Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/e56811-9801-4595-87e7-13d168d59b11/1/aGOaIXWXlv46HZGfm1c362jXCOQ.mft
File: aGOaIXWXlv46HZGfm1c362jXCOQ.mft (raw, json)
Hash identifier: VpnmQpIGsV9XFlcxCkRzLG07qRmyKw4cSqBl+X4wOt0=
Subject key identifier: 89:E0:7C:E7:D3:3F:95:0F:A6:9E:19:B3:38:95:C9:C5:DF:45:E4:0B
Authority key identifier: 68:63:9A:21:75:97:96:FE:3A:1D:91:9F:9B:57:37:EB:68:D7:08:E4
Certificate issuer: /CN=68639a21759796fe3a1d919f9b5737eb68d708e4
Certificate serial: 019D2772D25E0555101FD9DD951CBAF55142
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aGOaIXWXlv46HZGfm1c362jXCOQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/e56811-9801-4595-87e7-13d168d59b11/1/aGOaIXWXlv46HZGfm1c362jXCOQ.mft
Manifest number: 15D0
Signing time: Thu 26 Mar 2026 00:02:09 +0000
Manifest this update: Thu 26 Mar 2026 00:02:09 +0000
Manifest next update: Fri 27 Mar 2026 00:02:09 +0000
Files and hashes: 1: Q3icqhJs5qAyA3hER2hkXKmmVkg.roa (hash: Vd3hohE6ub6CWkSKlO/X8MF+gU7dSgWfrpJ+oaxmW9o=)
2: RpKFlDqbj29Bav_Lkhu3kyJzzKU.roa (hash: 9GM2BLzn5MHA7HpZGUV7uK2cEDGeWuWkdj2aeKwl3TA=)
3: aGOaIXWXlv46HZGfm1c362jXCOQ.crl (hash: /ZAvkpk7rMona68668R8uqNK8RK09Furh//mNlcvEjI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/e56811-9801-4595-87e7-13d168d59b11/1/aGOaIXWXlv46HZGfm1c362jXCOQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/e56811-9801-4595-87e7-13d168d59b11/1/aGOaIXWXlv46HZGfm1c362jXCOQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/aGOaIXWXlv46HZGfm1c362jXCOQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:72:d2:5e:05:55:10:1f:d9:dd:95:1c:ba:f5:51:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68639a21759796fe3a1d919f9b5737eb68d708e4
Validity
Not Before: Mar 26 00:02:09 2026 GMT
Not After : Mar 27 00:02:09 2026 GMT
Subject: CN=89e07ce7d33f950fa69e19b33895c9c5df45e40b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:17:51:36:04:c0:86:02:0d:c9:89:53:9d:5c:
a8:1b:7d:7d:7a:1c:3f:43:cd:ec:9a:b4:17:21:7b:
c6:93:03:64:5b:90:77:22:28:80:c7:0b:60:cb:88:
ae:8b:3f:b1:70:d1:c8:06:1b:ff:dc:8e:63:b1:bc:
5e:02:9e:90:8f:7e:51:fd:29:07:f0:d8:e8:ff:1f:
97:94:b2:f1:bf:77:f6:5b:04:de:17:4e:57:a5:98:
16:18:6e:6d:56:81:ef:16:36:a0:a3:c4:fa:df:4a:
2a:cc:aa:ff:77:26:38:d5:cd:32:d0:b7:fb:1b:a0:
1e:9e:b3:a9:08:4b:a6:fd:0d:d7:fd:76:31:0e:7e:
0f:11:a8:07:71:6c:3c:35:bd:aa:98:d6:c8:b4:14:
68:8d:6c:7e:3e:12:c7:95:5a:99:04:f0:46:f1:9c:
9f:fd:9e:50:8f:7e:21:fa:1f:80:cb:03:2a:5e:82:
40:ca:9c:a0:13:91:dd:d9:51:94:3e:0c:d0:8b:75:
fd:f3:07:a1:05:0a:70:1b:80:03:95:de:a9:fb:e1:
a6:b7:8c:bf:05:5e:73:2c:fd:92:6e:94:e3:8b:fc:
31:9b:92:2f:a8:f4:f4:43:53:c3:36:00:d8:7d:85:
f3:98:ad:83:c1:c2:3b:5b:a5:d5:d3:e7:18:4c:47:
bd:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:E0:7C:E7:D3:3F:95:0F:A6:9E:19:B3:38:95:C9:C5:DF:45:E4:0B
X509v3 Authority Key Identifier:
keyid:68:63:9A:21:75:97:96:FE:3A:1D:91:9F:9B:57:37:EB:68:D7:08:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aGOaIXWXlv46HZGfm1c362jXCOQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/e56811-9801-4595-87e7-13d168d59b11/1/aGOaIXWXlv46HZGfm1c362jXCOQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/e56811-9801-4595-87e7-13d168d59b11/1/aGOaIXWXlv46HZGfm1c362jXCOQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0d:bd:31:f4:08:b4:17:54:a2:b8:b4:b7:ee:5f:92:3e:be:5a:
32:9e:5c:26:ae:38:04:e0:c2:68:9c:fb:35:ae:a0:42:4b:90:
a6:15:ce:55:56:d9:77:6a:3b:7b:ea:fa:53:a1:80:f5:6f:21:
75:2d:a7:52:e5:67:91:15:b0:de:04:29:9a:37:4e:9c:5a:5d:
23:d9:7b:f8:72:2f:43:00:45:58:ba:52:a8:38:fe:4c:ce:ce:
df:a9:ad:40:50:a7:ef:96:e5:ea:bf:5d:35:dc:5b:44:d1:11:
3a:6c:e8:28:c6:84:cf:c4:28:55:52:21:09:e0:02:93:96:6b:
b1:21:be:64:70:6d:3d:99:4f:10:ea:ab:ff:b9:d6:6d:e8:36:
2c:bf:68:1b:5a:59:d7:97:d9:18:21:a2:a0:8b:04:40:ea:e1:
17:ff:ad:ce:ed:65:b4:ec:b8:9c:3d:39:a5:7f:60:74:92:16:
56:16:09:5e:83:ec:98:a4:42:14:3c:8c:e7:44:c2:18:a8:dd:
64:23:ac:5b:50:60:5a:e9:f6:8b:ed:e8:ee:be:78:37:c8:fa:
82:e0:20:80:a6:11:38:5b:83:55:4c:46:ee:42:93:62:25:88:
ae:58:ba:3c:39:4e:62:c6:d2:78:bc:cc:59:98:38:c3:fb:d4:
92:b7:7e:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nctJeBVUQH9ndlRy69VFCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NjM5YTIxNzU5Nzk2ZmUzYTFkOTE5ZjliNTczN2ViNjhk
NzA4ZTQwHhcNMjYwMzI2MDAwMjA5WhcNMjYwMzI3MDAwMjA5WjAzMTEwLwYDVQQD
Eyg4OWUwN2NlN2QzM2Y5NTBmYTY5ZTE5YjMzODk1YzljNWRmNDVlNDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBdRNgTAhgINyYlTnVyoG319ehw/
Q83smrQXIXvGkwNkW5B3IiiAxwtgy4iuiz+xcNHIBhv/3I5jsbxeAp6Qj35R/SkH
8Njo/x+XlLLxv3f2WwTeF05XpZgWGG5tVoHvFjago8T630oqzKr/dyY41c0y0Lf7
G6AenrOpCEum/Q3X/XYxDn4PEagHcWw8Nb2qmNbItBRojWx+PhLHlVqZBPBG8Zyf
/Z5Qj34h+h+AywMqXoJAypygE5Hd2VGUPgzQi3X98wehBQpwG4ADld6p++Gmt4y/
BV5zLP2SbpTji/wxm5IvqPT0Q1PDNgDYfYXzmK2DwcI7W6XV0+cYTEe9TQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIngfOfTP5UPpp4ZsziVycXfReQLMB8GA1UdIwQY
MBaAFGhjmiF1l5b+Oh2Rn5tXN+to1wjkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUdPYUlYV1hsdjQ2SFpHZm0xYzM2MmpYQ09RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9lNTY4MTEtOTgwMS00NTk1LTg3ZTct
MTNkMTY4ZDU5YjExLzEvYUdPYUlYV1hsdjQ2SFpHZm0xYzM2MmpYQ09RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9lNTY4MTEtOTgwMS00NTk1LTg3ZTctMTNkMTY4ZDU5YjEx
LzEvYUdPYUlYV1hsdjQ2SFpHZm0xYzM2MmpYQ09RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADb0x9Ai0
F1SiuLS37l+SPr5aMp5cJq44BODCaJz7Na6gQkuQphXOVVbZd2o7e+r6U6GA9W8h
dS2nUuVnkRWw3gQpmjdOnFpdI9l7+HIvQwBFWLpSqDj+TM7O36mtQFCn75bl6r9d
NdxbRNEROmzoKMaEz8QoVVIhCeACk5ZrsSG+ZHBtPZlPEOqr/7nWbeg2LL9oG1pZ
15fZGCGioIsEQOrhF/+tzu1ltOy4nD05pX9gdJIWVhYJXoPsmKRCFDyM50TCGKjd
ZCOsW1BgWun2i+3o7r54N8j6guAggKYROFuDVUxG7kKTYiWIrli6PDlOYsbSeLzM
WZg4w/vUkrd+Fw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:00:07 2026 by rpki-client