Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/141203-813f-4712-9bd7-bdf431eb94f0/1/aIEP_k-SA6EAZ31lGTtEJniaz1w.mft
File: aIEP_k-SA6EAZ31lGTtEJniaz1w.mft (raw, json)
Hash identifier: 3ZJxPbJOLASB7/V5lLf2pIFOBHfArzFYHavPsrTf/U4=
Subject key identifier: F5:34:25:52:BD:8F:B0:34:EE:9E:F6:CB:8F:BA:D0:F3:A8:FA:98:40
Authority key identifier: 68:81:0F:FE:4F:92:03:A1:00:67:7D:65:19:3B:44:26:78:9A:CF:5C
Certificate issuer: /CN=68810ffe4f9203a100677d65193b4426789acf5c
Certificate serial: 019D39410793F9BCBC6755F420012E9A6E64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aIEP_k-SA6EAZ31lGTtEJniaz1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/141203-813f-4712-9bd7-bdf431eb94f0/1/aIEP_k-SA6EAZ31lGTtEJniaz1w.mft
Manifest number: 0CA1
Signing time: Sun 29 Mar 2026 11:00:56 +0000
Manifest this update: Sun 29 Mar 2026 11:00:56 +0000
Manifest next update: Mon 30 Mar 2026 11:00:56 +0000
Files and hashes: 1: 4kjooCn4utyvNqQOgFxK7-kKLu0.roa (hash: UOUVc0j6e6Ip7AZ/AsFrmNnJ9pEwnrKNZc+DelE5OzU=)
2: aIEP_k-SA6EAZ31lGTtEJniaz1w.crl (hash: 24VY3tFZj+hmD25nUXdBvkDniChF02LKP17PzvdIgAI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/141203-813f-4712-9bd7-bdf431eb94f0/1/aIEP_k-SA6EAZ31lGTtEJniaz1w.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/141203-813f-4712-9bd7-bdf431eb94f0/1/aIEP_k-SA6EAZ31lGTtEJniaz1w.mft
rsync://rpki.ripe.net/repository/DEFAULT/aIEP_k-SA6EAZ31lGTtEJniaz1w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:41:07:93:f9:bc:bc:67:55:f4:20:01:2e:9a:6e:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68810ffe4f9203a100677d65193b4426789acf5c
Validity
Not Before: Mar 29 11:00:56 2026 GMT
Not After : Mar 30 11:00:56 2026 GMT
Subject: CN=f5342552bd8fb034ee9ef6cb8fbad0f3a8fa9840
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:cf:82:f6:33:b4:36:f4:3a:5b:1b:48:bb:63:
71:3e:b3:69:8e:45:24:40:0b:29:fe:31:d2:46:74:
c2:c7:0c:58:e9:58:da:61:f7:4b:39:4a:ff:81:41:
fb:19:66:4f:28:a4:b2:4f:03:61:82:c2:22:3b:36:
69:60:38:4a:f1:3d:b7:31:50:d2:da:1c:5f:f8:a0:
22:b7:09:af:f5:67:f7:96:5a:72:2e:f1:e9:4e:8b:
79:74:3d:a3:a7:37:6d:53:93:01:c2:d3:66:11:e0:
0d:8b:a5:7c:07:0b:45:05:94:f0:c1:be:9a:04:c3:
18:39:07:a5:69:82:7b:16:e1:c5:5c:73:cf:b7:23:
65:72:4f:d2:a1:34:21:ee:03:c8:3e:54:a6:d3:a7:
80:46:93:03:51:10:e7:33:ff:05:94:e9:9c:e6:d2:
8f:f9:32:e9:b2:64:0a:86:95:dc:d6:de:d6:8c:e9:
90:af:8c:01:fa:a1:6e:85:66:e8:9b:97:f6:bd:f0:
29:b1:5d:5d:2d:04:33:fc:d3:38:08:8d:84:32:a5:
1a:00:14:2d:2b:a3:58:2b:49:9e:35:63:7f:71:c1:
3f:43:c1:6d:03:67:85:3d:d7:39:f9:c2:05:29:3d:
a4:4e:97:eb:85:8e:11:31:16:93:11:9f:24:4c:8e:
ab:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:34:25:52:BD:8F:B0:34:EE:9E:F6:CB:8F:BA:D0:F3:A8:FA:98:40
X509v3 Authority Key Identifier:
keyid:68:81:0F:FE:4F:92:03:A1:00:67:7D:65:19:3B:44:26:78:9A:CF:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aIEP_k-SA6EAZ31lGTtEJniaz1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/141203-813f-4712-9bd7-bdf431eb94f0/1/aIEP_k-SA6EAZ31lGTtEJniaz1w.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/141203-813f-4712-9bd7-bdf431eb94f0/1/aIEP_k-SA6EAZ31lGTtEJniaz1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3e:95:d8:c9:67:2c:11:8d:8b:76:b7:f3:3e:ab:5c:88:1b:48:
92:11:8d:f9:e2:b0:7b:43:6d:b2:82:4d:b0:13:2f:e7:3c:0d:
12:2d:ee:04:36:8e:e0:2f:8a:b5:00:b6:e9:fb:01:85:a4:f9:
7c:3f:17:74:a5:36:7b:a2:88:b5:d4:d4:f4:e5:96:31:ce:b7:
c3:57:ff:58:be:57:5f:9b:4d:40:42:99:d2:35:d6:00:f2:b6:
7c:ea:e4:0f:01:65:72:76:fc:27:98:cf:c9:aa:ef:92:00:da:
26:01:03:a3:d7:15:5a:64:ac:9c:ed:81:bb:7b:74:60:f0:a3:
3c:b6:07:06:7b:60:5e:19:b0:6a:93:a3:bd:14:96:e9:4b:dd:
03:42:81:fd:cf:aa:9d:ba:9c:24:b5:9f:0f:97:53:77:c2:46:
c4:70:8b:86:84:ce:46:fe:44:bb:27:0c:8d:14:a4:a1:19:80:
5a:44:24:af:13:a9:64:cf:8e:7e:08:a5:5b:dd:3a:f8:f1:a6:
45:aa:7e:bd:6a:f7:d0:52:6e:0a:57:d8:23:62:1b:92:99:80:
28:23:ce:92:d0:03:a9:12:20:73:ba:a3:3f:73:a8:81:6a:e7:
c7:80:50:30:26:18:c0:27:a5:79:e3:8a:b8:0d:2e:b9:33:d0:
30:f5:12:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QQeT+by8Z1X0IAEumm5kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ODEwZmZlNGY5MjAzYTEwMDY3N2Q2NTE5M2I0NDI2Nzg5
YWNmNWMwHhcNMjYwMzI5MTEwMDU2WhcNMjYwMzMwMTEwMDU2WjAzMTEwLwYDVQQD
EyhmNTM0MjU1MmJkOGZiMDM0ZWU5ZWY2Y2I4ZmJhZDBmM2E4ZmE5ODQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8+C9jO0NvQ6WxtIu2NxPrNpjkUk
QAsp/jHSRnTCxwxY6VjaYfdLOUr/gUH7GWZPKKSyTwNhgsIiOzZpYDhK8T23MVDS
2hxf+KAitwmv9Wf3llpyLvHpTot5dD2jpzdtU5MBwtNmEeANi6V8BwtFBZTwwb6a
BMMYOQelaYJ7FuHFXHPPtyNlck/SoTQh7gPIPlSm06eARpMDURDnM/8FlOmc5tKP
+TLpsmQKhpXc1t7WjOmQr4wB+qFuhWbom5f2vfApsV1dLQQz/NM4CI2EMqUaABQt
K6NYK0meNWN/ccE/Q8FtA2eFPdc5+cIFKT2kTpfrhY4RMRaTEZ8kTI6rRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPU0JVK9j7A07p72y4+60POo+phAMB8GA1UdIwQY
MBaAFGiBD/5PkgOhAGd9ZRk7RCZ4ms9cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUlFUF9rLVNBNkVBWjMxbEdUdEVKbmlhejF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8xNDEyMDMtODEzZi00NzEyLTliZDct
YmRmNDMxZWI5NGYwLzEvYUlFUF9rLVNBNkVBWjMxbEdUdEVKbmlhejF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8xNDEyMDMtODEzZi00NzEyLTliZDctYmRmNDMxZWI5NGYw
LzEvYUlFUF9rLVNBNkVBWjMxbEdUdEVKbmlhejF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPpXYyWcs
EY2LdrfzPqtciBtIkhGN+eKwe0NtsoJNsBMv5zwNEi3uBDaO4C+KtQC26fsBhaT5
fD8XdKU2e6KItdTU9OWWMc63w1f/WL5XX5tNQEKZ0jXWAPK2fOrkDwFlcnb8J5jP
yarvkgDaJgEDo9cVWmSsnO2Bu3t0YPCjPLYHBntgXhmwapOjvRSW6UvdA0KB/c+q
nbqcJLWfD5dTd8JGxHCLhoTORv5EuycMjRSkoRmAWkQkrxOpZM+OfgilW906+PGm
Rap+vWr30FJuClfYI2IbkpmAKCPOktADqRIgc7qjP3OogWrnx4BQMCYYwCeleeOK
uA0uuTPQMPUSYg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:10:31 2026 by rpki-client