Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.mft
File: aOlYF0Bglex8tceyhrETM0l7lFE.mft (raw, json)
Hash identifier: xq/0FUSuW/ThuaiKsx5RHk4I97edOx3q46tsBoHaX/A=
Subject key identifier: 3C:0B:42:32:69:E7:3A:6E:08:EE:A8:48:18:CA:EE:B2:2D:78:E4:85
Authority key identifier: 68:E9:58:17:40:60:95:EC:7C:B5:C7:B2:86:B1:13:33:49:7B:94:51
Certificate issuer: /CN=68e95817406095ec7cb5c7b286b11333497b9451
Certificate serial: 019D39AECC253801A07F313DC7053052DE14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aOlYF0Bglex8tceyhrETM0l7lFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.mft
Manifest number: 0A9C
Signing time: Sun 29 Mar 2026 13:00:49 +0000
Manifest this update: Sun 29 Mar 2026 13:00:49 +0000
Manifest next update: Mon 30 Mar 2026 13:00:49 +0000
Files and hashes: 1: MCQJgOH0F61zyqort3aDkrCqcME.roa (hash: dFlLGTPXyNVZq9IJXBt9j7cJ/cyhu9qP1civtpo4hwY=)
2: aOlYF0Bglex8tceyhrETM0l7lFE.crl (hash: cs0SUy0KGfMMEkAQbK1+Y4j75BZK47JbbB4OaKYVz6A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.mft
rsync://rpki.ripe.net/repository/DEFAULT/aOlYF0Bglex8tceyhrETM0l7lFE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:ae:cc:25:38:01:a0:7f:31:3d:c7:05:30:52:de:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68e95817406095ec7cb5c7b286b11333497b9451
Validity
Not Before: Mar 29 13:00:49 2026 GMT
Not After : Mar 30 13:00:49 2026 GMT
Subject: CN=3c0b423269e73a6e08eea84818caeeb22d78e485
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:05:40:4b:ba:5b:80:5a:d7:51:79:90:65:23:
07:c1:a1:03:67:5b:0d:0d:bb:58:6c:99:0f:a4:fa:
74:32:82:69:e8:90:65:42:c0:6b:82:8d:a2:1c:43:
e8:e4:4d:5c:fc:83:97:e7:f8:d4:ca:51:73:56:44:
e2:8d:f7:46:ad:59:a8:06:9a:48:cf:17:c4:65:ee:
07:a9:7a:f5:7b:21:84:b6:af:f5:ec:65:6a:37:4d:
44:46:1d:05:6a:c6:76:9b:8d:57:6e:4c:29:a7:87:
55:42:0d:6c:95:7e:6a:a9:ca:1d:63:7a:6a:86:22:
3c:21:e6:50:24:c3:3e:5a:c9:dd:99:05:89:6d:7a:
ff:00:cd:80:c5:2d:fe:8e:df:3c:16:67:26:90:53:
20:1a:ee:0a:3c:e8:8c:8d:23:fb:c4:a6:f4:d9:84:
46:48:52:d6:0e:5d:33:4f:34:87:3a:c6:c8:c6:e0:
4e:22:38:2e:43:d4:68:10:a7:15:a5:db:96:10:16:
86:53:e8:d0:50:4e:a6:fc:31:a1:62:9b:1a:a5:eb:
98:69:d1:7f:bc:82:9e:60:56:dc:24:ff:87:c0:60:
a6:8c:1d:6a:5f:d1:12:7c:56:34:48:08:58:f8:8f:
cf:22:f1:32:da:d2:3f:10:a2:b2:da:44:6e:c7:f7:
e3:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:0B:42:32:69:E7:3A:6E:08:EE:A8:48:18:CA:EE:B2:2D:78:E4:85
X509v3 Authority Key Identifier:
keyid:68:E9:58:17:40:60:95:EC:7C:B5:C7:B2:86:B1:13:33:49:7B:94:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aOlYF0Bglex8tceyhrETM0l7lFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
90:d3:aa:0e:49:d2:26:3b:87:69:b2:34:95:a5:ab:30:d5:6e:
77:11:9a:ff:96:91:26:17:fa:0e:cc:9f:8e:ba:3c:80:21:cc:
6e:cf:1a:a8:fc:a8:1a:37:e9:c1:4d:fd:eb:de:5e:cc:44:45:
ef:0a:7c:72:1a:e6:b4:b6:02:1b:4a:3c:39:39:63:0c:6b:42:
19:41:26:54:a2:6f:38:ec:a6:da:8d:d6:23:fc:7e:43:13:0d:
9d:a9:ff:ca:8a:31:8c:71:da:23:bf:6b:8c:9b:11:a2:a6:da:
a6:e1:9c:54:b8:1c:ec:28:32:2a:2f:da:6e:8c:c6:2a:23:b7:
7c:c6:1c:7a:c5:8e:31:e4:2d:94:3a:76:21:e6:b3:e8:a9:81:
da:61:f0:3d:12:86:f2:09:b3:ad:62:d1:7d:67:6f:87:c6:48:
e9:61:84:00:de:9c:77:82:24:4f:75:dd:fe:15:f2:b1:11:16:
30:b4:ac:b8:f5:19:7d:de:27:64:10:f7:8c:3c:3b:96:e8:13:
0f:b8:21:2c:32:75:5b:ec:3b:91:17:40:4e:2d:a6:b0:b4:4f:
9b:57:e4:27:4a:28:c2:4b:c4:ee:02:c4:4f:d2:64:25:da:4c:
0d:4d:7e:a8:e4:1c:72:79:d0:09:31:57:ef:d9:c1:86:a8:fe:
e9:37:ce:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05rswlOAGgfzE9xwUwUt4UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZTk1ODE3NDA2MDk1ZWM3Y2I1YzdiMjg2YjExMzMzNDk3
Yjk0NTEwHhcNMjYwMzI5MTMwMDQ5WhcNMjYwMzMwMTMwMDQ5WjAzMTEwLwYDVQQD
EygzYzBiNDIzMjY5ZTczYTZlMDhlZWE4NDgxOGNhZWViMjJkNzhlNDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAVAS7pbgFrXUXmQZSMHwaEDZ1sN
DbtYbJkPpPp0MoJp6JBlQsBrgo2iHEPo5E1c/IOX5/jUylFzVkTijfdGrVmoBppI
zxfEZe4HqXr1eyGEtq/17GVqN01ERh0FasZ2m41Xbkwpp4dVQg1slX5qqcodY3pq
hiI8IeZQJMM+WsndmQWJbXr/AM2AxS3+jt88FmcmkFMgGu4KPOiMjSP7xKb02YRG
SFLWDl0zTzSHOsbIxuBOIjguQ9RoEKcVpduWEBaGU+jQUE6m/DGhYpsapeuYadF/
vIKeYFbcJP+HwGCmjB1qX9ESfFY0SAhY+I/PIvEy2tI/EKKy2kRux/fjKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDwLQjJp5zpuCO6oSBjK7rIteOSFMB8GA1UdIwQY
MBaAFGjpWBdAYJXsfLXHsoaxEzNJe5RRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU9sWUYwQmdsZXg4dGNleWhyRVRNMGw3bEZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy80YTVkNzEtZTExZC00ZDMyLWI1OTct
MDE5ZWM5ZDlhNzU4LzEvYU9sWUYwQmdsZXg4dGNleWhyRVRNMGw3bEZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy80YTVkNzEtZTExZC00ZDMyLWI1OTctMDE5ZWM5ZDlhNzU4
LzEvYU9sWUYwQmdsZXg4dGNleWhyRVRNMGw3bEZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkNOqDknS
JjuHabI0laWrMNVudxGa/5aRJhf6Dsyfjro8gCHMbs8aqPyoGjfpwU39695ezERF
7wp8chrmtLYCG0o8OTljDGtCGUEmVKJvOOym2o3WI/x+QxMNnan/yooxjHHaI79r
jJsRoqbapuGcVLgc7CgyKi/abozGKiO3fMYcesWOMeQtlDp2Ieaz6KmB2mHwPRKG
8gmzrWLRfWdvh8ZI6WGEAN6cd4IkT3Xd/hXysREWMLSsuPUZfd4nZBD3jDw7lugT
D7ghLDJ1W+w7kRdATi2msLRPm1fkJ0oowkvE7gLET9JkJdpMDU1+qOQccnnQCTFX
79nBhqj+6TfOsQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 16:58:44 2026 by rpki-client