Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/b89c1f-8dcb-438b-8afd-605d135136f7/1/aH2bViukcmGPk5jiZcoOcQj2h6M.mft
File: aH2bViukcmGPk5jiZcoOcQj2h6M.mft (raw, json)
Hash identifier: rj9hOBrlZs/oR6XqU+4RxHjCgihVENR1wFUzrKSh2QU=
Subject key identifier: AE:AF:0C:AE:FE:A3:F2:2F:7F:1F:C1:86:BA:93:29:8B:C9:1C:9F:E3
Authority key identifier: 68:7D:9B:56:2B:A4:72:61:8F:93:98:E2:65:CA:0E:71:08:F6:87:A3
Certificate issuer: /CN=687d9b562ba472618f9398e265ca0e7108f687a3
Certificate serial: 019D39407C95FF37F38219DCF98DC4D03EC5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aH2bViukcmGPk5jiZcoOcQj2h6M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/b89c1f-8dcb-438b-8afd-605d135136f7/1/aH2bViukcmGPk5jiZcoOcQj2h6M.mft
Manifest number: 1823
Signing time: Sun 29 Mar 2026 11:00:20 +0000
Manifest this update: Sun 29 Mar 2026 11:00:20 +0000
Manifest next update: Mon 30 Mar 2026 11:00:20 +0000
Files and hashes: 1: 7AOoMOGVRmNfzkuDKRu3Sk1W0eA.roa (hash: +394RmOY/Sxcv9d3Us94xh5+rW7+06GfmeDJKppUg3M=)
2: aH2bViukcmGPk5jiZcoOcQj2h6M.crl (hash: GgpjQKLSESCNVZXOOWMS+q/cn5MYXMM/i2VayAuAniA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/b89c1f-8dcb-438b-8afd-605d135136f7/1/aH2bViukcmGPk5jiZcoOcQj2h6M.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/b89c1f-8dcb-438b-8afd-605d135136f7/1/aH2bViukcmGPk5jiZcoOcQj2h6M.mft
rsync://rpki.ripe.net/repository/DEFAULT/aH2bViukcmGPk5jiZcoOcQj2h6M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 11:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:40:7c:95:ff:37:f3:82:19:dc:f9:8d:c4:d0:3e:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=687d9b562ba472618f9398e265ca0e7108f687a3
Validity
Not Before: Mar 29 11:00:20 2026 GMT
Not After : Mar 30 11:00:20 2026 GMT
Subject: CN=aeaf0caefea3f22f7f1fc186ba93298bc91c9fe3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:85:b2:fb:14:0b:4b:79:93:42:66:4a:7a:f9:
29:86:58:d0:10:29:d2:b7:56:35:00:b8:21:c9:76:
64:98:2a:9e:b2:1d:c7:56:66:70:b2:23:00:fb:d5:
2e:40:da:bb:49:ee:e8:f6:a0:98:c5:9c:ba:f9:71:
8a:07:2e:c2:57:18:ef:4a:11:41:eb:dd:06:7e:b1:
4e:72:59:59:7c:db:76:b2:4d:da:c9:4b:c4:ce:78:
c9:82:47:7f:9f:a2:eb:da:8d:5f:94:97:9b:68:e0:
8e:23:70:75:e8:09:10:6c:47:bb:6a:9a:8b:6d:9d:
83:b8:87:e4:26:ef:68:90:69:3a:b4:eb:c3:48:89:
aa:55:de:34:9b:55:d2:94:eb:b6:d6:d9:7e:b6:72:
39:a4:33:84:55:eb:84:a9:6d:9a:de:64:74:cf:91:
2d:99:01:b3:7e:d0:91:a4:9f:b2:af:62:0c:c6:b3:
44:39:1a:6a:c7:5d:f3:a0:40:81:69:9f:fe:0d:55:
f1:b2:f1:df:b7:ea:a3:8e:7c:c7:f7:cc:bf:b9:e3:
68:96:d3:9c:80:53:e5:4b:75:c1:74:14:8d:ce:54:
b5:72:e1:3c:77:69:1c:f9:1d:1b:20:df:d6:46:be:
bd:d7:3b:17:cf:af:b7:7e:6b:8b:c4:6b:18:13:1c:
d1:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:AF:0C:AE:FE:A3:F2:2F:7F:1F:C1:86:BA:93:29:8B:C9:1C:9F:E3
X509v3 Authority Key Identifier:
keyid:68:7D:9B:56:2B:A4:72:61:8F:93:98:E2:65:CA:0E:71:08:F6:87:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aH2bViukcmGPk5jiZcoOcQj2h6M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/b89c1f-8dcb-438b-8afd-605d135136f7/1/aH2bViukcmGPk5jiZcoOcQj2h6M.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/b89c1f-8dcb-438b-8afd-605d135136f7/1/aH2bViukcmGPk5jiZcoOcQj2h6M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
40:b7:19:e6:21:e3:cf:fc:8b:db:31:41:97:39:7b:a6:7a:2e:
34:87:78:1e:89:6f:45:3c:98:17:c1:dc:38:ee:dd:bf:d4:4e:
00:33:ee:47:ca:08:99:32:b4:28:90:00:20:0a:27:ec:81:0c:
cc:28:be:ba:89:d1:69:14:53:f4:05:c2:08:49:9b:97:52:4a:
ce:73:a5:2c:9a:f5:8d:8f:52:78:fe:e2:0f:ac:1e:10:94:ca:
80:0f:c7:19:20:05:47:1f:2e:6c:90:60:ef:91:cb:26:be:9f:
c1:c3:51:36:f7:4c:35:83:60:09:ae:df:d1:41:57:54:64:97:
a3:7b:90:41:a7:f5:b3:08:14:7e:89:a0:ed:81:ce:13:cd:fd:
94:2b:0f:7c:4d:af:50:31:2c:b4:9a:90:38:6e:ce:58:ab:d1:
42:14:42:9a:26:2a:6e:37:a8:ef:4f:80:3f:14:69:95:81:f1:
14:ab:21:e7:e3:88:74:bc:4a:14:bc:b6:bc:c0:e3:c7:5d:1f:
52:0d:18:b4:6c:5c:68:ec:f6:6e:c2:c0:f3:f0:71:b1:9a:0b:
c6:27:ee:10:76:08:1f:a1:26:ed:a9:6b:9a:d0:d7:8f:f5:f3:
bf:1e:50:ad:cb:30:2b:1b:b3:aa:e6:e8:42:60:3c:82:16:d0:
c1:d0:59:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QHyV/zfzghnc+Y3E0D7FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4N2Q5YjU2MmJhNDcyNjE4ZjkzOThlMjY1Y2EwZTcxMDhm
Njg3YTMwHhcNMjYwMzI5MTEwMDIwWhcNMjYwMzMwMTEwMDIwWjAzMTEwLwYDVQQD
EyhhZWFmMGNhZWZlYTNmMjJmN2YxZmMxODZiYTkzMjk4YmM5MWM5ZmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYWy+xQLS3mTQmZKevkphljQECnS
t1Y1ALghyXZkmCqesh3HVmZwsiMA+9UuQNq7Se7o9qCYxZy6+XGKBy7CVxjvShFB
690GfrFOcllZfNt2sk3ayUvEznjJgkd/n6Lr2o1flJebaOCOI3B16AkQbEe7apqL
bZ2DuIfkJu9okGk6tOvDSImqVd40m1XSlOu21tl+tnI5pDOEVeuEqW2a3mR0z5Et
mQGzftCRpJ+yr2IMxrNEORpqx13zoECBaZ/+DVXxsvHft+qjjnzH98y/ueNoltOc
gFPlS3XBdBSNzlS1cuE8d2kc+R0bIN/WRr691zsXz6+3fmuLxGsYExzReQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK6vDK7+o/Ivfx/BhrqTKYvJHJ/jMB8GA1UdIwQY
MBaAFGh9m1YrpHJhj5OY4mXKDnEI9oejMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUgyYlZpdWtjbUdQazVqaVpjb09jUWoyaDZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9iODljMWYtOGRjYi00MzhiLThhZmQt
NjA1ZDEzNTEzNmY3LzEvYUgyYlZpdWtjbUdQazVqaVpjb09jUWoyaDZNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9iODljMWYtOGRjYi00MzhiLThhZmQtNjA1ZDEzNTEzNmY3
LzEvYUgyYlZpdWtjbUdQazVqaVpjb09jUWoyaDZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQLcZ5iHj
z/yL2zFBlzl7pnouNId4HolvRTyYF8HcOO7dv9ROADPuR8oImTK0KJAAIAon7IEM
zCi+uonRaRRT9AXCCEmbl1JKznOlLJr1jY9SeP7iD6weEJTKgA/HGSAFRx8ubJBg
75HLJr6fwcNRNvdMNYNgCa7f0UFXVGSXo3uQQaf1swgUfomg7YHOE839lCsPfE2v
UDEstJqQOG7OWKvRQhRCmiYqbjeo70+APxRplYHxFKsh5+OIdLxKFLy2vMDjx10f
Ug0YtGxcaOz2bsLA8/BxsZoLxifuEHYIH6Em7alrmtDXj/Xzvx5QrcswKxuzqubo
QmA8ghbQwdBZjw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 19:20:51 2026 by rpki-client