Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/09b295-2032-4778-9318-9164b542a219/1/aDMgCDfWvqvzWDiKAOVFuM5z9jE.mft
File: aDMgCDfWvqvzWDiKAOVFuM5z9jE.mft (raw, json)
Hash identifier: xi4UplNTza3mKc+rC97fJ5AFUgJ3WwmtPkJc5h0ftSk=
Subject key identifier: 86:AF:4E:46:5D:F4:EE:B4:BD:3D:1D:8E:C8:3E:A3:69:78:D0:EF:BD
Authority key identifier: 68:33:20:08:37:D6:BE:AB:F3:58:38:8A:00:E5:45:B8:CE:73:F6:31
Certificate issuer: /CN=6833200837d6beabf358388a00e545b8ce73f631
Certificate serial: 019D39E5D1EE894A6E55F867AD85F6490C17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aDMgCDfWvqvzWDiKAOVFuM5z9jE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/09b295-2032-4778-9318-9164b542a219/1/aDMgCDfWvqvzWDiKAOVFuM5z9jE.mft
Manifest number: 4A
Signing time: Sun 29 Mar 2026 14:00:55 +0000
Manifest this update: Sun 29 Mar 2026 14:00:55 +0000
Manifest next update: Mon 30 Mar 2026 14:00:55 +0000
Files and hashes: 1: 5zk72GIBe30KoSZXKwmuFndxTrk.roa (hash: GT3JzXwUUjVRP+4i+zBT3todjjTDmn2sEVsNEsZY/Ag=)
2: aDMgCDfWvqvzWDiKAOVFuM5z9jE.crl (hash: HCm6pH3usVW+HniHOyavF7MzK38/fiZV1c+Fj+4nblw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/09b295-2032-4778-9318-9164b542a219/1/aDMgCDfWvqvzWDiKAOVFuM5z9jE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/09b295-2032-4778-9318-9164b542a219/1/aDMgCDfWvqvzWDiKAOVFuM5z9jE.mft
rsync://rpki.ripe.net/repository/DEFAULT/aDMgCDfWvqvzWDiKAOVFuM5z9jE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 08:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:e5:d1:ee:89:4a:6e:55:f8:67:ad:85:f6:49:0c:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6833200837d6beabf358388a00e545b8ce73f631
Validity
Not Before: Mar 29 14:00:55 2026 GMT
Not After : Mar 30 14:00:55 2026 GMT
Subject: CN=86af4e465df4eeb4bd3d1d8ec83ea36978d0efbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:e9:5a:10:fd:13:b7:ab:d9:29:fd:4b:07:9c:
03:6c:70:38:73:8a:0f:2d:2b:9b:e9:19:0d:53:e2:
a1:bf:21:cf:d4:de:ff:2c:f5:87:b4:16:65:e3:88:
86:18:fb:46:95:d0:56:10:90:32:22:bf:b1:a0:f5:
1a:e8:e5:56:18:85:ee:a7:c8:5b:8f:18:26:fb:a0:
73:af:f6:a3:69:6e:bd:3a:3c:01:28:ee:18:2c:a9:
3b:60:34:27:83:7d:30:99:f4:f1:af:bf:df:85:0a:
96:f8:46:9e:d8:3e:f2:c3:4b:0c:a0:39:e7:91:f3:
6c:bd:48:4f:40:f6:d0:10:fe:ae:1b:a6:1f:66:55:
a8:62:f8:b7:d0:6e:17:0f:ec:5a:84:00:53:d6:c0:
16:1a:93:a9:bd:a5:ba:6b:75:07:1e:85:95:fa:e0:
42:e4:2a:21:eb:5f:d9:96:1b:88:02:37:9c:fd:53:
5e:58:a7:13:8c:0b:8d:8c:5b:b5:f5:aa:d8:6a:b6:
18:62:8c:52:fe:cc:1e:2e:68:f2:0b:19:f9:59:18:
f1:fb:b0:cc:9e:99:5c:f7:b9:1e:13:23:7d:52:1e:
da:9b:34:a9:b2:3f:68:b6:c4:2e:56:27:79:f0:5f:
a6:0e:6f:47:4b:d2:b4:4a:50:75:00:dd:f0:35:a6:
8d:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:AF:4E:46:5D:F4:EE:B4:BD:3D:1D:8E:C8:3E:A3:69:78:D0:EF:BD
X509v3 Authority Key Identifier:
keyid:68:33:20:08:37:D6:BE:AB:F3:58:38:8A:00:E5:45:B8:CE:73:F6:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aDMgCDfWvqvzWDiKAOVFuM5z9jE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/09b295-2032-4778-9318-9164b542a219/1/aDMgCDfWvqvzWDiKAOVFuM5z9jE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/09b295-2032-4778-9318-9164b542a219/1/aDMgCDfWvqvzWDiKAOVFuM5z9jE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
46:5e:75:c0:5a:73:81:40:ff:06:fb:99:14:ea:a8:5b:e9:39:
53:c6:63:02:31:b4:92:3e:89:98:11:23:e7:aa:6b:e8:a6:cc:
d6:d7:db:0a:4b:a4:65:2a:11:f8:cd:2b:ab:29:62:89:16:10:
31:ab:d6:99:ea:f9:77:9f:d2:06:48:43:27:75:7a:9d:3c:04:
a2:bf:a7:a9:2c:19:2e:40:69:cc:5e:b0:46:dd:35:fb:44:d4:
4f:32:eb:09:f5:91:7a:87:06:81:02:46:e4:a9:59:57:33:d5:
8d:d5:0d:3f:4b:5a:41:7e:c0:d9:63:27:ce:cf:0d:ce:34:82:
cb:b0:6c:0e:b2:d6:e8:50:fc:e4:32:cb:bd:8a:97:8f:a9:c3:
e7:d8:b9:41:3b:25:1c:6b:0f:c1:5a:52:79:9e:e2:f1:51:28:
6d:71:c9:74:01:0a:0b:2a:9d:7a:96:86:9a:d3:56:b4:1b:b8:
6f:e0:6a:7b:d6:3d:67:1c:66:95:9e:c2:d8:5a:5a:ee:56:b3:
95:45:43:8c:34:c6:27:3b:4c:05:80:a6:42:ca:7f:46:3c:bd:
d1:07:22:ee:15:69:3f:34:7f:af:9a:83:88:35:89:18:92:ed:
eb:88:6c:c1:16:a4:ec:dc:8e:09:e0:a1:8c:8c:f8:8f:af:8a:
3d:bb:c2:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ055dHuiUpuVfhnrYX2SQwXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MzMyMDA4MzdkNmJlYWJmMzU4Mzg4YTAwZTU0NWI4Y2U3
M2Y2MzEwHhcNMjYwMzI5MTQwMDU1WhcNMjYwMzMwMTQwMDU1WjAzMTEwLwYDVQQD
Eyg4NmFmNGU0NjVkZjRlZWI0YmQzZDFkOGVjODNlYTM2OTc4ZDBlZmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0elaEP0Tt6vZKf1LB5wDbHA4c4oP
LSub6RkNU+KhvyHP1N7/LPWHtBZl44iGGPtGldBWEJAyIr+xoPUa6OVWGIXup8hb
jxgm+6Bzr/ajaW69OjwBKO4YLKk7YDQng30wmfTxr7/fhQqW+Eae2D7yw0sMoDnn
kfNsvUhPQPbQEP6uG6YfZlWoYvi30G4XD+xahABT1sAWGpOpvaW6a3UHHoWV+uBC
5Coh61/ZlhuIAjec/VNeWKcTjAuNjFu19arYarYYYoxS/sweLmjyCxn5WRjx+7DM
nplc97keEyN9Uh7amzSpsj9otsQuVid58F+mDm9HS9K0SlB1AN3wNaaN1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIavTkZd9O60vT0djsg+o2l40O+9MB8GA1UdIwQY
MBaAFGgzIAg31r6r81g4igDlRbjOc/YxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYURNZ0NEZld2cXZ6V0RpS0FPVkZ1TTV6OWpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8wOWIyOTUtMjAzMi00Nzc4LTkzMTgt
OTE2NGI1NDJhMjE5LzEvYURNZ0NEZld2cXZ6V0RpS0FPVkZ1TTV6OWpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8wOWIyOTUtMjAzMi00Nzc4LTkzMTgtOTE2NGI1NDJhMjE5
LzEvYURNZ0NEZld2cXZ6V0RpS0FPVkZ1TTV6OWpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARl51wFpz
gUD/BvuZFOqoW+k5U8ZjAjG0kj6JmBEj56pr6KbM1tfbCkukZSoR+M0rqyliiRYQ
MavWmer5d5/SBkhDJ3V6nTwEor+nqSwZLkBpzF6wRt01+0TUTzLrCfWReocGgQJG
5KlZVzPVjdUNP0taQX7A2WMnzs8NzjSCy7BsDrLW6FD85DLLvYqXj6nD59i5QTsl
HGsPwVpSeZ7i8VEobXHJdAEKCyqdepaGmtNWtBu4b+Bqe9Y9ZxxmlZ7C2Fpa7laz
lUVDjDTGJztMBYCmQsp/Rjy90Qci7hVpPzR/r5qDiDWJGJLt64hswRak7NyOCeCh
jIz4j6+KPbvCEg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 19:14:29 2026 by rpki-client