Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
File: aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft (raw, json)
Hash identifier: ghN4t0tfhNlhgQf5rHHZjqP1gggqZepQrgXGmYyFBmA=
Subject key identifier: 64:5B:4B:1E:91:24:F9:2F:FD:C8:14:ED:30:D5:45:52:54:C2:9C:90
Authority key identifier: 68:A8:E9:3D:3F:59:0F:44:50:D1:DB:3C:20:74:59:82:44:35:3E:93
Certificate issuer: /CN=68a8e93d3f590f4450d1db3c2074598244353e93
Certificate serial: 019DFB72E0704D14B9623C87574914003CBE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
Manifest number: 1900
Signing time: Wed 06 May 2026 04:01:42 +0000
Manifest this update: Wed 06 May 2026 04:01:42 +0000
Manifest next update: Thu 07 May 2026 04:01:42 +0000
Files and hashes: 1: aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl (hash: 7pIE61UbfCdBj0ua/k3JNdHzp0nEeQB+O6iMvgLu5hc=)
2: bKFR-ExETl9kc_NczqQy1RxK9rs.roa (hash: plcIB/DfvBpq4QLItxVjsjUSKb2BA3Zq8rL1ma4T6FY=)
3: pRSgM7v51dj4_nnKyTIe5vKbqck.roa (hash: zoPAj53DpixsBYDFs95Rz1APyotRYxKBCaNS8cQmVuY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 May 2026 04:01:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:fb:72:e0:70:4d:14:b9:62:3c:87:57:49:14:00:3c:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68a8e93d3f590f4450d1db3c2074598244353e93
Validity
Not Before: May 6 04:01:42 2026 GMT
Not After : May 7 04:01:42 2026 GMT
Subject: CN=645b4b1e9124f92ffdc814ed30d5455254c29c90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:e7:f6:4d:53:24:78:1c:53:72:39:ab:8f:e8:
a5:12:6d:93:1f:66:4c:aa:ac:68:92:24:f7:53:6f:
95:bb:96:cf:05:90:91:ef:1d:5b:31:c3:15:9d:18:
c8:0e:83:e6:53:9d:fc:76:09:ce:d6:a5:38:2b:fa:
7a:53:97:88:46:88:32:0d:37:c1:a7:63:a3:b9:4c:
96:ee:6b:d3:b3:19:24:a7:6b:8f:47:41:ac:bd:24:
a9:86:60:9e:58:f4:a0:4b:2d:94:f5:15:19:2e:76:
98:15:72:d0:46:97:bf:18:21:12:3f:c7:77:35:aa:
15:f1:3c:ca:a6:1e:75:1a:8e:e4:0c:01:1c:94:68:
97:3f:be:1a:8d:a5:74:c8:bb:44:d1:57:97:3e:35:
2c:76:89:1a:6b:57:10:4f:71:03:53:cb:45:a2:9b:
4d:f0:9d:8f:11:5c:06:6e:48:b7:1d:fc:6a:fa:51:
e1:72:a6:5c:73:61:07:54:91:b9:1c:c5:38:e0:5f:
d4:29:80:bf:33:6d:18:57:99:7d:ed:b0:0c:3a:82:
da:77:42:32:61:35:ab:45:8c:26:ce:e0:41:86:91:
f3:1f:02:8e:bf:f1:b1:63:82:4d:fa:2a:78:e6:81:
6c:91:40:2d:4c:fa:b5:33:34:ce:1c:15:f5:5b:ff:
51:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:5B:4B:1E:91:24:F9:2F:FD:C8:14:ED:30:D5:45:52:54:C2:9C:90
X509v3 Authority Key Identifier:
keyid:68:A8:E9:3D:3F:59:0F:44:50:D1:DB:3C:20:74:59:82:44:35:3E:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1c:86:db:ca:4b:c6:8a:e1:25:aa:dd:98:7c:8c:b2:c0:cf:1c:
0e:7b:8a:ce:a6:09:d8:9c:4d:92:48:9d:41:04:b7:94:49:b6:
0a:9b:71:11:78:87:b7:52:d7:20:60:8a:63:7a:1b:e8:6b:5b:
cd:d7:96:fb:10:c3:e2:fc:9a:ed:e8:2b:e2:08:a8:73:52:c9:
55:ab:40:bd:fd:a9:da:04:19:2a:6c:af:cd:66:df:5f:92:70:
55:d9:7e:82:a8:d5:35:72:a8:ff:1b:05:0e:17:e6:04:b9:fb:
20:7f:b7:22:2c:43:c3:5d:41:a7:4b:7a:aa:f9:5a:36:87:9c:
08:95:a4:98:25:c2:2e:65:86:bf:e7:aa:0c:b6:ff:c7:ce:98:
e7:00:8d:85:80:1f:bb:93:28:45:5d:bb:eb:ac:35:35:be:62:
de:96:75:39:a2:4c:f5:63:45:f4:5f:21:be:27:e3:90:ce:51:
f0:87:95:bb:06:42:10:0f:cc:69:c4:08:45:3c:cb:7c:bc:f6:
42:01:1b:8a:0b:42:af:79:11:a7:7c:20:5d:3c:23:d7:7c:7f:
2b:d7:4d:ab:80:be:ba:76:1d:bc:c4:ca:5e:84:0f:4b:2b:16:
14:1e:4e:71:6a:fb:48:38:4d:08:52:d2:cc:c6:57:c0:27:7f:
c6:36:eb:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ37cuBwTRS5YjyHV0kUADy+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YThlOTNkM2Y1OTBmNDQ1MGQxZGIzYzIwNzQ1OTgyNDQz
NTNlOTMwHhcNMjYwNTA2MDQwMTQyWhcNMjYwNTA3MDQwMTQyWjAzMTEwLwYDVQQD
Eyg2NDViNGIxZTkxMjRmOTJmZmRjODE0ZWQzMGQ1NDU1MjU0YzI5YzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuf2TVMkeBxTcjmrj+ilEm2TH2ZM
qqxokiT3U2+Vu5bPBZCR7x1bMcMVnRjIDoPmU538dgnO1qU4K/p6U5eIRogyDTfB
p2OjuUyW7mvTsxkkp2uPR0GsvSSphmCeWPSgSy2U9RUZLnaYFXLQRpe/GCESP8d3
NaoV8TzKph51Go7kDAEclGiXP74ajaV0yLtE0VeXPjUsdokaa1cQT3EDU8tFoptN
8J2PEVwGbki3Hfxq+lHhcqZcc2EHVJG5HMU44F/UKYC/M20YV5l97bAMOoLad0Iy
YTWrRYwmzuBBhpHzHwKOv/GxY4JN+ip45oFskUAtTPq1MzTOHBX1W/9RiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGRbSx6RJPkv/cgU7TDVRVJUwpyQMB8GA1UdIwQY
MBaAFGio6T0/WQ9EUNHbPCB0WYJENT6TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9iYjNiMjktODFlNS00NWEyLTgxZWMt
MjVkZDRjYmIzNjk4LzEvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9iYjNiMjktODFlNS00NWEyLTgxZWMtMjVkZDRjYmIzNjk4
LzEvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHIbbykvG
iuElqt2YfIyywM8cDnuKzqYJ2JxNkkidQQS3lEm2CptxEXiHt1LXIGCKY3ob6Gtb
zdeW+xDD4vya7egr4gioc1LJVatAvf2p2gQZKmyvzWbfX5JwVdl+gqjVNXKo/xsF
DhfmBLn7IH+3IixDw11Bp0t6qvlaNoecCJWkmCXCLmWGv+eqDLb/x86Y5wCNhYAf
u5MoRV2766w1Nb5i3pZ1OaJM9WNF9F8hvifjkM5R8IeVuwZCEA/MacQIRTzLfLz2
QgEbigtCr3kRp3wgXTwj13x/K9dNq4C+unYdvMTKXoQPSysWFB5OcWr7SDhNCFLS
zMZXwCd/xjbrtw==
-----END CERTIFICATE-----
Generated at Wed May 6 13:23:55 2026 by rpki-client