Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/a20fb0-5b8d-4517-b46e-c72cbac285f8/1/tAqlFjSW4FOna21pzcRfdQBs2N8.mft
File: tAqlFjSW4FOna21pzcRfdQBs2N8.mft (raw, json)
Hash identifier: vQXA7NBiYvOTrsJhEkdIn+SpW+jfQ+WihRLvcYrlozU=
Subject key identifier: C4:AD:87:7B:15:80:23:0C:93:A2:75:AD:82:7C:1C:46:6D:8E:47:90
Authority key identifier: B4:0A:A5:16:34:96:E0:53:A7:6B:6D:69:CD:C4:5F:75:00:6C:D8:DF
Certificate issuer: /CN=b40aa5163496e053a76b6d69cdc45f75006cd8df
Certificate serial: 019D38D33C4788E03AABCDD5455B669114F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tAqlFjSW4FOna21pzcRfdQBs2N8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/a20fb0-5b8d-4517-b46e-c72cbac285f8/1/tAqlFjSW4FOna21pzcRfdQBs2N8.mft
Manifest number: 1890
Signing time: Sun 29 Mar 2026 09:01:00 +0000
Manifest this update: Sun 29 Mar 2026 09:01:00 +0000
Manifest next update: Mon 30 Mar 2026 09:01:00 +0000
Files and hashes: 1: f4mExJRDDKoQa7XCQQ_EW1oUEtI.roa (hash: xx+rcnNDCiX+rDClDnIpjuXtYVA+qpNh390KFCm9PpM=)
2: tAqlFjSW4FOna21pzcRfdQBs2N8.crl (hash: bQnh0hhTuNMmOAy+p2ZSM54+utAPlhYtzmtEljKoFy0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/a20fb0-5b8d-4517-b46e-c72cbac285f8/1/tAqlFjSW4FOna21pzcRfdQBs2N8.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/a20fb0-5b8d-4517-b46e-c72cbac285f8/1/tAqlFjSW4FOna21pzcRfdQBs2N8.mft
rsync://rpki.ripe.net/repository/DEFAULT/tAqlFjSW4FOna21pzcRfdQBs2N8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:3c:47:88:e0:3a:ab:cd:d5:45:5b:66:91:14:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b40aa5163496e053a76b6d69cdc45f75006cd8df
Validity
Not Before: Mar 29 09:01:00 2026 GMT
Not After : Mar 30 09:01:00 2026 GMT
Subject: CN=c4ad877b1580230c93a275ad827c1c466d8e4790
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:ec:57:cb:20:69:75:85:d8:9a:25:3f:ab:98:
33:e4:22:21:d2:c0:2e:a8:35:dc:83:1b:de:e1:be:
fa:19:04:64:f7:52:37:fa:b3:3b:28:da:31:03:78:
75:57:5b:9a:ed:ce:ff:6b:0c:d4:25:dc:be:d7:32:
9d:a2:3a:dd:e9:12:91:2e:70:e9:78:7a:12:2e:c0:
f5:12:0e:f8:e7:71:2f:64:70:bb:05:ef:43:60:2d:
5c:05:ec:60:83:38:7d:53:c7:ca:99:ab:29:10:9c:
2d:a9:4a:f3:8d:c0:97:eb:d5:0b:68:5e:b7:8a:15:
21:8b:95:1a:4e:29:8e:e2:0d:55:29:9d:b4:4c:b4:
bb:7d:4f:e0:3c:36:61:05:18:23:4b:61:c2:ac:0d:
46:cf:6e:ef:c4:ca:31:40:a8:85:44:cd:9f:eb:bc:
08:5f:98:e4:29:f7:7f:16:fd:b3:4b:99:f8:74:6c:
30:d6:47:1c:30:30:f4:3d:ef:1b:04:d6:a1:b2:52:
d2:da:e2:07:4c:2e:93:a4:eb:83:2d:b5:04:15:55:
43:48:86:3b:14:b8:cd:82:52:fa:91:4c:d6:3b:01:
31:14:c0:39:1c:d1:a4:bb:5e:cf:e5:40:38:f2:d2:
2a:2a:b2:69:0a:40:05:fa:5c:f0:61:e5:8b:3f:f7:
67:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:AD:87:7B:15:80:23:0C:93:A2:75:AD:82:7C:1C:46:6D:8E:47:90
X509v3 Authority Key Identifier:
keyid:B4:0A:A5:16:34:96:E0:53:A7:6B:6D:69:CD:C4:5F:75:00:6C:D8:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tAqlFjSW4FOna21pzcRfdQBs2N8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/a20fb0-5b8d-4517-b46e-c72cbac285f8/1/tAqlFjSW4FOna21pzcRfdQBs2N8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/a20fb0-5b8d-4517-b46e-c72cbac285f8/1/tAqlFjSW4FOna21pzcRfdQBs2N8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8d:59:88:82:eb:18:72:94:f9:ef:20:9d:3a:0b:b7:a5:45:15:
d5:e5:ac:41:bc:61:14:64:e6:66:8d:24:32:e2:5b:fe:88:dd:
c1:32:c7:82:df:46:d3:3a:45:85:4b:d5:3f:3e:8f:f8:60:2e:
7c:3a:96:59:1c:d8:b2:94:8a:67:55:cb:4e:10:14:8b:a4:35:
83:ff:6d:49:f0:2b:c4:ca:be:55:55:02:85:04:74:2c:dd:b8:
97:c2:8f:90:24:0d:67:8a:1b:54:59:5d:a5:1b:1e:fe:49:2e:
d8:02:c2:6b:64:47:8f:77:1f:7a:19:f6:87:96:1a:3b:21:1e:
9e:3b:07:95:81:5c:ca:e3:aa:09:19:1d:ed:0f:a8:35:d1:a1:
59:61:84:5d:59:d1:5a:32:99:24:0e:2c:65:c2:79:80:54:fa:
ed:ab:22:8f:a2:6d:e4:36:02:5d:b9:9a:a2:27:eb:62:6a:85:
58:7b:87:e0:d6:aa:a3:4c:03:0e:a7:e4:b5:b9:29:70:bc:bd:
3b:1d:cc:4a:0c:b6:73:eb:8c:dc:25:6b:01:fb:95:1f:ad:bd:
aa:7d:e8:33:b6:e4:16:0c:59:77:6f:1f:91:e2:7e:b1:b7:fb:
89:06:e3:9c:f3:19:57:e4:85:90:7f:31:04:6d:d1:19:a1:81:
88:24:c6:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040zxHiOA6q83VRVtmkRTwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MGFhNTE2MzQ5NmUwNTNhNzZiNmQ2OWNkYzQ1Zjc1MDA2
Y2Q4ZGYwHhcNMjYwMzI5MDkwMTAwWhcNMjYwMzMwMDkwMTAwWjAzMTEwLwYDVQQD
EyhjNGFkODc3YjE1ODAyMzBjOTNhMjc1YWQ4MjdjMWM0NjZkOGU0NzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOxXyyBpdYXYmiU/q5gz5CIh0sAu
qDXcgxve4b76GQRk91I3+rM7KNoxA3h1V1ua7c7/awzUJdy+1zKdojrd6RKRLnDp
eHoSLsD1Eg7453EvZHC7Be9DYC1cBexggzh9U8fKmaspEJwtqUrzjcCX69ULaF63
ihUhi5UaTimO4g1VKZ20TLS7fU/gPDZhBRgjS2HCrA1Gz27vxMoxQKiFRM2f67wI
X5jkKfd/Fv2zS5n4dGww1kccMDD0Pe8bBNahslLS2uIHTC6TpOuDLbUEFVVDSIY7
FLjNglL6kUzWOwExFMA5HNGku17P5UA48tIqKrJpCkAF+lzwYeWLP/dnFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMSth3sVgCMMk6J1rYJ8HEZtjkeQMB8GA1UdIwQY
MBaAFLQKpRY0luBTp2ttac3EX3UAbNjfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEFxbEZqU1c0Rk9uYTIxcHpjUmZkUUJzMk44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9hMjBmYjAtNWI4ZC00NTE3LWI0NmUt
YzcyY2JhYzI4NWY4LzEvdEFxbEZqU1c0Rk9uYTIxcHpjUmZkUUJzMk44Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9hMjBmYjAtNWI4ZC00NTE3LWI0NmUtYzcyY2JhYzI4NWY4
LzEvdEFxbEZqU1c0Rk9uYTIxcHpjUmZkUUJzMk44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjVmIgusY
cpT57yCdOgu3pUUV1eWsQbxhFGTmZo0kMuJb/ojdwTLHgt9G0zpFhUvVPz6P+GAu
fDqWWRzYspSKZ1XLThAUi6Q1g/9tSfArxMq+VVUChQR0LN24l8KPkCQNZ4obVFld
pRse/kku2ALCa2RHj3cfehn2h5YaOyEenjsHlYFcyuOqCRkd7Q+oNdGhWWGEXVnR
WjKZJA4sZcJ5gFT67asij6Jt5DYCXbmaoifrYmqFWHuH4Naqo0wDDqfktbkpcLy9
Ox3MSgy2c+uM3CVrAfuVH629qn3oM7bkFgxZd28fkeJ+sbf7iQbjnPMZV+SFkH8x
BG3RGaGBiCTGpQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:47:55 2026 by rpki-client