Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.mft
File: aCMaUAoKgQjcekNYsQArH9vweZU.mft (raw, json)
Hash identifier: nxx1BEskkQDPSVMmZHE7PMn0pEIUf3Np8t9wYeNUXqI=
Subject key identifier: C7:58:5F:9C:B3:6C:85:A6:C5:1F:D4:C0:DB:16:DA:63:65:F9:6C:23
Authority key identifier: 68:23:1A:50:0A:0A:81:08:DC:7A:43:58:B1:00:2B:1F:DB:F0:79:95
Certificate issuer: /CN=68231a500a0a8108dc7a4358b1002b1fdbf07995
Certificate serial: 019D39AEE13E3E649AA4F9667F4F45ED0FF4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aCMaUAoKgQjcekNYsQArH9vweZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.mft
Manifest number: 1891
Signing time: Sun 29 Mar 2026 13:00:55 +0000
Manifest this update: Sun 29 Mar 2026 13:00:55 +0000
Manifest next update: Mon 30 Mar 2026 13:00:55 +0000
Files and hashes: 1: aCMaUAoKgQjcekNYsQArH9vweZU.crl (hash: lpkzFWTOSdhwEnf9p+dKx5O7i8y6CgzLFNmdwJfYTJo=)
2: hnuU_eck5x_jb8etQeMJYN7agCw.roa (hash: WjEdC6KQw2C4VlNncqPImg4Zkitm7oOt+PVE/RuPsE0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.mft
rsync://rpki.ripe.net/repository/DEFAULT/aCMaUAoKgQjcekNYsQArH9vweZU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:ae:e1:3e:3e:64:9a:a4:f9:66:7f:4f:45:ed:0f:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68231a500a0a8108dc7a4358b1002b1fdbf07995
Validity
Not Before: Mar 29 13:00:55 2026 GMT
Not After : Mar 30 13:00:55 2026 GMT
Subject: CN=c7585f9cb36c85a6c51fd4c0db16da6365f96c23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:8c:54:94:d3:9d:13:8b:de:ef:1a:c6:64:19:
6f:16:d5:16:8d:20:a0:db:4e:b4:f5:76:e7:62:87:
8b:5d:37:1b:98:e8:5a:42:b9:9b:a5:8f:c7:15:bd:
16:29:0e:65:ad:d3:2f:07:e7:18:a9:b4:cf:36:e4:
8e:3d:12:4c:ed:bc:14:e0:1a:0d:69:f1:01:af:76:
47:08:b4:78:29:d1:fb:85:d3:44:d3:64:b6:4c:52:
23:9e:2e:4c:70:75:cf:64:a4:4d:be:a5:73:30:d8:
e8:22:77:84:58:3e:41:ca:1e:42:fd:8d:5c:05:50:
bd:71:08:df:f1:c9:23:06:82:53:7d:f6:25:b1:4b:
81:5c:4e:de:39:00:b4:80:48:1e:0e:a2:0c:de:e0:
8c:ff:fd:31:9a:e8:01:db:3d:c9:db:5f:a0:c8:1e:
55:36:3e:8f:18:2a:1c:9a:0a:11:64:54:49:d4:33:
c6:70:27:2e:f6:fd:a6:0f:8e:5c:ed:f5:2e:35:b8:
c7:89:67:71:ae:a1:f9:50:86:09:c4:11:70:cb:fd:
7c:3b:87:94:73:d9:c2:28:87:15:08:ff:7a:ba:10:
38:e4:f3:f4:f6:46:df:16:10:00:04:0c:2b:45:92:
63:c4:fe:10:85:ce:7f:1f:ca:ea:19:61:7e:51:af:
e7:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:58:5F:9C:B3:6C:85:A6:C5:1F:D4:C0:DB:16:DA:63:65:F9:6C:23
X509v3 Authority Key Identifier:
keyid:68:23:1A:50:0A:0A:81:08:DC:7A:43:58:B1:00:2B:1F:DB:F0:79:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aCMaUAoKgQjcekNYsQArH9vweZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5f:d3:a6:1e:e4:7b:0e:c7:bb:52:4c:f0:45:4f:05:1d:36:fe:
2b:6e:56:e8:ad:2e:fc:b8:5d:1f:88:d5:a7:5d:38:53:06:f0:
6f:f0:16:f1:2f:3f:4e:6c:51:9d:f8:0d:e2:47:62:9e:69:dc:
d0:9d:4b:73:46:4d:0f:ae:76:c4:c6:4d:f5:b2:eb:e2:fc:5c:
d7:84:ac:07:88:3e:4d:38:e3:65:7d:2d:4a:ae:4a:95:c4:47:
fe:1d:c7:95:0c:54:e6:54:dd:2b:23:40:d8:e2:63:86:47:06:
65:dd:7a:13:2b:8d:29:a3:a9:1d:8d:ae:8b:39:5c:89:e2:04:
f7:1e:30:14:e6:96:14:1b:1d:18:45:71:bb:4c:9c:ca:04:66:
76:b7:46:0c:ed:bc:e8:4c:d5:0a:96:3e:61:6b:ac:39:92:5a:
36:5e:5e:6a:6f:e4:df:75:67:d9:4f:1e:c2:77:a3:cd:a6:47:
ef:71:4a:fe:88:0c:e3:c4:80:b5:74:2e:2d:79:b2:59:b5:bc:
99:23:f4:89:9c:9d:fd:ae:06:59:5e:64:d6:c3:9a:42:1c:66:
09:0c:57:05:cd:26:08:be:7b:c7:fa:d6:da:1a:77:7b:bd:ec:
bb:dd:32:dc:ab:a3:3d:6d:29:7e:3c:0e:0f:0f:ea:2d:9f:f5:
3f:d8:60:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05ruE+PmSapPlmf09F7Q/0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MjMxYTUwMGEwYTgxMDhkYzdhNDM1OGIxMDAyYjFmZGJm
MDc5OTUwHhcNMjYwMzI5MTMwMDU1WhcNMjYwMzMwMTMwMDU1WjAzMTEwLwYDVQQD
EyhjNzU4NWY5Y2IzNmM4NWE2YzUxZmQ0YzBkYjE2ZGE2MzY1Zjk2YzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAloxUlNOdE4ve7xrGZBlvFtUWjSCg
20609XbnYoeLXTcbmOhaQrmbpY/HFb0WKQ5lrdMvB+cYqbTPNuSOPRJM7bwU4BoN
afEBr3ZHCLR4KdH7hdNE02S2TFIjni5McHXPZKRNvqVzMNjoIneEWD5Byh5C/Y1c
BVC9cQjf8ckjBoJTffYlsUuBXE7eOQC0gEgeDqIM3uCM//0xmugB2z3J21+gyB5V
Nj6PGCocmgoRZFRJ1DPGcCcu9v2mD45c7fUuNbjHiWdxrqH5UIYJxBFwy/18O4eU
c9nCKIcVCP96uhA45PP09kbfFhAABAwrRZJjxP4Qhc5/H8rqGWF+Ua/n4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMdYX5yzbIWmxR/UwNsW2mNl+WwjMB8GA1UdIwQY
MBaAFGgjGlAKCoEI3HpDWLEAKx/b8HmVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUNNYVVBb0tnUWpjZWtOWXNRQXJIOXZ3ZVpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8wMGIwODUtOTk2Ni00Mjc1LWE1MmIt
N2YyM2IzNDY4NmMyLzEvYUNNYVVBb0tnUWpjZWtOWXNRQXJIOXZ3ZVpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8wMGIwODUtOTk2Ni00Mjc1LWE1MmItN2YyM2IzNDY4NmMy
LzEvYUNNYVVBb0tnUWpjZWtOWXNRQXJIOXZ3ZVpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX9OmHuR7
Dse7UkzwRU8FHTb+K25W6K0u/LhdH4jVp104Uwbwb/AW8S8/TmxRnfgN4kdinmnc
0J1Lc0ZND652xMZN9bLr4vxc14SsB4g+TTjjZX0tSq5KlcRH/h3HlQxU5lTdKyNA
2OJjhkcGZd16EyuNKaOpHY2uizlcieIE9x4wFOaWFBsdGEVxu0ycygRmdrdGDO28
6EzVCpY+YWusOZJaNl5eam/k33Vn2U8ewnejzaZH73FK/ogM48SAtXQuLXmyWbW8
mSP0iZyd/a4GWV5k1sOaQhxmCQxXBc0mCL57x/rW2hp3e73su90y3KujPW0pfjwO
Dw/qLZ/1P9hgsg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 15:28:03 2026 by rpki-client