Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/e2b946-1b4a-4214-9234-ad027327f9d8/1/gaAh1UDtfYLGkK3AT72d1u5Q6NU.mft
File: gaAh1UDtfYLGkK3AT72d1u5Q6NU.mft (raw, json)
Hash identifier: j1YDFObYov8t4WNfsc3xFSMsbEecK1QAmWynPXFPrJI=
Subject key identifier: 79:C5:6F:1B:6A:4E:1A:99:64:DB:F4:DB:43:CB:B6:A8:D3:C0:19:8B
Authority key identifier: 81:A0:21:D5:40:ED:7D:82:C6:90:AD:C0:4F:BD:9D:D6:EE:50:E8:D5
Certificate issuer: /CN=81a021d540ed7d82c690adc04fbd9dd6ee50e8d5
Certificate serial: 019D390A0F78CA03312C395064B3D74BCDE1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gaAh1UDtfYLGkK3AT72d1u5Q6NU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/e2b946-1b4a-4214-9234-ad027327f9d8/1/gaAh1UDtfYLGkK3AT72d1u5Q6NU.mft
Manifest number: 15D2
Signing time: Sun 29 Mar 2026 10:00:53 +0000
Manifest this update: Sun 29 Mar 2026 10:00:53 +0000
Manifest next update: Mon 30 Mar 2026 10:00:53 +0000
Files and hashes: 1: 61ONFvLT5Rg0-imK5TJAXsyuc_s.roa (hash: 7I5ltFHrgSt2SphyinCJqzIRRXKzrlYeALmK4YgvaSA=)
2: gaAh1UDtfYLGkK3AT72d1u5Q6NU.crl (hash: j+DLQAVYK4+G1xTmzNmQkwkr+XJUzjWwgN1c8JJt8zY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/e2b946-1b4a-4214-9234-ad027327f9d8/1/gaAh1UDtfYLGkK3AT72d1u5Q6NU.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/e2b946-1b4a-4214-9234-ad027327f9d8/1/gaAh1UDtfYLGkK3AT72d1u5Q6NU.mft
rsync://rpki.ripe.net/repository/DEFAULT/gaAh1UDtfYLGkK3AT72d1u5Q6NU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:0a:0f:78:ca:03:31:2c:39:50:64:b3:d7:4b:cd:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81a021d540ed7d82c690adc04fbd9dd6ee50e8d5
Validity
Not Before: Mar 29 10:00:53 2026 GMT
Not After : Mar 30 10:00:53 2026 GMT
Subject: CN=79c56f1b6a4e1a9964dbf4db43cbb6a8d3c0198b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:36:08:a8:c8:26:a4:fe:48:b9:77:28:d0:a1:
8c:e0:ac:fd:89:19:d5:e3:c4:e4:04:85:4c:48:a4:
d4:f3:12:d1:53:77:f4:5c:ed:83:f6:31:47:b4:d0:
ed:1c:4f:80:c2:2f:aa:39:92:48:5c:07:a5:e7:06:
55:c8:3c:d2:d2:0a:38:95:95:e2:24:f9:74:9a:f5:
dd:e3:5c:86:fd:7f:8f:a7:d5:db:65:3d:e0:99:b3:
d7:c2:1f:ba:a0:9e:46:d4:c8:95:8f:58:c0:96:c9:
30:80:6b:44:97:72:40:a6:0e:68:7b:b0:16:32:61:
63:e8:b0:98:75:9b:2f:9a:da:43:b7:b1:6a:a0:e4:
0a:10:a7:74:f3:67:00:7c:eb:b5:5f:6f:40:89:a2:
57:68:0b:39:14:2e:64:be:49:11:ea:87:d4:6d:0c:
43:1a:b7:33:55:1c:19:4f:f6:1b:29:74:11:3c:e6:
13:3b:c2:d9:e3:aa:1c:4c:e4:bf:c8:8f:e6:71:4a:
b7:13:11:96:a2:a9:cc:dc:0d:73:58:df:66:5d:4b:
2c:d2:a6:1f:0a:be:39:ef:97:a9:b3:74:54:27:bd:
65:a0:b8:05:1f:e0:00:b3:ee:6f:7b:35:02:2d:57:
d3:ea:04:d5:63:92:3a:12:87:9a:2f:ff:1b:43:c0:
54:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:C5:6F:1B:6A:4E:1A:99:64:DB:F4:DB:43:CB:B6:A8:D3:C0:19:8B
X509v3 Authority Key Identifier:
keyid:81:A0:21:D5:40:ED:7D:82:C6:90:AD:C0:4F:BD:9D:D6:EE:50:E8:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gaAh1UDtfYLGkK3AT72d1u5Q6NU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/e2b946-1b4a-4214-9234-ad027327f9d8/1/gaAh1UDtfYLGkK3AT72d1u5Q6NU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/e2b946-1b4a-4214-9234-ad027327f9d8/1/gaAh1UDtfYLGkK3AT72d1u5Q6NU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0c:18:02:cb:36:b8:3c:a3:ac:5f:90:61:40:be:05:ee:df:d8:
2e:11:9c:ae:ca:69:f2:51:b2:ec:e1:6b:fa:b3:27:57:ee:b8:
99:f4:c3:62:00:5c:bd:59:53:5e:3d:26:b0:5f:44:e2:30:45:
d2:aa:08:d0:87:e6:cc:3c:98:92:b1:c7:c9:d1:f9:6e:dc:04:
a0:c2:a1:38:de:18:68:46:62:4f:dd:0f:db:86:52:4f:0d:24:
4f:03:d3:ea:83:e2:06:56:53:e7:2e:73:72:1c:4a:14:00:48:
d8:7b:59:91:28:26:22:63:09:db:e2:ec:70:e0:98:ad:4a:f9:
4c:70:3b:e6:1f:ed:e6:c1:dc:9b:39:f5:76:ac:06:15:fd:68:
dc:a6:b8:c3:5d:74:d6:37:1f:87:c8:09:f0:fc:91:d1:e6:98:
d3:5d:aa:65:24:3f:f7:d0:cc:d1:54:a3:12:cd:d0:22:ad:17:
a7:33:9c:9f:1e:f3:dd:51:8a:f5:c4:5a:75:c1:97:a0:98:6c:
28:27:5c:e6:9a:2a:ae:da:2f:e0:dc:8b:d2:c7:70:91:00:db:
bc:ce:47:2e:89:fe:83:a6:e1:41:db:c5:7d:ad:34:d1:6c:98:
5a:8d:2e:2b:aa:f5:00:d8:22:02:f6:16:36:36:ef:b0:69:37:
8b:34:86:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05Cg94ygMxLDlQZLPXS83hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYTAyMWQ1NDBlZDdkODJjNjkwYWRjMDRmYmQ5ZGQ2ZWU1
MGU4ZDUwHhcNMjYwMzI5MTAwMDUzWhcNMjYwMzMwMTAwMDUzWjAzMTEwLwYDVQQD
Eyg3OWM1NmYxYjZhNGUxYTk5NjRkYmY0ZGI0M2NiYjZhOGQzYzAxOThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyzYIqMgmpP5IuXco0KGM4Kz9iRnV
48TkBIVMSKTU8xLRU3f0XO2D9jFHtNDtHE+Awi+qOZJIXAel5wZVyDzS0go4lZXi
JPl0mvXd41yG/X+Pp9XbZT3gmbPXwh+6oJ5G1MiVj1jAlskwgGtEl3JApg5oe7AW
MmFj6LCYdZsvmtpDt7FqoOQKEKd082cAfOu1X29AiaJXaAs5FC5kvkkR6ofUbQxD
GrczVRwZT/YbKXQRPOYTO8LZ46ocTOS/yI/mcUq3ExGWoqnM3A1zWN9mXUss0qYf
Cr4575eps3RUJ71loLgFH+AAs+5vezUCLVfT6gTVY5I6EoeaL/8bQ8BUoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHnFbxtqThqZZNv020PLtqjTwBmLMB8GA1UdIwQY
MBaAFIGgIdVA7X2CxpCtwE+9ndbuUOjVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2FBaDFVRHRmWUxHa0szQVQ3MmQxdTVRNk5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9lMmI5NDYtMWI0YS00MjE0LTkyMzQt
YWQwMjczMjdmOWQ4LzEvZ2FBaDFVRHRmWUxHa0szQVQ3MmQxdTVRNk5VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9lMmI5NDYtMWI0YS00MjE0LTkyMzQtYWQwMjczMjdmOWQ4
LzEvZ2FBaDFVRHRmWUxHa0szQVQ3MmQxdTVRNk5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADBgCyza4
PKOsX5BhQL4F7t/YLhGcrspp8lGy7OFr+rMnV+64mfTDYgBcvVlTXj0msF9E4jBF
0qoI0IfmzDyYkrHHydH5btwEoMKhON4YaEZiT90P24ZSTw0kTwPT6oPiBlZT5y5z
chxKFABI2HtZkSgmImMJ2+LscOCYrUr5THA75h/t5sHcmzn1dqwGFf1o3Ka4w110
1jcfh8gJ8PyR0eaY012qZSQ/99DM0VSjEs3QIq0XpzOcnx7z3VGK9cRadcGXoJhs
KCdc5poqrtov4NyL0sdwkQDbvM5HLon+g6bhQdvFfa000WyYWo0uK6r1ANgiAvYW
NjbvsGk3izSG8Q==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:56:06 2026 by rpki-client