Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.mft
File: aNLCXQU0pAJ8aVViqM5PABzVOW8.mft (raw, json)
Hash identifier: HbsZ15jj/THHNXzJ1n/QPVv1stjZUp3tLVrFlHGhjLs=
Subject key identifier: 37:2E:AA:DD:B1:B2:DE:E4:25:C1:77:18:25:D9:8E:0D:DD:DA:ED:2C
Authority key identifier: 68:D2:C2:5D:05:34:A4:02:7C:69:55:62:A8:CE:4F:00:1C:D5:39:6F
Certificate issuer: /CN=68d2c25d0534a4027c695562a8ce4f001cd5396f
Certificate serial: 019D394165226A6FBD77E9927E2C6D94F18C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNLCXQU0pAJ8aVViqM5PABzVOW8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.mft
Manifest number: 14E3
Signing time: Sun 29 Mar 2026 11:01:20 +0000
Manifest this update: Sun 29 Mar 2026 11:01:20 +0000
Manifest next update: Mon 30 Mar 2026 11:01:20 +0000
Files and hashes: 1: URwUlX1aGUQjALJuv2b7NQZnlQY.roa (hash: tfOWykptTnti4HmolEIB0RYCOL60/EO4faOftMz4e/U=)
2: aNLCXQU0pAJ8aVViqM5PABzVOW8.crl (hash: Ucd4YJbF3bZ1fd1khakJYe8ED73FOjUL/hlmSMAD15k=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.mft
rsync://rpki.ripe.net/repository/DEFAULT/aNLCXQU0pAJ8aVViqM5PABzVOW8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:41:65:22:6a:6f:bd:77:e9:92:7e:2c:6d:94:f1:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68d2c25d0534a4027c695562a8ce4f001cd5396f
Validity
Not Before: Mar 29 11:01:20 2026 GMT
Not After : Mar 30 11:01:20 2026 GMT
Subject: CN=372eaaddb1b2dee425c1771825d98e0ddddaed2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a9:d2:ad:6f:0d:cb:5f:fe:55:cb:c0:a6:71:
33:3e:aa:90:2c:55:3b:4c:10:ab:25:e4:68:75:44:
64:b6:36:fc:08:cc:79:eb:c4:0b:f4:a1:c7:13:17:
15:b4:b1:21:0a:d7:7a:04:37:70:47:1e:4e:04:05:
91:28:f4:b9:68:b2:f7:f7:a3:89:c6:a7:ae:97:f2:
cf:92:2d:d9:62:76:6a:59:92:d4:f3:66:00:fa:4f:
71:12:3a:65:1a:de:62:38:b4:1e:d2:66:a4:7d:c8:
f7:5d:2b:2a:00:27:96:fc:46:8c:6e:6b:e8:1a:eb:
a3:5e:11:ae:2d:92:b2:be:66:4b:3b:2a:f2:2a:6f:
bb:75:a7:b0:52:e9:4b:15:67:40:9f:0f:96:12:cf:
f3:01:be:1d:34:3e:08:ea:87:12:80:3d:b7:cb:6a:
65:ec:af:17:a1:5e:1f:16:7e:9e:94:a4:04:6e:11:
d4:b5:9b:2a:9a:e8:b8:26:5f:7d:ef:8d:56:9f:16:
94:76:fe:4d:70:0e:c6:0f:7d:1d:62:68:83:5a:61:
88:45:16:58:63:8f:90:4d:ca:8b:70:b4:2c:ba:2a:
02:51:a0:2b:65:8e:10:b7:6f:4e:10:44:42:d7:8a:
45:40:65:e9:85:6a:e0:3c:1b:ea:d4:a1:f4:cc:87:
91:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:2E:AA:DD:B1:B2:DE:E4:25:C1:77:18:25:D9:8E:0D:DD:DA:ED:2C
X509v3 Authority Key Identifier:
keyid:68:D2:C2:5D:05:34:A4:02:7C:69:55:62:A8:CE:4F:00:1C:D5:39:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNLCXQU0pAJ8aVViqM5PABzVOW8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0f:b2:1d:b4:31:52:36:f6:2a:9d:77:e2:3e:ea:87:53:ee:c0:
75:71:39:b6:91:37:09:e9:0c:fb:54:78:49:93:a4:ff:ff:ff:
52:cf:fa:b6:d2:c8:2b:b1:d6:e6:66:ae:3d:4d:6e:0c:04:a6:
e4:a6:08:6f:a1:ea:ee:5d:45:4b:ea:74:78:f4:1f:85:f7:03:
f7:ff:cc:0d:64:e7:a8:96:49:96:fa:8e:36:c7:04:de:a1:31:
01:8c:09:0d:4f:c1:bd:9e:d5:c8:60:7b:41:5b:ed:7d:b3:01:
5d:3d:86:e5:81:db:ee:b9:44:ec:71:97:e4:07:2d:fb:d5:a6:
54:c7:5d:0a:cc:78:d2:91:56:be:df:86:1c:75:00:99:d3:7a:
f3:67:4e:bf:9b:ba:ea:a2:9b:e7:41:18:05:80:32:5b:13:dd:
af:92:be:2b:f7:8c:73:82:03:74:46:b1:6b:cf:89:0d:97:c8:
cb:d3:ff:eb:42:aa:d0:aa:2a:22:44:ff:e9:0c:0c:6e:ec:84:
e2:b4:b2:1c:c5:33:58:70:b7:93:ad:fe:b6:ca:89:a7:9f:fd:
07:3a:ab:67:1e:2a:96:4f:13:29:cb:15:de:d2:a2:cf:4e:39:
b1:9c:ef:46:b4:c0:7d:ce:c5:6c:0b:40:d1:74:69:28:fe:73:
a3:b4:32:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QWUiam+9d+mSfixtlPGMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZDJjMjVkMDUzNGE0MDI3YzY5NTU2MmE4Y2U0ZjAwMWNk
NTM5NmYwHhcNMjYwMzI5MTEwMTIwWhcNMjYwMzMwMTEwMTIwWjAzMTEwLwYDVQQD
EygzNzJlYWFkZGIxYjJkZWU0MjVjMTc3MTgyNWQ5OGUwZGRkZGFlZDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqnSrW8Ny1/+VcvApnEzPqqQLFU7
TBCrJeRodURktjb8CMx568QL9KHHExcVtLEhCtd6BDdwRx5OBAWRKPS5aLL396OJ
xqeul/LPki3ZYnZqWZLU82YA+k9xEjplGt5iOLQe0makfcj3XSsqACeW/EaMbmvo
GuujXhGuLZKyvmZLOyryKm+7daewUulLFWdAnw+WEs/zAb4dND4I6ocSgD23y2pl
7K8XoV4fFn6elKQEbhHUtZsqmui4Jl99741WnxaUdv5NcA7GD30dYmiDWmGIRRZY
Y4+QTcqLcLQsuioCUaArZY4Qt29OEERC14pFQGXphWrgPBvq1KH0zIeR9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDcuqt2xst7kJcF3GCXZjg3d2u0sMB8GA1UdIwQY
MBaAFGjSwl0FNKQCfGlVYqjOTwAc1TlvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU5MQ1hRVTBwQUo4YVZWaXFNNVBBQnpWT1c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9hZDk3NTYtODRkMS00YWI5LTk2ZTEt
MTQ3OTdlYWM1MjJlLzEvYU5MQ1hRVTBwQUo4YVZWaXFNNVBBQnpWT1c4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9hZDk3NTYtODRkMS00YWI5LTk2ZTEtMTQ3OTdlYWM1MjJl
LzEvYU5MQ1hRVTBwQUo4YVZWaXFNNVBBQnpWT1c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD7IdtDFS
NvYqnXfiPuqHU+7AdXE5tpE3CekM+1R4SZOk////Us/6ttLIK7HW5mauPU1uDASm
5KYIb6Hq7l1FS+p0ePQfhfcD9//MDWTnqJZJlvqONscE3qExAYwJDU/BvZ7VyGB7
QVvtfbMBXT2G5YHb7rlE7HGX5Act+9WmVMddCsx40pFWvt+GHHUAmdN682dOv5u6
6qKb50EYBYAyWxPdr5K+K/eMc4IDdEaxa8+JDZfIy9P/60Kq0KoqIkT/6QwMbuyE
4rSyHMUzWHC3k63+tsqJp5/9BzqrZx4qlk8TKcsV3tKiz045sZzvRrTAfc7FbAtA
0XRpKP5zo7QyRQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:49:03 2026 by rpki-client