Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/bd8ec1-17a4-44df-883d-e97d226fbeea/1/aeOtiwIkUhzQrnSSxpS8LU7h_bI.mft
File: aeOtiwIkUhzQrnSSxpS8LU7h_bI.mft (raw, json)
Hash identifier: ORZI3KPPXhOvHhoT+3VKFsGOfvE3JvfUE8vCQ7jTlwI=
Subject key identifier: C7:40:CA:79:5A:A5:E8:BC:EB:66:41:9B:E5:87:B8:6F:70:2B:D3:4B
Authority key identifier: 69:E3:AD:8B:02:24:52:1C:D0:AE:74:92:C6:94:BC:2D:4E:E1:FD:B2
Certificate issuer: /CN=69e3ad8b0224521cd0ae7492c694bc2d4ee1fdb2
Certificate serial: 019D3A543E21E2D20062D0618510489EF7B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aeOtiwIkUhzQrnSSxpS8LU7h_bI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/bd8ec1-17a4-44df-883d-e97d226fbeea/1/aeOtiwIkUhzQrnSSxpS8LU7h_bI.mft
Manifest number: 0D17
Signing time: Sun 29 Mar 2026 16:01:32 +0000
Manifest this update: Sun 29 Mar 2026 16:01:32 +0000
Manifest next update: Mon 30 Mar 2026 16:01:32 +0000
Files and hashes: 1: aeOtiwIkUhzQrnSSxpS8LU7h_bI.crl (hash: 0KANFE6B1LUyzYwtn4IWlNO6ND/83XTwg5ImxIs4gMo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/bd8ec1-17a4-44df-883d-e97d226fbeea/1/aeOtiwIkUhzQrnSSxpS8LU7h_bI.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/bd8ec1-17a4-44df-883d-e97d226fbeea/1/aeOtiwIkUhzQrnSSxpS8LU7h_bI.mft
rsync://rpki.ripe.net/repository/DEFAULT/aeOtiwIkUhzQrnSSxpS8LU7h_bI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 16:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3a:54:3e:21:e2:d2:00:62:d0:61:85:10:48:9e:f7:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69e3ad8b0224521cd0ae7492c694bc2d4ee1fdb2
Validity
Not Before: Mar 29 16:01:32 2026 GMT
Not After : Mar 30 16:01:32 2026 GMT
Subject: CN=c740ca795aa5e8bceb66419be587b86f702bd34b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ec:a1:98:c0:34:a4:86:3d:ae:e2:07:4f:ba:
c0:11:79:10:55:e4:69:72:71:06:cb:6e:bb:7b:2f:
81:9a:91:7b:2d:fa:04:5b:7b:38:c4:51:76:6f:0a:
e1:28:b8:a6:89:04:2b:52:d2:a3:17:b8:a0:5b:9e:
d8:d7:34:b7:b7:a8:11:f6:d7:fb:de:5d:4a:25:ac:
dc:b2:94:21:cb:19:d4:3a:67:d7:ff:05:3c:4a:f9:
bd:59:de:e8:55:66:cd:e6:0e:82:93:54:94:98:05:
8b:77:08:36:bd:b0:ab:71:dd:35:bf:e2:f3:38:14:
b7:28:f4:8a:90:d4:aa:9d:db:ce:61:a7:14:36:2d:
8a:e7:80:f1:03:a7:6c:0c:ba:4c:6d:57:ec:1b:83:
de:14:3a:76:a8:7d:7a:c5:d6:60:05:01:5e:3c:4c:
b0:67:44:32:11:52:8e:08:bc:d3:36:f4:62:65:96:
94:4a:e4:5d:28:97:27:22:38:c8:ed:99:c4:f1:b3:
c9:0f:8c:c6:7b:8a:a8:5b:fd:44:62:1b:fe:f5:86:
a6:3f:4b:f7:f9:22:37:e8:d8:50:b7:3d:cf:8a:8d:
e0:03:52:63:86:d2:a3:54:10:34:bb:a8:c4:7f:64:
84:47:78:43:0c:ad:a8:7c:d1:98:6c:05:c8:a3:ba:
79:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:40:CA:79:5A:A5:E8:BC:EB:66:41:9B:E5:87:B8:6F:70:2B:D3:4B
X509v3 Authority Key Identifier:
keyid:69:E3:AD:8B:02:24:52:1C:D0:AE:74:92:C6:94:BC:2D:4E:E1:FD:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aeOtiwIkUhzQrnSSxpS8LU7h_bI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/bd8ec1-17a4-44df-883d-e97d226fbeea/1/aeOtiwIkUhzQrnSSxpS8LU7h_bI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/bd8ec1-17a4-44df-883d-e97d226fbeea/1/aeOtiwIkUhzQrnSSxpS8LU7h_bI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
20:3f:a7:a6:85:7c:49:f6:86:f6:63:0b:e8:30:2b:32:50:15:
90:ce:e3:38:e4:55:e1:d3:60:31:3b:b3:fa:7e:e5:75:3d:93:
3f:61:9f:17:9f:28:23:28:f3:93:64:5d:1f:12:f3:4f:e8:de:
e0:50:71:a6:f7:66:2a:29:bb:40:a7:36:df:b2:b1:90:0e:90:
c7:37:bb:e0:60:aa:44:33:a3:a1:1c:c5:97:90:bc:82:5b:31:
3a:2c:87:53:d3:21:b3:ae:af:15:d3:7c:0d:a2:d2:d4:ae:92:
3e:13:72:1f:a1:ea:d2:65:50:7b:2e:1c:33:30:75:a5:6d:3e:
eb:12:33:83:17:d5:7c:4a:ac:fa:bc:ca:f4:dd:ed:44:2c:9c:
10:88:f0:45:b5:46:5b:12:69:4f:cb:ea:17:69:e9:f1:fb:55:
4d:8d:de:de:de:8a:2e:12:17:8c:85:c9:c4:8f:80:1e:42:96:
c0:f2:c3:da:30:c3:9f:dc:cd:04:59:ba:54:ea:ce:1c:88:a8:
5d:43:f9:57:16:b4:2c:36:97:9b:71:71:79:60:9a:a4:71:18:
04:b7:1b:b7:80:72:b7:70:2f:27:29:eb:39:80:3f:56:0d:99:
10:7a:a2:72:cf:42:d0:4a:90:78:2f:e8:f8:a7:c8:05:f3:6f:
a5:37:ec:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06VD4h4tIAYtBhhRBInve5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZTNhZDhiMDIyNDUyMWNkMGFlNzQ5MmM2OTRiYzJkNGVl
MWZkYjIwHhcNMjYwMzI5MTYwMTMyWhcNMjYwMzMwMTYwMTMyWjAzMTEwLwYDVQQD
EyhjNzQwY2E3OTVhYTVlOGJjZWI2NjQxOWJlNTg3Yjg2ZjcwMmJkMzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzeyhmMA0pIY9ruIHT7rAEXkQVeRp
cnEGy267ey+BmpF7LfoEW3s4xFF2bwrhKLimiQQrUtKjF7igW57Y1zS3t6gR9tf7
3l1KJazcspQhyxnUOmfX/wU8Svm9Wd7oVWbN5g6Ck1SUmAWLdwg2vbCrcd01v+Lz
OBS3KPSKkNSqndvOYacUNi2K54DxA6dsDLpMbVfsG4PeFDp2qH16xdZgBQFePEyw
Z0QyEVKOCLzTNvRiZZaUSuRdKJcnIjjI7ZnE8bPJD4zGe4qoW/1EYhv+9YamP0v3
+SI36NhQtz3Pio3gA1JjhtKjVBA0u6jEf2SER3hDDK2ofNGYbAXIo7p5NwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMdAynlapei862ZBm+WHuG9wK9NLMB8GA1UdIwQY
MBaAFGnjrYsCJFIc0K50ksaUvC1O4f2yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWVPdGl3SWtVaHpRcm5TU3hwUzhMVTdoX2JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9iZDhlYzEtMTdhNC00NGRmLTg4M2Qt
ZTk3ZDIyNmZiZWVhLzEvYWVPdGl3SWtVaHpRcm5TU3hwUzhMVTdoX2JJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9iZDhlYzEtMTdhNC00NGRmLTg4M2QtZTk3ZDIyNmZiZWVh
LzEvYWVPdGl3SWtVaHpRcm5TU3hwUzhMVTdoX2JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAID+npoV8
SfaG9mML6DArMlAVkM7jOORV4dNgMTuz+n7ldT2TP2GfF58oIyjzk2RdHxLzT+je
4FBxpvdmKim7QKc237KxkA6Qxze74GCqRDOjoRzFl5C8glsxOiyHU9Mhs66vFdN8
DaLS1K6SPhNyH6Hq0mVQey4cMzB1pW0+6xIzgxfVfEqs+rzK9N3tRCycEIjwRbVG
WxJpT8vqF2np8ftVTY3e3t6KLhIXjIXJxI+AHkKWwPLD2jDDn9zNBFm6VOrOHIio
XUP5Vxa0LDaXm3FxeWCapHEYBLcbt4Byt3AvJynrOYA/Vg2ZEHqics9C0EqQeC/o
+KfIBfNvpTfskw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 19:21:47 2026 by rpki-client