Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
File: aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft (raw, json)
Hash identifier: GK/j8044/gSp1w5Jy8ddaauIUsxyJAna69qmMUnbRL8=
Subject key identifier: CA:F8:18:93:45:3D:D0:8E:B2:78:F4:6B:E8:59:0F:0F:C2:D4:AE:C7
Authority key identifier: 68:A8:E9:3D:3F:59:0F:44:50:D1:DB:3C:20:74:59:82:44:35:3E:93
Certificate issuer: /CN=68a8e93d3f590f4450d1db3c2074598244353e93
Certificate serial: 019D11C53ED81E5BFFC31EED8E9A10FCE6AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
Manifest number: 1887
Signing time: Sat 21 Mar 2026 19:00:32 +0000
Manifest this update: Sat 21 Mar 2026 19:00:32 +0000
Manifest next update: Sun 22 Mar 2026 19:00:32 +0000
Files and hashes: 1: aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl (hash: HBXFSiRN9COR/risOned0Y+38e+524/QJiOF3BaWzsM=)
2: bKFR-ExETl9kc_NczqQy1RxK9rs.roa (hash: plcIB/DfvBpq4QLItxVjsjUSKb2BA3Zq8rL1ma4T6FY=)
3: pRSgM7v51dj4_nnKyTIe5vKbqck.roa (hash: zoPAj53DpixsBYDFs95Rz1APyotRYxKBCaNS8cQmVuY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 19:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:11:c5:3e:d8:1e:5b:ff:c3:1e:ed:8e:9a:10:fc:e6:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68a8e93d3f590f4450d1db3c2074598244353e93
Validity
Not Before: Mar 21 19:00:32 2026 GMT
Not After : Mar 22 19:00:32 2026 GMT
Subject: CN=caf81893453dd08eb278f46be8590f0fc2d4aec7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:3e:46:86:5f:af:13:b5:b2:6e:35:ea:18:4b:
b5:ac:82:de:2f:5f:35:54:73:be:11:d2:cf:33:fa:
96:c8:f8:b2:19:56:99:ad:8f:b2:82:17:78:03:15:
ca:f6:a3:8e:a5:09:2e:f2:49:58:6a:7e:7f:4b:1b:
4c:7b:cc:e7:6b:1c:db:22:78:e1:22:de:ba:e6:78:
95:88:60:58:20:fb:84:8c:52:13:b5:91:36:4d:05:
37:4b:a3:03:31:3e:b6:da:e0:86:97:79:31:cd:de:
3c:ba:62:03:5c:d2:c6:e2:63:69:41:98:9b:e0:ca:
fe:15:99:4e:fd:d3:b9:bd:32:90:cc:ef:48:c6:58:
78:be:b0:20:bd:c3:fb:40:03:35:a9:60:03:02:97:
83:47:96:d4:56:4f:4a:ec:da:d3:e6:a6:d6:d1:0a:
6f:28:2d:a0:27:b8:84:53:1a:b8:ae:f9:93:39:d9:
de:6b:a3:ff:a1:2b:23:9c:23:aa:05:f9:45:e4:bb:
cd:a4:07:44:8e:bb:72:93:91:3f:ef:2e:7d:ca:c9:
52:df:f5:56:dd:8a:18:bb:29:9e:b2:60:09:f4:d3:
6a:29:71:e1:c5:d5:c0:47:89:da:be:ad:d8:fa:cd:
9c:4b:e7:e6:f0:91:02:1f:01:f5:4a:47:91:84:2d:
ee:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:F8:18:93:45:3D:D0:8E:B2:78:F4:6B:E8:59:0F:0F:C2:D4:AE:C7
X509v3 Authority Key Identifier:
keyid:68:A8:E9:3D:3F:59:0F:44:50:D1:DB:3C:20:74:59:82:44:35:3E:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
57:a5:60:35:89:0d:a5:6e:cd:71:31:5d:49:d4:c5:2d:30:cc:
42:5a:37:92:ca:f4:04:67:7a:63:88:ec:4a:fa:6b:42:0a:11:
e1:9c:8b:0a:75:f6:9a:13:b8:78:66:8b:1e:5e:a9:b4:ac:60:
cc:94:0d:13:19:0c:21:96:3c:17:fb:ee:f4:e7:7d:1b:de:3c:
ee:3a:60:2b:8c:ef:b7:48:18:41:bb:9b:ec:8b:e2:08:b6:b7:
3e:7e:97:d3:2f:50:53:5d:15:07:bb:ef:8c:aa:37:13:50:f3:
00:62:18:9d:8e:22:b6:2f:bd:22:e5:02:9a:3d:c1:ce:97:2d:
1e:ca:aa:92:4f:53:53:b3:01:5e:31:e7:56:f3:05:2d:c1:5e:
93:24:0d:1b:e4:70:d1:9d:b5:ab:09:77:85:03:4a:3a:23:20:
76:5a:d3:1c:7f:45:00:12:08:d1:8a:88:d5:56:07:3b:85:25:
36:53:c6:dd:76:95:37:74:c0:13:cb:1d:0f:fe:fb:0b:94:67:
b2:ee:6c:07:10:ab:e5:dd:a3:3d:f5:a1:93:e4:ec:da:c2:e1:
d8:01:24:9d:53:1d:1f:c9:79:31:67:d4:92:e8:60:ad:92:a2:
49:62:67:c2:6e:d9:e8:16:5f:ec:85:67:af:a8:08:f0:80:6a:
b2:7d:94:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0RxT7YHlv/wx7tjpoQ/OarMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YThlOTNkM2Y1OTBmNDQ1MGQxZGIzYzIwNzQ1OTgyNDQz
NTNlOTMwHhcNMjYwMzIxMTkwMDMyWhcNMjYwMzIyMTkwMDMyWjAzMTEwLwYDVQQD
EyhjYWY4MTg5MzQ1M2RkMDhlYjI3OGY0NmJlODU5MGYwZmMyZDRhZWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuT5Ghl+vE7WybjXqGEu1rILeL181
VHO+EdLPM/qWyPiyGVaZrY+yghd4AxXK9qOOpQku8klYan5/SxtMe8znaxzbInjh
It665niViGBYIPuEjFITtZE2TQU3S6MDMT622uCGl3kxzd48umIDXNLG4mNpQZib
4Mr+FZlO/dO5vTKQzO9Ixlh4vrAgvcP7QAM1qWADApeDR5bUVk9K7NrT5qbW0Qpv
KC2gJ7iEUxq4rvmTOdnea6P/oSsjnCOqBflF5LvNpAdEjrtyk5E/7y59yslS3/VW
3YoYuymesmAJ9NNqKXHhxdXAR4navq3Y+s2cS+fm8JECHwH1SkeRhC3uKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMr4GJNFPdCOsnj0a+hZDw/C1K7HMB8GA1UdIwQY
MBaAFGio6T0/WQ9EUNHbPCB0WYJENT6TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9iYjNiMjktODFlNS00NWEyLTgxZWMt
MjVkZDRjYmIzNjk4LzEvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9iYjNiMjktODFlNS00NWEyLTgxZWMtMjVkZDRjYmIzNjk4
LzEvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV6VgNYkN
pW7NcTFdSdTFLTDMQlo3ksr0BGd6Y4jsSvprQgoR4ZyLCnX2mhO4eGaLHl6ptKxg
zJQNExkMIZY8F/vu9Od9G9487jpgK4zvt0gYQbub7IviCLa3Pn6X0y9QU10VB7vv
jKo3E1DzAGIYnY4iti+9IuUCmj3BzpctHsqqkk9TU7MBXjHnVvMFLcFekyQNG+Rw
0Z21qwl3hQNKOiMgdlrTHH9FABII0YqI1VYHO4UlNlPG3XaVN3TAE8sdD/77C5Rn
su5sBxCr5d2jPfWhk+Ts2sLh2AEknVMdH8l5MWfUkuhgrZKiSWJnwm7Z6BZf7IVn
r6gI8IBqsn2U2A==
-----END CERTIFICATE-----
Generated at Sun Mar 22 05:51:45 2026 by rpki-client