Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.mft
File: aMXwmzqQOVDz_NGyVQhu3kh26xE.mft (raw, json)
Hash identifier: tohEZEEce9uFzKwHUPVYsDZEbKXzSiscAeD0JXJkEXg=
Subject key identifier: B0:E6:98:8E:E7:FE:3A:8B:62:5D:43:60:29:DA:98:6A:EB:C4:CE:28
Authority key identifier: 68:C5:F0:9B:3A:90:39:50:F3:FC:D1:B2:55:08:6E:DE:48:76:EB:11
Certificate issuer: /CN=68c5f09b3a903950f3fcd1b255086ede4876eb11
Certificate serial: 019D37F703B8B5C484DEA6A12489EA6F4A4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMXwmzqQOVDz_NGyVQhu3kh26xE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.mft
Manifest number: 17E3
Signing time: Sun 29 Mar 2026 05:00:28 +0000
Manifest this update: Sun 29 Mar 2026 05:00:28 +0000
Manifest next update: Mon 30 Mar 2026 05:00:28 +0000
Files and hashes: 1: HqknbCtl1Axe3TPw1P6jDONpLVc.roa (hash: ZnfnJYZ+e5B0J97RREAVHfbNjcFtOONy33iXAx75Pag=)
2: XUSo3Kod1tZHWF61VODjOx3wrpM.roa (hash: QhGQD15vAX85W4GYn0mpZU7ZappGzzCqkYs2qWxrAto=)
3: aMXwmzqQOVDz_NGyVQhu3kh26xE.crl (hash: 4K+Xg2pw8euoVhgmjnFGuv4E7vt05IABeVct4dvOA5Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.mft
rsync://rpki.ripe.net/repository/DEFAULT/aMXwmzqQOVDz_NGyVQhu3kh26xE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 05:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:f7:03:b8:b5:c4:84:de:a6:a1:24:89:ea:6f:4a:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c5f09b3a903950f3fcd1b255086ede4876eb11
Validity
Not Before: Mar 29 05:00:28 2026 GMT
Not After : Mar 30 05:00:28 2026 GMT
Subject: CN=b0e6988ee7fe3a8b625d436029da986aebc4ce28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:1f:aa:65:ed:48:f5:ee:84:be:4f:86:57:d7:
8f:a0:c8:c8:cf:35:2e:66:f6:b6:80:58:33:2f:c4:
b0:4a:cc:dd:9c:dc:c5:44:eb:c9:2b:16:7e:a6:3c:
df:c1:52:10:66:fd:98:28:7d:3e:ea:a3:5b:1e:4b:
32:4a:45:63:55:23:87:93:ca:12:e9:01:6e:34:e4:
c7:fd:56:07:9e:4b:fc:c6:12:93:68:a6:27:15:c2:
5c:56:46:1c:26:95:03:79:bb:d9:1b:f2:33:25:09:
3e:f7:95:d5:3c:ff:b4:da:6b:87:f3:37:bd:c3:4e:
61:12:7b:77:eb:76:3a:8e:fd:35:40:07:e1:47:73:
5d:cd:a5:fa:fd:6c:c5:e7:74:a6:14:bd:9a:9f:a8:
2d:31:3c:d2:47:43:b4:a6:b4:5c:8e:9d:79:a5:58:
a8:da:b2:c8:13:44:51:73:77:ec:7e:76:c8:78:7f:
79:bd:22:09:d7:c3:d4:f3:c4:59:3f:80:ec:e2:37:
bc:52:2b:4f:32:f1:2e:9c:7b:d4:cb:14:a9:3f:87:
c3:5e:94:27:00:de:ba:b3:cd:d7:6e:16:a8:aa:be:
65:f6:45:64:96:28:8e:ec:e3:0a:74:1d:21:08:a4:
51:29:c1:4e:aa:df:fa:53:cc:fc:d7:b7:66:7c:4a:
82:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:E6:98:8E:E7:FE:3A:8B:62:5D:43:60:29:DA:98:6A:EB:C4:CE:28
X509v3 Authority Key Identifier:
keyid:68:C5:F0:9B:3A:90:39:50:F3:FC:D1:B2:55:08:6E:DE:48:76:EB:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMXwmzqQOVDz_NGyVQhu3kh26xE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
71:4e:ff:fe:49:d8:8f:fa:2c:41:a4:38:0d:1f:c6:7f:71:40:
8b:27:5a:aa:5d:d0:64:66:ab:88:75:15:f9:d6:91:48:d4:6f:
82:81:27:6b:bb:b4:e2:e0:3b:1b:c3:4b:ea:1b:a0:0e:92:35:
9a:bf:d8:00:85:ac:d0:0b:b6:7f:70:57:8e:2b:3d:e4:fe:56:
b8:f8:6e:d9:b9:5a:c5:df:f0:ad:0d:5e:a0:94:05:0f:a3:cb:
e4:ee:e9:fb:0d:69:41:5a:eb:ee:62:16:dd:63:99:a4:2c:b1:
98:41:aa:94:0e:04:8e:17:78:6f:0a:e8:e1:5e:a4:4a:ea:2b:
7c:46:5b:3f:d2:90:5b:1c:fc:7a:82:26:2a:9e:26:56:29:30:
f4:71:ad:db:6c:28:2b:9b:40:0c:56:e2:b7:5c:f7:29:a2:78:
ae:fd:13:e1:1d:66:47:72:e8:72:86:e2:4c:42:a4:d3:4b:b8:
b0:68:e0:f7:c4:74:54:12:25:38:65:47:72:de:6d:45:88:76:
f8:7e:60:6a:08:93:4b:ba:25:d6:ee:33:c7:ac:3b:41:8f:f2:
f0:8b:05:f3:79:ab:87:33:c3:ae:59:a9:b0:b4:7a:0b:30:f9:
a6:94:79:74:3e:a5:c7:f8:f6:77:f3:32:ae:c1:65:2b:84:0d:
cb:67:ab:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ039wO4tcSE3qahJInqb0pMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzVmMDliM2E5MDM5NTBmM2ZjZDFiMjU1MDg2ZWRlNDg3
NmViMTEwHhcNMjYwMzI5MDUwMDI4WhcNMjYwMzMwMDUwMDI4WjAzMTEwLwYDVQQD
EyhiMGU2OTg4ZWU3ZmUzYThiNjI1ZDQzNjAyOWRhOTg2YWViYzRjZTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuh+qZe1I9e6Evk+GV9ePoMjIzzUu
Zva2gFgzL8SwSszdnNzFROvJKxZ+pjzfwVIQZv2YKH0+6qNbHksySkVjVSOHk8oS
6QFuNOTH/VYHnkv8xhKTaKYnFcJcVkYcJpUDebvZG/IzJQk+95XVPP+02muH8ze9
w05hEnt363Y6jv01QAfhR3NdzaX6/WzF53SmFL2an6gtMTzSR0O0prRcjp15pVio
2rLIE0RRc3fsfnbIeH95vSIJ18PU88RZP4Ds4je8UitPMvEunHvUyxSpP4fDXpQn
AN66s83Xbhaoqr5l9kVkliiO7OMKdB0hCKRRKcFOqt/6U8z817dmfEqCtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLDmmI7n/jqLYl1DYCnamGrrxM4oMB8GA1UdIwQY
MBaAFGjF8Js6kDlQ8/zRslUIbt5IdusRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1Yd216cVFPVkR6X05HeVZRaHUza2gyNnhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9lZmExOGQtMDkwNy00NTkzLWFiYjgt
OTQ4MDI2MzZiYWQ5LzEvYU1Yd216cVFPVkR6X05HeVZRaHUza2gyNnhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9lZmExOGQtMDkwNy00NTkzLWFiYjgtOTQ4MDI2MzZiYWQ5
LzEvYU1Yd216cVFPVkR6X05HeVZRaHUza2gyNnhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcU7//knY
j/osQaQ4DR/Gf3FAiydaql3QZGariHUV+daRSNRvgoEna7u04uA7G8NL6hugDpI1
mr/YAIWs0Au2f3BXjis95P5WuPhu2blaxd/wrQ1eoJQFD6PL5O7p+w1pQVrr7mIW
3WOZpCyxmEGqlA4Ejhd4bwro4V6kSuorfEZbP9KQWxz8eoImKp4mVikw9HGt22wo
K5tADFbit1z3KaJ4rv0T4R1mR3LocobiTEKk00u4sGjg98R0VBIlOGVHct5tRYh2
+H5gagiTS7ol1u4zx6w7QY/y8IsF83mrhzPDrlmpsLR6CzD5ppR5dD6lx/j2d/My
rsFlK4QNy2erZA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:27:53 2026 by rpki-client