Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
File: aNQlzHsbeICodfdr7agP4xCTGe0.mft (raw, json)
Hash identifier: qAe+5e+CZwyH8O3FN+lVeUwsNKlFUvjCK23224dnv0g=
Subject key identifier: 12:9D:14:7D:45:90:9A:A2:4A:03:36:46:86:C6:27:D5:CB:B7:21:8A
Authority key identifier: 68:D4:25:CC:7B:1B:78:80:A8:75:F7:6B:ED:A8:0F:E3:10:93:19:ED
Certificate issuer: /CN=68d425cc7b1b7880a875f76beda80fe3109319ed
Certificate serial: 019DCE99775F46507256491AC56395FECE91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
Manifest number: 18DE
Signing time: Mon 27 Apr 2026 11:00:57 +0000
Manifest this update: Mon 27 Apr 2026 11:00:57 +0000
Manifest next update: Tue 28 Apr 2026 11:00:57 +0000
Files and hashes: 1: 9V6-AqA_4zEech3d9e-zrslLlYg.roa (hash: 2ZWDpKA0ocbpi4aN6axitNn05JRLFs0cLkW8mMIC92U=)
2: aNQlzHsbeICodfdr7agP4xCTGe0.crl (hash: fbBWd4PSP1x3Ydb6ldjlQYD6WRV8hUHNJwXjMvXX2I8=)
3: s_Oj6JBKTNB4x3fb0XdQ9zvwP1o.roa (hash: 0jQdDlhdIZaz2WGN97YHIXqbtv/kRGloASKQBe2397Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 08:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ce:99:77:5f:46:50:72:56:49:1a:c5:63:95:fe:ce:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68d425cc7b1b7880a875f76beda80fe3109319ed
Validity
Not Before: Apr 27 11:00:57 2026 GMT
Not After : Apr 28 11:00:57 2026 GMT
Subject: CN=129d147d45909aa24a03364686c627d5cbb7218a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:43:c9:4c:08:4c:ac:79:28:0f:d5:4c:db:50:
65:b0:4f:04:4b:b7:7e:bb:3d:2b:cf:00:77:3c:05:
bc:4d:bc:ab:be:70:4e:3c:85:3b:c0:bd:18:8c:bc:
a0:53:cc:41:a4:f4:8f:ea:9e:0c:bd:89:30:ba:a0:
3e:97:9c:1d:7f:6e:ac:1e:65:ba:a6:4f:a8:5b:9f:
14:bf:5d:05:64:96:7f:26:eb:5e:47:b9:e0:ca:78:
45:8b:72:85:97:31:db:ac:c4:ad:66:25:42:88:48:
c4:97:db:a4:0f:87:ac:72:a9:85:51:1c:96:a8:67:
ce:75:53:fd:46:f1:c0:b1:fb:6f:d5:f0:3c:67:9a:
cb:3a:d1:f4:35:67:ca:10:d3:03:29:51:e9:57:24:
70:8e:4f:50:d1:19:c2:2b:bb:92:1e:a3:c1:b0:2d:
2a:63:49:fc:d8:20:8a:7f:d6:d6:ff:c6:3c:f6:81:
61:35:37:46:c7:7f:72:1d:be:62:ee:7a:2f:25:d1:
a0:8f:97:e4:bf:5e:c2:dd:7e:13:23:99:3c:64:9c:
a0:83:a7:47:51:64:5f:b4:40:0c:6a:2c:f8:a6:8b:
03:5a:c8:c7:d5:4f:63:64:5b:1c:7f:11:0c:07:ca:
c6:24:68:dc:3b:3c:bd:46:89:81:fd:ed:b8:87:1c:
6a:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:9D:14:7D:45:90:9A:A2:4A:03:36:46:86:C6:27:D5:CB:B7:21:8A
X509v3 Authority Key Identifier:
keyid:68:D4:25:CC:7B:1B:78:80:A8:75:F7:6B:ED:A8:0F:E3:10:93:19:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
30:25:92:0b:a5:98:62:0a:eb:82:c9:45:f2:bf:f4:74:65:d4:
36:d0:94:b5:12:4e:bd:c7:b5:17:7e:49:22:25:10:8e:7c:eb:
61:ff:5b:bd:22:c8:b3:59:3b:61:ad:cf:40:87:4f:6e:64:09:
1e:4f:0b:6d:13:16:0d:2a:76:e7:0c:f3:9b:ab:9d:1e:63:41:
4b:aa:9a:4d:0c:63:b0:90:34:91:9c:37:3a:7a:83:f2:31:55:
13:2a:c0:76:57:a4:e5:af:d5:ef:02:45:09:54:41:19:1c:1e:
d1:58:2c:b9:69:7f:c5:db:80:ac:58:c9:9a:7b:7e:23:a9:61:
54:c6:ad:bd:f3:20:a9:63:c9:b8:b9:ea:d4:36:03:9f:d3:a5:
83:58:70:87:90:89:f3:93:77:8e:9f:1a:ee:c4:cb:c9:c4:91:
85:b6:18:e4:0b:59:7c:a6:60:a3:61:67:b6:28:fa:57:00:00:
01:36:d8:26:b1:53:03:57:8b:2d:4c:c3:58:67:9f:85:2d:5a:
b5:f8:df:46:bf:6d:79:81:f7:4c:49:ee:63:b7:c3:fb:88:bb:
5d:ad:76:50:8d:b3:99:32:8a:b0:25:37:68:cf:25:08:ff:5f:
8c:09:13:83:4d:09:4c:25:a4:10:59:e9:f8:cf:cc:7f:3e:ee:
94:16:29:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3OmXdfRlByVkkaxWOV/s6RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZDQyNWNjN2IxYjc4ODBhODc1Zjc2YmVkYTgwZmUzMTA5
MzE5ZWQwHhcNMjYwNDI3MTEwMDU3WhcNMjYwNDI4MTEwMDU3WjAzMTEwLwYDVQQD
EygxMjlkMTQ3ZDQ1OTA5YWEyNGEwMzM2NDY4NmM2MjdkNWNiYjcyMThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnkPJTAhMrHkoD9VM21BlsE8ES7d+
uz0rzwB3PAW8TbyrvnBOPIU7wL0YjLygU8xBpPSP6p4MvYkwuqA+l5wdf26sHmW6
pk+oW58Uv10FZJZ/JuteR7ngynhFi3KFlzHbrMStZiVCiEjEl9ukD4escqmFURyW
qGfOdVP9RvHAsftv1fA8Z5rLOtH0NWfKENMDKVHpVyRwjk9Q0RnCK7uSHqPBsC0q
Y0n82CCKf9bW/8Y89oFhNTdGx39yHb5i7novJdGgj5fkv17C3X4TI5k8ZJygg6dH
UWRftEAMaiz4posDWsjH1U9jZFscfxEMB8rGJGjcOzy9RomB/e24hxxqTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBKdFH1FkJqiSgM2RobGJ9XLtyGKMB8GA1UdIwQY
MBaAFGjUJcx7G3iAqHX3a+2oD+MQkxntMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9jMGY3ZTMtNjNiOS00YTVmLTk2Y2Et
NWM0NWI2MThmOTkwLzEvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9jMGY3ZTMtNjNiOS00YTVmLTk2Y2EtNWM0NWI2MThmOTkw
LzEvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMCWSC6WY
YgrrgslF8r/0dGXUNtCUtRJOvce1F35JIiUQjnzrYf9bvSLIs1k7Ya3PQIdPbmQJ
Hk8LbRMWDSp25wzzm6udHmNBS6qaTQxjsJA0kZw3OnqD8jFVEyrAdlek5a/V7wJF
CVRBGRwe0VgsuWl/xduArFjJmnt+I6lhVMatvfMgqWPJuLnq1DYDn9Olg1hwh5CJ
85N3jp8a7sTLycSRhbYY5AtZfKZgo2Fntij6VwAAATbYJrFTA1eLLUzDWGefhS1a
tfjfRr9teYH3TEnuY7fD+4i7Xa12UI2zmTKKsCU3aM8lCP9fjAkTg00JTCWkEFnp
+M/Mfz7ulBYpwA==
-----END CERTIFICATE-----
Generated at Mon Apr 27 17:40:58 2026 by rpki-client