Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/9f3205-52e9-46a4-b6c2-c703522488f9/1/AoT9lBz3spS4gudNsPyXFnQ02rw.mft
File: AoT9lBz3spS4gudNsPyXFnQ02rw.mft (raw, json)
Hash identifier: w9baVsLTK64r1Odw+nddkHr6pzR94zJVm4dHMhmhUvU=
Subject key identifier: F2:28:E7:3E:0B:59:59:21:DE:C4:44:21:3E:E4:76:3B:D2:72:DD:4B
Authority key identifier: 02:84:FD:94:1C:F7:B2:94:B8:82:E7:4D:B0:FC:97:16:74:34:DA:BC
Certificate issuer: /CN=0284fd941cf7b294b882e74db0fc97167434dabc
Certificate serial: 019CE410D77628DC9257F82ADEFFC9584D80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AoT9lBz3spS4gudNsPyXFnQ02rw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/9f3205-52e9-46a4-b6c2-c703522488f9/1/AoT9lBz3spS4gudNsPyXFnQ02rw.mft
Manifest number: 3E
Signing time: Thu 12 Mar 2026 22:00:34 +0000
Manifest this update: Thu 12 Mar 2026 22:00:34 +0000
Manifest next update: Fri 13 Mar 2026 22:00:34 +0000
Files and hashes: 1: AoT9lBz3spS4gudNsPyXFnQ02rw.crl (hash: Yq2TExj4piZm1mEc2722O65pdgGqLi31YYqAN+QiGBE=)
2: KWX40V7o8A6zMkKoIGkCmwKYmr0.roa (hash: nJ0kf2dRdOxQXbxBLcQMmLtNRpU/yw5QdnU4YcpxOtc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/9f3205-52e9-46a4-b6c2-c703522488f9/1/AoT9lBz3spS4gudNsPyXFnQ02rw.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/9f3205-52e9-46a4-b6c2-c703522488f9/1/AoT9lBz3spS4gudNsPyXFnQ02rw.mft
rsync://rpki.ripe.net/repository/DEFAULT/AoT9lBz3spS4gudNsPyXFnQ02rw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 21:05:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e4:10:d7:76:28:dc:92:57:f8:2a:de:ff:c9:58:4d:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0284fd941cf7b294b882e74db0fc97167434dabc
Validity
Not Before: Mar 12 22:00:34 2026 GMT
Not After : Mar 13 22:00:34 2026 GMT
Subject: CN=f228e73e0b595921dec444213ee4763bd272dd4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:7a:d5:df:81:63:ee:69:e0:80:a8:54:54:39:
77:dc:13:de:8b:71:eb:2a:40:8e:d8:94:e5:9a:65:
44:6a:4c:57:66:de:5e:61:53:a5:50:29:79:53:1b:
88:63:15:2a:db:a4:2b:fa:96:12:f1:0b:9d:fe:0d:
89:0d:73:c1:df:31:ee:64:37:c9:e4:70:8a:17:72:
93:33:89:cf:40:d7:ed:8c:7a:e1:63:e5:54:63:9d:
20:c6:99:e6:09:f5:a6:90:31:a6:65:d1:bc:19:86:
47:10:7b:9a:d7:d0:6f:eb:a9:31:dc:33:4a:cc:d7:
b1:60:80:31:f8:b9:c9:ad:60:5d:57:34:06:6d:7f:
c1:41:ab:e5:0a:19:4c:b0:5f:ba:54:e7:f3:14:33:
32:eb:df:71:7a:94:1b:34:e9:8c:2f:75:f8:de:26:
58:ed:d9:65:a3:5d:e8:db:7e:d7:ea:07:cc:5c:67:
fd:fc:30:c1:b7:40:ab:5c:1a:d0:64:92:f8:60:0c:
4d:62:33:02:61:04:ac:c6:12:6f:ae:35:79:f1:f6:
24:af:b5:58:92:eb:e1:9e:70:b2:d1:3b:3e:a0:61:
1f:de:61:64:2e:f2:05:2c:fa:f8:fc:f0:67:06:bb:
5d:77:63:b8:fb:e3:fd:ee:2d:37:bb:45:06:f3:2a:
f3:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:28:E7:3E:0B:59:59:21:DE:C4:44:21:3E:E4:76:3B:D2:72:DD:4B
X509v3 Authority Key Identifier:
keyid:02:84:FD:94:1C:F7:B2:94:B8:82:E7:4D:B0:FC:97:16:74:34:DA:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AoT9lBz3spS4gudNsPyXFnQ02rw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/9f3205-52e9-46a4-b6c2-c703522488f9/1/AoT9lBz3spS4gudNsPyXFnQ02rw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/9f3205-52e9-46a4-b6c2-c703522488f9/1/AoT9lBz3spS4gudNsPyXFnQ02rw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
68:30:c2:fd:c2:18:48:82:89:2a:78:66:f9:e3:e8:bc:d2:87:
a0:4b:31:8e:32:fa:d5:f5:d1:a5:43:f9:94:a7:14:72:49:21:
42:a1:16:7d:6b:9e:51:45:ce:f6:67:2f:3f:55:fc:4b:5d:fc:
05:f7:8d:08:96:05:dc:4d:1c:61:fa:14:f7:b0:17:90:1d:a5:
6b:39:5f:d6:6f:63:96:35:7f:9c:0a:f4:62:1d:c5:34:12:3f:
77:33:ba:a5:12:21:9a:19:63:41:a4:40:76:8b:81:7b:8d:eb:
38:98:bf:49:70:0f:81:3a:b2:77:2d:8e:af:fd:20:bf:1b:4d:
63:21:ac:41:01:48:52:e3:81:51:0e:a8:33:39:f7:32:0e:fa:
93:4d:4d:9a:f2:6a:8c:95:76:fa:d7:c3:54:d9:9b:b0:1a:9e:
64:39:9c:ae:ad:d1:93:1f:44:ce:f8:e2:0a:c1:14:67:8b:71:
2a:8a:0a:4f:a9:2f:db:c6:7b:7a:72:22:9c:c5:98:27:fb:9d:
2a:99:af:fb:11:41:ce:e1:d6:fa:a3:e8:d3:e2:ed:4d:95:55:
42:47:43:4d:79:5f:57:d7:ac:b5:05:f8:0f:a9:06:dc:44:50:
f8:ad:0d:f3:48:2c:87:36:4d:d6:42:ad:9d:da:70:91:aa:c9:
a4:08:d5:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZzkENd2KNySV/gq3v/JWE2AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyODRmZDk0MWNmN2IyOTRiODgyZTc0ZGIwZmM5NzE2NzQz
NGRhYmMwHhcNMjYwMzEyMjIwMDM0WhcNMjYwMzEzMjIwMDM0WjAzMTEwLwYDVQQD
EyhmMjI4ZTczZTBiNTk1OTIxZGVjNDQ0MjEzZWU0NzYzYmQyNzJkZDRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnrV34Fj7mnggKhUVDl33BPei3Hr
KkCO2JTlmmVEakxXZt5eYVOlUCl5UxuIYxUq26Qr+pYS8Qud/g2JDXPB3zHuZDfJ
5HCKF3KTM4nPQNftjHrhY+VUY50gxpnmCfWmkDGmZdG8GYZHEHua19Bv66kx3DNK
zNexYIAx+LnJrWBdVzQGbX/BQavlChlMsF+6VOfzFDMy699xepQbNOmML3X43iZY
7dllo13o237X6gfMXGf9/DDBt0CrXBrQZJL4YAxNYjMCYQSsxhJvrjV58fYkr7VY
kuvhnnCy0Ts+oGEf3mFkLvIFLPr4/PBnBrtdd2O4++P97i03u0UG8yrz7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPIo5z4LWVkh3sREIT7kdjvSct1LMB8GA1UdIwQY
MBaAFAKE/ZQc97KUuILnTbD8lxZ0NNq8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQW9UOWxCejNzcFM0Z3VkTnNQeVhGblEwMnJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC85ZjMyMDUtNTJlOS00NmE0LWI2YzIt
YzcwMzUyMjQ4OGY5LzEvQW9UOWxCejNzcFM0Z3VkTnNQeVhGblEwMnJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC85ZjMyMDUtNTJlOS00NmE0LWI2YzItYzcwMzUyMjQ4OGY5
LzEvQW9UOWxCejNzcFM0Z3VkTnNQeVhGblEwMnJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaDDC/cIY
SIKJKnhm+ePovNKHoEsxjjL61fXRpUP5lKcUckkhQqEWfWueUUXO9mcvP1X8S138
BfeNCJYF3E0cYfoU97AXkB2lazlf1m9jljV/nAr0Yh3FNBI/dzO6pRIhmhljQaRA
douBe43rOJi/SXAPgTqydy2Or/0gvxtNYyGsQQFIUuOBUQ6oMzn3Mg76k01NmvJq
jJV2+tfDVNmbsBqeZDmcrq3Rkx9EzvjiCsEUZ4txKooKT6kv28Z7enIinMWYJ/ud
Kpmv+xFBzuHW+qPo0+LtTZVVQkdDTXlfV9estQX4D6kG3ERQ+K0N80gshzZN1kKt
ndpwkarJpAjVBw==
-----END CERTIFICATE-----
Generated at Fri Mar 13 04:10:51 2026 by rpki-client