Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/716911-30de-4b74-959b-017dee452ec4/1/aV3OXjeoYlOKD2aIPeIG_7fJO2k.mft
File: aV3OXjeoYlOKD2aIPeIG_7fJO2k.mft (raw, json)
Hash identifier: GRhNCdUBRwTw6vpva0gDn2Of5BEZ1lWHvxu5GLXSxLo=
Subject key identifier: 14:A3:AC:BC:63:3F:99:EF:DA:18:1E:AC:43:A5:E6:6D:FC:90:C4:5C
Authority key identifier: 69:5D:CE:5E:37:A8:62:53:8A:0F:66:88:3D:E2:06:FF:B7:C9:3B:69
Certificate issuer: /CN=695dce5e37a862538a0f66883de206ffb7c93b69
Certificate serial: 019D3940F482EE33944946CD7D7202DAA6C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aV3OXjeoYlOKD2aIPeIG_7fJO2k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/716911-30de-4b74-959b-017dee452ec4/1/aV3OXjeoYlOKD2aIPeIG_7fJO2k.mft
Manifest number: 08CD
Signing time: Sun 29 Mar 2026 11:00:51 +0000
Manifest this update: Sun 29 Mar 2026 11:00:51 +0000
Manifest next update: Mon 30 Mar 2026 11:00:51 +0000
Files and hashes: 1: 4oDq4WaHtzxq4X2XmYKxOilfXjc.roa (hash: 0o/IvKk3dqBypwXiDheqBd2S3T9GWA2BbRQUpKWXnt8=)
2: aV3OXjeoYlOKD2aIPeIG_7fJO2k.crl (hash: +OZJ/YEZBmXA26dpooni+e4HUGbQJNtXIm2qM6Fk5p4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/716911-30de-4b74-959b-017dee452ec4/1/aV3OXjeoYlOKD2aIPeIG_7fJO2k.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/716911-30de-4b74-959b-017dee452ec4/1/aV3OXjeoYlOKD2aIPeIG_7fJO2k.mft
rsync://rpki.ripe.net/repository/DEFAULT/aV3OXjeoYlOKD2aIPeIG_7fJO2k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:40:f4:82:ee:33:94:49:46:cd:7d:72:02:da:a6:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=695dce5e37a862538a0f66883de206ffb7c93b69
Validity
Not Before: Mar 29 11:00:51 2026 GMT
Not After : Mar 30 11:00:51 2026 GMT
Subject: CN=14a3acbc633f99efda181eac43a5e66dfc90c45c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:01:a4:c0:54:88:df:f9:63:c4:05:7d:ca:e6:
3e:6a:2d:b5:92:0a:2e:ed:48:69:3f:c5:17:77:34:
f7:08:3b:74:5d:68:03:83:ba:46:5d:0e:ee:5f:81:
df:47:38:b7:70:bd:6f:d6:6c:6b:43:a0:48:5c:5f:
f7:9a:79:64:da:6e:b9:e5:13:a8:d3:c0:14:13:96:
b2:8a:b6:b8:82:8f:a0:50:cf:d9:4e:e8:98:60:d0:
38:86:47:8a:5d:a5:ed:8b:b4:a8:32:da:21:3b:25:
fc:21:73:fe:36:c2:ba:9b:63:5e:20:ca:23:0b:24:
d7:20:ef:45:a9:84:b9:ac:d0:b1:a6:8f:b8:c9:ba:
9d:32:e8:ff:b2:fd:78:2d:c6:bf:36:dd:53:3c:37:
10:70:08:d6:2b:8f:fb:ab:73:9c:47:da:0b:0e:6f:
40:53:a6:65:a3:be:0a:dd:7b:19:89:4f:2c:2a:a0:
59:49:bb:82:79:76:a0:2d:9f:67:0b:4b:dd:ff:2d:
3a:1b:b1:eb:e1:fe:43:5d:e3:68:ec:ad:0f:38:87:
cb:b3:ba:c2:dd:78:df:70:ee:29:9f:6e:3d:5f:81:
3c:62:36:e6:07:b6:45:cc:78:35:4c:fd:95:03:45:
b2:be:81:b2:fe:7d:c4:ba:66:76:76:12:46:dc:91:
0f:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:A3:AC:BC:63:3F:99:EF:DA:18:1E:AC:43:A5:E6:6D:FC:90:C4:5C
X509v3 Authority Key Identifier:
keyid:69:5D:CE:5E:37:A8:62:53:8A:0F:66:88:3D:E2:06:FF:B7:C9:3B:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aV3OXjeoYlOKD2aIPeIG_7fJO2k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/716911-30de-4b74-959b-017dee452ec4/1/aV3OXjeoYlOKD2aIPeIG_7fJO2k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/716911-30de-4b74-959b-017dee452ec4/1/aV3OXjeoYlOKD2aIPeIG_7fJO2k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
89:69:98:85:59:af:1d:22:80:6d:e8:21:0e:53:2b:68:bf:d0:
4c:be:31:8b:67:40:af:cc:b4:3c:13:63:21:4f:01:83:72:94:
c3:ab:18:f1:77:00:51:dd:06:a8:02:e1:f5:6e:fb:9f:55:59:
b2:27:23:4e:ae:0e:8f:c7:eb:36:5a:21:7b:15:da:09:bd:79:
d6:2f:5d:96:bd:55:94:a9:e8:e1:a8:d1:22:0b:f3:99:88:f9:
7d:a2:44:ac:40:b8:73:3a:c5:73:7b:fc:ec:06:c7:69:14:da:
f2:91:c6:ed:ff:91:fe:a6:d5:74:1d:17:25:20:7c:a5:f2:2f:
77:ca:09:a1:ec:3d:f2:f9:de:19:11:8c:17:ba:9b:ae:a6:76:
b8:e9:4d:a0:79:17:67:bc:49:79:38:0b:5a:fe:92:70:d9:08:
c1:c5:9e:e0:c8:f8:71:20:e3:56:23:8a:33:67:89:31:89:d9:
ae:2d:04:f0:c4:c5:d3:78:18:76:90:e6:0c:10:33:17:10:68:
1e:09:42:77:b8:5d:68:ff:a3:74:2c:2e:36:fa:65:be:59:fc:
a4:40:d6:0f:3b:65:a5:d5:7f:fc:e8:31:ae:24:50:a7:b5:3c:
5a:d9:8a:06:44:1c:b3:8a:a8:e5:66:d5:e3:5d:6c:2d:a5:f4:
66:76:91:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QPSC7jOUSUbNfXIC2qbAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NWRjZTVlMzdhODYyNTM4YTBmNjY4ODNkZTIwNmZmYjdj
OTNiNjkwHhcNMjYwMzI5MTEwMDUxWhcNMjYwMzMwMTEwMDUxWjAzMTEwLwYDVQQD
EygxNGEzYWNiYzYzM2Y5OWVmZGExODFlYWM0M2E1ZTY2ZGZjOTBjNDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3QGkwFSI3/ljxAV9yuY+ai21kgou
7UhpP8UXdzT3CDt0XWgDg7pGXQ7uX4HfRzi3cL1v1mxrQ6BIXF/3mnlk2m655ROo
08AUE5ayira4go+gUM/ZTuiYYNA4hkeKXaXti7SoMtohOyX8IXP+NsK6m2NeIMoj
CyTXIO9FqYS5rNCxpo+4ybqdMuj/sv14Lca/Nt1TPDcQcAjWK4/7q3OcR9oLDm9A
U6Zlo74K3XsZiU8sKqBZSbuCeXagLZ9nC0vd/y06G7Hr4f5DXeNo7K0POIfLs7rC
3XjfcO4pn249X4E8YjbmB7ZFzHg1TP2VA0WyvoGy/n3EumZ2dhJG3JEP/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBSjrLxjP5nv2hgerEOl5m38kMRcMB8GA1UdIwQY
MBaAFGldzl43qGJTig9miD3iBv+3yTtpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVYzT1hqZW9ZbE9LRDJhSVBlSUdfN2ZKTzJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi83MTY5MTEtMzBkZS00Yjc0LTk1OWIt
MDE3ZGVlNDUyZWM0LzEvYVYzT1hqZW9ZbE9LRDJhSVBlSUdfN2ZKTzJrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi83MTY5MTEtMzBkZS00Yjc0LTk1OWItMDE3ZGVlNDUyZWM0
LzEvYVYzT1hqZW9ZbE9LRDJhSVBlSUdfN2ZKTzJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiWmYhVmv
HSKAbeghDlMraL/QTL4xi2dAr8y0PBNjIU8Bg3KUw6sY8XcAUd0GqALh9W77n1VZ
sicjTq4Oj8frNlohexXaCb151i9dlr1VlKno4ajRIgvzmYj5faJErEC4czrFc3v8
7AbHaRTa8pHG7f+R/qbVdB0XJSB8pfIvd8oJoew98vneGRGMF7qbrqZ2uOlNoHkX
Z7xJeTgLWv6ScNkIwcWe4Mj4cSDjViOKM2eJMYnZri0E8MTF03gYdpDmDBAzFxBo
HglCd7hdaP+jdCwuNvplvln8pEDWDztlpdV//OgxriRQp7U8WtmKBkQcs4qo5WbV
411sLaX0ZnaR6A==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:54:31 2026 by rpki-client