Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/61b73b-f265-43d4-b5b3-946fdafe2ec6/1/aPBj7S4KJnS8RxAQGJ_HetsxwX8.mft
File: aPBj7S4KJnS8RxAQGJ_HetsxwX8.mft (raw, json)
Hash identifier: yqs7AEyXfHSosz+gTaNo/L/AkubaO12icvNRLRMtgfI=
Subject key identifier: 54:6D:EC:5D:C0:C4:3C:D4:81:61:BE:BA:23:81:3C:E2:40:3F:FB:A0
Authority key identifier: 68:F0:63:ED:2E:0A:26:74:BC:47:10:10:18:9F:C7:7A:DB:31:C1:7F
Certificate issuer: /CN=68f063ed2e0a2674bc471010189fc77adb31c17f
Certificate serial: 019DCF3E2D60EF7DDFA9F8332C23C4DD2906
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aPBj7S4KJnS8RxAQGJ_HetsxwX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/61b73b-f265-43d4-b5b3-946fdafe2ec6/1/aPBj7S4KJnS8RxAQGJ_HetsxwX8.mft
Manifest number: 17DC
Signing time: Mon 27 Apr 2026 14:00:51 +0000
Manifest this update: Mon 27 Apr 2026 14:00:51 +0000
Manifest next update: Tue 28 Apr 2026 14:00:51 +0000
Files and hashes: 1: aPBj7S4KJnS8RxAQGJ_HetsxwX8.crl (hash: HQP7idk2aMCuRyVgwr2CMRqHKbGh//o3TDyRwidXnPE=)
2: gNhszUNFjUvnmp6uYZywKw0VK4Q.roa (hash: OoYbjhXKEH09k93nIljEgaEwB00MnQM3qMLjic/Ifxg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/61b73b-f265-43d4-b5b3-946fdafe2ec6/1/aPBj7S4KJnS8RxAQGJ_HetsxwX8.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/61b73b-f265-43d4-b5b3-946fdafe2ec6/1/aPBj7S4KJnS8RxAQGJ_HetsxwX8.mft
rsync://rpki.ripe.net/repository/DEFAULT/aPBj7S4KJnS8RxAQGJ_HetsxwX8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 14:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:cf:3e:2d:60:ef:7d:df:a9:f8:33:2c:23:c4:dd:29:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68f063ed2e0a2674bc471010189fc77adb31c17f
Validity
Not Before: Apr 27 14:00:51 2026 GMT
Not After : Apr 28 14:00:51 2026 GMT
Subject: CN=546dec5dc0c43cd48161beba23813ce2403ffba0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:81:ff:3b:48:16:4a:12:29:3f:1c:01:53:f1:
af:4d:f7:57:f1:5b:82:d1:58:8d:6f:40:6e:b1:03:
60:2a:3e:1b:26:84:13:2d:b9:df:15:4b:f2:c1:81:
9d:a2:01:0e:52:37:a6:e9:98:96:0c:6a:22:41:a2:
63:ed:f3:b1:78:63:26:6a:f5:6f:bf:97:bf:e2:c5:
b2:42:d7:2c:57:ea:3a:0e:c3:49:0d:8a:bf:48:1b:
62:80:87:bd:62:e2:d4:f5:42:8f:93:7b:df:ac:f7:
a5:5c:91:64:9b:dd:2d:73:dc:e1:05:86:87:18:42:
13:c8:5d:66:10:f2:e8:8d:0e:a1:78:70:b1:e8:f9:
2e:d5:ea:61:7d:dc:e5:af:89:df:9a:4c:9c:79:d3:
61:55:e4:6e:df:b3:2a:dc:c7:ba:90:77:ec:87:f6:
dd:b9:ca:28:b9:9a:93:a5:eb:e2:84:a5:cd:f4:39:
1a:ab:4c:06:d2:5c:b5:80:5c:0c:6b:bb:46:78:af:
b7:c3:fa:07:ad:a1:0d:46:8c:a9:1b:83:59:b6:36:
42:9e:b2:04:0b:f5:49:17:63:fd:7a:9b:4b:2b:e0:
6d:8a:76:a9:a5:a8:2c:54:10:3a:c9:94:cb:8a:27:
ce:18:52:e5:a3:aa:00:cc:eb:6e:b6:2d:ac:60:ea:
dd:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:6D:EC:5D:C0:C4:3C:D4:81:61:BE:BA:23:81:3C:E2:40:3F:FB:A0
X509v3 Authority Key Identifier:
keyid:68:F0:63:ED:2E:0A:26:74:BC:47:10:10:18:9F:C7:7A:DB:31:C1:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aPBj7S4KJnS8RxAQGJ_HetsxwX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/61b73b-f265-43d4-b5b3-946fdafe2ec6/1/aPBj7S4KJnS8RxAQGJ_HetsxwX8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/61b73b-f265-43d4-b5b3-946fdafe2ec6/1/aPBj7S4KJnS8RxAQGJ_HetsxwX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
58:3a:dc:56:7a:3e:b3:0c:78:3f:0d:ca:14:c7:b7:be:33:bf:
b7:5f:49:43:99:5c:29:9a:8f:09:f5:37:c0:f4:c5:dc:62:d2:
6b:a6:bd:6d:25:8c:5b:de:7b:e9:12:2e:f9:70:67:59:71:6c:
3e:d6:dc:82:fc:86:19:9a:4c:ca:99:07:b0:ef:c3:94:9c:d1:
b1:0e:7a:71:f2:e0:9c:f6:11:dc:fc:9c:09:f9:bf:d1:09:40:
78:37:6e:a8:7e:db:d0:b3:8f:f6:0a:8e:7b:cb:10:3e:3b:5a:
93:31:d0:f3:49:2e:fd:14:5c:04:f6:5d:99:03:dc:48:eb:ad:
7e:ab:8e:b5:64:50:e7:01:58:41:3c:9d:10:dc:11:ef:d5:d7:
7b:c6:7c:e1:4c:40:e3:83:7c:64:53:44:15:02:e8:ac:ce:2a:
21:f3:b3:5e:75:a3:34:cb:be:59:4f:fe:be:26:65:43:c4:9a:
b6:f5:2a:ea:a5:33:7e:8d:97:4c:2f:eb:af:ea:94:05:02:60:
66:87:e1:5e:ab:8d:5c:ee:8d:35:59:34:5a:3a:8c:08:a9:03:
ab:9d:9c:24:b2:3b:3f:25:1d:5b:66:b3:46:c3:07:52:a2:a9:
ea:5a:dc:c4:a5:50:e1:af:33:37:46:d8:ca:61:5c:8a:fa:8c:
22:7f:96:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3PPi1g733fqfgzLCPE3SkGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZjA2M2VkMmUwYTI2NzRiYzQ3MTAxMDE4OWZjNzdhZGIz
MWMxN2YwHhcNMjYwNDI3MTQwMDUxWhcNMjYwNDI4MTQwMDUxWjAzMTEwLwYDVQQD
Eyg1NDZkZWM1ZGMwYzQzY2Q0ODE2MWJlYmEyMzgxM2NlMjQwM2ZmYmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyIH/O0gWShIpPxwBU/GvTfdX8VuC
0ViNb0BusQNgKj4bJoQTLbnfFUvywYGdogEOUjem6ZiWDGoiQaJj7fOxeGMmavVv
v5e/4sWyQtcsV+o6DsNJDYq/SBtigIe9YuLU9UKPk3vfrPelXJFkm90tc9zhBYaH
GEITyF1mEPLojQ6heHCx6Pku1ephfdzlr4nfmkycedNhVeRu37Mq3Me6kHfsh/bd
ucoouZqTpevihKXN9Dkaq0wG0ly1gFwMa7tGeK+3w/oHraENRoypG4NZtjZCnrIE
C/VJF2P9eptLK+BtinappagsVBA6yZTLiifOGFLlo6oAzOtuti2sYOrdWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFRt7F3AxDzUgWG+uiOBPOJAP/ugMB8GA1UdIwQY
MBaAFGjwY+0uCiZ0vEcQEBifx3rbMcF/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVBCajdTNEtKblM4UnhBUUdKX0hldHN4d1g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy82MWI3M2ItZjI2NS00M2Q0LWI1YjMt
OTQ2ZmRhZmUyZWM2LzEvYVBCajdTNEtKblM4UnhBUUdKX0hldHN4d1g4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy82MWI3M2ItZjI2NS00M2Q0LWI1YjMtOTQ2ZmRhZmUyZWM2
LzEvYVBCajdTNEtKblM4UnhBUUdKX0hldHN4d1g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWDrcVno+
swx4Pw3KFMe3vjO/t19JQ5lcKZqPCfU3wPTF3GLSa6a9bSWMW9576RIu+XBnWXFs
PtbcgvyGGZpMypkHsO/DlJzRsQ56cfLgnPYR3PycCfm/0QlAeDduqH7b0LOP9gqO
e8sQPjtakzHQ80ku/RRcBPZdmQPcSOutfquOtWRQ5wFYQTydENwR79XXe8Z84UxA
44N8ZFNEFQLorM4qIfOzXnWjNMu+WU/+viZlQ8SatvUq6qUzfo2XTC/rr+qUBQJg
ZofhXquNXO6NNVk0WjqMCKkDq52cJLI7PyUdW2azRsMHUqKp6lrcxKVQ4a8zN0bY
ymFcivqMIn+Wew==
-----END CERTIFICATE-----
Generated at Mon Apr 27 21:05:13 2026 by rpki-client