Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.mft
File: aaKML4THXo0DiGlDVRUt0rcx8kk.mft (raw, json)
Hash identifier: Fy6QMGGaxNaciPhzzWChEg96HwzRxepNp4DHVg/r05U=
Subject key identifier: 84:55:24:88:B5:1C:B6:DC:7A:98:B0:EA:07:E2:DF:64:3A:23:C4:45
Authority key identifier: 69:A2:8C:2F:84:C7:5E:8D:03:88:69:43:55:15:2D:D2:B7:31:F2:49
Certificate issuer: /CN=69a28c2f84c75e8d0388694355152dd2b731f249
Certificate serial: 019D3909E2EEE1AFD306F6828FDFA0FCB845
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aaKML4THXo0DiGlDVRUt0rcx8kk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.mft
Manifest number: 1892
Signing time: Sun 29 Mar 2026 10:00:42 +0000
Manifest this update: Sun 29 Mar 2026 10:00:42 +0000
Manifest next update: Mon 30 Mar 2026 10:00:42 +0000
Files and hashes: 1: MB0uTApSO8m5vg_bm9trr3XpjgU.roa (hash: 2eNykuyF9+3yCGYPE8lH28bjQtkNd0f4qvsTFx03Ijs=)
2: aaKML4THXo0DiGlDVRUt0rcx8kk.crl (hash: 9zXvyylQMytg9ngBKUnXWv3Idh+71BqpaCzfOEgCPo4=)
3: xg2vmPZnFpWKOjIR5eQ7FMGT8aE.roa (hash: hPOQooNWczBMB25D+ekEfhNU7YNSFMQ+pTU+YyTaGew=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.mft
rsync://rpki.ripe.net/repository/DEFAULT/aaKML4THXo0DiGlDVRUt0rcx8kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:09:e2:ee:e1:af:d3:06:f6:82:8f:df:a0:fc:b8:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69a28c2f84c75e8d0388694355152dd2b731f249
Validity
Not Before: Mar 29 10:00:42 2026 GMT
Not After : Mar 30 10:00:42 2026 GMT
Subject: CN=84552488b51cb6dc7a98b0ea07e2df643a23c445
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:a4:9e:6b:ec:cc:3e:8f:c5:1b:df:70:4a:4c:
3e:5a:2a:cb:22:24:ba:cf:75:ec:28:a1:82:12:80:
be:ab:df:b6:19:86:28:d0:f9:ca:88:e4:8a:3c:8d:
5f:f6:14:90:d0:f3:25:3f:a1:cb:f3:3a:6a:b1:43:
62:9c:f2:7a:f2:02:d9:4f:1f:15:a9:3f:b1:05:2c:
1f:ff:30:6a:9f:f0:a2:2f:95:d4:af:0d:81:53:3e:
65:02:0d:e9:f9:5c:0d:01:75:79:a0:b2:8a:bf:5b:
45:11:a8:10:19:fb:5f:d2:13:c8:8a:31:2a:4e:d7:
1f:5d:ce:8a:29:1c:7c:ed:ad:ed:4c:a8:e3:e2:da:
09:41:c7:ff:f0:41:a6:20:7a:3e:b6:03:ee:b2:03:
b0:06:0c:37:52:e8:32:f2:0c:26:b1:67:14:47:c2:
35:29:1b:f9:6b:fa:e3:74:1d:2d:f7:70:c0:2b:6c:
c9:85:28:fd:4d:cd:8a:f9:50:7c:e8:37:91:c5:05:
ee:31:88:84:ba:b5:1c:db:2f:51:bd:0e:5a:6f:a7:
68:c9:06:7b:22:8f:93:44:6c:e3:b6:be:a9:85:7e:
a3:18:1d:89:2c:3a:3d:d8:6a:50:0e:85:a2:bc:e2:
a7:52:c6:ad:df:31:18:52:21:06:03:a5:60:82:32:
a3:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:55:24:88:B5:1C:B6:DC:7A:98:B0:EA:07:E2:DF:64:3A:23:C4:45
X509v3 Authority Key Identifier:
keyid:69:A2:8C:2F:84:C7:5E:8D:03:88:69:43:55:15:2D:D2:B7:31:F2:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aaKML4THXo0DiGlDVRUt0rcx8kk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
e2:68:a4:db:f9:cc:9f:e1:49:31:17:dc:46:2f:a8:70:a8:db:
c8:a7:c0:2c:77:a8:ef:bc:c1:3a:26:ba:1e:6a:5b:32:34:ba:
0f:04:d9:91:cd:a9:77:86:d7:50:23:49:ec:35:22:bd:dd:e1:
55:98:68:7e:89:7c:ba:6c:47:f9:d0:37:c5:16:61:c1:41:f8:
83:8a:3e:cb:fc:f5:b1:8d:11:43:43:9b:f5:a4:e6:1b:7c:7f:
15:07:cd:8d:3d:8e:7a:c8:de:c6:ff:ed:95:c3:fa:03:1b:60:
b9:f9:95:3a:45:bf:34:0a:b6:fe:02:ef:04:ad:19:ad:44:04:
5e:7a:ab:6f:aa:04:69:e7:9b:11:a3:5d:63:79:83:0e:d1:bc:
bd:24:c4:7e:bf:e4:50:32:2f:c3:2b:72:21:52:27:c4:c1:e8:
56:6b:fe:80:71:aa:f6:3d:4d:24:24:8f:57:0b:52:92:6c:28:
a9:91:d0:ec:d5:66:71:ed:53:86:f9:1f:2a:b8:43:b3:89:d8:
89:9e:24:b4:be:f6:5b:87:42:c2:cc:c3:3d:dc:e6:c9:c8:83:
69:39:61:69:79:7f:15:6f:5f:d4:6e:02:fd:b9:c9:bb:32:58:
8b:55:28:85:72:77:bb:99:3b:35:52:1c:40:7e:07:43:00:aa:
a6:cb:7e:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CeLu4a/TBvaCj9+g/LhFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YTI4YzJmODRjNzVlOGQwMzg4Njk0MzU1MTUyZGQyYjcz
MWYyNDkwHhcNMjYwMzI5MTAwMDQyWhcNMjYwMzMwMTAwMDQyWjAzMTEwLwYDVQQD
Eyg4NDU1MjQ4OGI1MWNiNmRjN2E5OGIwZWEwN2UyZGY2NDNhMjNjNDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA36Sea+zMPo/FG99wSkw+WirLIiS6
z3XsKKGCEoC+q9+2GYYo0PnKiOSKPI1f9hSQ0PMlP6HL8zpqsUNinPJ68gLZTx8V
qT+xBSwf/zBqn/CiL5XUrw2BUz5lAg3p+VwNAXV5oLKKv1tFEagQGftf0hPIijEq
TtcfXc6KKRx87a3tTKjj4toJQcf/8EGmIHo+tgPusgOwBgw3Uugy8gwmsWcUR8I1
KRv5a/rjdB0t93DAK2zJhSj9Tc2K+VB86DeRxQXuMYiEurUc2y9RvQ5ab6doyQZ7
Io+TRGzjtr6phX6jGB2JLDo92GpQDoWivOKnUsat3zEYUiEGA6VggjKjQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIRVJIi1HLbcepiw6gfi32Q6I8RFMB8GA1UdIwQY
MBaAFGmijC+Ex16NA4hpQ1UVLdK3MfJJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWFLTUw0VEhYbzBEaUdsRFZSVXQwcmN4OGtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS84OWZmNDctMGI3Yi00MzA5LWE4YWYt
MmNiZDU1ZjlhOGVlLzEvYWFLTUw0VEhYbzBEaUdsRFZSVXQwcmN4OGtrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS84OWZmNDctMGI3Yi00MzA5LWE4YWYtMmNiZDU1ZjlhOGVl
LzEvYWFLTUw0VEhYbzBEaUdsRFZSVXQwcmN4OGtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA4mik2/nM
n+FJMRfcRi+ocKjbyKfALHeo77zBOia6HmpbMjS6DwTZkc2pd4bXUCNJ7DUivd3h
VZhofol8umxH+dA3xRZhwUH4g4o+y/z1sY0RQ0Ob9aTmG3x/FQfNjT2Oesjexv/t
lcP6AxtgufmVOkW/NAq2/gLvBK0ZrUQEXnqrb6oEaeebEaNdY3mDDtG8vSTEfr/k
UDIvwytyIVInxMHoVmv+gHGq9j1NJCSPVwtSkmwoqZHQ7NVmce1ThvkfKrhDs4nY
iZ4ktL72W4dCwszDPdzmyciDaTlhaXl/FW9f1G4C/bnJuzJYi1UohXJ3u5k7NVIc
QH4HQwCqpst+iA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:32:59 2026 by rpki-client