Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
File: aNQlzHsbeICodfdr7agP4xCTGe0.mft (raw, json)
Hash identifier: mTyMLviikBsTDln4rr4vHRdIJGJJuzrKNG1mv4yM+5k=
Subject key identifier: 44:96:8C:BE:BC:CD:B9:2F:FF:04:86:08:21:BA:7C:EA:68:92:B5:AD
Authority key identifier: 68:D4:25:CC:7B:1B:78:80:A8:75:F7:6B:ED:A8:0F:E3:10:93:19:ED
Certificate issuer: /CN=68d425cc7b1b7880a875f76beda80fe3109319ed
Certificate serial: 019CE4ECC6661F51DC618EF7E199A685BF91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
Manifest number: 1865
Signing time: Fri 13 Mar 2026 02:00:48 +0000
Manifest this update: Fri 13 Mar 2026 02:00:48 +0000
Manifest next update: Sat 14 Mar 2026 02:00:48 +0000
Files and hashes: 1: 9V6-AqA_4zEech3d9e-zrslLlYg.roa (hash: 2ZWDpKA0ocbpi4aN6axitNn05JRLFs0cLkW8mMIC92U=)
2: aNQlzHsbeICodfdr7agP4xCTGe0.crl (hash: P0qxDHxalwxWwLpptxnvCHiAXsSiaHcG1Lw7Je4PpUM=)
3: s_Oj6JBKTNB4x3fb0XdQ9zvwP1o.roa (hash: 0jQdDlhdIZaz2WGN97YHIXqbtv/kRGloASKQBe2397Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Mar 2026 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e4:ec:c6:66:1f:51:dc:61:8e:f7:e1:99:a6:85:bf:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68d425cc7b1b7880a875f76beda80fe3109319ed
Validity
Not Before: Mar 13 02:00:48 2026 GMT
Not After : Mar 14 02:00:48 2026 GMT
Subject: CN=44968cbebccdb92fff04860821ba7cea6892b5ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:70:35:7b:f3:17:cb:46:01:e4:49:2b:a8:cf:
5e:2b:62:5b:2c:ac:41:70:9e:8f:e3:f3:1c:af:1d:
58:25:94:70:e6:76:2e:f4:10:f1:36:73:82:85:a9:
ad:ac:7f:30:9b:3e:36:ec:e3:9f:11:41:65:37:51:
f3:ee:da:2a:17:d3:88:56:62:8b:12:fb:f2:5f:82:
a7:2c:c0:78:ec:64:96:27:d4:a6:5d:2e:3a:21:53:
26:39:2c:19:c5:d0:65:20:35:cc:49:e7:68:80:cf:
e6:7e:01:74:66:76:9b:fd:ae:e2:e4:20:04:36:20:
fc:a0:89:19:06:7c:e1:18:f4:af:ab:5c:20:ea:6a:
e6:fb:6b:68:3f:13:e7:0a:90:74:fb:dd:b8:2c:ba:
71:48:1c:57:41:1f:30:ef:92:cc:70:2f:a8:24:f4:
47:46:cb:d7:f8:6d:4a:aa:50:65:71:a9:a6:5e:1e:
1a:70:6f:90:56:b6:04:98:a1:2e:9a:33:ec:c3:9d:
d6:05:70:12:81:78:89:5b:c0:86:74:3d:f5:9e:92:
54:57:4b:54:d7:07:db:cb:ad:9e:93:cd:3b:40:f7:
7d:9e:f9:50:74:3a:93:91:16:48:9b:24:2b:97:42:
40:f2:01:96:e7:72:45:b4:82:d8:ab:9f:f5:93:ca:
84:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:96:8C:BE:BC:CD:B9:2F:FF:04:86:08:21:BA:7C:EA:68:92:B5:AD
X509v3 Authority Key Identifier:
keyid:68:D4:25:CC:7B:1B:78:80:A8:75:F7:6B:ED:A8:0F:E3:10:93:19:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c2:06:e2:9d:b5:05:57:d8:f9:cf:80:2c:a9:d4:12:47:92:16:
5a:10:5f:18:ed:b9:ca:8c:43:fa:4b:9a:0e:12:9a:14:10:21:
f2:23:30:8d:de:13:82:f3:14:53:ee:f1:db:96:53:d0:76:cc:
d2:b2:4e:c1:6e:7a:a7:3a:39:ea:42:4b:6b:78:82:fd:27:cc:
2b:59:2f:13:44:77:91:41:a4:f7:25:7c:a2:94:c3:1b:58:14:
42:78:33:6d:9e:83:6d:b9:63:2a:25:e8:b6:3d:55:6e:bf:43:
3e:0a:81:00:69:2c:8c:e5:d3:30:37:59:f2:e9:43:b7:2c:da:
7a:54:fa:93:bc:49:5e:f0:11:c8:10:75:63:41:6a:3e:c3:5c:
d4:47:6b:19:3f:79:3c:ae:43:a0:1d:51:de:25:00:59:87:b1:
a1:4c:33:64:7d:ea:e8:1d:84:62:05:8e:02:06:2f:35:3b:26:
41:30:52:fe:97:58:df:2a:14:e5:10:09:e6:19:d1:b8:e9:f5:
12:1d:f2:45:90:0a:d5:a2:1d:39:f7:d4:e0:83:86:e5:6d:c6:
5d:5e:cf:94:03:45:3d:b4:ca:52:49:81:88:f3:cc:94:91:13:
8e:e6:80:c7:64:6a:2e:7e:04:d4:9a:2f:b1:c7:7f:83:f2:25:
ba:6f:6f:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZzk7MZmH1HcYY734Zmmhb+RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZDQyNWNjN2IxYjc4ODBhODc1Zjc2YmVkYTgwZmUzMTA5
MzE5ZWQwHhcNMjYwMzEzMDIwMDQ4WhcNMjYwMzE0MDIwMDQ4WjAzMTEwLwYDVQQD
Eyg0NDk2OGNiZWJjY2RiOTJmZmYwNDg2MDgyMWJhN2NlYTY4OTJiNWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0XA1e/MXy0YB5EkrqM9eK2JbLKxB
cJ6P4/Mcrx1YJZRw5nYu9BDxNnOChamtrH8wmz427OOfEUFlN1Hz7toqF9OIVmKL
EvvyX4KnLMB47GSWJ9SmXS46IVMmOSwZxdBlIDXMSedogM/mfgF0Znab/a7i5CAE
NiD8oIkZBnzhGPSvq1wg6mrm+2toPxPnCpB0+924LLpxSBxXQR8w75LMcC+oJPRH
RsvX+G1KqlBlcammXh4acG+QVrYEmKEumjPsw53WBXASgXiJW8CGdD31npJUV0tU
1wfby62ek807QPd9nvlQdDqTkRZImyQrl0JA8gGW53JFtILYq5/1k8qEOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFESWjL68zbkv/wSGCCG6fOpokrWtMB8GA1UdIwQY
MBaAFGjUJcx7G3iAqHX3a+2oD+MQkxntMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9jMGY3ZTMtNjNiOS00YTVmLTk2Y2Et
NWM0NWI2MThmOTkwLzEvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9jMGY3ZTMtNjNiOS00YTVmLTk2Y2EtNWM0NWI2MThmOTkw
LzEvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwgbinbUF
V9j5z4AsqdQSR5IWWhBfGO25yoxD+kuaDhKaFBAh8iMwjd4TgvMUU+7x25ZT0HbM
0rJOwW56pzo56kJLa3iC/SfMK1kvE0R3kUGk9yV8opTDG1gUQngzbZ6DbbljKiXo
tj1Vbr9DPgqBAGksjOXTMDdZ8ulDtyzaelT6k7xJXvARyBB1Y0FqPsNc1EdrGT95
PK5DoB1R3iUAWYexoUwzZH3q6B2EYgWOAgYvNTsmQTBS/pdY3yoU5RAJ5hnRuOn1
Eh3yRZAK1aIdOffU4IOG5W3GXV7PlANFPbTKUkmBiPPMlJETjuaAx2RqLn4E1Jov
scd/g/Ilum9vVg==
-----END CERTIFICATE-----
Generated at Fri Mar 13 09:28:40 2026 by rpki-client