Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/d88122-deda-4fd0-9a67-6ef1d96813a2/1/AL8jAERknAbXXjAsUXUATb_GcmE.mft
File: AL8jAERknAbXXjAsUXUATb_GcmE.mft (raw, json)
Hash identifier: uhhwUyEvFwIugSdDAlq4llcQSaLskzQ7+9Ep6s1XS20=
Subject key identifier: 45:C8:A1:49:D6:BA:FD:87:E0:FA:4E:C1:3D:69:BF:B0:F4:73:F3:29
Authority key identifier: 00:BF:23:00:44:64:9C:06:D7:5E:30:2C:51:75:00:4D:BF:C6:72:61
Certificate issuer: /CN=00bf230044649c06d75e302c5175004dbfc67261
Certificate serial: 019D39409DC10EDF4ED5CEF055227283C732
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AL8jAERknAbXXjAsUXUATb_GcmE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/d88122-deda-4fd0-9a67-6ef1d96813a2/1/AL8jAERknAbXXjAsUXUATb_GcmE.mft
Manifest number: 0F34
Signing time: Sun 29 Mar 2026 11:00:28 +0000
Manifest this update: Sun 29 Mar 2026 11:00:28 +0000
Manifest next update: Mon 30 Mar 2026 11:00:28 +0000
Files and hashes: 1: AL8jAERknAbXXjAsUXUATb_GcmE.crl (hash: j7XoiNOjjdQO7y8H+4tPaV3qmrORDYuA8meI+EJHB9g=)
2: LDfTHZtgg9SpOLAcUCBkRkR9ae8.roa (hash: 1t3+l57Hcn09X5UH0bRoB4dCslxZncJ1ud+DZIleEeo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/d88122-deda-4fd0-9a67-6ef1d96813a2/1/AL8jAERknAbXXjAsUXUATb_GcmE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/d88122-deda-4fd0-9a67-6ef1d96813a2/1/AL8jAERknAbXXjAsUXUATb_GcmE.mft
rsync://rpki.ripe.net/repository/DEFAULT/AL8jAERknAbXXjAsUXUATb_GcmE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:40:9d:c1:0e:df:4e:d5:ce:f0:55:22:72:83:c7:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00bf230044649c06d75e302c5175004dbfc67261
Validity
Not Before: Mar 29 11:00:28 2026 GMT
Not After : Mar 30 11:00:28 2026 GMT
Subject: CN=45c8a149d6bafd87e0fa4ec13d69bfb0f473f329
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:93:0c:fa:4c:c2:0c:98:62:5f:eb:2c:f2:84:
df:fd:2c:6f:81:be:0c:7b:02:fd:50:30:8f:67:3e:
c2:ef:d0:5d:f4:94:78:66:74:9d:80:69:55:9e:2a:
93:79:37:56:fc:49:7a:44:5a:e9:ec:ff:87:72:c5:
51:37:0e:3c:75:e5:11:58:7a:c1:52:1d:5f:21:db:
cc:4a:96:db:ac:6a:5c:47:24:24:a6:8d:24:bf:2c:
bf:5c:9d:37:95:ea:f2:9f:32:f6:92:87:3e:03:ca:
89:8d:da:f5:86:0b:0d:df:e9:53:79:39:3e:98:6e:
97:e3:6a:9f:fe:48:7b:9c:3d:e8:db:79:ac:a7:3d:
c5:01:d4:d3:21:d6:23:c1:f7:57:f4:ea:fa:67:71:
50:60:53:6c:78:67:1c:c0:f3:75:b9:10:78:26:01:
09:5b:4d:6b:4f:fd:08:92:36:ea:d0:1d:d2:91:01:
53:30:08:76:3a:67:a2:7c:88:8c:1d:c6:0d:8f:29:
b1:18:fb:0a:4d:78:99:63:22:ca:b3:a0:80:0e:0b:
aa:c5:d0:19:ba:b3:c0:23:30:2c:8d:93:bf:44:df:
e3:02:22:7d:82:a0:6f:9f:b1:46:24:48:9a:9d:92:
b5:1a:5b:dc:11:47:df:43:cb:a4:10:63:f4:76:10:
7d:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:C8:A1:49:D6:BA:FD:87:E0:FA:4E:C1:3D:69:BF:B0:F4:73:F3:29
X509v3 Authority Key Identifier:
keyid:00:BF:23:00:44:64:9C:06:D7:5E:30:2C:51:75:00:4D:BF:C6:72:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AL8jAERknAbXXjAsUXUATb_GcmE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/d88122-deda-4fd0-9a67-6ef1d96813a2/1/AL8jAERknAbXXjAsUXUATb_GcmE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/d88122-deda-4fd0-9a67-6ef1d96813a2/1/AL8jAERknAbXXjAsUXUATb_GcmE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
10:9b:8c:f0:99:ec:72:43:ce:e7:f9:9a:13:d2:c2:02:03:1c:
33:4a:94:4d:7f:b0:8a:65:d0:5d:fb:5d:ea:9d:2d:30:fd:4f:
bd:28:56:c1:8d:d5:e0:da:8a:6e:58:fa:92:81:89:30:19:15:
5f:dd:a2:56:7f:80:dd:a5:f8:73:9d:c2:95:56:82:f4:66:de:
07:99:e7:9c:e0:1b:61:ce:21:8b:a8:87:e8:9f:9b:a8:52:a0:
4a:ff:c0:09:2f:49:e2:21:2e:de:92:a9:48:7a:e0:51:51:5d:
17:9a:36:ad:7f:28:9a:61:90:06:5f:02:43:fb:1c:d1:87:46:
5d:fe:c7:35:37:a1:64:da:91:72:a9:4e:cb:67:a0:9d:e8:54:
a1:89:3e:e8:02:6b:14:fc:d2:66:e5:3f:d6:f9:17:97:0d:1a:
c7:a7:e2:35:a6:3b:20:1b:a9:c6:d5:58:ec:f0:a8:41:37:22:
ec:f9:e5:69:7b:7d:c6:ed:65:89:4c:5b:62:d6:16:87:8e:5c:
45:85:d9:41:13:96:e4:af:88:b2:c4:52:49:7c:ac:98:73:c5:
bf:e5:a6:36:f0:16:0c:4a:b9:ce:2e:71:b8:38:73:4a:b0:45:
a9:37:44:bd:4b:55:12:65:e8:c5:a1:ca:d5:e3:ad:af:f7:0d:
49:31:e2:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QJ3BDt9O1c7wVSJyg8cyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYmYyMzAwNDQ2NDljMDZkNzVlMzAyYzUxNzUwMDRkYmZj
NjcyNjEwHhcNMjYwMzI5MTEwMDI4WhcNMjYwMzMwMTEwMDI4WjAzMTEwLwYDVQQD
Eyg0NWM4YTE0OWQ2YmFmZDg3ZTBmYTRlYzEzZDY5YmZiMGY0NzNmMzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJMM+kzCDJhiX+ss8oTf/Sxvgb4M
ewL9UDCPZz7C79Bd9JR4ZnSdgGlVniqTeTdW/El6RFrp7P+HcsVRNw48deURWHrB
Uh1fIdvMSpbbrGpcRyQkpo0kvyy/XJ03lerynzL2koc+A8qJjdr1hgsN3+lTeTk+
mG6X42qf/kh7nD3o23mspz3FAdTTIdYjwfdX9Or6Z3FQYFNseGccwPN1uRB4JgEJ
W01rT/0Ikjbq0B3SkQFTMAh2OmeifIiMHcYNjymxGPsKTXiZYyLKs6CADguqxdAZ
urPAIzAsjZO/RN/jAiJ9gqBvn7FGJEianZK1GlvcEUffQ8ukEGP0dhB9oQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEXIoUnWuv2H4PpOwT1pv7D0c/MpMB8GA1UdIwQY
MBaAFAC/IwBEZJwG114wLFF1AE2/xnJhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUw4akFFUmtuQWJYWGpBc1VYVUFUYl9HY21FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9kODgxMjItZGVkYS00ZmQwLTlhNjct
NmVmMWQ5NjgxM2EyLzEvQUw4akFFUmtuQWJYWGpBc1VYVUFUYl9HY21FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9kODgxMjItZGVkYS00ZmQwLTlhNjctNmVmMWQ5NjgxM2Ey
LzEvQUw4akFFUmtuQWJYWGpBc1VYVUFUYl9HY21FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEJuM8Jns
ckPO5/maE9LCAgMcM0qUTX+wimXQXftd6p0tMP1PvShWwY3V4NqKblj6koGJMBkV
X92iVn+A3aX4c53ClVaC9GbeB5nnnOAbYc4hi6iH6J+bqFKgSv/ACS9J4iEu3pKp
SHrgUVFdF5o2rX8ommGQBl8CQ/sc0YdGXf7HNTehZNqRcqlOy2egnehUoYk+6AJr
FPzSZuU/1vkXlw0ax6fiNaY7IBupxtVY7PCoQTci7PnlaXt9xu1liUxbYtYWh45c
RYXZQROW5K+IssRSSXysmHPFv+WmNvAWDEq5zi5xuDhzSrBFqTdEvUtVEmXoxaHK
1eOtr/cNSTHiYg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:46:37 2026 by rpki-client