Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/c4dada-1a29-449a-9ac6-b12ebf345bc3/1/paimkAmtLokJhr3XbGM8GzHwbzo.mft
File: paimkAmtLokJhr3XbGM8GzHwbzo.mft (raw, json)
Hash identifier: 8AVFcorJxhvrlH+RXceoLkO951ViFdp4/quToNcuNWk=
Subject key identifier: 9C:3A:51:23:94:F0:EA:0B:9B:B0:43:31:AB:09:C9:3F:7B:10:36:3E
Authority key identifier: A5:A8:A6:90:09:AD:2E:89:09:86:BD:D7:6C:63:3C:1B:31:F0:6F:3A
Certificate issuer: /CN=a5a8a69009ad2e890986bdd76c633c1b31f06f3a
Certificate serial: 019D3940A45878968260F809771A227489EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/paimkAmtLokJhr3XbGM8GzHwbzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/c4dada-1a29-449a-9ac6-b12ebf345bc3/1/paimkAmtLokJhr3XbGM8GzHwbzo.mft
Manifest number: 0978
Signing time: Sun 29 Mar 2026 11:00:30 +0000
Manifest this update: Sun 29 Mar 2026 11:00:30 +0000
Manifest next update: Mon 30 Mar 2026 11:00:30 +0000
Files and hashes: 1: Hmzl33O9ENxxpSkgQ-w_OKZuVqE.roa (hash: MINPErO1BGuqVLJnTV2HhR7juWWefaDwKRV1A+XQOf8=)
2: paimkAmtLokJhr3XbGM8GzHwbzo.crl (hash: ufEsxLB80PXFAX8KFN6We2BTDLgPfls/sLMDod45XMY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/c4dada-1a29-449a-9ac6-b12ebf345bc3/1/paimkAmtLokJhr3XbGM8GzHwbzo.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/c4dada-1a29-449a-9ac6-b12ebf345bc3/1/paimkAmtLokJhr3XbGM8GzHwbzo.mft
rsync://rpki.ripe.net/repository/DEFAULT/paimkAmtLokJhr3XbGM8GzHwbzo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:40:a4:58:78:96:82:60:f8:09:77:1a:22:74:89:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5a8a69009ad2e890986bdd76c633c1b31f06f3a
Validity
Not Before: Mar 29 11:00:30 2026 GMT
Not After : Mar 30 11:00:30 2026 GMT
Subject: CN=9c3a512394f0ea0b9bb04331ab09c93f7b10363e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:64:03:0c:23:ec:58:a2:87:a0:2a:16:e2:3c:
bd:54:58:d3:d2:eb:53:f9:a2:8d:c5:97:33:9e:e3:
0a:9a:79:0d:27:f1:f6:71:d1:ab:d7:27:a9:00:0b:
e7:7d:e9:bc:f8:f0:6c:32:d6:6a:f9:f3:3a:26:67:
32:77:75:ea:46:27:c2:0c:7c:51:9d:c3:41:47:36:
ca:df:8c:38:4d:dc:98:7a:46:c6:ee:13:ab:91:3d:
70:97:a4:7e:51:60:c5:30:e6:d9:d9:4f:d9:3d:43:
95:f0:c0:ac:bf:c0:06:5b:98:c2:8b:74:d7:9e:bb:
0b:28:3e:95:b0:7c:2c:a9:77:7f:20:2e:56:27:84:
62:4c:7c:e6:b3:8c:26:44:e3:b7:1d:e7:d2:cb:b4:
3a:da:fd:16:22:21:02:a3:60:56:3c:05:32:7e:29:
f4:37:2c:50:05:59:bf:f0:a3:df:05:9a:00:27:22:
a2:94:3b:c6:33:14:6f:de:0d:9b:95:af:f0:ee:be:
4d:ff:cb:3f:8d:da:d6:56:72:c3:80:22:0c:c6:da:
48:38:63:6d:0a:72:71:3e:18:fb:31:90:55:e5:cc:
33:c2:44:c6:64:ae:a9:cf:88:25:ec:5f:8b:bd:1a:
04:3f:2a:8f:f4:c7:e1:be:16:a4:06:35:2a:ef:85:
99:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:3A:51:23:94:F0:EA:0B:9B:B0:43:31:AB:09:C9:3F:7B:10:36:3E
X509v3 Authority Key Identifier:
keyid:A5:A8:A6:90:09:AD:2E:89:09:86:BD:D7:6C:63:3C:1B:31:F0:6F:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/paimkAmtLokJhr3XbGM8GzHwbzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/c4dada-1a29-449a-9ac6-b12ebf345bc3/1/paimkAmtLokJhr3XbGM8GzHwbzo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/c4dada-1a29-449a-9ac6-b12ebf345bc3/1/paimkAmtLokJhr3XbGM8GzHwbzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5a:bc:34:1e:69:57:38:43:eb:e5:12:43:41:ed:39:8d:85:c2:
c6:28:47:9f:2d:6d:8b:83:1c:79:41:26:78:0d:39:65:9b:e6:
96:23:d2:a0:5f:cd:58:5e:c1:70:91:f2:17:7e:4a:b1:05:d2:
09:d2:ad:01:37:72:f6:22:d8:4b:8d:b6:dd:a8:94:b5:41:7f:
74:e1:c0:0c:ee:a5:3d:4c:91:77:29:db:98:4b:a9:2a:8a:3e:
fc:81:a6:49:ce:fd:d8:fa:14:a6:c4:a8:d3:70:5e:05:17:c2:
12:74:54:91:68:96:d9:9f:fc:f9:9d:a4:3d:36:8f:7a:58:4d:
e9:99:7f:a2:2e:37:6a:09:b7:47:3b:fd:b6:e0:e5:27:10:17:
7f:a3:80:43:0c:20:87:ee:13:cf:2d:0e:32:31:80:bb:51:40:
3a:c9:1d:24:bd:1c:e2:05:d4:5e:a8:ee:f0:b8:76:16:55:2f:
39:e0:e8:30:de:7d:ee:24:4f:19:74:82:70:00:bb:a7:f8:be:
d3:62:7f:9e:9a:05:52:1d:42:3f:f6:c9:57:a6:84:94:b3:ea:
07:a3:e4:50:e4:36:1a:2c:d4:d6:1f:70:6a:92:0a:38:f7:11:
f4:30:88:49:d6:73:0b:bf:70:32:f3:7b:91:4c:b4:3b:0a:1e:
fc:64:40:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QKRYeJaCYPgJdxoidInuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YThhNjkwMDlhZDJlODkwOTg2YmRkNzZjNjMzYzFiMzFm
MDZmM2EwHhcNMjYwMzI5MTEwMDMwWhcNMjYwMzMwMTEwMDMwWjAzMTEwLwYDVQQD
Eyg5YzNhNTEyMzk0ZjBlYTBiOWJiMDQzMzFhYjA5YzkzZjdiMTAzNjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGQDDCPsWKKHoCoW4jy9VFjT0utT
+aKNxZcznuMKmnkNJ/H2cdGr1yepAAvnfem8+PBsMtZq+fM6Jmcyd3XqRifCDHxR
ncNBRzbK34w4TdyYekbG7hOrkT1wl6R+UWDFMObZ2U/ZPUOV8MCsv8AGW5jCi3TX
nrsLKD6VsHwsqXd/IC5WJ4RiTHzms4wmROO3HefSy7Q62v0WIiECo2BWPAUyfin0
NyxQBVm/8KPfBZoAJyKilDvGMxRv3g2bla/w7r5N/8s/jdrWVnLDgCIMxtpIOGNt
CnJxPhj7MZBV5cwzwkTGZK6pz4gl7F+LvRoEPyqP9MfhvhakBjUq74WZYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJw6USOU8OoLm7BDMasJyT97EDY+MB8GA1UdIwQY
MBaAFKWoppAJrS6JCYa912xjPBsx8G86MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGFpbWtBbXRMb2tKaHIzWGJHTThHekh3YnpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9jNGRhZGEtMWEyOS00NDlhLTlhYzYt
YjEyZWJmMzQ1YmMzLzEvcGFpbWtBbXRMb2tKaHIzWGJHTThHekh3YnpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9jNGRhZGEtMWEyOS00NDlhLTlhYzYtYjEyZWJmMzQ1YmMz
LzEvcGFpbWtBbXRMb2tKaHIzWGJHTThHekh3YnpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWrw0HmlX
OEPr5RJDQe05jYXCxihHny1ti4MceUEmeA05ZZvmliPSoF/NWF7BcJHyF35KsQXS
CdKtATdy9iLYS4223aiUtUF/dOHADO6lPUyRdynbmEupKoo+/IGmSc792PoUpsSo
03BeBRfCEnRUkWiW2Z/8+Z2kPTaPelhN6Zl/oi43agm3Rzv9tuDlJxAXf6OAQwwg
h+4Tzy0OMjGAu1FAOskdJL0c4gXUXqju8Lh2FlUvOeDoMN597iRPGXSCcAC7p/i+
02J/npoFUh1CP/bJV6aElLPqB6PkUOQ2GizU1h9wapIKOPcR9DCISdZzC79wMvN7
kUy0Owoe/GRAJg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:00:35 2026 by rpki-client