Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/790c15-2058-4c39-90cb-cd677ab431aa/1/aM73Itq-WXXKT5uoYWOI7GxlaiA.mft
File: aM73Itq-WXXKT5uoYWOI7GxlaiA.mft (raw, json)
Hash identifier: t6eH+jLf7hhfi1y4ueDsG2wJQhN/Nggl5ps6HJBL7Zw=
Subject key identifier: 32:6D:43:15:53:A6:B6:7F:8C:86:FC:31:23:7F:A0:76:83:9B:32:6D
Authority key identifier: 68:CE:F7:22:DA:BE:59:75:CA:4F:9B:A8:61:63:88:EC:6C:65:6A:20
Certificate issuer: /CN=68cef722dabe5975ca4f9ba8616388ec6c656a20
Certificate serial: 019E1FB601C6898EA2466CC5DA6F90287773
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aM73Itq-WXXKT5uoYWOI7GxlaiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/790c15-2058-4c39-90cb-cd677ab431aa/1/aM73Itq-WXXKT5uoYWOI7GxlaiA.mft
Manifest number: 0DF1
Signing time: Wed 13 May 2026 05:01:22 +0000
Manifest this update: Wed 13 May 2026 05:01:22 +0000
Manifest next update: Thu 14 May 2026 05:01:22 +0000
Files and hashes: 1: 3Xdwalw9tG5-0AU6cIbrmwzmFpU.roa (hash: lXBSvWP0c1DLJ/X3Oyc8oTDxP2nv0ID2ImtmEhdpGbE=)
2: Txh89yPjR6ydaZe76t-4uzulsaE.roa (hash: wsaPFra5sogbcbp0OAAr/F2nwvL7a15+JUCBMqiVROI=)
3: aM73Itq-WXXKT5uoYWOI7GxlaiA.crl (hash: KlasS74hpxfEueFvEbEAvvZJrmqycE11+Q/QFFo8IZI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/790c15-2058-4c39-90cb-cd677ab431aa/1/aM73Itq-WXXKT5uoYWOI7GxlaiA.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/790c15-2058-4c39-90cb-cd677ab431aa/1/aM73Itq-WXXKT5uoYWOI7GxlaiA.mft
rsync://rpki.ripe.net/repository/DEFAULT/aM73Itq-WXXKT5uoYWOI7GxlaiA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 05:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1f:b6:01:c6:89:8e:a2:46:6c:c5:da:6f:90:28:77:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68cef722dabe5975ca4f9ba8616388ec6c656a20
Validity
Not Before: May 13 05:01:22 2026 GMT
Not After : May 14 05:01:22 2026 GMT
Subject: CN=326d431553a6b67f8c86fc31237fa076839b326d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:8e:b7:16:cd:7c:21:54:c4:e5:4a:ba:2d:e7:
01:cf:f6:b3:0c:a9:41:ab:39:83:aa:d7:95:0c:56:
fc:66:db:8a:98:c5:a6:16:0b:8f:cd:06:93:49:b6:
5d:52:6a:3c:06:21:b0:35:38:48:40:70:80:bb:e8:
5a:5d:1c:fe:7f:20:39:9a:42:ed:f8:ae:99:b1:2c:
38:17:4b:67:1b:97:ee:17:6b:d7:ba:36:34:a6:3f:
46:5c:af:f8:4c:be:b3:65:4a:8a:c9:3a:26:b4:e6:
19:24:e6:52:5b:14:1b:27:fc:7a:aa:42:68:6c:08:
3d:e3:a4:4a:46:a6:46:1f:41:95:32:4a:05:da:4e:
01:70:a3:d0:fe:7b:23:60:16:f7:7d:8e:8c:f1:f9:
e7:03:b0:90:2b:99:aa:85:73:1a:cb:da:1b:73:86:
50:f4:96:fb:fe:2c:75:a2:01:5c:16:06:d2:24:db:
da:f8:a4:a3:da:24:fb:b8:b6:0b:7c:7d:ee:5c:c4:
ad:33:6e:3f:68:c7:67:58:5c:ca:db:5f:57:65:bb:
ee:52:c3:55:bb:5a:42:fe:f1:3c:f4:44:14:19:f5:
9e:9c:b5:18:66:ee:92:eb:f6:a9:23:58:e5:0f:d1:
fe:78:ff:c8:5d:cf:33:a5:94:98:18:82:2d:b3:7e:
16:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:6D:43:15:53:A6:B6:7F:8C:86:FC:31:23:7F:A0:76:83:9B:32:6D
X509v3 Authority Key Identifier:
keyid:68:CE:F7:22:DA:BE:59:75:CA:4F:9B:A8:61:63:88:EC:6C:65:6A:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aM73Itq-WXXKT5uoYWOI7GxlaiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/790c15-2058-4c39-90cb-cd677ab431aa/1/aM73Itq-WXXKT5uoYWOI7GxlaiA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/790c15-2058-4c39-90cb-cd677ab431aa/1/aM73Itq-WXXKT5uoYWOI7GxlaiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5c:11:7a:5a:40:de:4c:05:fd:bf:0e:46:d0:72:85:66:37:44:
1c:60:02:86:27:c4:9b:e5:fd:0f:55:ad:10:82:e5:5b:91:82:
6b:5e:62:98:62:8f:3e:b0:2e:5e:3a:d5:7e:f4:01:81:7f:48:
39:04:27:e5:37:ec:db:7d:c5:ac:69:ab:1e:51:aa:07:f1:71:
9c:8c:e7:ad:77:09:39:3e:b9:e7:bf:27:72:dd:4b:5e:2e:e5:
0e:56:1d:80:76:c5:1c:ae:6b:1b:b5:1c:41:56:fe:8f:3a:32:
61:b6:06:3c:b4:2f:55:94:11:93:7f:a0:67:90:c2:73:67:41:
72:ca:23:ac:cc:dd:36:84:c0:d8:3e:91:8b:6a:ec:27:27:67:
23:e5:aa:b0:fe:35:94:d1:e7:97:a3:1a:71:e5:b8:9f:d0:f3:
71:b8:6e:c2:4e:e7:aa:61:32:06:8d:a8:fd:e5:6d:15:e8:82:
96:be:0b:cc:f6:be:41:63:75:76:21:16:70:15:3c:4c:51:f5:
7b:48:0b:6c:19:85:44:71:81:c0:01:88:13:aa:34:dc:1d:33:
93:c0:71:c2:75:96:51:54:39:e3:a9:14:93:d2:bc:93:ee:27:
ac:2c:be:09:d8:7f:da:d8:e7:b4:63:0b:69:9e:74:02:a6:9b:
d1:07:72:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4ftgHGiY6iRmzF2m+QKHdzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4Y2VmNzIyZGFiZTU5NzVjYTRmOWJhODYxNjM4OGVjNmM2
NTZhMjAwHhcNMjYwNTEzMDUwMTIyWhcNMjYwNTE0MDUwMTIyWjAzMTEwLwYDVQQD
EygzMjZkNDMxNTUzYTZiNjdmOGM4NmZjMzEyMzdmYTA3NjgzOWIzMjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmo63Fs18IVTE5Uq6LecBz/azDKlB
qzmDqteVDFb8ZtuKmMWmFguPzQaTSbZdUmo8BiGwNThIQHCAu+haXRz+fyA5mkLt
+K6ZsSw4F0tnG5fuF2vXujY0pj9GXK/4TL6zZUqKyTomtOYZJOZSWxQbJ/x6qkJo
bAg946RKRqZGH0GVMkoF2k4BcKPQ/nsjYBb3fY6M8fnnA7CQK5mqhXMay9obc4ZQ
9Jb7/ix1ogFcFgbSJNva+KSj2iT7uLYLfH3uXMStM24/aMdnWFzK219XZbvuUsNV
u1pC/vE89EQUGfWenLUYZu6S6/apI1jlD9H+eP/IXc8zpZSYGIIts34WQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDJtQxVTprZ/jIb8MSN/oHaDmzJtMB8GA1UdIwQY
MBaAFGjO9yLavll1yk+bqGFjiOxsZWogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU03M0l0cS1XWFhLVDV1b1lXT0k3R3hsYWlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi83OTBjMTUtMjA1OC00YzM5LTkwY2It
Y2Q2NzdhYjQzMWFhLzEvYU03M0l0cS1XWFhLVDV1b1lXT0k3R3hsYWlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi83OTBjMTUtMjA1OC00YzM5LTkwY2ItY2Q2NzdhYjQzMWFh
LzEvYU03M0l0cS1XWFhLVDV1b1lXT0k3R3hsYWlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXBF6WkDe
TAX9vw5G0HKFZjdEHGAChifEm+X9D1WtEILlW5GCa15imGKPPrAuXjrVfvQBgX9I
OQQn5Tfs233FrGmrHlGqB/FxnIznrXcJOT65578nct1LXi7lDlYdgHbFHK5rG7Uc
QVb+jzoyYbYGPLQvVZQRk3+gZ5DCc2dBcsojrMzdNoTA2D6Ri2rsJydnI+WqsP41
lNHnl6MaceW4n9Dzcbhuwk7nqmEyBo2o/eVtFeiClr4LzPa+QWN1diEWcBU8TFH1
e0gLbBmFRHGBwAGIE6o03B0zk8BxwnWWUVQ546kUk9K8k+4nrCy+Cdh/2tjntGML
aZ50Aqab0Qdy0Q==
-----END CERTIFICATE-----
Generated at Wed May 13 11:06:11 2026 by rpki-client