Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/986164-8030-4e47-98b5-481151acf329/1/ASAlltXOzjfcNMhhBkV4_G2qXoY.mft
File: ASAlltXOzjfcNMhhBkV4_G2qXoY.mft (raw, json)
Hash identifier: BBGQWYp5xcn8NyzhWGBRnjT+qck1JA9kVp/KRuBnxS8=
Subject key identifier: AF:2C:17:AC:07:A3:30:C0:91:6D:A7:5C:90:5C:33:25:87:2C:A6:71
Authority key identifier: 01:20:25:96:D5:CE:CE:37:DC:34:C8:61:06:45:78:FC:6D:AA:5E:86
Certificate issuer: /CN=01202596d5cece37dc34c861064578fc6daa5e86
Certificate serial: 019D29977CD71A32467B1CD210F6D6601E2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ASAlltXOzjfcNMhhBkV4_G2qXoY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/986164-8030-4e47-98b5-481151acf329/1/ASAlltXOzjfcNMhhBkV4_G2qXoY.mft
Manifest number: 0D52
Signing time: Thu 26 Mar 2026 10:01:26 +0000
Manifest this update: Thu 26 Mar 2026 10:01:26 +0000
Manifest next update: Fri 27 Mar 2026 10:01:26 +0000
Files and hashes: 1: ASAlltXOzjfcNMhhBkV4_G2qXoY.crl (hash: SqL2g4REfJWC3DtLym3rs/Q0UK9laNtq3cUxQNdaZdI=)
2: rlozkrq9ZzNHCZUtQGPTzboWxmI.roa (hash: +ky2eseP0hm1lozQb5MU58tNSrjncRM2hPrTaQ0J6cY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/986164-8030-4e47-98b5-481151acf329/1/ASAlltXOzjfcNMhhBkV4_G2qXoY.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/986164-8030-4e47-98b5-481151acf329/1/ASAlltXOzjfcNMhhBkV4_G2qXoY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ASAlltXOzjfcNMhhBkV4_G2qXoY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:97:7c:d7:1a:32:46:7b:1c:d2:10:f6:d6:60:1e:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01202596d5cece37dc34c861064578fc6daa5e86
Validity
Not Before: Mar 26 10:01:26 2026 GMT
Not After : Mar 27 10:01:26 2026 GMT
Subject: CN=af2c17ac07a330c0916da75c905c3325872ca671
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:42:17:c0:25:69:23:5d:54:22:2c:81:7f:23:
9d:6f:a4:1e:80:20:90:4a:18:d2:5e:3c:31:42:1a:
d9:4e:f4:a8:2c:eb:af:2a:55:db:7f:e3:06:3d:55:
bd:6c:a1:67:da:08:2a:60:0c:16:4e:75:61:9c:d1:
7d:7a:37:c9:7a:e6:41:ea:e8:b7:92:4a:92:5a:db:
d2:e9:7f:42:a4:c7:a1:24:b0:cd:b2:56:8d:6b:45:
1d:80:fb:c1:ee:59:eb:98:d0:d4:42:ef:a3:74:b5:
66:bd:2c:ad:cc:65:bf:18:f5:3b:43:99:f1:d5:62:
55:65:a4:c9:6f:61:f7:83:d0:46:33:94:bb:22:f0:
fb:8e:f2:f3:5a:28:e3:53:42:d8:0d:ef:94:b7:fc:
c1:ef:72:e6:1c:f2:fe:85:c3:46:51:a8:92:01:93:
52:1a:90:c2:bd:7b:1d:4d:4f:bc:20:3a:91:81:68:
f1:7c:37:ed:e7:b5:3b:de:17:2a:ee:3e:62:d0:a5:
4a:93:dc:95:39:e3:00:b1:8f:19:b5:27:6e:42:e3:
e7:46:11:c0:89:d6:be:80:83:10:1c:e4:65:5f:10:
9f:63:f8:0c:7b:89:76:79:f0:d7:19:7a:9f:c9:d6:
a7:f3:2b:9b:37:45:b5:2a:ee:1d:0f:f1:ae:fe:50:
1b:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:2C:17:AC:07:A3:30:C0:91:6D:A7:5C:90:5C:33:25:87:2C:A6:71
X509v3 Authority Key Identifier:
keyid:01:20:25:96:D5:CE:CE:37:DC:34:C8:61:06:45:78:FC:6D:AA:5E:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ASAlltXOzjfcNMhhBkV4_G2qXoY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/986164-8030-4e47-98b5-481151acf329/1/ASAlltXOzjfcNMhhBkV4_G2qXoY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/986164-8030-4e47-98b5-481151acf329/1/ASAlltXOzjfcNMhhBkV4_G2qXoY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
14:51:b7:03:53:af:bf:17:3d:78:9b:a3:ed:28:2f:7b:bb:67:
d7:e7:3f:df:c9:25:81:2a:6a:ee:ee:51:83:8a:da:54:f4:7f:
35:f0:6a:ac:81:14:7a:b8:1e:90:97:c3:61:9c:89:90:2a:9a:
ec:18:77:70:de:a2:b8:2b:a7:be:43:78:4c:e6:2f:00:ed:46:
c9:4b:bb:e8:44:16:9c:2a:dd:ac:b6:ce:a6:80:d2:a7:41:cd:
bb:f3:e6:9f:65:78:36:8f:ad:72:ba:1c:53:68:df:a4:7f:74:
ef:fd:20:df:64:17:61:21:df:e6:a5:b5:2d:7c:75:f8:d4:be:
b8:ba:99:d1:03:a5:c8:cd:dd:41:b7:aa:5a:f5:cc:0a:e7:d7:
db:fd:18:f6:ba:8b:f0:2f:65:6d:d1:54:55:9c:61:f7:c5:cc:
09:e8:83:0d:76:b4:79:29:43:69:1b:63:e2:c8:b2:d6:71:f2:
a3:c5:47:14:ad:d4:d2:5a:bd:17:75:23:49:7f:9c:b9:d9:db:
dc:21:e3:e3:c8:e5:17:9d:26:d9:50:00:79:bf:24:5c:e9:1a:
36:89:24:13:25:f3:f1:5d:c8:5e:18:0f:be:22:03:a4:f5:af:
4b:71:1b:bf:8b:3e:c0:70:55:e6:0e:0b:1b:02:bc:8a:87:70:
56:82:8b:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pl3zXGjJGexzSEPbWYB4sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxMjAyNTk2ZDVjZWNlMzdkYzM0Yzg2MTA2NDU3OGZjNmRh
YTVlODYwHhcNMjYwMzI2MTAwMTI2WhcNMjYwMzI3MTAwMTI2WjAzMTEwLwYDVQQD
EyhhZjJjMTdhYzA3YTMzMGMwOTE2ZGE3NWM5MDVjMzMyNTg3MmNhNjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzEIXwCVpI11UIiyBfyOdb6QegCCQ
ShjSXjwxQhrZTvSoLOuvKlXbf+MGPVW9bKFn2ggqYAwWTnVhnNF9ejfJeuZB6ui3
kkqSWtvS6X9CpMehJLDNslaNa0UdgPvB7lnrmNDUQu+jdLVmvSytzGW/GPU7Q5nx
1WJVZaTJb2H3g9BGM5S7IvD7jvLzWijjU0LYDe+Ut/zB73LmHPL+hcNGUaiSAZNS
GpDCvXsdTU+8IDqRgWjxfDft57U73hcq7j5i0KVKk9yVOeMAsY8ZtSduQuPnRhHA
ida+gIMQHORlXxCfY/gMe4l2efDXGXqfydan8yubN0W1Ku4dD/Gu/lAbbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK8sF6wHozDAkW2nXJBcMyWHLKZxMB8GA1UdIwQY
MBaAFAEgJZbVzs433DTIYQZFePxtql6GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVNBbGx0WE96amZjTk1oaEJrVjRfRzJxWG9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi85ODYxNjQtODAzMC00ZTQ3LTk4YjUt
NDgxMTUxYWNmMzI5LzEvQVNBbGx0WE96amZjTk1oaEJrVjRfRzJxWG9ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi85ODYxNjQtODAzMC00ZTQ3LTk4YjUtNDgxMTUxYWNmMzI5
LzEvQVNBbGx0WE96amZjTk1oaEJrVjRfRzJxWG9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFFG3A1Ov
vxc9eJuj7Sgve7tn1+c/38klgSpq7u5Rg4raVPR/NfBqrIEUergekJfDYZyJkCqa
7Bh3cN6iuCunvkN4TOYvAO1GyUu76EQWnCrdrLbOpoDSp0HNu/Pmn2V4No+tcroc
U2jfpH907/0g32QXYSHf5qW1LXx1+NS+uLqZ0QOlyM3dQbeqWvXMCufX2/0Y9rqL
8C9lbdFUVZxh98XMCeiDDXa0eSlDaRtj4siy1nHyo8VHFK3U0lq9F3UjSX+cudnb
3CHj48jlF50m2VAAeb8kXOkaNokkEyXz8V3IXhgPviIDpPWvS3Ebv4s+wHBV5g4L
GwK8iodwVoKLUQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 13:56:37 2026 by rpki-client