Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft
File: aLw5QAVdFXTyY7X5arCQDGu0xfk.mft (raw, json)
Hash identifier: OgP5AfNEPc8QujeeD2lqRKwvitsOxnl6ExFrI/y+/VY=
Subject key identifier: A7:29:68:6D:1D:C7:01:9E:35:9C:FB:73:0E:1D:20:41:C6:50:76:04
Authority key identifier: 68:BC:39:40:05:5D:15:74:F2:63:B5:F9:6A:B0:90:0C:6B:B4:C5:F9
Certificate issuer: /CN=68bc3940055d1574f263b5f96ab0900c6bb4c5f9
Certificate serial: 019D3865F3C7FB7FD3390E669D7910BCB728
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft
Manifest number: 05FB
Signing time: Sun 29 Mar 2026 07:01:38 +0000
Manifest this update: Sun 29 Mar 2026 07:01:38 +0000
Manifest next update: Mon 30 Mar 2026 07:01:38 +0000
Files and hashes: 1: BcT1YlHw7D1Dk2z_LIFmn3rThJY.roa (hash: Eovd3kGKSBHE8soZjKT4R8yDeoxnP/onLhr4NTs+e6o=)
2: aLw5QAVdFXTyY7X5arCQDGu0xfk.crl (hash: HqDCwF2FtSf/c0H4i84gGlMrq+yDAUsS6xdnVKJDPCk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft
rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:65:f3:c7:fb:7f:d3:39:0e:66:9d:79:10:bc:b7:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68bc3940055d1574f263b5f96ab0900c6bb4c5f9
Validity
Not Before: Mar 29 07:01:38 2026 GMT
Not After : Mar 30 07:01:38 2026 GMT
Subject: CN=a729686d1dc7019e359cfb730e1d2041c6507604
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:84:60:d9:0a:d9:cb:b0:1b:21:fb:52:f3:51:
24:be:9e:53:74:a1:52:08:4e:d9:8e:40:9a:7f:b4:
e3:a1:f8:c0:66:32:f2:ff:f4:f8:f1:7d:03:8a:66:
42:9c:fa:33:a4:1e:d5:ca:67:c5:ed:5c:8b:a5:79:
e0:1d:63:89:6c:b1:8b:13:89:5f:d6:95:98:ca:63:
68:b8:a2:fe:87:62:5a:d9:ed:11:5a:fd:f7:74:78:
1e:dd:44:c4:92:76:5a:d9:cb:3d:8d:a8:08:de:d3:
7a:69:d0:d6:b1:fe:0c:e0:4b:8c:44:9a:73:5c:56:
84:20:9c:fd:02:25:54:95:ab:70:b2:71:98:ed:14:
08:37:7a:6a:5f:ce:37:10:70:18:46:15:40:be:bf:
b5:b2:e1:a9:c2:7f:48:e4:2b:92:9d:71:62:2c:17:
82:ef:6c:b3:f9:5b:6b:8f:4d:fd:f9:5e:54:62:2d:
9e:7b:06:3a:0c:26:0b:37:a8:5f:e1:13:ad:71:25:
43:45:5b:e8:3c:f3:07:28:fd:49:bc:35:09:8f:b1:
da:c5:5b:99:34:23:53:65:fc:3f:f0:8f:46:99:c4:
70:fb:8c:22:a1:59:7a:a3:97:85:1f:84:43:78:69:
2c:1f:7e:fe:da:95:3b:e8:9c:07:57:9a:42:b9:d2:
5f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:29:68:6D:1D:C7:01:9E:35:9C:FB:73:0E:1D:20:41:C6:50:76:04
X509v3 Authority Key Identifier:
keyid:68:BC:39:40:05:5D:15:74:F2:63:B5:F9:6A:B0:90:0C:6B:B4:C5:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
02:c7:07:c4:80:ee:45:a5:f6:87:52:c8:87:7b:8f:1a:39:83:
7d:dd:24:77:4f:b4:14:a1:b7:3e:3c:ac:19:5d:70:54:93:29:
2f:b5:a3:91:e4:f1:3d:e8:4f:01:99:5b:8b:a9:4b:cd:22:ff:
89:11:e7:57:54:b7:04:04:cb:c5:89:56:d4:26:0c:8c:0d:36:
23:e4:2a:bd:a3:ab:fe:74:d4:e1:64:73:92:fa:7d:f2:8c:b4:
59:9e:d3:79:1e:f5:df:4e:c0:a6:fd:ee:9c:f9:51:c6:54:2b:
de:ee:f3:84:8c:f9:e8:2c:85:f7:bb:be:6d:3a:bc:45:8b:6c:
d0:94:50:d4:9f:39:b2:fc:1f:82:0c:30:e1:b0:9a:6f:f4:c3:
ab:53:33:23:1a:6e:d9:f3:6a:fa:1d:c0:67:f6:72:eb:28:64:
21:cd:7f:01:ac:c0:d4:e7:5f:10:a3:e9:0f:cc:4e:a2:01:34:
e3:39:21:19:9d:de:55:bd:ef:21:5b:06:40:94:66:be:a7:4c:
e0:f0:7d:30:5a:3c:85:20:07:64:2d:55:48:b4:69:60:62:f3:
6d:80:36:b3:21:52:8a:06:f7:54:33:34:d1:d1:1f:3d:53:3d:
1e:7f:9b:73:0a:bc:39:f5:62:8b:10:02:cf:3b:5f:bf:a1:7c:
80:d2:5d:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZfPH+3/TOQ5mnXkQvLcoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YmMzOTQwMDU1ZDE1NzRmMjYzYjVmOTZhYjA5MDBjNmJi
NGM1ZjkwHhcNMjYwMzI5MDcwMTM4WhcNMjYwMzMwMDcwMTM4WjAzMTEwLwYDVQQD
EyhhNzI5Njg2ZDFkYzcwMTllMzU5Y2ZiNzMwZTFkMjA0MWM2NTA3NjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5YRg2QrZy7AbIftS81Ekvp5TdKFS
CE7ZjkCaf7TjofjAZjLy//T48X0DimZCnPozpB7VymfF7VyLpXngHWOJbLGLE4lf
1pWYymNouKL+h2Ja2e0RWv33dHge3UTEknZa2cs9jagI3tN6adDWsf4M4EuMRJpz
XFaEIJz9AiVUlatwsnGY7RQIN3pqX843EHAYRhVAvr+1suGpwn9I5CuSnXFiLBeC
72yz+Vtrj039+V5UYi2eewY6DCYLN6hf4ROtcSVDRVvoPPMHKP1JvDUJj7HaxVuZ
NCNTZfw/8I9GmcRw+4wioVl6o5eFH4RDeGksH37+2pU76JwHV5pCudJf7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKcpaG0dxwGeNZz7cw4dIEHGUHYEMB8GA1UdIwQY
MBaAFGi8OUAFXRV08mO1+WqwkAxrtMX5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9kMDJiMzItOTY3ZC00NzUxLTgyZDMt
MTIxYTE0YTlhNDBlLzEvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9kMDJiMzItOTY3ZC00NzUxLTgyZDMtMTIxYTE0YTlhNDBl
LzEvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAscHxIDu
RaX2h1LIh3uPGjmDfd0kd0+0FKG3PjysGV1wVJMpL7WjkeTxPehPAZlbi6lLzSL/
iRHnV1S3BATLxYlW1CYMjA02I+QqvaOr/nTU4WRzkvp98oy0WZ7TeR71307Apv3u
nPlRxlQr3u7zhIz56CyF97u+bTq8RYts0JRQ1J85svwfggww4bCab/TDq1MzIxpu
2fNq+h3AZ/Zy6yhkIc1/AazA1OdfEKPpD8xOogE04zkhGZ3eVb3vIVsGQJRmvqdM
4PB9MFo8hSAHZC1VSLRpYGLzbYA2syFSigb3VDM00dEfPVM9Hn+bcwq8OfViixAC
zztfv6F8gNJdpw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:14:16 2026 by rpki-client