Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/56f2a3-7eb7-4513-9f55-677871a03355/1/rAiBXoxlA2AfJUyrNxvsRxvX6qY.mft
File: rAiBXoxlA2AfJUyrNxvsRxvX6qY.mft (raw, json)
Hash identifier: cWC1poiZOU5q1VVWCkmtO1hgZBsN1pQXWA2Waq+zI8E=
Subject key identifier: A6:12:A1:B0:3A:F5:B9:60:74:7F:85:53:08:91:CC:29:05:D1:4B:C4
Authority key identifier: AC:08:81:5E:8C:65:03:60:1F:25:4C:AB:37:1B:EC:47:1B:D7:EA:A6
Certificate issuer: /CN=ac08815e8c6503601f254cab371bec471bd7eaa6
Certificate serial: 019D37F765C0FC844D733E03F4B91DF43C01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rAiBXoxlA2AfJUyrNxvsRxvX6qY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/56f2a3-7eb7-4513-9f55-677871a03355/1/rAiBXoxlA2AfJUyrNxvsRxvX6qY.mft
Manifest number: 0C9E
Signing time: Sun 29 Mar 2026 05:00:53 +0000
Manifest this update: Sun 29 Mar 2026 05:00:53 +0000
Manifest next update: Mon 30 Mar 2026 05:00:53 +0000
Files and hashes: 1: 24WxHxaeAmm5E1Q3Id3rg_qvvPY.roa (hash: cVrKb1vSqi82yPVZCgvu5xU3xXbeXHexmU9eyiwbU3E=)
2: rAiBXoxlA2AfJUyrNxvsRxvX6qY.crl (hash: 9UnaiabTJsyRYt0EHckjDsz1qTuYA7GiJgxJjskXcMs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/56f2a3-7eb7-4513-9f55-677871a03355/1/rAiBXoxlA2AfJUyrNxvsRxvX6qY.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/56f2a3-7eb7-4513-9f55-677871a03355/1/rAiBXoxlA2AfJUyrNxvsRxvX6qY.mft
rsync://rpki.ripe.net/repository/DEFAULT/rAiBXoxlA2AfJUyrNxvsRxvX6qY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 05:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:f7:65:c0:fc:84:4d:73:3e:03:f4:b9:1d:f4:3c:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac08815e8c6503601f254cab371bec471bd7eaa6
Validity
Not Before: Mar 29 05:00:53 2026 GMT
Not After : Mar 30 05:00:53 2026 GMT
Subject: CN=a612a1b03af5b960747f85530891cc2905d14bc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:33:01:59:b7:2a:ad:17:6b:4b:ea:0e:7a:d9:
b6:e6:97:b4:73:22:9a:e7:62:cf:05:c4:6a:a5:8c:
eb:19:cc:78:b9:9b:07:0b:96:9a:7a:5b:4a:cd:b1:
0c:08:dc:26:2b:3c:cc:09:3a:4a:1d:d6:4b:3e:b4:
c5:eb:7e:77:8c:a6:00:0c:ef:6d:80:0f:4b:0c:75:
b1:d9:53:75:30:3f:e7:2d:cd:97:d0:ce:29:ed:c7:
36:74:f7:43:f2:58:28:0c:c3:d0:03:39:10:21:f0:
47:77:f3:6b:a8:96:51:26:ef:88:ec:11:98:26:16:
05:f9:b8:8e:f6:89:bf:9e:50:85:df:cd:2a:db:ba:
f6:f5:c0:46:f6:24:49:7f:30:ca:c3:d9:d4:54:10:
88:35:a0:e4:72:b1:a0:43:95:dc:c4:87:34:de:8c:
c5:e9:b6:02:bc:7e:af:38:7f:3c:98:01:05:83:c7:
23:99:a1:68:b1:27:b9:af:5b:aa:c3:f1:a2:fe:ad:
5f:18:7d:6f:2e:ad:92:e4:a5:23:46:ab:3a:83:5f:
1c:6c:d6:5a:7c:64:44:23:43:96:1d:52:02:17:2f:
cf:ce:a1:62:07:f6:98:57:8b:1a:a8:b2:13:d2:70:
f2:4e:fd:1e:b2:a5:d1:62:4e:41:16:9d:a0:f4:7e:
a8:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:12:A1:B0:3A:F5:B9:60:74:7F:85:53:08:91:CC:29:05:D1:4B:C4
X509v3 Authority Key Identifier:
keyid:AC:08:81:5E:8C:65:03:60:1F:25:4C:AB:37:1B:EC:47:1B:D7:EA:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rAiBXoxlA2AfJUyrNxvsRxvX6qY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/56f2a3-7eb7-4513-9f55-677871a03355/1/rAiBXoxlA2AfJUyrNxvsRxvX6qY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/56f2a3-7eb7-4513-9f55-677871a03355/1/rAiBXoxlA2AfJUyrNxvsRxvX6qY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3b:36:85:34:d3:6e:79:6d:30:88:1d:fb:c4:8f:ff:6d:0d:81:
27:9d:93:f5:0c:3f:91:b7:e1:61:f6:44:b0:39:a7:f8:86:98:
26:f0:c1:99:32:65:0e:4b:3c:61:ee:54:c2:71:a9:26:be:ef:
d1:16:80:06:bd:b0:30:82:2a:86:2f:bb:5e:54:17:6a:3e:c8:
5b:e1:0f:d6:9b:34:be:ea:da:0a:e4:af:0c:37:fe:78:91:70:
4b:1e:7f:d8:ca:e2:d8:5d:df:d6:8e:7b:1d:22:36:cf:a0:ef:
50:0e:00:7a:27:b6:87:d7:b7:c2:6b:0f:d1:f2:28:0d:77:57:
d1:75:f5:4c:08:2a:3a:a0:7b:a4:3d:1f:80:45:89:d0:41:4c:
37:82:b2:75:75:19:db:27:a4:3e:59:66:93:d9:2b:11:68:fc:
a3:b8:7a:52:9e:7c:0b:a0:5d:95:ba:61:51:2a:28:06:d0:14:
d8:c3:3e:90:f7:5d:7b:e1:88:da:14:c7:ea:e7:4f:bf:9a:7e:
1b:e6:13:56:72:d0:6f:4e:60:13:bb:b7:9e:d3:97:9f:9e:f9:
12:ff:ca:05:43:6c:57:df:22:c8:e8:39:25:32:55:2b:d0:15:
73:96:30:f5:5d:59:12:41:57:94:4f:77:b2:fd:52:82:30:de:
b3:60:19:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0392XA/IRNcz4D9Lkd9DwBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMDg4MTVlOGM2NTAzNjAxZjI1NGNhYjM3MWJlYzQ3MWJk
N2VhYTYwHhcNMjYwMzI5MDUwMDUzWhcNMjYwMzMwMDUwMDUzWjAzMTEwLwYDVQQD
EyhhNjEyYTFiMDNhZjViOTYwNzQ3Zjg1NTMwODkxY2MyOTA1ZDE0YmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTMBWbcqrRdrS+oOetm25pe0cyKa
52LPBcRqpYzrGcx4uZsHC5aaeltKzbEMCNwmKzzMCTpKHdZLPrTF6353jKYADO9t
gA9LDHWx2VN1MD/nLc2X0M4p7cc2dPdD8lgoDMPQAzkQIfBHd/NrqJZRJu+I7BGY
JhYF+biO9om/nlCF380q27r29cBG9iRJfzDKw9nUVBCINaDkcrGgQ5XcxIc03ozF
6bYCvH6vOH88mAEFg8cjmaFosSe5r1uqw/Gi/q1fGH1vLq2S5KUjRqs6g18cbNZa
fGREI0OWHVICFy/PzqFiB/aYV4saqLIT0nDyTv0esqXRYk5BFp2g9H6orwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKYSobA69blgdH+FUwiRzCkF0UvEMB8GA1UdIwQY
MBaAFKwIgV6MZQNgHyVMqzcb7Ecb1+qmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckFpQlhveGxBMkFmSlV5ck54dnNSeHZYNnFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC81NmYyYTMtN2ViNy00NTEzLTlmNTUt
Njc3ODcxYTAzMzU1LzEvckFpQlhveGxBMkFmSlV5ck54dnNSeHZYNnFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC81NmYyYTMtN2ViNy00NTEzLTlmNTUtNjc3ODcxYTAzMzU1
LzEvckFpQlhveGxBMkFmSlV5ck54dnNSeHZYNnFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOzaFNNNu
eW0wiB37xI//bQ2BJ52T9Qw/kbfhYfZEsDmn+IaYJvDBmTJlDks8Ye5UwnGpJr7v
0RaABr2wMIIqhi+7XlQXaj7IW+EP1ps0vuraCuSvDDf+eJFwSx5/2Mri2F3f1o57
HSI2z6DvUA4Aeie2h9e3wmsP0fIoDXdX0XX1TAgqOqB7pD0fgEWJ0EFMN4KydXUZ
2yekPllmk9krEWj8o7h6Up58C6BdlbphUSooBtAU2MM+kPdde+GI2hTH6udPv5p+
G+YTVnLQb05gE7u3ntOXn575Ev/KBUNsV98iyOg5JTJVK9AVc5Yw9V1ZEkFXlE93
sv1SgjDes2AZZg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 15:27:12 2026 by rpki-client