Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/267f9e-cccc-443f-beac-1aea5be150fa/1/aEZbnPs2jGnssOP-o7VCupxzAfQ.mft
File: aEZbnPs2jGnssOP-o7VCupxzAfQ.mft (raw, json)
Hash identifier: p5LpyiNAhgJI+mF02gm1ES/cYgyL41V8dsQ6Df6dOdY=
Subject key identifier: 97:22:8E:17:32:B5:DB:FF:DC:36:A6:F1:DE:F8:E8:F0:38:41:D8:2B
Authority key identifier: 68:46:5B:9C:FB:36:8C:69:EC:B0:E3:FE:A3:B5:42:BA:9C:73:01:F4
Certificate issuer: /CN=68465b9cfb368c69ecb0e3fea3b542ba9c7301f4
Certificate serial: 019D284E6EDDF383148DA6957A8FD571382B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aEZbnPs2jGnssOP-o7VCupxzAfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/267f9e-cccc-443f-beac-1aea5be150fa/1/aEZbnPs2jGnssOP-o7VCupxzAfQ.mft
Manifest number: 15A0
Signing time: Thu 26 Mar 2026 04:02:01 +0000
Manifest this update: Thu 26 Mar 2026 04:02:01 +0000
Manifest next update: Fri 27 Mar 2026 04:02:01 +0000
Files and hashes: 1: aEZbnPs2jGnssOP-o7VCupxzAfQ.crl (hash: AUNSsOMDxiZYC3lXpEJus/A9qqnuS9Y3X1ysM1cTWqg=)
2: c0z-_U_7s_3lnaiWBwRIuVlkh7c.roa (hash: EAYr21bopytQdXh3mLIBfLUMzK/qGgq6jONJ7Pmqm+s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/267f9e-cccc-443f-beac-1aea5be150fa/1/aEZbnPs2jGnssOP-o7VCupxzAfQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/267f9e-cccc-443f-beac-1aea5be150fa/1/aEZbnPs2jGnssOP-o7VCupxzAfQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/aEZbnPs2jGnssOP-o7VCupxzAfQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 04:02:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:4e:6e:dd:f3:83:14:8d:a6:95:7a:8f:d5:71:38:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68465b9cfb368c69ecb0e3fea3b542ba9c7301f4
Validity
Not Before: Mar 26 04:02:01 2026 GMT
Not After : Mar 27 04:02:01 2026 GMT
Subject: CN=97228e1732b5dbffdc36a6f1def8e8f03841d82b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:14:6d:6c:a5:da:3e:98:31:c0:5b:f8:37:79:
be:8b:08:54:be:af:ba:fe:bf:3e:8f:5f:73:f8:b1:
33:1c:65:44:93:0d:b9:d7:8b:2c:af:de:46:e3:83:
7c:4d:b0:1e:19:de:05:1d:26:65:04:b3:03:c3:2d:
1b:86:db:f5:e9:d4:34:cf:5c:ef:0b:2e:a0:8d:98:
b6:46:bc:50:5b:76:30:5e:03:42:58:c5:a1:3a:7d:
52:b6:ed:0e:3d:e9:5d:46:d5:c4:a8:86:ef:35:8f:
1c:59:f3:a6:ac:88:df:8c:82:ba:f2:13:ed:96:af:
9a:a3:21:fc:46:5c:8b:1e:aa:98:79:44:0b:5e:43:
d6:b5:bd:9f:8b:d9:ec:bc:ce:87:42:16:0a:cd:06:
b7:0e:8c:f5:de:69:07:d5:d3:0a:4e:e3:35:2d:3f:
61:3a:82:66:7f:86:4e:27:49:34:d2:1c:b7:39:b7:
b5:45:fa:7d:79:a3:7a:d1:25:8e:4c:2f:76:13:59:
b5:62:4b:6b:c3:61:94:55:6e:a0:f6:e5:16:21:7b:
8e:7d:9a:f9:13:e2:48:21:d3:6a:4c:5c:28:7b:91:
0f:7b:e0:b1:34:b5:b3:42:31:34:d0:84:56:65:47:
c4:91:8b:b4:7c:20:64:55:91:51:83:eb:d5:49:3c:
49:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:22:8E:17:32:B5:DB:FF:DC:36:A6:F1:DE:F8:E8:F0:38:41:D8:2B
X509v3 Authority Key Identifier:
keyid:68:46:5B:9C:FB:36:8C:69:EC:B0:E3:FE:A3:B5:42:BA:9C:73:01:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aEZbnPs2jGnssOP-o7VCupxzAfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/267f9e-cccc-443f-beac-1aea5be150fa/1/aEZbnPs2jGnssOP-o7VCupxzAfQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/267f9e-cccc-443f-beac-1aea5be150fa/1/aEZbnPs2jGnssOP-o7VCupxzAfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
06:6e:54:0f:b6:12:8f:4b:a3:09:52:77:ab:17:6a:2c:52:4d:
0e:e7:45:f4:cb:60:fc:78:59:28:50:70:e0:25:5b:02:ee:4e:
4f:75:42:4e:9e:92:7d:d3:ab:65:7f:1f:12:4d:5e:f1:dd:19:
ee:4e:97:52:f1:ff:74:ca:45:a7:9b:d2:e7:1a:69:4a:72:c0:
2d:73:4e:c9:f4:b8:a7:5e:57:a5:0b:d7:05:8e:72:23:58:b8:
94:04:bc:5e:9b:79:9a:92:be:bc:3c:e1:fe:3a:f0:15:5e:07:
de:af:0c:c9:02:48:69:fc:48:be:20:95:7a:e3:56:48:39:f4:
8a:4d:f1:6d:6d:19:8d:a6:8b:04:c1:f2:7f:98:15:af:6f:c8:
74:66:1f:2c:46:97:69:d0:db:c6:ac:e5:04:67:94:3d:f6:6e:
aa:44:a7:71:80:41:13:f3:18:e0:e4:39:7a:02:79:56:43:4c:
4e:44:21:62:d9:3f:68:d3:8a:06:86:bc:99:ef:98:34:cf:e8:
36:14:88:8a:c2:e8:fa:70:e1:f2:c5:f5:9d:80:ee:a1:8a:d7:
a2:a1:34:48:f6:48:ff:a2:5c:ee:8e:84:60:0c:b7:87:ca:3e:
52:53:3f:24:01:c6:77:cf:77:c1:df:4a:ab:01:86:df:8c:08:
48:8b:66:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oTm7d84MUjaaVeo/VcTgrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NDY1YjljZmIzNjhjNjllY2IwZTNmZWEzYjU0MmJhOWM3
MzAxZjQwHhcNMjYwMzI2MDQwMjAxWhcNMjYwMzI3MDQwMjAxWjAzMTEwLwYDVQQD
Eyg5NzIyOGUxNzMyYjVkYmZmZGMzNmE2ZjFkZWY4ZThmMDM4NDFkODJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhRtbKXaPpgxwFv4N3m+iwhUvq+6
/r8+j19z+LEzHGVEkw2514ssr95G44N8TbAeGd4FHSZlBLMDwy0bhtv16dQ0z1zv
Cy6gjZi2RrxQW3YwXgNCWMWhOn1Stu0OPeldRtXEqIbvNY8cWfOmrIjfjIK68hPt
lq+aoyH8RlyLHqqYeUQLXkPWtb2fi9nsvM6HQhYKzQa3Doz13mkH1dMKTuM1LT9h
OoJmf4ZOJ0k00hy3Obe1Rfp9eaN60SWOTC92E1m1Yktrw2GUVW6g9uUWIXuOfZr5
E+JIIdNqTFwoe5EPe+CxNLWzQjE00IRWZUfEkYu0fCBkVZFRg+vVSTxJEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJcijhcytdv/3Dam8d746PA4QdgrMB8GA1UdIwQY
MBaAFGhGW5z7Noxp7LDj/qO1QrqccwH0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUVaYm5QczJqR25zc09QLW83VkN1cHh6QWZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC8yNjdmOWUtY2NjYy00NDNmLWJlYWMt
MWFlYTViZTE1MGZhLzEvYUVaYm5QczJqR25zc09QLW83VkN1cHh6QWZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC8yNjdmOWUtY2NjYy00NDNmLWJlYWMtMWFlYTViZTE1MGZh
LzEvYUVaYm5QczJqR25zc09QLW83VkN1cHh6QWZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABm5UD7YS
j0ujCVJ3qxdqLFJNDudF9Mtg/HhZKFBw4CVbAu5OT3VCTp6SfdOrZX8fEk1e8d0Z
7k6XUvH/dMpFp5vS5xppSnLALXNOyfS4p15XpQvXBY5yI1i4lAS8Xpt5mpK+vDzh
/jrwFV4H3q8MyQJIafxIviCVeuNWSDn0ik3xbW0ZjaaLBMHyf5gVr2/IdGYfLEaX
adDbxqzlBGeUPfZuqkSncYBBE/MY4OQ5egJ5VkNMTkQhYtk/aNOKBoa8me+YNM/o
NhSIisLo+nDh8sX1nYDuoYrXoqE0SPZI/6Jc7o6EYAy3h8o+UlM/JAHGd893wd9K
qwGG34wISItmqA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 15:17:00 2026 by rpki-client