Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft
File: pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft (raw, json)
Hash identifier: n3kx3wwsLf5V5OWrGT+x1g4r2glKKjew0UZ0/Nj1PXk=
Subject key identifier: DD:8A:B3:2E:8F:DC:F5:4D:DB:E8:FF:C6:EB:5A:8C:7C:99:58:FE:6C
Authority key identifier: A4:06:8C:66:55:C3:33:FC:71:28:32:C1:13:F6:7F:1F:D6:88:AE:C4
Certificate issuer: /CN=a4068c6655c333fc712832c113f67f1fd688aec4
Certificate serial: 019CAB3494844BE9F82ED524B87669988D6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft
Manifest number: 1543
Signing time: Sun 01 Mar 2026 21:01:15 +0000
Manifest this update: Sun 01 Mar 2026 21:01:15 +0000
Manifest next update: Mon 02 Mar 2026 21:01:15 +0000
Files and hashes: 1: pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.crl (hash: 8p1iMcPYpnHnHE5vk6bypRHxJxT2h1ehKwOaBUTNjbw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:34:94:84:4b:e9:f8:2e:d5:24:b8:76:69:98:8d:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4068c6655c333fc712832c113f67f1fd688aec4
Validity
Not Before: Mar 1 21:01:15 2026 GMT
Not After : Mar 2 21:01:15 2026 GMT
Subject: CN=dd8ab32e8fdcf54ddbe8ffc6eb5a8c7c9958fe6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ce:43:26:f0:af:74:8f:48:40:ce:d9:5e:26:
44:71:93:ab:d7:42:01:63:b2:d9:18:57:bf:d6:a8:
5d:bc:f9:21:da:e8:03:ba:f5:8a:21:b3:13:18:ee:
56:87:ce:5b:86:f3:c8:87:47:66:1a:c0:26:6f:2a:
22:69:49:df:87:3d:63:da:fe:24:72:62:db:f0:ff:
c8:d9:b0:a3:a6:0f:b4:27:e9:75:e3:58:e4:49:fb:
2e:02:44:85:0d:d4:d7:4f:d4:dc:64:8a:02:13:80:
88:cc:ac:4d:d7:dc:81:02:0e:3c:2d:0a:67:58:2c:
9d:13:d9:8f:85:a0:fa:dd:9a:7d:71:be:1b:58:c2:
e1:00:e7:fa:0c:a6:1f:be:da:ea:c2:91:a5:45:42:
f5:4b:77:f3:5e:b5:f1:d0:82:59:74:7c:74:79:0b:
71:c8:55:da:fc:c7:c5:8a:c0:b5:53:d4:55:5b:0f:
3e:a6:ea:a4:6e:6b:4d:88:9d:7e:a0:41:74:d2:87:
20:16:99:8a:2c:fd:02:d0:2e:61:dc:f9:8d:13:8f:
40:a9:fb:d9:0a:af:ec:26:bc:2e:4a:75:be:29:3b:
9b:0c:e0:76:a5:26:70:dc:e6:9d:f1:5f:79:40:25:
56:be:fd:67:2d:70:e3:ee:25:52:d6:22:52:c5:ff:
dc:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:8A:B3:2E:8F:DC:F5:4D:DB:E8:FF:C6:EB:5A:8C:7C:99:58:FE:6C
X509v3 Authority Key Identifier:
keyid:A4:06:8C:66:55:C3:33:FC:71:28:32:C1:13:F6:7F:1F:D6:88:AE:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4f:db:5e:00:6f:a1:b1:29:f3:12:7b:11:1b:2f:85:90:8c:aa:
81:b1:0b:ae:80:fb:46:b3:53:d4:f4:7a:b2:aa:69:d2:8b:6d:
b7:b0:59:c6:57:78:a6:c1:58:b7:08:9f:f0:cf:23:9b:c2:56:
16:eb:5b:74:f8:25:1b:8a:f7:60:96:30:f8:8b:51:ba:4c:76:
81:69:7b:fb:5d:a4:ee:20:f1:9a:8c:48:e3:00:c6:95:d9:b2:
f3:56:c9:9e:1c:af:94:8f:75:96:34:c6:e6:40:a1:75:4f:4b:
51:19:6b:bf:61:43:93:ea:bc:b0:34:ad:ba:12:a6:e8:98:70:
83:f7:62:4d:79:29:9c:f0:b6:dc:3e:b3:cd:7f:ed:c1:e0:ae:
3c:bd:73:bb:7f:ed:d3:3d:f0:cf:b0:de:11:8d:96:0c:49:4e:
0e:c7:59:b6:d9:5e:3a:d4:05:b7:95:10:fd:be:1b:6f:1d:33:
ad:fa:12:2b:98:0e:1c:89:81:ef:2a:bc:c8:b4:67:55:b6:c7:
4b:12:3f:e8:1e:a9:35:95:3a:03:b2:5e:18:62:f9:b1:cd:4a:
bf:82:5a:c8:49:1f:2e:9c:fd:f2:2c:ca:dc:d5:70:eb:9c:93:
bf:1f:73:54:77:ca:e9:df:d3:59:dd:7e:35:5b:aa:d7:df:12:
19:0e:3b:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrNJSES+n4LtUkuHZpmI1rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MDY4YzY2NTVjMzMzZmM3MTI4MzJjMTEzZjY3ZjFmZDY4
OGFlYzQwHhcNMjYwMzAxMjEwMTE1WhcNMjYwMzAyMjEwMTE1WjAzMTEwLwYDVQQD
EyhkZDhhYjMyZThmZGNmNTRkZGJlOGZmYzZlYjVhOGM3Yzk5NThmZTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAps5DJvCvdI9IQM7ZXiZEcZOr10IB
Y7LZGFe/1qhdvPkh2ugDuvWKIbMTGO5Wh85bhvPIh0dmGsAmbyoiaUnfhz1j2v4k
cmLb8P/I2bCjpg+0J+l141jkSfsuAkSFDdTXT9TcZIoCE4CIzKxN19yBAg48LQpn
WCydE9mPhaD63Zp9cb4bWMLhAOf6DKYfvtrqwpGlRUL1S3fzXrXx0IJZdHx0eQtx
yFXa/MfFisC1U9RVWw8+puqkbmtNiJ1+oEF00ocgFpmKLP0C0C5h3PmNE49AqfvZ
Cq/sJrwuSnW+KTubDOB2pSZw3Oad8V95QCVWvv1nLXDj7iVS1iJSxf/cZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN2Ksy6P3PVN2+j/xutajHyZWP5sMB8GA1UdIwQY
MBaAFKQGjGZVwzP8cSgywRP2fx/WiK7EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEFhTVpsWERNX3h4S0RMQkVfWl9IOWFJcnNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8wYWVmMmItMWU0NS00YWQ1LWE4MGMt
ODZkZWUyMDdmODFlLzEvcEFhTVpsWERNX3h4S0RMQkVfWl9IOWFJcnNRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8wYWVmMmItMWU0NS00YWQ1LWE4MGMtODZkZWUyMDdmODFl
LzEvcEFhTVpsWERNX3h4S0RMQkVfWl9IOWFJcnNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT9teAG+h
sSnzEnsRGy+FkIyqgbELroD7RrNT1PR6sqpp0ottt7BZxld4psFYtwif8M8jm8JW
FutbdPglG4r3YJYw+ItRukx2gWl7+12k7iDxmoxI4wDGldmy81bJnhyvlI91ljTG
5kChdU9LURlrv2FDk+q8sDStuhKm6Jhwg/diTXkpnPC23D6zzX/tweCuPL1zu3/t
0z3wz7DeEY2WDElODsdZttleOtQFt5UQ/b4bbx0zrfoSK5gOHImB7yq8yLRnVbbH
SxI/6B6pNZU6A7JeGGL5sc1Kv4JayEkfLpz98izK3NVw65yTvx9zVHfK6d/TWd1+
NVuq198SGQ471Q==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:04:48 2026 by rpki-client