Authority Key Identifier:
keyid:97:F6:97:01:34:33:B8:91:D6:46:97:D9:28:66:3B:E7:34:DB:A4:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l_aXATQzuJHWRpfZKGY75zTbpOc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/ae1166-d606-45b7-9a22-7bc83220fb62/1/l_aXATQzuJHWRpfZKGY75zTbpOc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/ae1166-d606-45b7-9a22-7bc83220fb62/1/l_aXATQzuJHWRpfZKGY75zTbpOc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
49:bd:5a:67:64:7d:28:d2:8b:69:fb:1d:72:b7:9e:6a:b7:54:
fc:82:15:1e:93:24:2a:5f:39:bf:f6:df:2a:5b:2f:d3:37:94:
1c:93:a7:77:4c:0b:de:9f:98:e6:34:3e:61:5c:78:3a:54:f3:
ba:0d:21:5b:a3:fd:e3:ec:00:be:3c:5b:4e:f4:02:66:b8:4f:
16:69:70:1d:a3:a0:e1:51:3f:a3:2d:77:a0:9c:3b:f0:ba:ea:
c1:ed:fb:c1:c8:29:ff:8a:37:c0:2d:bf:f8:2b:da:eb:59:68:
31:03:5b:1d:9a:3c:09:9f:17:d8:87:b0:38:4a:32:b8:52:1d:
4f:e0:05:e5:c9:4f:21:f6:35:e7:82:01:b1:28:c0:a6:c0:9c:
8a:06:5f:cd:0a:8b:10:30:f6:b4:c2:22:55:da:b5:96:3f:b6:
5e:95:73:79:2b:34:a3:e5:12:aa:bf:e0:f0:bf:a1:69:76:66:
d2:35:b2:be:80:f6:ab:4f:06:31:44:5b:d2:09:bc:85:d4:10:
4c:0c:0e:c2:2d:73:7b:ca:11:60:6d:6a:f9:b9:2b:59:39:f5:
7d:c6:a7:9a:51:f6:7e:7b:6c:7e:05:7c:83:22:7f:ba:f3:ab:
a0:a8:5c:71:04:36:a0:cd:da:63:50:5f:60:45:58:22:2d:79:
ae:bb:8b:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oTbaL8xpRHX0k7FTAqbt3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ZjY5NzAxMzQzM2I4OTFkNjQ2OTdkOTI4NjYzYmU3MzRk
YmE0ZTcwHhcNMjYwMzI2MDQwMTE0WhcNMjYwMzI3MDQwMTE0WjAzMTEwLwYDVQQD
Eyg5OTUxMDBhYmE3ZTBkODhiN2YyNGIxZTBkNDczNTFmYTU1Zjc1MTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAue3HDR5fi8iA1WOLUDEGaFqRYDxd
55UHh7vSHuX8FLCG29KXGveE9A7BWcsIGD45FyC6xaofdf0NF4So4kmEwPqw50Nd
hhZD1Xe0M/x+U3xIVmeNly49Dj8VBqnU08/m9E8nPVSPl0P78Gm2j/pk8tZFvz2Y
LqnmMBY8k5xRHwnTp211HekQFhEU58wW1rsI+OFggvpPJyTsZYsAGYtD5mAfqsdW
CkHAt8abQIa6/Rz+R72y44xScRjmHOl2C+hWwImiCrH8jyLbEqb5hA74EQ8H9KhK
98SfaK6YkPY2mO+86gmlFDka8rP3dzk1ACGtVqB1ov8SMVe3mNXuRg6hkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJlRAKun4NiLfySx4NRzUfpV91GFMB8GA1UdIwQY
MBaAFJf2lwE0M7iR1kaX2ShmO+c026TnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbF9hWEFUUXp1SkhXUnBmWktHWTc1elRicE9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9hZTExNjYtZDYwNi00NWI3LTlhMjIt
N2JjODMyMjBmYjYyLzEvbF9hWEFUUXp1SkhXUnBmWktHWTc1elRicE9jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9hZTExNjYtZDYwNi00NWI3LTlhMjItN2JjODMyMjBmYjYy
LzEvbF9hWEFUUXp1SkhXUnBmWktHWTc1elRicE9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASb1aZ2R9
KNKLafsdcreeardU/IIVHpMkKl85v/bfKlsv0zeUHJOnd0wL3p+Y5jQ+YVx4OlTz
ug0hW6P94+wAvjxbTvQCZrhPFmlwHaOg4VE/oy13oJw78Lrqwe37wcgp/4o3wC2/
+Cva61loMQNbHZo8CZ8X2IewOEoyuFIdT+AF5clPIfY154IBsSjApsCcigZfzQqL
EDD2tMIiVdq1lj+2XpVzeSs0o+USqr/g8L+haXZm0jWyvoD2q08GMURb0gm8hdQQ
TAwOwi1ze8oRYG1q+bkrWTn1fcanmlH2fntsfgV8gyJ/uvOroKhccQQ2oM3aY1Bf
YEVYIi15rruLCQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:55:08 2026 by rpki-client