Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.mft
File: aM_hqssnjBMjGzEORe5XaTL-m04.mft (raw, json)
Hash identifier: v2X3UzPCKxoqvq8QtPBGIaHRfHd57OO+RfaA52YexLY=
Subject key identifier: 9B:D3:64:2E:C4:8E:D8:FC:15:A7:51:47:A2:C7:07:83:93:9E:70:94
Authority key identifier: 68:CF:E1:AA:CB:27:8C:13:23:1B:31:0E:45:EE:57:69:32:FE:9B:4E
Certificate issuer: /CN=68cfe1aacb278c13231b310e45ee576932fe9b4e
Certificate serial: 019D37F794EE47B02F49FF79AF433FB508AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aM_hqssnjBMjGzEORe5XaTL-m04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.mft
Manifest number: 1524
Signing time: Sun 29 Mar 2026 05:01:05 +0000
Manifest this update: Sun 29 Mar 2026 05:01:05 +0000
Manifest next update: Mon 30 Mar 2026 05:01:05 +0000
Files and hashes: 1: CuVYq_7gkf_DrsINyOzhKZbktPU.roa (hash: /uHacyxGA33AcgKYOrlSIWvD9MdgqSXnE0I0qc9GHm0=)
2: aM_hqssnjBMjGzEORe5XaTL-m04.crl (hash: 4+tS8NMsgqcQISguQ92iQVqBed41z+j8CGkybQ9oeJo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.mft
rsync://rpki.ripe.net/repository/DEFAULT/aM_hqssnjBMjGzEORe5XaTL-m04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 05:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:f7:94:ee:47:b0:2f:49:ff:79:af:43:3f:b5:08:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68cfe1aacb278c13231b310e45ee576932fe9b4e
Validity
Not Before: Mar 29 05:01:05 2026 GMT
Not After : Mar 30 05:01:05 2026 GMT
Subject: CN=9bd3642ec48ed8fc15a75147a2c70783939e7094
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f9:b8:a9:68:a1:61:50:45:c0:37:4c:8e:23:
65:7d:d5:b9:47:37:62:d5:9e:b3:28:08:ed:1d:04:
74:be:c5:3d:cd:b0:4a:a1:41:20:79:de:26:1e:bc:
14:c2:cd:20:32:14:ea:7b:06:76:da:36:f4:04:57:
bc:84:f7:0d:d7:b9:40:e3:88:99:d7:c4:10:88:ea:
de:b8:8b:76:9b:19:20:cf:f9:7c:20:3b:62:5d:20:
e8:49:00:dd:2b:b9:50:88:1f:4c:78:63:cf:cb:c8:
95:bb:cd:35:2c:0b:36:ee:ab:ed:13:b2:0e:77:a3:
52:7d:2d:ef:59:ac:61:0b:8b:a0:43:6a:18:fa:db:
64:17:22:69:ba:4e:91:9e:b2:68:c1:2f:6c:eb:71:
36:85:b0:82:c6:b2:ff:f1:8a:5b:db:13:a6:f8:d0:
df:e5:f8:46:1f:98:b9:2e:c4:05:17:8b:e9:00:e8:
da:f9:11:0f:44:65:81:91:29:2d:82:67:38:f8:cc:
61:ca:68:46:1c:9b:3e:e3:bb:0a:7d:48:9c:8b:52:
2a:77:90:a4:70:76:a1:87:20:34:aa:a7:a2:f0:dd:
8a:13:c8:ec:54:c7:56:84:20:6e:cb:20:35:5d:48:
18:54:25:d9:ed:59:33:82:21:f7:43:d5:65:75:b0:
2d:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:D3:64:2E:C4:8E:D8:FC:15:A7:51:47:A2:C7:07:83:93:9E:70:94
X509v3 Authority Key Identifier:
keyid:68:CF:E1:AA:CB:27:8C:13:23:1B:31:0E:45:EE:57:69:32:FE:9B:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aM_hqssnjBMjGzEORe5XaTL-m04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
90:79:2b:84:aa:a9:88:f2:19:aa:95:e7:c8:da:9e:d6:cc:25:
4e:81:71:d0:df:20:ff:e1:24:d9:48:3d:27:48:18:a8:d4:36:
83:17:95:45:f5:c9:9b:d2:75:24:69:18:46:48:44:3e:8c:6b:
31:5a:52:ef:9c:d9:b2:71:21:bf:41:0a:55:c1:35:dc:0c:75:
59:d7:a9:0d:9f:a4:8f:74:a7:95:29:d8:a5:ab:d6:c3:36:81:
f0:ad:ae:8b:2d:c2:29:25:33:33:1e:20:a8:d7:a1:0a:4e:1c:
1d:26:93:99:20:f7:b9:b7:5e:2c:d4:bc:1a:e5:e1:78:6d:bc:
d5:e3:86:09:2b:29:0c:1a:75:ea:b8:f0:cd:c1:28:fa:89:ce:
b0:8a:cd:4f:92:58:c6:55:6a:10:0a:d5:d2:74:dd:4d:3a:e1:
df:38:05:f9:c0:43:24:50:fe:d6:45:f3:20:8a:3c:46:23:96:
53:57:dd:63:34:9d:bd:2c:1a:aa:1a:a0:ca:35:df:37:68:26:
53:17:85:f6:7a:31:a8:f8:5e:71:4b:87:73:ec:a8:66:18:42:
45:6b:8f:e6:dd:50:82:79:7f:fa:39:af:6d:dc:39:60:ca:66:
49:df:c5:8b:d6:bc:a5:86:41:d9:8d:39:f9:81:f8:7b:dc:36:
86:93:c2:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0395TuR7AvSf95r0M/tQisMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4Y2ZlMWFhY2IyNzhjMTMyMzFiMzEwZTQ1ZWU1NzY5MzJm
ZTliNGUwHhcNMjYwMzI5MDUwMTA1WhcNMjYwMzMwMDUwMTA1WjAzMTEwLwYDVQQD
Eyg5YmQzNjQyZWM0OGVkOGZjMTVhNzUxNDdhMmM3MDc4MzkzOWU3MDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfm4qWihYVBFwDdMjiNlfdW5Rzdi
1Z6zKAjtHQR0vsU9zbBKoUEged4mHrwUws0gMhTqewZ22jb0BFe8hPcN17lA44iZ
18QQiOreuIt2mxkgz/l8IDtiXSDoSQDdK7lQiB9MeGPPy8iVu801LAs27qvtE7IO
d6NSfS3vWaxhC4ugQ2oY+ttkFyJpuk6RnrJowS9s63E2hbCCxrL/8Ypb2xOm+NDf
5fhGH5i5LsQFF4vpAOja+REPRGWBkSktgmc4+MxhymhGHJs+47sKfUici1Iqd5Ck
cHahhyA0qqei8N2KE8jsVMdWhCBuyyA1XUgYVCXZ7VkzgiH3Q9VldbAtAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJvTZC7Ejtj8FadRR6LHB4OTnnCUMB8GA1UdIwQY
MBaAFGjP4arLJ4wTIxsxDkXuV2ky/ptOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1faHFzc25qQk1qR3pFT1JlNVhhVEwtbTA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iZTllODgtNTEyZi00YjA2LWIxOTYt
ODljMmY2NjZlOTA1LzEvYU1faHFzc25qQk1qR3pFT1JlNVhhVEwtbTA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iZTllODgtNTEyZi00YjA2LWIxOTYtODljMmY2NjZlOTA1
LzEvYU1faHFzc25qQk1qR3pFT1JlNVhhVEwtbTA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkHkrhKqp
iPIZqpXnyNqe1swlToFx0N8g/+Ek2Ug9J0gYqNQ2gxeVRfXJm9J1JGkYRkhEPoxr
MVpS75zZsnEhv0EKVcE13Ax1WdepDZ+kj3SnlSnYpavWwzaB8K2uiy3CKSUzMx4g
qNehCk4cHSaTmSD3ubdeLNS8GuXheG281eOGCSspDBp16rjwzcEo+onOsIrNT5JY
xlVqEArV0nTdTTrh3zgF+cBDJFD+1kXzIIo8RiOWU1fdYzSdvSwaqhqgyjXfN2gm
UxeF9noxqPhecUuHc+yoZhhCRWuP5t1Qgnl/+jmvbdw5YMpmSd/Fi9a8pYZB2Y05
+YH4e9w2hpPCxw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:42:19 2026 by rpki-client