Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/5f56af-ebfb-4c88-a082-0986d8b0c6d9/1/rlAYJxRKMYi-oczuWGVv1kKdj5U.mft
File: rlAYJxRKMYi-oczuWGVv1kKdj5U.mft (raw, json)
Hash identifier: oaJekJRJmNb+shZQkkF2vdx3nxVvUPejt+QLf8ppjJk=
Subject key identifier: 5B:20:E4:BE:D3:43:81:B8:92:37:A1:3F:1A:6C:C2:43:35:AC:25:70
Authority key identifier: AE:50:18:27:14:4A:31:88:BE:A1:CC:EE:58:65:6F:D6:42:9D:8F:95
Certificate issuer: /CN=ae501827144a3188bea1ccee58656fd6429d8f95
Certificate serial: 019D3752C0F7CD97827C56B069B37C3087AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rlAYJxRKMYi-oczuWGVv1kKdj5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/5f56af-ebfb-4c88-a082-0986d8b0c6d9/1/rlAYJxRKMYi-oczuWGVv1kKdj5U.mft
Manifest number: 1894
Signing time: Sun 29 Mar 2026 02:01:03 +0000
Manifest this update: Sun 29 Mar 2026 02:01:03 +0000
Manifest next update: Mon 30 Mar 2026 02:01:03 +0000
Files and hashes: 1: dNleK7oqqS4JYOVbb6S3XLVUiBA.roa (hash: eOgBYtYMR3J+l0721Hpv5YsWUbXa/qSUakud5H58TI8=)
2: rlAYJxRKMYi-oczuWGVv1kKdj5U.crl (hash: RUKwlPvyNaXF9gTOeUhHsHDvxPC4hD8uv7EHWkg4v3M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/5f56af-ebfb-4c88-a082-0986d8b0c6d9/1/rlAYJxRKMYi-oczuWGVv1kKdj5U.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/5f56af-ebfb-4c88-a082-0986d8b0c6d9/1/rlAYJxRKMYi-oczuWGVv1kKdj5U.mft
rsync://rpki.ripe.net/repository/DEFAULT/rlAYJxRKMYi-oczuWGVv1kKdj5U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 02:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:52:c0:f7:cd:97:82:7c:56:b0:69:b3:7c:30:87:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae501827144a3188bea1ccee58656fd6429d8f95
Validity
Not Before: Mar 29 02:01:03 2026 GMT
Not After : Mar 30 02:01:03 2026 GMT
Subject: CN=5b20e4bed34381b89237a13f1a6cc24335ac2570
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:50:f7:49:51:d6:66:85:0c:35:7d:41:39:10:
d3:fb:dc:a8:72:39:b9:cd:b0:78:1c:33:69:43:d9:
7c:11:78:8d:b5:e0:93:63:ab:6c:73:7d:dc:69:86:
73:58:29:00:df:ef:99:c0:df:db:a3:1d:f7:5e:dc:
55:7e:cc:ef:f5:db:00:a4:62:6f:cb:66:ba:46:99:
4f:ce:47:f0:b8:a2:2b:ee:91:6b:58:60:05:9a:87:
24:4d:71:ea:5e:2f:6a:fa:4b:b9:a6:cc:e8:98:9d:
38:b8:29:e3:6b:c0:b3:fa:64:9a:49:9e:de:c3:b4:
df:65:71:37:e3:13:89:ba:34:f0:48:7e:dc:75:f3:
85:60:c9:81:4d:81:69:8e:b2:19:d5:44:85:9e:e7:
e3:3c:67:df:ca:78:6c:d0:fc:18:f7:b1:23:e6:a1:
97:f2:5a:b6:a7:82:70:bf:13:58:2d:2e:22:3f:b0:
c9:b2:1d:b3:fa:09:cd:a4:4a:ff:91:49:52:ce:2f:
dc:43:18:73:65:81:83:e2:48:9e:d4:10:46:db:8c:
0a:eb:6f:e9:fe:a7:d7:83:1b:9d:05:1d:50:a3:f0:
aa:ec:55:e2:77:0c:7a:97:7a:82:60:f2:08:16:1d:
95:3f:78:bc:fb:8d:02:01:da:e6:b2:bb:bf:be:e1:
af:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:20:E4:BE:D3:43:81:B8:92:37:A1:3F:1A:6C:C2:43:35:AC:25:70
X509v3 Authority Key Identifier:
keyid:AE:50:18:27:14:4A:31:88:BE:A1:CC:EE:58:65:6F:D6:42:9D:8F:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rlAYJxRKMYi-oczuWGVv1kKdj5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/5f56af-ebfb-4c88-a082-0986d8b0c6d9/1/rlAYJxRKMYi-oczuWGVv1kKdj5U.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/5f56af-ebfb-4c88-a082-0986d8b0c6d9/1/rlAYJxRKMYi-oczuWGVv1kKdj5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
17:4b:8c:e6:73:94:55:96:f1:a1:e1:05:93:67:c5:63:30:a0:
4a:27:03:ea:b5:95:4d:91:85:85:e3:db:e3:d5:9c:ae:2e:87:
5b:4c:f2:c0:50:4e:d2:98:d5:a4:93:bf:a8:50:7e:61:9d:9c:
11:29:cb:d1:1b:bb:98:88:82:b6:82:86:72:88:0b:5e:30:53:
ca:9e:f8:35:8f:3f:f2:eb:8a:1d:b9:16:f4:84:18:75:a4:f0:
43:e1:a8:27:4a:9f:4a:45:cc:1c:6a:97:de:00:fd:ec:57:3b:
06:bc:b6:58:17:41:d8:9d:58:85:01:10:6c:60:35:14:7f:fa:
23:db:c1:8e:75:a2:fd:67:9b:82:a7:63:2c:1a:32:62:c7:c3:
24:6a:7d:ba:13:e1:ae:77:06:60:b6:b9:f4:0f:73:67:73:56:
93:94:ef:74:85:26:d4:a9:5f:cc:cc:ca:cd:fa:54:a3:64:08:
bc:44:2a:88:ef:cf:57:5a:f3:dc:0c:28:7f:56:9e:5d:a5:3c:
ac:0f:d0:58:57:dd:59:1e:3e:c2:66:a2:79:9d:2d:1f:db:42:
a1:56:17:a9:a8:1a:fb:52:58:c7:ee:0e:d6:5c:49:56:de:6c:
54:de:17:59:f7:3b:20:55:2e:e7:c6:d7:60:50:9d:80:51:93:
65:b6:44:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03UsD3zZeCfFawabN8MIetMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNTAxODI3MTQ0YTMxODhiZWExY2NlZTU4NjU2ZmQ2NDI5
ZDhmOTUwHhcNMjYwMzI5MDIwMTAzWhcNMjYwMzMwMDIwMTAzWjAzMTEwLwYDVQQD
Eyg1YjIwZTRiZWQzNDM4MWI4OTIzN2ExM2YxYTZjYzI0MzM1YWMyNTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1D3SVHWZoUMNX1BORDT+9yocjm5
zbB4HDNpQ9l8EXiNteCTY6tsc33caYZzWCkA3++ZwN/box33XtxVfszv9dsApGJv
y2a6RplPzkfwuKIr7pFrWGAFmockTXHqXi9q+ku5pszomJ04uCnja8Cz+mSaSZ7e
w7TfZXE34xOJujTwSH7cdfOFYMmBTYFpjrIZ1USFnufjPGffynhs0PwY97Ej5qGX
8lq2p4JwvxNYLS4iP7DJsh2z+gnNpEr/kUlSzi/cQxhzZYGD4kie1BBG24wK62/p
/qfXgxudBR1Qo/Cq7FXidwx6l3qCYPIIFh2VP3i8+40CAdrmsru/vuGvyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFsg5L7TQ4G4kjehPxpswkM1rCVwMB8GA1UdIwQY
MBaAFK5QGCcUSjGIvqHM7lhlb9ZCnY+VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmxBWUp4UktNWWktb2N6dVdHVnYxa0tkajVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC81ZjU2YWYtZWJmYi00Yzg4LWEwODIt
MDk4NmQ4YjBjNmQ5LzEvcmxBWUp4UktNWWktb2N6dVdHVnYxa0tkajVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC81ZjU2YWYtZWJmYi00Yzg4LWEwODItMDk4NmQ4YjBjNmQ5
LzEvcmxBWUp4UktNWWktb2N6dVdHVnYxa0tkajVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF0uM5nOU
VZbxoeEFk2fFYzCgSicD6rWVTZGFhePb49Wcri6HW0zywFBO0pjVpJO/qFB+YZ2c
ESnL0Ru7mIiCtoKGcogLXjBTyp74NY8/8uuKHbkW9IQYdaTwQ+GoJ0qfSkXMHGqX
3gD97Fc7Bry2WBdB2J1YhQEQbGA1FH/6I9vBjnWi/WebgqdjLBoyYsfDJGp9uhPh
rncGYLa59A9zZ3NWk5TvdIUm1KlfzMzKzfpUo2QIvEQqiO/PV1rz3Awof1aeXaU8
rA/QWFfdWR4+wmaieZ0tH9tCoVYXqaga+1JYx+4O1lxJVt5sVN4XWfc7IFUu58bX
YFCdgFGTZbZE2g==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:26:47 2026 by rpki-client