Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.mft
File: aPYGg7N3JXQn279uzjXixYWjsB0.mft (raw, json)
Hash identifier: zVJYEamg/I1Y1AvK/ohu6HYyTezBOGHwz9capNaGT7Y=
Subject key identifier: FE:79:FB:68:34:AF:96:35:40:20:57:6B:41:9C:42:59:7F:24:88:CF
Authority key identifier: 68:F6:06:83:B3:77:25:74:27:DB:BF:6E:CE:35:E2:C5:85:A3:B0:1D
Certificate issuer: /CN=68f60683b377257427dbbf6ece35e2c585a3b01d
Certificate serial: 019D39098FB17EA452529D1BB65A92E706B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aPYGg7N3JXQn279uzjXixYWjsB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.mft
Manifest number: 1890
Signing time: Sun 29 Mar 2026 10:00:20 +0000
Manifest this update: Sun 29 Mar 2026 10:00:20 +0000
Manifest next update: Mon 30 Mar 2026 10:00:20 +0000
Files and hashes: 1: aPYGg7N3JXQn279uzjXixYWjsB0.crl (hash: 2ooNJDNTou//lZpDfWo5LdlaB1oDKdK6ecauZuGAcb4=)
2: eJ3f1i44Rqh5dEICPulbHl4WkkI.roa (hash: kZed20xL2+OJp4rVcGTuqnAX+7hPge7JicJ6LEk/ItE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/aPYGg7N3JXQn279uzjXixYWjsB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:09:8f:b1:7e:a4:52:52:9d:1b:b6:5a:92:e7:06:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68f60683b377257427dbbf6ece35e2c585a3b01d
Validity
Not Before: Mar 29 10:00:20 2026 GMT
Not After : Mar 30 10:00:20 2026 GMT
Subject: CN=fe79fb6834af96354020576b419c42597f2488cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:5f:18:8c:10:66:1f:5d:9c:d3:33:b1:8d:e3:
1d:d6:92:c6:03:b0:8c:6b:f3:ca:5e:dc:68:54:49:
91:a2:a1:4f:f5:da:6d:ab:cb:9c:71:44:1f:d2:cd:
5d:c2:16:01:fb:f5:2e:e0:65:e1:8b:7c:bd:89:0b:
a3:7a:8c:cd:d5:1c:9a:b5:0f:7c:0d:2b:1f:40:24:
8d:38:5b:71:91:79:82:3a:7e:8a:81:a9:52:e6:53:
2a:4c:45:33:d4:22:3c:0a:94:27:82:5e:2e:c6:26:
47:ff:27:5e:69:9f:28:1b:d8:da:df:63:9e:f0:7b:
c6:93:08:bd:52:44:0b:52:98:76:cd:d0:1b:f2:3f:
2f:ee:f8:08:de:4d:63:ec:3a:8b:f5:3f:db:9c:0e:
c4:29:ae:50:b6:c9:71:41:cd:16:da:d3:a1:82:5e:
43:ac:0e:48:7c:cd:ff:94:db:b6:81:d1:71:6f:53:
91:5e:be:e2:db:5f:8c:4c:4d:8f:d3:74:6e:5d:32:
c4:6a:2b:9c:ef:34:a0:b9:80:ce:0b:ad:1b:3e:69:
1e:c1:12:8f:4c:5e:24:16:dc:79:22:7d:b0:07:ed:
c5:b6:bd:f3:1f:15:2b:8d:f6:78:12:14:dd:0a:25:
15:7d:87:47:f7:c3:c1:9d:b9:29:02:2c:e6:7f:74:
52:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:79:FB:68:34:AF:96:35:40:20:57:6B:41:9C:42:59:7F:24:88:CF
X509v3 Authority Key Identifier:
keyid:68:F6:06:83:B3:77:25:74:27:DB:BF:6E:CE:35:E2:C5:85:A3:B0:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aPYGg7N3JXQn279uzjXixYWjsB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
27:b8:16:fd:71:5f:61:c0:d5:30:cf:c5:4c:29:c2:b7:22:2a:
4e:a0:e2:2b:71:44:fa:38:47:bc:23:d8:71:6a:d6:1a:b1:a6:
cb:6c:2c:5a:ea:97:2d:0b:75:68:ce:81:3b:fa:d3:bb:d1:5f:
65:3d:d3:50:c3:04:7c:85:e9:ca:e8:f7:61:b3:67:9e:27:99:
76:34:38:d3:ba:6a:c7:46:f3:e9:d9:74:8f:18:ce:13:fb:8d:
36:bc:ab:e2:83:fa:a4:04:32:87:a4:3d:ac:bf:a7:cf:61:4d:
24:1c:7d:e4:15:6d:c9:d9:6e:d5:d8:01:ae:17:9f:d1:f7:50:
63:3c:c5:9a:7c:c4:c2:b1:fc:f9:18:30:e3:b2:27:50:ce:6a:
52:8e:be:1a:aa:a1:a4:5a:a3:0e:aa:3b:c3:2f:2b:e4:45:a9:
fb:f2:dd:88:3e:86:bd:6b:da:b3:47:a0:2d:16:8a:72:22:a1:
51:5e:56:6d:c6:50:39:c7:07:5a:8a:84:22:61:5c:30:09:31:
6d:2a:9d:17:42:f0:42:0a:d8:1c:30:59:ae:85:ba:8a:77:02:
9f:c2:7f:4a:be:ed:8b:97:02:65:c0:62:61:68:ae:90:3c:83:
48:a1:e9:3e:77:8a:20:ca:a8:e3:bd:10:24:2b:a9:90:f1:ac:
8a:6e:73:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CY+xfqRSUp0btlqS5waxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZjYwNjgzYjM3NzI1NzQyN2RiYmY2ZWNlMzVlMmM1ODVh
M2IwMWQwHhcNMjYwMzI5MTAwMDIwWhcNMjYwMzMwMTAwMDIwWjAzMTEwLwYDVQQD
EyhmZTc5ZmI2ODM0YWY5NjM1NDAyMDU3NmI0MTljNDI1OTdmMjQ4OGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvl8YjBBmH12c0zOxjeMd1pLGA7CM
a/PKXtxoVEmRoqFP9dptq8uccUQf0s1dwhYB+/Uu4GXhi3y9iQujeozN1RyatQ98
DSsfQCSNOFtxkXmCOn6KgalS5lMqTEUz1CI8CpQngl4uxiZH/ydeaZ8oG9ja32Oe
8HvGkwi9UkQLUph2zdAb8j8v7vgI3k1j7DqL9T/bnA7EKa5QtslxQc0W2tOhgl5D
rA5IfM3/lNu2gdFxb1ORXr7i21+MTE2P03RuXTLEaiuc7zSguYDOC60bPmkewRKP
TF4kFtx5In2wB+3Ftr3zHxUrjfZ4EhTdCiUVfYdH98PBnbkpAizmf3RScwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP55+2g0r5Y1QCBXa0GcQll/JIjPMB8GA1UdIwQY
MBaAFGj2BoOzdyV0J9u/bs414sWFo7AdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVBZR2c3TjNKWFFuMjc5dXpqWGl4WVdqc0IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8yZWI5NjktODYzYS00NjJkLTlmOWQt
MzU0NzQwMzZhOWQ3LzEvYVBZR2c3TjNKWFFuMjc5dXpqWGl4WVdqc0IwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi8yZWI5NjktODYzYS00NjJkLTlmOWQtMzU0NzQwMzZhOWQ3
LzEvYVBZR2c3TjNKWFFuMjc5dXpqWGl4WVdqc0IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ7gW/XFf
YcDVMM/FTCnCtyIqTqDiK3FE+jhHvCPYcWrWGrGmy2wsWuqXLQt1aM6BO/rTu9Ff
ZT3TUMMEfIXpyuj3YbNnnieZdjQ407pqx0bz6dl0jxjOE/uNNryr4oP6pAQyh6Q9
rL+nz2FNJBx95BVtydlu1dgBrhef0fdQYzzFmnzEwrH8+Rgw47InUM5qUo6+Gqqh
pFqjDqo7wy8r5EWp+/LdiD6GvWvas0egLRaKciKhUV5WbcZQOccHWoqEImFcMAkx
bSqdF0LwQgrYHDBZroW6incCn8J/Sr7ti5cCZcBiYWiukDyDSKHpPneKIMqo470Q
JCupkPGsim5zWw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 15:26:15 2026 by rpki-client