Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.mft
File: aa24Jfn9vKDNfHkB3reiKuF5fAY.mft (raw, json)
Hash identifier: h/rrwsicunUt8opCDhJ2hHfN7K1WirYOGjLKYcO7Jkg=
Subject key identifier: CD:C2:83:7D:F8:19:E9:01:FF:3D:E7:F4:0A:FF:F0:82:39:3A:96:04
Authority key identifier: 69:AD:B8:25:F9:FD:BC:A0:CD:7C:79:01:DE:B7:A2:2A:E1:79:7C:06
Certificate issuer: /CN=69adb825f9fdbca0cd7c7901deb7a22ae1797c06
Certificate serial: 019D390A46BFD72C5781239B48279DBE49F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aa24Jfn9vKDNfHkB3reiKuF5fAY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.mft
Manifest number: 15AA
Signing time: Sun 29 Mar 2026 10:01:07 +0000
Manifest this update: Sun 29 Mar 2026 10:01:07 +0000
Manifest next update: Mon 30 Mar 2026 10:01:07 +0000
Files and hashes: 1: YlYRZ37O-pzL7R_8WiFUYYasSE0.roa (hash: pASfCwUDt1iiJW6IS3OTekooh+sWxZnThm/3hjuqE+0=)
2: aa24Jfn9vKDNfHkB3reiKuF5fAY.crl (hash: SQO7olIpK/i/a0/T0szHdHEFqREO4Ngh6VDEmpMW+Uk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.mft
rsync://rpki.ripe.net/repository/DEFAULT/aa24Jfn9vKDNfHkB3reiKuF5fAY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:0a:46:bf:d7:2c:57:81:23:9b:48:27:9d:be:49:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69adb825f9fdbca0cd7c7901deb7a22ae1797c06
Validity
Not Before: Mar 29 10:01:07 2026 GMT
Not After : Mar 30 10:01:07 2026 GMT
Subject: CN=cdc2837df819e901ff3de7f40afff082393a9604
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:90:31:f2:39:64:ab:fd:36:a2:a5:65:61:72:
1b:4e:8c:c9:b5:97:91:87:d3:8f:98:22:73:03:15:
56:c8:6e:39:c1:bd:dd:a4:e2:33:0a:e6:0f:cb:ba:
89:36:3e:fb:46:70:c8:26:f9:6d:69:57:81:fa:2c:
ab:f3:a0:11:20:ee:0e:3e:d9:53:5e:92:ac:6a:29:
4b:fa:d2:e4:5e:a5:2d:56:82:67:e1:84:17:bc:d9:
61:b3:cc:0c:c3:57:29:2c:ff:ff:ea:45:63:52:bc:
cd:1c:26:0b:e6:25:b1:7a:70:69:ea:7f:fa:c9:d0:
15:1c:8a:ee:08:0e:65:10:1d:3e:a6:06:50:ea:74:
ef:03:77:43:fe:49:41:76:9f:60:51:13:c6:6f:e4:
7b:8e:25:04:8c:95:0c:8e:63:43:96:d5:bd:ef:b4:
22:68:49:2f:fa:be:f5:d3:90:ca:ae:61:55:dd:4f:
56:2d:83:22:74:88:db:4e:f5:b2:fc:74:2f:28:8b:
1a:f7:7f:d6:a5:d1:52:c6:09:5a:d8:20:41:bc:ec:
03:e8:68:93:52:37:d3:49:73:17:cf:41:88:cc:c0:
89:5f:c4:67:e7:b2:07:17:66:16:9e:50:00:55:7a:
67:49:04:6f:b2:9a:67:ee:0f:ce:c9:86:56:37:89:
fd:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:C2:83:7D:F8:19:E9:01:FF:3D:E7:F4:0A:FF:F0:82:39:3A:96:04
X509v3 Authority Key Identifier:
keyid:69:AD:B8:25:F9:FD:BC:A0:CD:7C:79:01:DE:B7:A2:2A:E1:79:7C:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa24Jfn9vKDNfHkB3reiKuF5fAY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
41:c2:85:9b:88:92:4d:cc:e8:0d:dc:b9:39:87:85:75:49:48:
1d:11:51:f1:2c:d0:0a:81:52:1b:6e:96:7e:0f:83:e1:48:0c:
b0:ab:45:f4:90:d6:36:98:b5:41:63:8d:f9:2e:5f:de:df:89:
96:33:2b:33:42:55:d6:59:06:74:01:0b:39:0d:91:cb:6f:6a:
3a:fb:cc:4a:8f:7c:4d:e4:97:80:73:df:8b:8a:47:b5:a7:2a:
3f:27:9c:ee:72:c7:eb:24:b7:91:61:ad:2d:50:78:a6:ea:91:
8a:cd:b3:5a:ef:4f:f9:c6:09:22:68:d2:c2:e8:7e:7d:33:46:
79:af:9f:48:eb:6f:9f:c2:18:fc:85:a3:fb:0a:5c:a4:79:0e:
e8:7f:c0:c8:e3:c6:60:f3:a6:48:a5:70:d1:e6:ff:0a:2a:43:
10:59:a2:b6:8a:f5:84:a1:5d:95:a0:be:bb:8a:25:40:01:c5:
eb:34:ba:3c:2e:29:93:15:95:7a:7e:e8:2b:86:e5:ea:a9:d6:
bd:73:22:31:c4:49:c2:74:2e:1e:8a:4b:33:dd:73:47:48:ae:
a0:74:08:30:ad:4f:b9:71:6a:fb:b3:9e:1d:bb:2f:26:75:bd:
04:c5:82:5f:4f:5e:53:33:68:95:81:7b:b9:e4:83:ac:fc:3f:
cf:1e:62:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05Cka/1yxXgSObSCedvkn3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YWRiODI1ZjlmZGJjYTBjZDdjNzkwMWRlYjdhMjJhZTE3
OTdjMDYwHhcNMjYwMzI5MTAwMTA3WhcNMjYwMzMwMTAwMTA3WjAzMTEwLwYDVQQD
EyhjZGMyODM3ZGY4MTllOTAxZmYzZGU3ZjQwYWZmZjA4MjM5M2E5NjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ZAx8jlkq/02oqVlYXIbTozJtZeR
h9OPmCJzAxVWyG45wb3dpOIzCuYPy7qJNj77RnDIJvltaVeB+iyr86ARIO4OPtlT
XpKsailL+tLkXqUtVoJn4YQXvNlhs8wMw1cpLP//6kVjUrzNHCYL5iWxenBp6n/6
ydAVHIruCA5lEB0+pgZQ6nTvA3dD/klBdp9gURPGb+R7jiUEjJUMjmNDltW977Qi
aEkv+r7105DKrmFV3U9WLYMidIjbTvWy/HQvKIsa93/WpdFSxgla2CBBvOwD6GiT
UjfTSXMXz0GIzMCJX8Rn57IHF2YWnlAAVXpnSQRvsppn7g/OyYZWN4n9RwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM3Cg334GekB/z3n9Ar/8II5OpYEMB8GA1UdIwQY
MBaAFGmtuCX5/bygzXx5Ad63oirheXwGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWEyNEpmbjl2S0ROZkhrQjNyZWlLdUY1ZkFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9hZjZiN2EtOWE3MC00OTRlLThhOTAt
MzIzNjI2N2M4Nzk5LzEvYWEyNEpmbjl2S0ROZkhrQjNyZWlLdUY1ZkFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9hZjZiN2EtOWE3MC00OTRlLThhOTAtMzIzNjI2N2M4Nzk5
LzEvYWEyNEpmbjl2S0ROZkhrQjNyZWlLdUY1ZkFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQcKFm4iS
TczoDdy5OYeFdUlIHRFR8SzQCoFSG26Wfg+D4UgMsKtF9JDWNpi1QWON+S5f3t+J
ljMrM0JV1lkGdAELOQ2Ry29qOvvMSo98TeSXgHPfi4pHtacqPyec7nLH6yS3kWGt
LVB4puqRis2zWu9P+cYJImjSwuh+fTNGea+fSOtvn8IY/IWj+wpcpHkO6H/AyOPG
YPOmSKVw0eb/CipDEFmitor1hKFdlaC+u4olQAHF6zS6PC4pkxWVen7oK4bl6qnW
vXMiMcRJwnQuHopLM91zR0iuoHQIMK1PuXFq+7OeHbsvJnW9BMWCX09eUzNolYF7
ueSDrPw/zx5i+A==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:33:52 2026 by rpki-client