Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/d516a3-8974-45db-8226-8174ddae31d3/1/aXIKkQPhrgDMeIxd7P4JSMhLzRs.mft
File: aXIKkQPhrgDMeIxd7P4JSMhLzRs.mft (raw, json)
Hash identifier: FNr1t9MMuQAJd/SRaFBuylmGLU/Y6T3yglKPNTnEHFc=
Subject key identifier: AE:A0:C9:3D:90:DE:31:A3:49:2E:3A:5E:EB:F2:FA:0A:A6:78:25:40
Authority key identifier: 69:72:0A:91:03:E1:AE:00:CC:78:8C:5D:EC:FE:09:48:C8:4B:CD:1B
Certificate issuer: /CN=69720a9103e1ae00cc788c5decfe0948c84bcd1b
Certificate serial: 019D37F77394689D27273339CA3D5CB85FEA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aXIKkQPhrgDMeIxd7P4JSMhLzRs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/d516a3-8974-45db-8226-8174ddae31d3/1/aXIKkQPhrgDMeIxd7P4JSMhLzRs.mft
Manifest number: 0FA3
Signing time: Sun 29 Mar 2026 05:00:56 +0000
Manifest this update: Sun 29 Mar 2026 05:00:56 +0000
Manifest next update: Mon 30 Mar 2026 05:00:56 +0000
Files and hashes: 1: 8iQ661sO1h4_GAngnW5MQPkJeg4.roa (hash: HGMy7zhWzM1IMnPtvqTIP43NuVw2eCxAO+Ul66i2hJA=)
2: aXIKkQPhrgDMeIxd7P4JSMhLzRs.crl (hash: bpA3jeGGzWIUo7NOxI88Wd1zja4cmyJVPHW7dsz+evM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/d516a3-8974-45db-8226-8174ddae31d3/1/aXIKkQPhrgDMeIxd7P4JSMhLzRs.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/d516a3-8974-45db-8226-8174ddae31d3/1/aXIKkQPhrgDMeIxd7P4JSMhLzRs.mft
rsync://rpki.ripe.net/repository/DEFAULT/aXIKkQPhrgDMeIxd7P4JSMhLzRs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:f7:73:94:68:9d:27:27:33:39:ca:3d:5c:b8:5f:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69720a9103e1ae00cc788c5decfe0948c84bcd1b
Validity
Not Before: Mar 29 05:00:56 2026 GMT
Not After : Mar 30 05:00:56 2026 GMT
Subject: CN=aea0c93d90de31a3492e3a5eebf2fa0aa6782540
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:1e:4f:b3:98:6b:06:85:9d:0f:f4:b4:87:f2:
55:f1:54:ac:51:f4:a5:c9:ed:8b:0e:c0:c4:ad:79:
a4:47:35:7a:d6:28:f1:93:7c:84:1e:63:62:5c:4b:
a8:65:52:4a:a7:0f:ab:ab:b6:38:7c:f3:d0:34:4d:
72:ef:4a:e1:cb:31:af:08:b9:c2:9a:6d:fd:b6:3a:
63:8a:af:80:e8:50:f3:25:51:9e:ad:e5:95:4d:eb:
e9:77:31:fa:b9:a8:c5:4e:be:55:e8:fa:7d:ca:32:
5e:c1:b1:67:e0:ca:ff:58:76:1b:3b:4f:f9:b5:ce:
22:82:75:19:95:78:d9:2b:ff:48:b1:7e:32:b4:29:
3d:20:8c:4e:9f:2d:8e:7a:44:95:63:ff:66:6a:27:
b0:54:95:7b:93:35:a6:1d:31:52:fe:e0:8d:86:7a:
96:69:5c:e6:69:08:5d:55:07:b8:d0:2c:4a:98:92:
a4:8b:3d:b6:6b:8c:36:69:f2:cb:85:eb:0a:34:00:
5b:d4:b9:d1:22:79:e0:bb:cb:8f:9c:6c:8c:fb:cc:
ce:ad:49:1c:18:1f:81:57:6e:93:fc:54:45:c9:fc:
56:2c:78:27:ca:bc:d8:b9:ea:62:79:1d:cf:e7:75:
94:43:fa:a4:a3:ed:d1:d6:4e:90:50:bf:4b:16:8b:
64:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:A0:C9:3D:90:DE:31:A3:49:2E:3A:5E:EB:F2:FA:0A:A6:78:25:40
X509v3 Authority Key Identifier:
keyid:69:72:0A:91:03:E1:AE:00:CC:78:8C:5D:EC:FE:09:48:C8:4B:CD:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aXIKkQPhrgDMeIxd7P4JSMhLzRs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/d516a3-8974-45db-8226-8174ddae31d3/1/aXIKkQPhrgDMeIxd7P4JSMhLzRs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/d516a3-8974-45db-8226-8174ddae31d3/1/aXIKkQPhrgDMeIxd7P4JSMhLzRs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
01:8b:85:03:d9:b1:59:c7:30:00:18:dc:9b:cf:1b:d2:44:2d:
07:09:61:b2:9c:e8:8a:f6:f9:8f:f9:7b:ae:b5:cd:fd:86:e5:
d1:c4:b2:95:9b:e8:78:9f:cd:a6:f3:b3:0f:b1:ce:32:b7:5f:
8f:77:fe:ff:22:f4:dc:72:03:f5:28:1b:0c:b1:d7:2a:f6:de:
5f:b9:55:30:ae:4d:bf:b1:37:67:66:d8:af:4b:ea:cb:09:ee:
af:de:d7:a6:57:33:90:68:00:d8:32:dd:87:1e:e7:49:7d:a1:
00:d5:84:f9:38:16:5d:d3:64:ca:42:36:a4:cb:dc:3f:b9:9a:
e5:ac:1d:1a:34:4d:a5:7d:a7:02:87:58:58:a7:53:cd:7f:8d:
8e:5d:ec:0d:1c:49:41:dd:23:d0:9a:8a:f8:6e:19:8b:d9:8b:
83:23:6d:25:44:df:bd:01:7d:6d:5e:9f:ac:d7:90:33:2f:cd:
d4:57:c3:6d:4a:7f:a9:0d:d1:96:30:44:32:6a:1c:57:d2:4f:
31:10:c5:6a:60:ef:d6:f1:0c:72:a5:a3:92:32:3a:92:ac:13:
56:51:e2:67:54:39:ac:17:ea:2d:68:bd:c3:a5:9c:30:2b:26:
b2:7e:6c:e7:b2:1f:2c:42:5a:17:41:f7:72:d0:22:4e:aa:b7:
cc:61:2b:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0393OUaJ0nJzM5yj1cuF/qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NzIwYTkxMDNlMWFlMDBjYzc4OGM1ZGVjZmUwOTQ4Yzg0
YmNkMWIwHhcNMjYwMzI5MDUwMDU2WhcNMjYwMzMwMDUwMDU2WjAzMTEwLwYDVQQD
EyhhZWEwYzkzZDkwZGUzMWEzNDkyZTNhNWVlYmYyZmEwYWE2NzgyNTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqR5Ps5hrBoWdD/S0h/JV8VSsUfSl
ye2LDsDErXmkRzV61ijxk3yEHmNiXEuoZVJKpw+rq7Y4fPPQNE1y70rhyzGvCLnC
mm39tjpjiq+A6FDzJVGereWVTevpdzH6uajFTr5V6Pp9yjJewbFn4Mr/WHYbO0/5
tc4ignUZlXjZK/9IsX4ytCk9IIxOny2OekSVY/9maiewVJV7kzWmHTFS/uCNhnqW
aVzmaQhdVQe40CxKmJKkiz22a4w2afLLhesKNABb1LnRInngu8uPnGyM+8zOrUkc
GB+BV26T/FRFyfxWLHgnyrzYuepieR3P53WUQ/qko+3R1k6QUL9LFotkCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK6gyT2Q3jGjSS46Xuvy+gqmeCVAMB8GA1UdIwQY
MBaAFGlyCpED4a4AzHiMXez+CUjIS80bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVhJS2tRUGhyZ0RNZUl4ZDdQNEpTTWhMelJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9kNTE2YTMtODk3NC00NWRiLTgyMjYt
ODE3NGRkYWUzMWQzLzEvYVhJS2tRUGhyZ0RNZUl4ZDdQNEpTTWhMelJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9kNTE2YTMtODk3NC00NWRiLTgyMjYtODE3NGRkYWUzMWQz
LzEvYVhJS2tRUGhyZ0RNZUl4ZDdQNEpTTWhMelJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAYuFA9mx
WccwABjcm88b0kQtBwlhspzoivb5j/l7rrXN/Ybl0cSylZvoeJ/NpvOzD7HOMrdf
j3f+/yL03HID9SgbDLHXKvbeX7lVMK5Nv7E3Z2bYr0vqywnur97XplczkGgA2DLd
hx7nSX2hANWE+TgWXdNkykI2pMvcP7ma5awdGjRNpX2nAodYWKdTzX+Njl3sDRxJ
Qd0j0JqK+G4Zi9mLgyNtJUTfvQF9bV6frNeQMy/N1FfDbUp/qQ3RljBEMmocV9JP
MRDFamDv1vEMcqWjkjI6kqwTVlHiZ1Q5rBfqLWi9w6WcMCsmsn5s57IfLEJaF0H3
ctAiTqq3zGErMw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:45:51 2026 by rpki-client