Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/2fb8df-0e48-4665-a99b-dffe59023e89/1/aHuR7aFrbxsfoBddZ8eZT2kdjpc.mft
File: aHuR7aFrbxsfoBddZ8eZT2kdjpc.mft (raw, json)
Hash identifier: byQcEaLXHiR6epP4RIyfVPHmT8eFJAJywtIIVUR3QfA=
Subject key identifier: 6F:97:8E:3B:CC:5C:0B:52:D2:A9:B1:9E:F4:26:57:CA:9B:F7:F7:71
Authority key identifier: 68:7B:91:ED:A1:6B:6F:1B:1F:A0:17:5D:67:C7:99:4F:69:1D:8E:97
Certificate issuer: /CN=687b91eda16b6f1b1fa0175d67c7994f691d8e97
Certificate serial: 019D3977D24E7704283CA40EA226E6B0C233
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aHuR7aFrbxsfoBddZ8eZT2kdjpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/2fb8df-0e48-4665-a99b-dffe59023e89/1/aHuR7aFrbxsfoBddZ8eZT2kdjpc.mft
Manifest number: 07FA
Signing time: Sun 29 Mar 2026 12:00:47 +0000
Manifest this update: Sun 29 Mar 2026 12:00:47 +0000
Manifest next update: Mon 30 Mar 2026 12:00:47 +0000
Files and hashes: 1: TxCuEKO4UFBws6tMJ89yfNDgvSA.roa (hash: ye0le9kc8j89F6B3VF5KOiTRqH3PrXwEdQjOQuRJ7Js=)
2: aHuR7aFrbxsfoBddZ8eZT2kdjpc.crl (hash: pklbqxAGuOL2zx/1+aDWaMPoZvUvLa2OrKIZ42I9Tao=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/2fb8df-0e48-4665-a99b-dffe59023e89/1/aHuR7aFrbxsfoBddZ8eZT2kdjpc.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/2fb8df-0e48-4665-a99b-dffe59023e89/1/aHuR7aFrbxsfoBddZ8eZT2kdjpc.mft
rsync://rpki.ripe.net/repository/DEFAULT/aHuR7aFrbxsfoBddZ8eZT2kdjpc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:77:d2:4e:77:04:28:3c:a4:0e:a2:26:e6:b0:c2:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=687b91eda16b6f1b1fa0175d67c7994f691d8e97
Validity
Not Before: Mar 29 12:00:47 2026 GMT
Not After : Mar 30 12:00:47 2026 GMT
Subject: CN=6f978e3bcc5c0b52d2a9b19ef42657ca9bf7f771
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:9b:c6:42:fd:5f:2b:43:54:d2:f4:e8:c3:22:
46:76:07:a0:63:9d:ee:23:a6:03:d5:fb:2f:56:ff:
32:02:e5:83:17:77:b9:4b:7d:f9:ea:24:d9:17:3c:
ae:c3:d0:24:60:3b:1c:03:91:5c:03:e2:14:21:21:
f8:ad:f5:71:81:e6:49:d3:89:1f:5a:82:42:dd:6c:
5b:ea:a8:28:24:66:04:9f:ad:e1:0f:43:41:e1:41:
e5:5b:1c:39:e2:f3:bd:32:56:e8:b6:a4:8e:45:a1:
a8:72:2f:e5:ab:49:59:cf:a1:49:ab:7c:7a:f4:f2:
4f:c3:1e:97:06:34:66:8d:f2:b2:b5:7b:60:c2:a4:
c1:84:65:80:ad:c7:6e:42:71:32:77:e3:11:fd:14:
d9:7d:83:03:3f:57:d9:01:8f:84:9e:d1:75:e5:4c:
0a:22:77:12:21:8a:69:a5:48:84:ed:ae:ff:50:3c:
7d:9a:5e:27:3f:0f:aa:dc:24:00:79:83:e1:ec:4d:
29:9d:5c:20:c7:fa:1f:26:60:62:16:5b:86:3b:54:
61:8c:84:16:3e:a0:ec:dc:e3:db:4a:b7:94:8a:78:
42:1a:0a:5b:12:ce:9d:92:79:f9:9a:5a:21:33:39:
47:b4:cf:89:67:2e:0f:66:6e:21:23:6b:f0:7a:cc:
da:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:97:8E:3B:CC:5C:0B:52:D2:A9:B1:9E:F4:26:57:CA:9B:F7:F7:71
X509v3 Authority Key Identifier:
keyid:68:7B:91:ED:A1:6B:6F:1B:1F:A0:17:5D:67:C7:99:4F:69:1D:8E:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aHuR7aFrbxsfoBddZ8eZT2kdjpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/2fb8df-0e48-4665-a99b-dffe59023e89/1/aHuR7aFrbxsfoBddZ8eZT2kdjpc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/2fb8df-0e48-4665-a99b-dffe59023e89/1/aHuR7aFrbxsfoBddZ8eZT2kdjpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0c:9c:53:71:ac:4c:c4:87:31:58:35:ea:e9:14:fc:9c:1b:5a:
22:8e:29:6d:3b:85:52:c6:d1:59:45:76:d0:d2:08:dc:1b:b7:
b7:d2:39:2f:32:50:d9:90:9b:76:76:d3:f9:52:02:7c:46:16:
07:3b:09:7f:b2:46:d0:06:af:31:9e:04:70:81:37:e6:18:58:
e3:a3:a7:c0:f8:87:19:35:69:75:a0:e3:9b:65:d2:fa:12:1f:
ab:26:f7:bd:3e:b1:27:86:7c:8a:4c:e6:37:bb:4d:44:cc:17:
f7:1d:bb:26:58:e0:9a:ad:1f:04:0e:20:c2:bf:bc:45:99:59:
03:fe:ee:e6:ce:aa:c0:56:c3:33:d2:2d:a0:a7:61:0f:78:68:
28:64:c1:15:43:8b:05:77:9c:03:2b:23:39:17:83:f7:4e:6a:
f5:9c:07:a6:d8:20:41:64:41:be:15:68:67:4f:1d:f2:2b:61:
6e:b5:0e:de:b3:6d:36:ed:ff:7e:70:bb:88:c1:6a:c0:06:40:
9c:7c:d0:0e:9c:0d:a7:e2:d0:dd:89:c6:37:62:11:c2:e7:33:
73:30:48:94:2d:31:95:5a:f4:93:c2:c9:fb:86:53:6a:7d:2e:
26:f7:9d:a2:95:e7:0c:fc:2b:d8:16:7c:47:da:e6:ef:80:f4:
2c:a3:23:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05d9JOdwQoPKQOoibmsMIzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4N2I5MWVkYTE2YjZmMWIxZmEwMTc1ZDY3Yzc5OTRmNjkx
ZDhlOTcwHhcNMjYwMzI5MTIwMDQ3WhcNMjYwMzMwMTIwMDQ3WjAzMTEwLwYDVQQD
Eyg2Zjk3OGUzYmNjNWMwYjUyZDJhOWIxOWVmNDI2NTdjYTliZjdmNzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk5vGQv1fK0NU0vTowyJGdgegY53u
I6YD1fsvVv8yAuWDF3e5S3356iTZFzyuw9AkYDscA5FcA+IUISH4rfVxgeZJ04kf
WoJC3Wxb6qgoJGYEn63hD0NB4UHlWxw54vO9MlbotqSORaGoci/lq0lZz6FJq3x6
9PJPwx6XBjRmjfKytXtgwqTBhGWArcduQnEyd+MR/RTZfYMDP1fZAY+EntF15UwK
IncSIYpppUiE7a7/UDx9ml4nPw+q3CQAeYPh7E0pnVwgx/ofJmBiFluGO1RhjIQW
PqDs3OPbSreUinhCGgpbEs6dknn5mlohMzlHtM+JZy4PZm4hI2vwesza0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG+XjjvMXAtS0qmxnvQmV8qb9/dxMB8GA1UdIwQY
MBaAFGh7ke2ha28bH6AXXWfHmU9pHY6XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUh1UjdhRnJieHNmb0JkZFo4ZVpUMmtkanBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS8yZmI4ZGYtMGU0OC00NjY1LWE5OWIt
ZGZmZTU5MDIzZTg5LzEvYUh1UjdhRnJieHNmb0JkZFo4ZVpUMmtkanBjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS8yZmI4ZGYtMGU0OC00NjY1LWE5OWItZGZmZTU5MDIzZTg5
LzEvYUh1UjdhRnJieHNmb0JkZFo4ZVpUMmtkanBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADJxTcaxM
xIcxWDXq6RT8nBtaIo4pbTuFUsbRWUV20NII3Bu3t9I5LzJQ2ZCbdnbT+VICfEYW
BzsJf7JG0AavMZ4EcIE35hhY46OnwPiHGTVpdaDjm2XS+hIfqyb3vT6xJ4Z8ikzm
N7tNRMwX9x27Jljgmq0fBA4gwr+8RZlZA/7u5s6qwFbDM9ItoKdhD3hoKGTBFUOL
BXecAysjOReD905q9ZwHptggQWRBvhVoZ08d8ithbrUO3rNtNu3/fnC7iMFqwAZA
nHzQDpwNp+LQ3YnGN2IRwuczczBIlC0xlVr0k8LJ+4ZTan0uJvedopXnDPwr2BZ8
R9rm74D0LKMjlQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 16:23:50 2026 by rpki-client