Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.mft
File: aNLCXQU0pAJ8aVViqM5PABzVOW8.mft (raw, json)
Hash identifier: fXb1nka0r2jaAzMizRdi6h32ReIiD30wMdqm07G9hOU=
Subject key identifier: 89:E3:DF:DD:D8:CA:8A:F9:01:F4:D5:B0:3C:64:53:76:4F:32:B7:73
Authority key identifier: 68:D2:C2:5D:05:34:A4:02:7C:69:55:62:A8:CE:4F:00:1C:D5:39:6F
Certificate issuer: /CN=68d2c25d0534a4027c695562a8ce4f001cd5396f
Certificate serial: 019CAC477933E78C81D7604A387CE4E15D26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNLCXQU0pAJ8aVViqM5PABzVOW8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.mft
Manifest number: 149A
Signing time: Mon 02 Mar 2026 02:01:31 +0000
Manifest this update: Mon 02 Mar 2026 02:01:31 +0000
Manifest next update: Tue 03 Mar 2026 02:01:31 +0000
Files and hashes: 1: URwUlX1aGUQjALJuv2b7NQZnlQY.roa (hash: tfOWykptTnti4HmolEIB0RYCOL60/EO4faOftMz4e/U=)
2: aNLCXQU0pAJ8aVViqM5PABzVOW8.crl (hash: PQeVND/gyzbNo3HsUtji4eSKWyLQsEHKpe5rNhyJC08=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.mft
rsync://rpki.ripe.net/repository/DEFAULT/aNLCXQU0pAJ8aVViqM5PABzVOW8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:47:79:33:e7:8c:81:d7:60:4a:38:7c:e4:e1:5d:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68d2c25d0534a4027c695562a8ce4f001cd5396f
Validity
Not Before: Mar 2 02:01:31 2026 GMT
Not After : Mar 3 02:01:31 2026 GMT
Subject: CN=89e3dfddd8ca8af901f4d5b03c6453764f32b773
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:fb:9a:94:86:1c:9f:8c:ec:8c:70:3d:fb:99:
48:f6:0f:6a:83:db:a4:9e:5e:6b:55:5f:ac:50:df:
b8:c4:f2:58:8a:5c:a6:89:97:cf:71:f6:f6:de:5c:
2e:dd:ac:e0:32:cd:05:fe:ac:c1:e1:3c:81:f5:ec:
71:c6:88:92:72:4c:55:34:11:b1:0b:3b:9c:c9:f8:
69:e5:62:72:2b:47:10:b0:1f:41:51:0f:f7:c5:99:
92:e4:78:bb:47:04:fe:a0:c8:31:c2:76:43:b5:94:
eb:90:de:cf:6d:35:1f:98:50:23:30:8c:63:e1:5d:
3d:2a:5f:e6:2a:ad:12:13:f8:b8:62:63:7f:ef:e2:
dc:4c:a9:ff:15:84:9c:2f:26:30:c4:0b:c8:90:15:
11:78:4c:46:b8:ff:9c:14:2b:af:c7:c1:51:47:7e:
79:7e:00:de:2a:cd:f7:be:67:9c:79:28:44:3a:97:
01:98:1b:12:50:85:4a:46:ef:a8:56:41:45:fb:8f:
19:33:0c:d4:f2:09:d4:84:97:6c:3f:06:a0:21:05:
50:11:53:98:24:4a:ba:cc:ee:e4:55:e5:d4:2c:7d:
04:02:25:ea:5f:e3:35:86:5e:47:53:e4:d6:8b:f6:
cf:dd:b9:a9:19:39:d9:8b:60:df:28:38:fd:76:97:
28:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:E3:DF:DD:D8:CA:8A:F9:01:F4:D5:B0:3C:64:53:76:4F:32:B7:73
X509v3 Authority Key Identifier:
keyid:68:D2:C2:5D:05:34:A4:02:7C:69:55:62:A8:CE:4F:00:1C:D5:39:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNLCXQU0pAJ8aVViqM5PABzVOW8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
65:a0:18:a3:76:b9:7b:ed:73:9e:cd:02:51:76:1a:1b:cb:77:
b5:e6:71:ae:13:b6:32:6c:bf:e8:6c:0b:e5:15:20:d1:9b:9d:
00:dd:71:92:c9:1b:a2:71:2a:57:6f:1c:c2:f7:0e:32:6b:ba:
25:fd:ac:bb:e2:d1:43:c6:3b:35:41:ae:4e:bf:03:d3:e1:b2:
26:17:09:85:56:62:d8:b4:0b:e6:0b:17:f7:bb:6c:98:5d:29:
98:35:72:fa:cb:e1:ed:60:52:67:07:9d:d5:de:0a:09:bc:8a:
9a:05:0d:91:87:47:96:80:35:39:34:93:97:41:41:a0:d7:52:
47:1d:c9:dd:4d:e7:de:df:77:0f:a2:2e:33:54:6a:fc:8f:1d:
12:6e:a0:e9:7f:c8:03:cc:37:ce:5c:72:5b:32:e4:d0:d0:ac:
c6:53:13:58:d0:cb:a1:01:f9:e0:83:c8:11:ae:44:94:2b:39:
cd:bd:76:bd:16:25:c6:51:04:04:d8:cf:18:96:ab:c9:30:8f:
79:09:8f:f1:a1:03:f3:67:c5:b2:91:06:23:8b:ff:14:b4:47:
19:6e:f0:e0:2d:50:0e:54:78:e7:6c:4d:03:21:7e:8d:90:00:
d3:0d:21:f9:c6:24:90:9c:9b:67:89:a7:53:8d:c2:d0:a9:d2:
c7:29:8c:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysR3kz54yB12BKOHzk4V0mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZDJjMjVkMDUzNGE0MDI3YzY5NTU2MmE4Y2U0ZjAwMWNk
NTM5NmYwHhcNMjYwMzAyMDIwMTMxWhcNMjYwMzAzMDIwMTMxWjAzMTEwLwYDVQQD
Eyg4OWUzZGZkZGQ4Y2E4YWY5MDFmNGQ1YjAzYzY0NTM3NjRmMzJiNzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyfualIYcn4zsjHA9+5lI9g9qg9uk
nl5rVV+sUN+4xPJYilymiZfPcfb23lwu3azgMs0F/qzB4TyB9exxxoiSckxVNBGx
Czucyfhp5WJyK0cQsB9BUQ/3xZmS5Hi7RwT+oMgxwnZDtZTrkN7PbTUfmFAjMIxj
4V09Kl/mKq0SE/i4YmN/7+LcTKn/FYScLyYwxAvIkBUReExGuP+cFCuvx8FRR355
fgDeKs33vmeceShEOpcBmBsSUIVKRu+oVkFF+48ZMwzU8gnUhJdsPwagIQVQEVOY
JEq6zO7kVeXULH0EAiXqX+M1hl5HU+TWi/bP3bmpGTnZi2DfKDj9dpcotQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFInj393Yyor5AfTVsDxkU3ZPMrdzMB8GA1UdIwQY
MBaAFGjSwl0FNKQCfGlVYqjOTwAc1TlvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU5MQ1hRVTBwQUo4YVZWaXFNNVBBQnpWT1c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9hZDk3NTYtODRkMS00YWI5LTk2ZTEt
MTQ3OTdlYWM1MjJlLzEvYU5MQ1hRVTBwQUo4YVZWaXFNNVBBQnpWT1c4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9hZDk3NTYtODRkMS00YWI5LTk2ZTEtMTQ3OTdlYWM1MjJl
LzEvYU5MQ1hRVTBwQUo4YVZWaXFNNVBBQnpWT1c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZaAYo3a5
e+1zns0CUXYaG8t3teZxrhO2Mmy/6GwL5RUg0ZudAN1xkskbonEqV28cwvcOMmu6
Jf2su+LRQ8Y7NUGuTr8D0+GyJhcJhVZi2LQL5gsX97tsmF0pmDVy+svh7WBSZwed
1d4KCbyKmgUNkYdHloA1OTSTl0FBoNdSRx3J3U3n3t93D6IuM1Rq/I8dEm6g6X/I
A8w3zlxyWzLk0NCsxlMTWNDLoQH54IPIEa5ElCs5zb12vRYlxlEEBNjPGJaryTCP
eQmP8aED82fFspEGI4v/FLRHGW7w4C1QDlR452xNAyF+jZAA0w0h+cYkkJybZ4mn
U43C0KnSxymMDA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:01:01 2026 by rpki-client