Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/d1c06a-dfa5-4c78-980a-6be2f4d24c96/1/AAhYlJa_htLQ-IdLdsrIQwJbzTs.mft
File: AAhYlJa_htLQ-IdLdsrIQwJbzTs.mft (raw, json)
Hash identifier: oJaOCohUzm8Glna/objIQ4pyjS3XJrQEcb84/2UOIRg=
Subject key identifier: 92:1F:4D:E1:A1:D6:F9:50:9E:1A:91:90:86:A6:79:73:E6:C4:E6:26
Authority key identifier: 00:08:58:94:96:BF:86:D2:D0:F8:87:4B:76:CA:C8:43:02:5B:CD:3B
Certificate issuer: /CN=0008589496bf86d2d0f8874b76cac843025bcd3b
Certificate serial: 019D093083FEF0A151845603220263C0AA4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AAhYlJa_htLQ-IdLdsrIQwJbzTs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/d1c06a-dfa5-4c78-980a-6be2f4d24c96/1/AAhYlJa_htLQ-IdLdsrIQwJbzTs.mft
Manifest number: 1139
Signing time: Fri 20 Mar 2026 03:01:07 +0000
Manifest this update: Fri 20 Mar 2026 03:01:07 +0000
Manifest next update: Sat 21 Mar 2026 03:01:07 +0000
Files and hashes: 1: AAhYlJa_htLQ-IdLdsrIQwJbzTs.crl (hash: d3pWYvgh0KvHlFwuinNzZl4CkEjuevpOtd933H7Lrhw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/d1c06a-dfa5-4c78-980a-6be2f4d24c96/1/AAhYlJa_htLQ-IdLdsrIQwJbzTs.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/d1c06a-dfa5-4c78-980a-6be2f4d24c96/1/AAhYlJa_htLQ-IdLdsrIQwJbzTs.mft
rsync://rpki.ripe.net/repository/DEFAULT/AAhYlJa_htLQ-IdLdsrIQwJbzTs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Mar 2026 01:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:09:30:83:fe:f0:a1:51:84:56:03:22:02:63:c0:aa:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0008589496bf86d2d0f8874b76cac843025bcd3b
Validity
Not Before: Mar 20 03:01:07 2026 GMT
Not After : Mar 21 03:01:07 2026 GMT
Subject: CN=921f4de1a1d6f9509e1a919086a67973e6c4e626
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:06:65:fc:61:e0:77:34:eb:02:35:68:38:7c:
a1:4f:91:14:3f:a6:09:23:4b:f9:d3:83:c7:c8:e6:
86:ce:fb:cf:44:c2:c9:d0:fe:cc:d2:7c:0f:b4:c8:
8a:0b:b0:7b:e0:0f:df:b8:f2:76:08:f3:69:9d:43:
2c:0d:08:f9:bc:3f:6f:3e:b1:ea:98:ea:ce:d1:34:
52:e0:89:5f:2c:66:c9:90:9a:7e:aa:a6:d3:3d:d9:
c6:97:87:0e:e8:4e:bf:d8:b0:67:cc:d7:c2:8c:f8:
6d:09:34:6d:f5:27:09:58:3c:e7:54:5c:5d:5a:b0:
a5:ed:7e:08:dd:de:61:6b:47:b1:3f:f3:d2:03:2e:
0e:e6:2d:6f:bd:b0:8e:66:27:a0:bf:1d:c3:a4:a4:
84:b6:59:b4:de:70:75:90:15:43:09:68:72:71:f2:
c0:a0:b5:eb:6f:73:7f:1c:bc:c5:ff:7d:8f:40:01:
2b:21:d3:0b:e1:49:5d:22:c8:0f:b7:b5:d8:05:57:
da:8a:64:a8:87:63:96:b1:5b:9b:c4:63:f7:e6:55:
49:78:06:2f:19:08:ad:ee:57:f5:ce:7a:5b:ce:ee:
a5:e5:53:aa:32:ef:6d:34:b2:ba:36:e0:fd:12:85:
4f:e5:ec:80:9d:cf:ad:70:67:30:7c:52:2e:62:1e:
da:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:1F:4D:E1:A1:D6:F9:50:9E:1A:91:90:86:A6:79:73:E6:C4:E6:26
X509v3 Authority Key Identifier:
keyid:00:08:58:94:96:BF:86:D2:D0:F8:87:4B:76:CA:C8:43:02:5B:CD:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AAhYlJa_htLQ-IdLdsrIQwJbzTs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/d1c06a-dfa5-4c78-980a-6be2f4d24c96/1/AAhYlJa_htLQ-IdLdsrIQwJbzTs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/d1c06a-dfa5-4c78-980a-6be2f4d24c96/1/AAhYlJa_htLQ-IdLdsrIQwJbzTs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7e:18:2a:db:7a:79:04:a8:e6:07:70:8c:ee:4e:94:1f:83:62:
a6:e3:d1:a9:ea:3e:05:cd:b3:95:9c:0e:b7:1c:02:8a:99:b5:
9a:46:79:0a:6a:4d:85:13:c8:9f:25:88:9f:34:43:cf:26:0a:
9d:f4:a4:43:e3:9b:03:78:90:38:37:1d:a7:c0:f5:9e:f8:26:
4b:24:b3:9e:65:5f:f0:7f:05:d7:9f:57:91:49:d6:72:44:53:
53:41:15:c3:15:a1:0e:3e:0d:fc:91:99:be:9c:51:35:0b:8f:
08:4f:8b:a3:a7:8d:2a:08:9b:53:c8:65:68:66:10:b3:19:a1:
e2:e6:ba:df:c7:19:aa:c0:0e:0a:8c:83:69:33:01:e6:2d:45:
01:7f:95:04:70:cf:75:91:60:f4:ac:77:91:45:1a:d1:c6:72:
17:e1:cd:aa:5d:39:bc:58:ba:8a:55:c2:aa:1e:20:51:19:d2:
51:4e:50:61:e7:29:17:42:ee:bc:57:92:3a:d7:eb:b1:a0:a5:
ec:bf:8d:3e:65:d5:a8:89:23:b3:af:0b:39:85:9a:9c:24:7c:
dd:18:9a:9e:74:96:8a:25:cc:86:9e:f8:a9:01:f2:02:5b:16:
d8:fb:e9:c2:05:ea:bf:55:9c:bf:9d:6c:d9:e2:2d:6a:3f:99:
1e:12:fd:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0JMIP+8KFRhFYDIgJjwKpMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMDg1ODk0OTZiZjg2ZDJkMGY4ODc0Yjc2Y2FjODQzMDI1
YmNkM2IwHhcNMjYwMzIwMDMwMTA3WhcNMjYwMzIxMDMwMTA3WjAzMTEwLwYDVQQD
Eyg5MjFmNGRlMWExZDZmOTUwOWUxYTkxOTA4NmE2Nzk3M2U2YzRlNjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgZl/GHgdzTrAjVoOHyhT5EUP6YJ
I0v504PHyOaGzvvPRMLJ0P7M0nwPtMiKC7B74A/fuPJ2CPNpnUMsDQj5vD9vPrHq
mOrO0TRS4IlfLGbJkJp+qqbTPdnGl4cO6E6/2LBnzNfCjPhtCTRt9ScJWDznVFxd
WrCl7X4I3d5ha0exP/PSAy4O5i1vvbCOZiegvx3DpKSEtlm03nB1kBVDCWhycfLA
oLXrb3N/HLzF/32PQAErIdML4UldIsgPt7XYBVfaimSoh2OWsVubxGP35lVJeAYv
GQit7lf1znpbzu6l5VOqMu9tNLK6NuD9EoVP5eyAnc+tcGcwfFIuYh7azQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJIfTeGh1vlQnhqRkIameXPmxOYmMB8GA1UdIwQY
MBaAFAAIWJSWv4bS0PiHS3bKyEMCW807MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUFoWWxKYV9odExRLUlkTGRzcklRd0pielRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9kMWMwNmEtZGZhNS00Yzc4LTk4MGEt
NmJlMmY0ZDI0Yzk2LzEvQUFoWWxKYV9odExRLUlkTGRzcklRd0pielRzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9kMWMwNmEtZGZhNS00Yzc4LTk4MGEtNmJlMmY0ZDI0Yzk2
LzEvQUFoWWxKYV9odExRLUlkTGRzcklRd0pielRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfhgq23p5
BKjmB3CM7k6UH4NipuPRqeo+Bc2zlZwOtxwCipm1mkZ5CmpNhRPInyWInzRDzyYK
nfSkQ+ObA3iQODcdp8D1nvgmSySznmVf8H8F159XkUnWckRTU0EVwxWhDj4N/JGZ
vpxRNQuPCE+Lo6eNKgibU8hlaGYQsxmh4ua638cZqsAOCoyDaTMB5i1FAX+VBHDP
dZFg9Kx3kUUa0cZyF+HNql05vFi6ilXCqh4gURnSUU5QYecpF0LuvFeSOtfrsaCl
7L+NPmXVqIkjs68LOYWanCR83RiannSWiiXMhp74qQHyAlsW2PvpwgXqv1Wcv51s
2eItaj+ZHhL9Uw==
-----END CERTIFICATE-----
Generated at Fri Mar 20 08:57:09 2026 by rpki-client