Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/790c15-2058-4c39-90cb-cd677ab431aa/1/aM73Itq-WXXKT5uoYWOI7GxlaiA.mft
File: aM73Itq-WXXKT5uoYWOI7GxlaiA.mft (raw, json)
Hash identifier: 2SbOM9Saw7vCvQ3QJqeTwSmWHvXli79eofZDCO3l0X4=
Subject key identifier: 89:52:14:AD:97:75:1E:B4:7E:DC:67:1B:7B:57:D4:78:02:C6:AA:44
Authority key identifier: 68:CE:F7:22:DA:BE:59:75:CA:4F:9B:A8:61:63:88:EC:6C:65:6A:20
Certificate issuer: /CN=68cef722dabe5975ca4f9ba8616388ec6c656a20
Certificate serial: 019D2695E57C6F66F56ECA6798D8DDC78C1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aM73Itq-WXXKT5uoYWOI7GxlaiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/790c15-2058-4c39-90cb-cd677ab431aa/1/aM73Itq-WXXKT5uoYWOI7GxlaiA.mft
Manifest number: 0D70
Signing time: Wed 25 Mar 2026 20:00:50 +0000
Manifest this update: Wed 25 Mar 2026 20:00:50 +0000
Manifest next update: Thu 26 Mar 2026 20:00:50 +0000
Files and hashes: 1: 3Xdwalw9tG5-0AU6cIbrmwzmFpU.roa (hash: lXBSvWP0c1DLJ/X3Oyc8oTDxP2nv0ID2ImtmEhdpGbE=)
2: Txh89yPjR6ydaZe76t-4uzulsaE.roa (hash: wsaPFra5sogbcbp0OAAr/F2nwvL7a15+JUCBMqiVROI=)
3: aM73Itq-WXXKT5uoYWOI7GxlaiA.crl (hash: /kskb0UH9th8m6QZv8vhX2xyDF45T+oKrVe48aBgi2c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/790c15-2058-4c39-90cb-cd677ab431aa/1/aM73Itq-WXXKT5uoYWOI7GxlaiA.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/790c15-2058-4c39-90cb-cd677ab431aa/1/aM73Itq-WXXKT5uoYWOI7GxlaiA.mft
rsync://rpki.ripe.net/repository/DEFAULT/aM73Itq-WXXKT5uoYWOI7GxlaiA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:95:e5:7c:6f:66:f5:6e:ca:67:98:d8:dd:c7:8c:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68cef722dabe5975ca4f9ba8616388ec6c656a20
Validity
Not Before: Mar 25 20:00:50 2026 GMT
Not After : Mar 26 20:00:50 2026 GMT
Subject: CN=895214ad97751eb47edc671b7b57d47802c6aa44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:de:22:87:0b:2b:dd:4f:10:6f:1e:94:ea:48:
65:4d:13:61:73:cc:6d:8f:bb:44:4d:2f:a3:50:f8:
4e:96:cb:88:a6:24:2e:41:04:a1:d1:e9:0c:a6:b6:
4e:29:14:e3:9f:6c:94:88:b4:43:13:bb:a9:c6:cf:
e6:13:4a:a7:02:12:95:94:42:0f:36:70:f3:6a:9d:
d5:1b:70:68:32:6e:d2:3d:af:f1:ea:ff:71:5c:49:
53:87:e1:a1:d4:4c:be:10:04:11:9a:e6:56:88:98:
45:d0:9a:b9:7f:86:00:cc:3d:b1:8d:29:f4:0c:2f:
4a:8f:43:78:ef:c0:52:86:71:51:4d:17:2d:09:a6:
67:a0:ed:d4:4d:e7:8e:82:68:cc:f8:7d:09:75:16:
c1:67:20:ae:eb:6d:04:29:80:1e:92:44:0f:f9:7a:
42:a8:18:47:66:e4:f1:13:da:e3:86:53:e4:27:e4:
92:92:cb:2b:fd:01:61:1e:21:a8:8a:98:b3:9f:8d:
77:96:3f:40:66:46:5f:29:c2:eb:ec:ea:ba:df:6e:
62:dd:02:34:cd:eb:03:8d:1a:09:48:c1:1c:38:63:
c9:05:90:08:31:98:73:48:f9:1e:17:a0:5b:6f:71:
e2:48:50:7f:99:fd:f0:46:04:99:7c:a8:4c:8a:7a:
a8:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:52:14:AD:97:75:1E:B4:7E:DC:67:1B:7B:57:D4:78:02:C6:AA:44
X509v3 Authority Key Identifier:
keyid:68:CE:F7:22:DA:BE:59:75:CA:4F:9B:A8:61:63:88:EC:6C:65:6A:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aM73Itq-WXXKT5uoYWOI7GxlaiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/790c15-2058-4c39-90cb-cd677ab431aa/1/aM73Itq-WXXKT5uoYWOI7GxlaiA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/790c15-2058-4c39-90cb-cd677ab431aa/1/aM73Itq-WXXKT5uoYWOI7GxlaiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
22:d3:87:63:cc:cf:5e:f8:0a:20:e7:1a:f9:6f:12:cf:5e:57:
d4:2f:61:6b:65:9f:61:be:55:2b:bd:ed:4e:ed:1a:27:0a:55:
d0:ad:93:fa:cd:52:0a:0b:7f:b0:21:8f:65:ad:ac:63:ed:30:
4e:f3:e1:37:15:5d:e2:74:71:c3:7c:92:16:0b:22:0e:e0:b8:
77:b3:ad:93:3f:82:b1:16:f2:f3:28:2b:8d:9c:d7:44:39:73:
77:2b:be:4d:f0:e9:a7:c9:6a:0c:f5:13:38:e3:12:d8:0e:bd:
a9:d5:60:4b:b1:ca:16:5e:84:8f:94:d2:ea:33:f1:85:ab:61:
91:ce:21:87:73:f0:59:36:ca:dc:d8:ea:ab:e5:11:6a:6b:56:
88:7d:dc:2b:59:41:b9:51:94:8c:06:6f:df:06:2b:39:8f:43:
e7:27:ee:76:19:1a:75:b3:76:3f:45:f0:08:14:c8:91:6a:ec:
51:af:44:83:96:98:06:3a:6d:71:9b:64:a0:9e:ba:ad:23:33:
ec:f9:3e:9e:ba:1a:60:0e:b3:ab:99:73:03:f0:6b:05:6d:96:
2c:32:2f:ea:98:a0:fe:a1:b1:09:f4:ac:68:12:c1:e6:c0:b3:
5d:36:e6:c4:32:57:40:22:a2:6b:72:9d:a2:7a:5b:80:3e:cc:
f4:80:d9:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mleV8b2b1bspnmNjdx4wbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4Y2VmNzIyZGFiZTU5NzVjYTRmOWJhODYxNjM4OGVjNmM2
NTZhMjAwHhcNMjYwMzI1MjAwMDUwWhcNMjYwMzI2MjAwMDUwWjAzMTEwLwYDVQQD
Eyg4OTUyMTRhZDk3NzUxZWI0N2VkYzY3MWI3YjU3ZDQ3ODAyYzZhYTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzd4ihwsr3U8Qbx6U6khlTRNhc8xt
j7tETS+jUPhOlsuIpiQuQQSh0ekMprZOKRTjn2yUiLRDE7upxs/mE0qnAhKVlEIP
NnDzap3VG3BoMm7SPa/x6v9xXElTh+Gh1Ey+EAQRmuZWiJhF0Jq5f4YAzD2xjSn0
DC9Kj0N478BShnFRTRctCaZnoO3UTeeOgmjM+H0JdRbBZyCu620EKYAekkQP+XpC
qBhHZuTxE9rjhlPkJ+SSkssr/QFhHiGoipizn413lj9AZkZfKcLr7Oq6325i3QI0
zesDjRoJSMEcOGPJBZAIMZhzSPkeF6Bbb3HiSFB/mf3wRgSZfKhMinqoXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIlSFK2XdR60ftxnG3tX1HgCxqpEMB8GA1UdIwQY
MBaAFGjO9yLavll1yk+bqGFjiOxsZWogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU03M0l0cS1XWFhLVDV1b1lXT0k3R3hsYWlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi83OTBjMTUtMjA1OC00YzM5LTkwY2It
Y2Q2NzdhYjQzMWFhLzEvYU03M0l0cS1XWFhLVDV1b1lXT0k3R3hsYWlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi83OTBjMTUtMjA1OC00YzM5LTkwY2ItY2Q2NzdhYjQzMWFh
LzEvYU03M0l0cS1XWFhLVDV1b1lXT0k3R3hsYWlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAItOHY8zP
XvgKIOca+W8Sz15X1C9ha2WfYb5VK73tTu0aJwpV0K2T+s1SCgt/sCGPZa2sY+0w
TvPhNxVd4nRxw3ySFgsiDuC4d7Otkz+CsRby8ygrjZzXRDlzdyu+TfDpp8lqDPUT
OOMS2A69qdVgS7HKFl6Ej5TS6jPxhathkc4hh3PwWTbK3Njqq+URamtWiH3cK1lB
uVGUjAZv3wYrOY9D5yfudhkadbN2P0XwCBTIkWrsUa9Eg5aYBjptcZtkoJ66rSMz
7Pk+nroaYA6zq5lzA/BrBW2WLDIv6pig/qGxCfSsaBLB5sCzXTbmxDJXQCKia3Kd
onpbgD7M9IDZ1A==
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:37:31 2026 by rpki-client