Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/53aca2-e888-421c-b59a-c958bf4f8991/1/ajqLdK1O1nN5ep9rd0nCI0VpedA.mft
File: ajqLdK1O1nN5ep9rd0nCI0VpedA.mft (raw, json)
Hash identifier: Mk/oh6QuQT4eLVXudY7HQGhpW9BTIBPusnVNhBCd3ME=
Subject key identifier: 56:71:DD:D6:1F:D7:36:92:FC:BE:6F:24:EB:78:A7:99:77:51:47:9C
Authority key identifier: 6A:3A:8B:74:AD:4E:D6:73:79:7A:9F:6B:77:49:C2:23:45:69:79:D0
Certificate issuer: /CN=6a3a8b74ad4ed673797a9f6b7749c223456979d0
Certificate serial: 019D3977884638CF1A990E3406C4D00D9841
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ajqLdK1O1nN5ep9rd0nCI0VpedA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/53aca2-e888-421c-b59a-c958bf4f8991/1/ajqLdK1O1nN5ep9rd0nCI0VpedA.mft
Manifest number: 1753
Signing time: Sun 29 Mar 2026 12:00:28 +0000
Manifest this update: Sun 29 Mar 2026 12:00:28 +0000
Manifest next update: Mon 30 Mar 2026 12:00:28 +0000
Files and hashes: 1: WiR_mQTYvksNuDh5PyOkyT_J_1s.roa (hash: zaouvXmVUtph8h3UF1IqoXJQFtK55FqMyr4EuKbD7oI=)
2: ajqLdK1O1nN5ep9rd0nCI0VpedA.crl (hash: dI0gjL3v8KFl6o9YMWC/5kYXbyhBMtQJ/sggXYC33JU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/53aca2-e888-421c-b59a-c958bf4f8991/1/ajqLdK1O1nN5ep9rd0nCI0VpedA.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/53aca2-e888-421c-b59a-c958bf4f8991/1/ajqLdK1O1nN5ep9rd0nCI0VpedA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ajqLdK1O1nN5ep9rd0nCI0VpedA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:77:88:46:38:cf:1a:99:0e:34:06:c4:d0:0d:98:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a3a8b74ad4ed673797a9f6b7749c223456979d0
Validity
Not Before: Mar 29 12:00:28 2026 GMT
Not After : Mar 30 12:00:28 2026 GMT
Subject: CN=5671ddd61fd73692fcbe6f24eb78a7997751479c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:c4:3f:f1:25:3b:86:f7:41:d7:cd:d6:b7:17:
b8:25:b5:7d:c2:0b:ec:4b:5b:9c:10:37:c3:00:16:
7e:e5:27:f3:a0:a0:e2:31:ea:56:30:94:02:d3:48:
99:e9:b3:f6:87:59:ca:e5:9e:15:8a:ac:2a:15:31:
bc:dc:ad:b2:f4:a4:d8:d7:d8:6d:e7:2a:95:6b:90:
25:5c:f8:f5:cf:1b:0d:5e:bb:f5:e2:42:20:7b:b5:
09:45:7a:be:dd:eb:2a:eb:c4:82:a3:5a:c2:f1:0e:
0d:f1:a1:10:13:86:5a:ea:f0:b1:8d:e6:98:1d:3d:
58:c9:be:f0:6c:5f:3a:a0:d3:31:55:96:46:f2:76:
b1:50:46:09:a3:ea:7e:b2:b3:90:6c:02:ae:96:c9:
1d:51:b2:3d:dd:df:77:f7:58:94:ba:30:f7:e2:eb:
3c:74:4a:74:b8:c7:8d:c0:fb:07:3c:3a:2c:70:1f:
06:b2:2f:5b:d1:87:4c:46:80:81:3a:a6:bd:9d:fe:
c2:ef:51:03:c8:96:c6:e8:18:4f:61:5d:84:54:f1:
76:f4:e5:99:2e:c6:2d:e9:6c:75:63:18:85:5a:ce:
cc:48:19:79:90:3d:43:79:1d:84:34:b2:c6:06:23:
32:b6:d3:8f:0f:14:f0:b7:3f:a8:5f:6b:d9:81:7b:
49:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:71:DD:D6:1F:D7:36:92:FC:BE:6F:24:EB:78:A7:99:77:51:47:9C
X509v3 Authority Key Identifier:
keyid:6A:3A:8B:74:AD:4E:D6:73:79:7A:9F:6B:77:49:C2:23:45:69:79:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ajqLdK1O1nN5ep9rd0nCI0VpedA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/53aca2-e888-421c-b59a-c958bf4f8991/1/ajqLdK1O1nN5ep9rd0nCI0VpedA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/53aca2-e888-421c-b59a-c958bf4f8991/1/ajqLdK1O1nN5ep9rd0nCI0VpedA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
44:de:0e:b0:da:ac:94:26:2a:ef:be:b2:22:93:40:2e:f9:ec:
63:d8:07:bf:de:6b:15:c4:89:3b:09:6a:51:8c:7c:d6:d8:da:
06:a3:d8:37:25:9e:9c:ca:81:19:d7:64:d8:20:f9:72:eb:cb:
9e:8c:c4:99:71:83:43:70:ae:f6:09:53:77:53:04:a3:b5:6a:
0c:31:b5:d1:84:3f:4e:c5:09:d2:32:a5:b0:a4:c2:6c:1e:d1:
32:e9:56:6d:09:ce:64:f9:4c:1c:c3:5a:31:41:3b:8b:4c:09:
c0:b2:87:cd:e7:7b:25:21:5d:46:5a:f2:c5:72:7e:4d:2d:36:
54:08:08:9c:82:0b:66:1b:66:b4:4b:e2:3b:77:1c:ba:77:bd:
05:98:18:ab:c5:56:24:1b:e5:3a:34:d9:1e:d0:5a:9c:6a:41:
70:6d:da:bc:e4:27:de:1c:35:77:35:a0:97:95:12:a9:a9:bd:
77:66:91:7a:02:53:2a:30:53:a0:c5:c9:a5:eb:55:73:da:6b:
6e:ed:57:b5:65:a9:08:fb:ef:60:ce:0d:87:0b:40:28:3e:c9:
52:bd:bf:f9:e1:cc:29:1f:37:10:0f:a0:91:a1:ab:79:57:ac:
0a:a2:e0:a8:48:a3:9f:93:22:73:a6:15:fb:46:85:65:67:81:
f1:42:f7:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05d4hGOM8amQ40BsTQDZhBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhM2E4Yjc0YWQ0ZWQ2NzM3OTdhOWY2Yjc3NDljMjIzNDU2
OTc5ZDAwHhcNMjYwMzI5MTIwMDI4WhcNMjYwMzMwMTIwMDI4WjAzMTEwLwYDVQQD
Eyg1NjcxZGRkNjFmZDczNjkyZmNiZTZmMjRlYjc4YTc5OTc3NTE0NzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzsQ/8SU7hvdB183Wtxe4JbV9wgvs
S1ucEDfDABZ+5SfzoKDiMepWMJQC00iZ6bP2h1nK5Z4ViqwqFTG83K2y9KTY19ht
5yqVa5AlXPj1zxsNXrv14kIge7UJRXq+3esq68SCo1rC8Q4N8aEQE4Za6vCxjeaY
HT1Yyb7wbF86oNMxVZZG8naxUEYJo+p+srOQbAKulskdUbI93d9391iUujD34us8
dEp0uMeNwPsHPDoscB8Gsi9b0YdMRoCBOqa9nf7C71EDyJbG6BhPYV2EVPF29OWZ
LsYt6Wx1YxiFWs7MSBl5kD1DeR2ENLLGBiMyttOPDxTwtz+oX2vZgXtJHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFZx3dYf1zaS/L5vJOt4p5l3UUecMB8GA1UdIwQY
MBaAFGo6i3StTtZzeXqfa3dJwiNFaXnQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWpxTGRLMU8xbk41ZXA5cmQwbkNJMFZwZWRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81M2FjYTItZTg4OC00MjFjLWI1OWEt
Yzk1OGJmNGY4OTkxLzEvYWpxTGRLMU8xbk41ZXA5cmQwbkNJMFZwZWRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81M2FjYTItZTg4OC00MjFjLWI1OWEtYzk1OGJmNGY4OTkx
LzEvYWpxTGRLMU8xbk41ZXA5cmQwbkNJMFZwZWRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARN4OsNqs
lCYq776yIpNALvnsY9gHv95rFcSJOwlqUYx81tjaBqPYNyWenMqBGddk2CD5cuvL
nozEmXGDQ3Cu9glTd1MEo7VqDDG10YQ/TsUJ0jKlsKTCbB7RMulWbQnOZPlMHMNa
MUE7i0wJwLKHzed7JSFdRlryxXJ+TS02VAgInIILZhtmtEviO3ccune9BZgYq8VW
JBvlOjTZHtBanGpBcG3avOQn3hw1dzWgl5USqam9d2aRegJTKjBToMXJpetVc9pr
bu1XtWWpCPvvYM4NhwtAKD7JUr2/+eHMKR83EA+gkaGreVesCqLgqEijn5Mic6YV
+0aFZWeB8UL36g==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:55:50 2026 by rpki-client