Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/5e9f90-a6b0-4fd8-b8dd-792802c43925/1/aPg-KjQUWtR-DMKzx5_GMSuuLHE.mft
File: aPg-KjQUWtR-DMKzx5_GMSuuLHE.mft (raw, json)
Hash identifier: B97P+Spu4KxXr9i9q4aFAZ0ABCJqkgwX8APpbeC6+cg=
Subject key identifier: 28:5D:0C:21:0E:D7:AD:B5:F8:B0:95:24:7A:F7:66:5B:F2:48:98:94
Authority key identifier: 68:F8:3E:2A:34:14:5A:D4:7E:0C:C2:B3:C7:9F:C6:31:2B:AE:2C:71
Certificate issuer: /CN=68f83e2a34145ad47e0cc2b3c79fc6312bae2c71
Certificate serial: 019CABA207D40921B34E2BEC40A649873C9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aPg-KjQUWtR-DMKzx5_GMSuuLHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/5e9f90-a6b0-4fd8-b8dd-792802c43925/1/aPg-KjQUWtR-DMKzx5_GMSuuLHE.mft
Manifest number: 0704
Signing time: Sun 01 Mar 2026 23:00:48 +0000
Manifest this update: Sun 01 Mar 2026 23:00:48 +0000
Manifest next update: Mon 02 Mar 2026 23:00:48 +0000
Files and hashes: 1: 5JP3EEY5bnKcvSQg_d_0jzLOuso.roa (hash: nHWCClQokNNDpIYjG0ERFvivPbSmCZ+n7ir/zAxywpM=)
2: aPg-KjQUWtR-DMKzx5_GMSuuLHE.crl (hash: BIKnRuyPgp6E3LNPOiabxvPoSX/dsrq9MXUQR3uD/7I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/5e9f90-a6b0-4fd8-b8dd-792802c43925/1/aPg-KjQUWtR-DMKzx5_GMSuuLHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/5e9f90-a6b0-4fd8-b8dd-792802c43925/1/aPg-KjQUWtR-DMKzx5_GMSuuLHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/aPg-KjQUWtR-DMKzx5_GMSuuLHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 23:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:a2:07:d4:09:21:b3:4e:2b:ec:40:a6:49:87:3c:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68f83e2a34145ad47e0cc2b3c79fc6312bae2c71
Validity
Not Before: Mar 1 23:00:48 2026 GMT
Not After : Mar 2 23:00:48 2026 GMT
Subject: CN=285d0c210ed7adb5f8b095247af7665bf2489894
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:3d:48:ff:c6:dc:55:b5:ca:78:5a:3c:46:23:
61:bb:5c:27:93:8a:5e:66:82:86:c3:80:f4:2b:6a:
71:4c:38:de:e5:26:98:af:ff:39:7d:cc:bd:8d:81:
8b:3d:c9:6d:ea:68:e0:12:15:20:8f:29:c1:ae:d7:
0c:87:5e:61:00:e4:f6:03:bb:20:20:5c:f9:1e:6b:
a7:01:c5:46:fb:8a:7b:a5:23:26:da:8d:49:b9:ac:
14:0f:4b:ed:9e:13:60:d5:35:3a:d5:90:a0:89:a2:
62:51:62:d6:3b:79:8f:1e:14:d6:5a:24:41:20:14:
75:db:ee:ae:2c:41:b0:c6:0b:78:1c:99:41:b1:bb:
38:84:52:6e:c5:f2:78:c4:61:87:73:ff:48:9d:e4:
94:3e:36:73:a9:c4:96:f4:53:e0:b6:e4:0a:33:75:
47:04:32:22:8a:f8:6e:14:2c:a0:b5:75:0e:59:a7:
48:bf:53:33:9c:c3:42:a8:b8:94:09:80:14:e0:6f:
3b:2c:12:2e:a6:49:b7:16:60:e6:26:3f:cc:ee:cc:
3d:e7:06:0c:ce:0c:2c:54:ff:43:bb:6f:34:70:8f:
c9:c4:2f:f4:e8:c7:46:d2:45:09:0c:57:f0:6c:19:
d8:c5:e1:77:13:38:f1:c8:85:13:64:c0:02:52:d5:
c3:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:5D:0C:21:0E:D7:AD:B5:F8:B0:95:24:7A:F7:66:5B:F2:48:98:94
X509v3 Authority Key Identifier:
keyid:68:F8:3E:2A:34:14:5A:D4:7E:0C:C2:B3:C7:9F:C6:31:2B:AE:2C:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aPg-KjQUWtR-DMKzx5_GMSuuLHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/5e9f90-a6b0-4fd8-b8dd-792802c43925/1/aPg-KjQUWtR-DMKzx5_GMSuuLHE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/5e9f90-a6b0-4fd8-b8dd-792802c43925/1/aPg-KjQUWtR-DMKzx5_GMSuuLHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4e:c9:7a:b4:9b:98:05:0e:4e:b4:5f:08:a2:4b:26:54:35:20:
48:2b:94:47:c8:71:24:c9:0a:5f:b3:b5:80:0c:3a:03:b1:d4:
fc:09:87:f7:97:e7:0a:1f:73:24:2e:08:0e:81:89:bb:40:74:
cc:51:00:2d:25:c5:e1:a4:5a:99:11:c6:0e:b7:21:05:92:ef:
eb:42:9a:e1:11:eb:bc:41:20:85:d1:af:a1:f2:db:5f:d9:14:
1d:47:9a:54:b5:be:83:c4:b2:c4:1d:9a:aa:ee:2a:d9:fe:e8:
4f:6a:73:08:df:28:50:d4:d8:58:e2:b7:cf:9b:57:20:b7:5e:
92:f1:68:8a:8f:6e:8b:34:d1:ad:63:25:7a:14:dd:ec:a4:a2:
4c:48:05:3a:e3:b5:fd:25:2f:08:d2:12:f3:c6:3d:14:03:91:
24:6f:53:43:a4:c6:0a:1c:74:83:ad:4f:80:fb:95:73:91:9e:
65:f5:c2:92:cd:16:5f:0e:77:2e:cb:52:26:94:64:25:83:77:
d7:21:9e:8f:07:73:bb:a3:bd:7e:d3:7c:12:ab:0f:5f:62:d8:
bf:53:6b:d6:72:d0:57:7e:9b:a4:9f:0f:df:86:c4:f6:a2:fe:
c4:53:56:9c:0b:0a:c9:03:13:00:9f:35:af:88:cf:3d:01:96:
9a:cd:f4:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrogfUCSGzTivsQKZJhzyeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZjgzZTJhMzQxNDVhZDQ3ZTBjYzJiM2M3OWZjNjMxMmJh
ZTJjNzEwHhcNMjYwMzAxMjMwMDQ4WhcNMjYwMzAyMjMwMDQ4WjAzMTEwLwYDVQQD
EygyODVkMGMyMTBlZDdhZGI1ZjhiMDk1MjQ3YWY3NjY1YmYyNDg5ODk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5D1I/8bcVbXKeFo8RiNhu1wnk4pe
ZoKGw4D0K2pxTDje5SaYr/85fcy9jYGLPclt6mjgEhUgjynBrtcMh15hAOT2A7sg
IFz5HmunAcVG+4p7pSMm2o1JuawUD0vtnhNg1TU61ZCgiaJiUWLWO3mPHhTWWiRB
IBR12+6uLEGwxgt4HJlBsbs4hFJuxfJ4xGGHc/9IneSUPjZzqcSW9FPgtuQKM3VH
BDIiivhuFCygtXUOWadIv1MznMNCqLiUCYAU4G87LBIupkm3FmDmJj/M7sw95wYM
zgwsVP9Du280cI/JxC/06MdG0kUJDFfwbBnYxeF3EzjxyIUTZMACUtXDbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFChdDCEO1621+LCVJHr3ZlvySJiUMB8GA1UdIwQY
MBaAFGj4Pio0FFrUfgzCs8efxjErrixxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVBnLUtqUVVXdFItRE1Leng1X0dNU3V1TEhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy81ZTlmOTAtYTZiMC00ZmQ4LWI4ZGQt
NzkyODAyYzQzOTI1LzEvYVBnLUtqUVVXdFItRE1Leng1X0dNU3V1TEhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy81ZTlmOTAtYTZiMC00ZmQ4LWI4ZGQtNzkyODAyYzQzOTI1
LzEvYVBnLUtqUVVXdFItRE1Leng1X0dNU3V1TEhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATsl6tJuY
BQ5OtF8IoksmVDUgSCuUR8hxJMkKX7O1gAw6A7HU/AmH95fnCh9zJC4IDoGJu0B0
zFEALSXF4aRamRHGDrchBZLv60Ka4RHrvEEghdGvofLbX9kUHUeaVLW+g8SyxB2a
qu4q2f7oT2pzCN8oUNTYWOK3z5tXILdekvFoio9uizTRrWMlehTd7KSiTEgFOuO1
/SUvCNIS88Y9FAORJG9TQ6TGChx0g61PgPuVc5GeZfXCks0WXw53LstSJpRkJYN3
1yGejwdzu6O9ftN8EqsPX2LYv1Nr1nLQV36bpJ8P34bE9qL+xFNWnAsKyQMTAJ81
r4jPPQGWms309g==
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:01:48 2026 by rpki-client