Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/2fce5e-c915-4f02-ad3a-55eb5bb99e45/1/aL8cWiHDgluLhlFqGllxIbVLPMM.mft
File: aL8cWiHDgluLhlFqGllxIbVLPMM.mft (raw, json)
Hash identifier: FNPByjg9QdHlBebfXiVis8bl1POZ6ke0PVoa5DV5vJg=
Subject key identifier: 68:C9:EE:6B:8E:9B:DD:06:0B:BD:65:8C:D1:55:92:AE:29:44:19:56
Authority key identifier: 68:BF:1C:5A:21:C3:82:5B:8B:86:51:6A:1A:59:71:21:B5:4B:3C:C3
Certificate issuer: /CN=68bf1c5a21c3825b8b86516a1a597121b54b3cc3
Certificate serial: 019D3909FC8555B760BF00C467D0108D523B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aL8cWiHDgluLhlFqGllxIbVLPMM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/2fce5e-c915-4f02-ad3a-55eb5bb99e45/1/aL8cWiHDgluLhlFqGllxIbVLPMM.mft
Manifest number: 1891
Signing time: Sun 29 Mar 2026 10:00:48 +0000
Manifest this update: Sun 29 Mar 2026 10:00:48 +0000
Manifest next update: Mon 30 Mar 2026 10:00:48 +0000
Files and hashes: 1: aL8cWiHDgluLhlFqGllxIbVLPMM.crl (hash: OSoTdm7/eWHweIxOrFSnpisXTE5XSxIWYEwuByI778o=)
2: xMiDA7uuRCcWzBnQjMU1cUXcoLc.roa (hash: 5dmso3IrpYxSnMbNzob1ZQb189IzqVbbdnmbtENfrFg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/2fce5e-c915-4f02-ad3a-55eb5bb99e45/1/aL8cWiHDgluLhlFqGllxIbVLPMM.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/2fce5e-c915-4f02-ad3a-55eb5bb99e45/1/aL8cWiHDgluLhlFqGllxIbVLPMM.mft
rsync://rpki.ripe.net/repository/DEFAULT/aL8cWiHDgluLhlFqGllxIbVLPMM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:09:fc:85:55:b7:60:bf:00:c4:67:d0:10:8d:52:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68bf1c5a21c3825b8b86516a1a597121b54b3cc3
Validity
Not Before: Mar 29 10:00:48 2026 GMT
Not After : Mar 30 10:00:48 2026 GMT
Subject: CN=68c9ee6b8e9bdd060bbd658cd15592ae29441956
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:fe:56:b5:d6:3c:b8:eb:b6:ad:2f:82:d4:68:
a4:c2:e6:6a:36:af:a1:93:40:bd:8e:f9:ea:56:3a:
1f:d3:96:27:a5:52:1b:58:ca:48:a9:42:5d:7b:ac:
10:0b:d8:8a:77:09:d8:ca:d1:56:be:53:c5:9b:6f:
8a:a1:c3:f2:5d:2d:a2:72:2e:ae:6c:88:0f:42:e2:
ff:76:c8:8f:36:24:c6:7f:9a:4f:32:72:56:51:83:
10:e0:4b:6e:c4:4f:7a:d7:72:bb:6c:8d:f8:86:4f:
89:fd:35:2a:f2:77:73:29:31:09:52:b2:0d:ba:13:
bd:10:23:a8:60:ad:dc:f9:0c:d7:fb:a2:ad:ae:01:
4f:b6:60:32:aa:b9:58:f1:8b:d6:aa:cc:8b:79:a3:
63:88:e1:d1:72:12:76:e7:b5:0e:34:a6:6e:11:2c:
e1:6d:c5:02:2f:1c:a3:59:63:2b:3b:c1:9c:4b:b9:
12:b1:73:c8:46:18:f2:79:d4:cb:b7:8b:02:41:20:
8f:71:1a:e5:f0:09:bd:45:20:08:9a:d0:f4:a4:7e:
28:d6:cf:f1:0d:02:79:4f:ad:f2:9b:aa:f7:84:e6:
aa:6b:d4:af:cc:e0:a1:08:24:b3:dc:b7:4b:27:1f:
af:14:34:4a:9e:84:43:a9:9b:97:a5:e5:32:fb:56:
96:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:C9:EE:6B:8E:9B:DD:06:0B:BD:65:8C:D1:55:92:AE:29:44:19:56
X509v3 Authority Key Identifier:
keyid:68:BF:1C:5A:21:C3:82:5B:8B:86:51:6A:1A:59:71:21:B5:4B:3C:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aL8cWiHDgluLhlFqGllxIbVLPMM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/2fce5e-c915-4f02-ad3a-55eb5bb99e45/1/aL8cWiHDgluLhlFqGllxIbVLPMM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/2fce5e-c915-4f02-ad3a-55eb5bb99e45/1/aL8cWiHDgluLhlFqGllxIbVLPMM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7b:73:55:7c:9d:dc:40:3b:26:cb:d5:7d:74:49:a0:9b:e5:68:
3a:c5:58:29:96:4b:7b:f7:b0:66:50:7e:47:9a:ae:24:fb:f0:
e6:54:ad:14:a6:85:50:e3:d7:eb:0b:d0:e2:eb:9c:7a:c7:ae:
fb:b3:f8:56:39:21:5a:14:38:84:89:25:d1:ae:dd:84:dc:f0:
0a:0f:c4:2d:ad:9e:68:fb:00:1a:a4:95:33:4b:2d:99:17:09:
ac:4d:14:85:3d:95:3f:95:9f:4f:68:52:34:89:53:da:30:34:
06:2d:34:c9:a8:9d:8d:d1:f7:99:1f:84:99:5f:76:9c:fa:33:
24:8e:2b:bf:8d:bb:8c:a3:09:14:eb:38:76:31:c4:98:3e:8f:
62:38:cb:4a:a6:2c:ca:f4:c7:72:e5:6b:03:fe:72:69:9e:98:
61:89:42:53:94:c9:d5:ac:d8:80:67:34:d3:a8:20:a8:8d:2e:
db:b8:f7:e9:43:1d:e7:82:2d:1a:0a:03:f9:47:71:84:10:88:
13:3d:d3:9f:8b:90:0a:15:0f:09:e8:0b:c5:7c:cd:92:02:a4:
d8:30:f2:78:a0:0b:4b:8a:99:64:82:de:70:a3:36:18:ea:c7:
2f:22:75:e5:12:f5:02:16:ca:cc:95:7e:6b:9d:9f:d7:b3:a5:
f0:32:03:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CfyFVbdgvwDEZ9AQjVI7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YmYxYzVhMjFjMzgyNWI4Yjg2NTE2YTFhNTk3MTIxYjU0
YjNjYzMwHhcNMjYwMzI5MTAwMDQ4WhcNMjYwMzMwMTAwMDQ4WjAzMTEwLwYDVQQD
Eyg2OGM5ZWU2YjhlOWJkZDA2MGJiZDY1OGNkMTU1OTJhZTI5NDQxOTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxf5WtdY8uOu2rS+C1GikwuZqNq+h
k0C9jvnqVjof05YnpVIbWMpIqUJde6wQC9iKdwnYytFWvlPFm2+KocPyXS2ici6u
bIgPQuL/dsiPNiTGf5pPMnJWUYMQ4EtuxE9613K7bI34hk+J/TUq8ndzKTEJUrIN
uhO9ECOoYK3c+QzX+6KtrgFPtmAyqrlY8YvWqsyLeaNjiOHRchJ257UONKZuESzh
bcUCLxyjWWMrO8GcS7kSsXPIRhjyedTLt4sCQSCPcRrl8Am9RSAImtD0pH4o1s/x
DQJ5T63ym6r3hOaqa9SvzOChCCSz3LdLJx+vFDRKnoRDqZuXpeUy+1aWXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGjJ7muOm90GC71ljNFVkq4pRBlWMB8GA1UdIwQY
MBaAFGi/HFohw4Jbi4ZRahpZcSG1SzzDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUw4Y1dpSERnbHVMaGxGcUdsbHhJYlZMUE1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8yZmNlNWUtYzkxNS00ZjAyLWFkM2Et
NTVlYjViYjk5ZTQ1LzEvYUw4Y1dpSERnbHVMaGxGcUdsbHhJYlZMUE1NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8yZmNlNWUtYzkxNS00ZjAyLWFkM2EtNTVlYjViYjk5ZTQ1
LzEvYUw4Y1dpSERnbHVMaGxGcUdsbHhJYlZMUE1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe3NVfJ3c
QDsmy9V9dEmgm+VoOsVYKZZLe/ewZlB+R5quJPvw5lStFKaFUOPX6wvQ4uuceseu
+7P4VjkhWhQ4hIkl0a7dhNzwCg/ELa2eaPsAGqSVM0stmRcJrE0UhT2VP5WfT2hS
NIlT2jA0Bi00yaidjdH3mR+EmV92nPozJI4rv427jKMJFOs4djHEmD6PYjjLSqYs
yvTHcuVrA/5yaZ6YYYlCU5TJ1azYgGc006ggqI0u27j36UMd54ItGgoD+UdxhBCI
Ez3Tn4uQChUPCegLxXzNkgKk2DDyeKALS4qZZILecKM2GOrHLyJ15RL1AhbKzJV+
a52f17Ol8DIDBA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:32:50 2026 by rpki-client