Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/fe455d-f6ce-436c-8327-db6ddb4a44e5/1/aKfCyE_6STTPD3PvGhoaM3hzGCY.mft
File: aKfCyE_6STTPD3PvGhoaM3hzGCY.mft (raw, json)
Hash identifier: EG5+hhV+upkljQmYFMMGZIayURtBf6A70U40jMe5xVA=
Subject key identifier: 2A:4F:94:19:61:ED:4B:7C:3C:F2:C6:0D:04:69:F3:BA:B5:77:B2:49
Authority key identifier: 68:A7:C2:C8:4F:FA:49:34:CF:0F:73:EF:1A:1A:1A:33:78:73:18:26
Certificate issuer: /CN=68a7c2c84ffa4934cf0f73ef1a1a1a3378731826
Certificate serial: 019D322BEC09CEADCA4F8D9CFF4446FA8850
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aKfCyE_6STTPD3PvGhoaM3hzGCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/fe455d-f6ce-436c-8327-db6ddb4a44e5/1/aKfCyE_6STTPD3PvGhoaM3hzGCY.mft
Manifest number: 0F72
Signing time: Sat 28 Mar 2026 02:00:32 +0000
Manifest this update: Sat 28 Mar 2026 02:00:32 +0000
Manifest next update: Sun 29 Mar 2026 02:00:32 +0000
Files and hashes: 1: 7Mj5v1lcOBzmcBBC8jLwVKnmF6E.roa (hash: FZGMBdbWDI4SBVgHGU6EFIDpQ6waV160tdsD6LVMmXc=)
2: aKfCyE_6STTPD3PvGhoaM3hzGCY.crl (hash: 7zfFOI7Un0/u+vjXPwdsnY8w8poX384gLY7E7Vg6J7I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/fe455d-f6ce-436c-8327-db6ddb4a44e5/1/aKfCyE_6STTPD3PvGhoaM3hzGCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/fe455d-f6ce-436c-8327-db6ddb4a44e5/1/aKfCyE_6STTPD3PvGhoaM3hzGCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/aKfCyE_6STTPD3PvGhoaM3hzGCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 00:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:32:2b:ec:09:ce:ad:ca:4f:8d:9c:ff:44:46:fa:88:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68a7c2c84ffa4934cf0f73ef1a1a1a3378731826
Validity
Not Before: Mar 28 02:00:32 2026 GMT
Not After : Mar 29 02:00:32 2026 GMT
Subject: CN=2a4f941961ed4b7c3cf2c60d0469f3bab577b249
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:3a:9f:c9:01:fa:ac:ff:10:25:63:82:ea:93:
cf:48:de:27:3e:5b:60:6f:48:02:03:39:16:a2:09:
16:2c:48:e9:ee:34:7b:91:b6:b0:61:d2:30:e5:99:
9e:df:3b:3c:a5:c3:cc:91:d4:0b:3b:e8:bf:59:e2:
41:17:8d:bf:ae:72:6d:a5:96:ed:a9:99:7e:b1:fe:
e7:0e:73:ac:2d:2c:5a:43:90:4f:8b:bb:8b:36:88:
83:03:b3:4d:a0:55:f1:25:e6:b1:e7:96:f5:27:e4:
c4:6e:02:0e:8c:88:f3:1b:78:6d:2c:42:b0:16:42:
8f:04:9d:48:87:11:26:e8:93:2b:74:f5:86:a0:c3:
42:28:08:ab:04:cc:75:00:c8:e4:c5:d4:da:3b:ac:
14:60:93:01:da:c9:26:a3:80:f0:9a:ac:08:d5:e9:
c8:10:32:72:2f:ea:d9:4d:4e:c7:1a:c6:6c:da:34:
46:4c:a4:8e:54:e7:70:4f:e7:c5:0f:ec:ed:e6:29:
86:7e:47:7e:1c:b9:53:96:d0:39:75:c8:ab:38:ad:
1b:4a:cc:74:db:a3:10:53:49:c8:a9:0a:4b:2b:6e:
75:e3:8e:da:d7:91:34:ed:ca:e9:db:b7:0e:e1:ad:
66:3e:b8:ea:b5:1f:24:a7:a1:45:c9:01:d1:d7:49:
d3:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:4F:94:19:61:ED:4B:7C:3C:F2:C6:0D:04:69:F3:BA:B5:77:B2:49
X509v3 Authority Key Identifier:
keyid:68:A7:C2:C8:4F:FA:49:34:CF:0F:73:EF:1A:1A:1A:33:78:73:18:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aKfCyE_6STTPD3PvGhoaM3hzGCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/fe455d-f6ce-436c-8327-db6ddb4a44e5/1/aKfCyE_6STTPD3PvGhoaM3hzGCY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/fe455d-f6ce-436c-8327-db6ddb4a44e5/1/aKfCyE_6STTPD3PvGhoaM3hzGCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2f:6e:e4:5e:8f:7e:7a:88:5c:66:39:f7:c5:61:01:7a:ae:ee:
01:63:69:2d:de:9f:7e:25:7f:d1:bf:2f:c5:e8:10:30:b9:b8:
ff:e5:60:21:65:79:20:39:2d:4d:d5:6a:a5:e0:d9:8b:51:6a:
02:b7:f3:a3:4c:04:c9:8b:44:37:22:4d:ee:08:66:ee:32:7c:
74:25:b4:85:01:ab:4a:38:0f:43:ef:92:cd:b1:f9:e1:ab:a2:
b5:8b:48:6f:b9:5d:3d:38:ec:92:96:25:b5:bf:34:8d:64:e5:
24:bb:fc:bd:68:55:8c:69:03:ae:39:c4:b1:f4:b0:6e:93:a3:
a4:25:9c:74:42:94:b9:5c:05:70:a3:12:6b:bb:11:81:24:62:
f2:ee:dd:41:9c:70:11:3a:df:3b:87:17:32:c4:e5:73:d8:ce:
de:33:b3:e8:9f:bd:1d:4b:1f:3c:bb:a4:4f:65:3b:1d:08:21:
8b:92:4c:ab:c4:50:dd:91:23:80:08:09:ae:ba:b7:f9:89:76:
89:5c:b0:1a:63:a9:56:37:dd:99:26:f7:31:47:43:3b:51:d9:
35:3a:33:e3:11:9b:a8:7f:73:85:f1:a4:b3:f0:dd:7c:3e:49:
91:f6:d4:47:f2:64:0a:d9:2e:2c:2b:b2:13:42:84:53:12:75:
81:5f:72:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0yK+wJzq3KT42c/0RG+ohQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YTdjMmM4NGZmYTQ5MzRjZjBmNzNlZjFhMWExYTMzNzg3
MzE4MjYwHhcNMjYwMzI4MDIwMDMyWhcNMjYwMzI5MDIwMDMyWjAzMTEwLwYDVQQD
EygyYTRmOTQxOTYxZWQ0YjdjM2NmMmM2MGQwNDY5ZjNiYWI1NzdiMjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzqfyQH6rP8QJWOC6pPPSN4nPltg
b0gCAzkWogkWLEjp7jR7kbawYdIw5Zme3zs8pcPMkdQLO+i/WeJBF42/rnJtpZbt
qZl+sf7nDnOsLSxaQ5BPi7uLNoiDA7NNoFXxJeax55b1J+TEbgIOjIjzG3htLEKw
FkKPBJ1IhxEm6JMrdPWGoMNCKAirBMx1AMjkxdTaO6wUYJMB2skmo4DwmqwI1enI
EDJyL+rZTU7HGsZs2jRGTKSOVOdwT+fFD+zt5imGfkd+HLlTltA5dcirOK0bSsx0
26MQU0nIqQpLK251447a15E07crp27cO4a1mPrjqtR8kp6FFyQHR10nTGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCpPlBlh7Ut8PPLGDQRp87q1d7JJMB8GA1UdIwQY
MBaAFGinwshP+kk0zw9z7xoaGjN4cxgmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUtmQ3lFXzZTVFRQRDNQdkdob2FNM2h6R0NZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9mZTQ1NWQtZjZjZS00MzZjLTgzMjct
ZGI2ZGRiNGE0NGU1LzEvYUtmQ3lFXzZTVFRQRDNQdkdob2FNM2h6R0NZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9mZTQ1NWQtZjZjZS00MzZjLTgzMjctZGI2ZGRiNGE0NGU1
LzEvYUtmQ3lFXzZTVFRQRDNQdkdob2FNM2h6R0NZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL27kXo9+
eohcZjn3xWEBeq7uAWNpLd6ffiV/0b8vxegQMLm4/+VgIWV5IDktTdVqpeDZi1Fq
Arfzo0wEyYtENyJN7ghm7jJ8dCW0hQGrSjgPQ++SzbH54auitYtIb7ldPTjskpYl
tb80jWTlJLv8vWhVjGkDrjnEsfSwbpOjpCWcdEKUuVwFcKMSa7sRgSRi8u7dQZxw
ETrfO4cXMsTlc9jO3jOz6J+9HUsfPLukT2U7HQghi5JMq8RQ3ZEjgAgJrrq3+Yl2
iVywGmOpVjfdmSb3MUdDO1HZNToz4xGbqH9zhfGks/DdfD5JkfbUR/JkCtkuLCuy
E0KEUxJ1gV9yJA==
-----END CERTIFICATE-----
Generated at Sat Mar 28 10:33:20 2026 by rpki-client