Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/424b94-e702-4b22-ae2e-0890520b8846/1/aL0515MSXGhN_ycviGIrrEMhgPA.mft
File: aL0515MSXGhN_ycviGIrrEMhgPA.mft (raw, json)
Hash identifier: XuIUym8Idq0xWzoxvgt23c1nxswPKVrbaUwTmn1pFBQ=
Subject key identifier: A3:C8:79:BA:B1:38:94:60:A8:CE:EB:9E:8C:8E:AB:03:1A:35:FC:B2
Authority key identifier: 68:BD:39:D7:93:12:5C:68:4D:FF:27:2F:88:62:2B:AC:43:21:80:F0
Certificate issuer: /CN=68bd39d793125c684dff272f88622bac432180f0
Certificate serial: 019D382E630AD50CA6EFA7037DFA31B3F1D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aL0515MSXGhN_ycviGIrrEMhgPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/424b94-e702-4b22-ae2e-0890520b8846/1/aL0515MSXGhN_ycviGIrrEMhgPA.mft
Manifest number: 1892
Signing time: Sun 29 Mar 2026 06:00:57 +0000
Manifest this update: Sun 29 Mar 2026 06:00:57 +0000
Manifest next update: Mon 30 Mar 2026 06:00:57 +0000
Files and hashes: 1: aL0515MSXGhN_ycviGIrrEMhgPA.crl (hash: Gfb5rWKB32mnsGwSd0H2ffYsnbMSNwRL4AE1EVGVwDQ=)
2: oi4g4l999AP6onKm27Ed-wdQpPs.roa (hash: I8WiOuarlTLTaPl9Rt0sGmGw4q5pBrI5UJKZRMtdZkc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/424b94-e702-4b22-ae2e-0890520b8846/1/aL0515MSXGhN_ycviGIrrEMhgPA.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/424b94-e702-4b22-ae2e-0890520b8846/1/aL0515MSXGhN_ycviGIrrEMhgPA.mft
rsync://rpki.ripe.net/repository/DEFAULT/aL0515MSXGhN_ycviGIrrEMhgPA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 06:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:2e:63:0a:d5:0c:a6:ef:a7:03:7d:fa:31:b3:f1:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68bd39d793125c684dff272f88622bac432180f0
Validity
Not Before: Mar 29 06:00:57 2026 GMT
Not After : Mar 30 06:00:57 2026 GMT
Subject: CN=a3c879bab1389460a8ceeb9e8c8eab031a35fcb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c5:60:57:cc:04:45:95:7e:78:6c:94:8c:ac:
ad:3c:52:65:88:d5:52:d1:fe:84:31:a5:67:ee:9c:
f1:14:30:da:ba:29:0f:66:00:43:dd:2d:ed:b9:7b:
e5:99:38:ee:86:02:1e:0f:6b:67:3b:d8:5b:9b:b0:
91:55:d1:dd:d3:7d:29:fc:7c:33:5b:e7:d8:6e:6e:
86:0b:48:14:0d:97:63:57:f3:d7:27:00:e3:e4:30:
1c:e6:1a:f4:44:df:41:6b:87:da:ca:90:99:61:15:
19:e6:51:be:77:a3:9d:49:d2:c8:70:b3:63:c8:c0:
a6:d8:08:27:a9:32:28:1f:52:ff:9c:fa:5a:40:96:
24:f8:3c:c6:d6:f8:a1:dc:a1:e8:24:76:c0:2d:8d:
a4:c2:d5:9b:bc:77:5f:91:58:d4:d1:2b:3d:a1:e1:
b3:ed:cc:8e:d1:ff:f7:4a:07:b7:11:cb:71:52:75:
0c:a6:b4:42:df:9f:24:c9:6c:25:3e:3f:51:26:30:
f6:4d:aa:33:3c:ab:43:bd:be:7b:7f:85:4b:1e:09:
0a:7f:78:9c:32:ae:03:22:3d:cf:4b:ca:f5:1c:f7:
be:c1:fa:62:ba:dc:7e:ec:95:86:81:67:bc:de:94:
50:0f:c6:e5:85:e3:b1:48:2b:0c:ba:b4:ef:8c:8b:
b9:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:C8:79:BA:B1:38:94:60:A8:CE:EB:9E:8C:8E:AB:03:1A:35:FC:B2
X509v3 Authority Key Identifier:
keyid:68:BD:39:D7:93:12:5C:68:4D:FF:27:2F:88:62:2B:AC:43:21:80:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aL0515MSXGhN_ycviGIrrEMhgPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/424b94-e702-4b22-ae2e-0890520b8846/1/aL0515MSXGhN_ycviGIrrEMhgPA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/424b94-e702-4b22-ae2e-0890520b8846/1/aL0515MSXGhN_ycviGIrrEMhgPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1b:82:10:f2:5a:45:1d:8e:ff:49:ca:8f:1c:ea:9f:c3:46:ef:
35:7b:bf:c5:97:01:dc:48:14:10:09:09:aa:13:e2:43:e5:07:
6b:c5:24:e2:37:cc:5c:83:55:f0:96:1d:1a:4f:ba:1c:7d:a2:
1f:0d:10:9f:6c:a3:b1:f4:fd:5e:90:29:51:2a:c8:4a:8d:80:
76:ec:d1:dc:19:b7:99:c6:3f:c9:73:d7:a5:39:46:fc:1b:bc:
4e:a7:99:44:d6:59:09:69:d6:a3:68:91:21:d9:92:6b:35:1c:
f2:4a:ad:96:14:10:f2:0f:fe:9d:13:0e:5f:38:ee:17:08:a4:
8e:09:98:51:77:e9:22:d7:07:40:31:a9:77:a0:9c:c2:bc:bf:
05:1a:d6:db:85:14:02:96:fc:d0:fb:57:11:39:42:55:83:e0:
da:51:38:fc:99:5e:6f:a8:2b:4f:4b:3a:d3:37:b6:f7:7c:e3:
8e:bf:c1:60:24:ca:37:d0:ee:eb:f0:fa:1c:8e:d2:49:56:35:
ec:7d:b9:d9:0f:a7:88:28:f9:33:c5:d8:f0:c3:e7:c5:fc:0e:
e1:c7:27:b3:bc:bc:45:bf:69:94:6d:f0:aa:dc:ac:ac:ed:bc:
fc:ba:fd:a6:a5:fb:ff:f3:3d:c0:ed:9b:78:94:aa:c9:bd:c8:
19:a7:c7:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04LmMK1Qym76cDffoxs/HWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YmQzOWQ3OTMxMjVjNjg0ZGZmMjcyZjg4NjIyYmFjNDMy
MTgwZjAwHhcNMjYwMzI5MDYwMDU3WhcNMjYwMzMwMDYwMDU3WjAzMTEwLwYDVQQD
EyhhM2M4NzliYWIxMzg5NDYwYThjZWViOWU4YzhlYWIwMzFhMzVmY2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMVgV8wERZV+eGyUjKytPFJliNVS
0f6EMaVn7pzxFDDauikPZgBD3S3tuXvlmTjuhgIeD2tnO9hbm7CRVdHd030p/Hwz
W+fYbm6GC0gUDZdjV/PXJwDj5DAc5hr0RN9Ba4faypCZYRUZ5lG+d6OdSdLIcLNj
yMCm2AgnqTIoH1L/nPpaQJYk+DzG1vih3KHoJHbALY2kwtWbvHdfkVjU0Ss9oeGz
7cyO0f/3Sge3EctxUnUMprRC358kyWwlPj9RJjD2TaozPKtDvb57f4VLHgkKf3ic
Mq4DIj3PS8r1HPe+wfpiutx+7JWGgWe83pRQD8blheOxSCsMurTvjIu5rQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKPIebqxOJRgqM7rnoyOqwMaNfyyMB8GA1UdIwQY
MBaAFGi9OdeTElxoTf8nL4hiK6xDIYDwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUwwNTE1TVNYR2hOX3ljdmlHSXJyRU1oZ1BBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy80MjRiOTQtZTcwMi00YjIyLWFlMmUt
MDg5MDUyMGI4ODQ2LzEvYUwwNTE1TVNYR2hOX3ljdmlHSXJyRU1oZ1BBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy80MjRiOTQtZTcwMi00YjIyLWFlMmUtMDg5MDUyMGI4ODQ2
LzEvYUwwNTE1TVNYR2hOX3ljdmlHSXJyRU1oZ1BBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG4IQ8lpF
HY7/ScqPHOqfw0bvNXu/xZcB3EgUEAkJqhPiQ+UHa8Uk4jfMXINV8JYdGk+6HH2i
Hw0Qn2yjsfT9XpApUSrISo2AduzR3Bm3mcY/yXPXpTlG/Bu8TqeZRNZZCWnWo2iR
IdmSazUc8kqtlhQQ8g/+nRMOXzjuFwikjgmYUXfpItcHQDGpd6Ccwry/BRrW24UU
Apb80PtXETlCVYPg2lE4/Jleb6grT0s60ze293zjjr/BYCTKN9Du6/D6HI7SSVY1
7H252Q+niCj5M8XY8MPnxfwO4ccns7y8Rb9plG3wqtysrO28/Lr9pqX7//M9wO2b
eJSqyb3IGafHJQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:30:43 2026 by rpki-client