Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft
File: aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft (raw, json)
Hash identifier: lQcJnjqm2leo4jvURPjKtKt8nwcck0JanABXOsc745Y=
Subject key identifier: 5D:53:48:89:42:D8:4B:76:48:E6:7A:E3:15:54:E8:65:2A:4A:39:AF
Authority key identifier: 68:6D:18:40:49:3E:EE:34:5F:8C:02:AD:8A:A7:F0:F0:F4:1B:A4:50
Certificate issuer: /CN=686d1840493eee345f8c02ad8aa7f0f0f41ba450
Certificate serial: 019D9AE2F60AE25B41AB07623C284B9D7B95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aG0YQEk-7jRfjAKtiqfw8PQbpFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft
Manifest number: 18C5
Signing time: Fri 17 Apr 2026 10:00:58 +0000
Manifest this update: Fri 17 Apr 2026 10:00:58 +0000
Manifest next update: Sat 18 Apr 2026 10:00:58 +0000
Files and hashes: 1: Uocr9SIrv8jbsgJXhQAIDOX3hGs.roa (hash: 4iPmjoYeqHL7835MhflNIw3FaZg4Ojg4Y6QdIx6OiEc=)
2: aG0YQEk-7jRfjAKtiqfw8PQbpFA.crl (hash: 3yXyAHNBJiQTF02XD2GU1qF2WKStj6q3BraSbcUb1dc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft
rsync://rpki.ripe.net/repository/DEFAULT/aG0YQEk-7jRfjAKtiqfw8PQbpFA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:e2:f6:0a:e2:5b:41:ab:07:62:3c:28:4b:9d:7b:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=686d1840493eee345f8c02ad8aa7f0f0f41ba450
Validity
Not Before: Apr 17 10:00:58 2026 GMT
Not After : Apr 18 10:00:58 2026 GMT
Subject: CN=5d53488942d84b7648e67ae31554e8652a4a39af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:dc:df:44:ce:dc:fe:72:53:aa:15:b4:95:b0:
2f:43:9c:0d:57:aa:57:50:33:42:f4:a6:5c:7a:9a:
25:c1:e6:e4:05:9e:a5:13:10:a5:de:3c:fc:77:85:
0a:58:c3:ac:41:27:4b:84:d1:7f:f6:80:4c:aa:82:
ec:ba:83:b2:f3:9a:5d:d0:4e:3b:05:20:30:41:76:
78:71:48:c6:a5:4a:45:94:2c:e1:b1:b4:9b:0b:ed:
8a:9d:bb:4c:d8:02:85:fa:5e:ed:6e:3c:71:ad:bc:
cf:5b:80:c7:0e:00:65:a4:5f:c2:95:96:b7:d6:14:
8a:81:e2:f7:22:75:c8:2d:de:ef:e0:3a:bf:28:8f:
8b:06:3e:7f:6f:36:c9:fb:0e:6d:1f:ff:b2:98:4a:
29:95:81:4d:b2:7c:c3:34:61:da:fd:51:ff:7a:44:
fe:79:7f:2a:2b:a6:fa:c6:c1:85:e8:8c:29:d9:cf:
d7:80:d5:78:d8:2f:c6:67:eb:e2:17:06:02:f0:fd:
71:d4:8e:6e:af:96:86:88:1b:2e:96:c0:48:55:52:
d2:39:83:67:49:b2:d9:ae:e6:e9:a7:a2:b2:41:0d:
8b:1b:df:e9:1c:ee:f0:39:ce:a0:53:8d:d2:1a:c1:
f7:42:7b:7a:db:8a:e2:13:ef:93:aa:89:17:a4:fe:
62:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:53:48:89:42:D8:4B:76:48:E6:7A:E3:15:54:E8:65:2A:4A:39:AF
X509v3 Authority Key Identifier:
keyid:68:6D:18:40:49:3E:EE:34:5F:8C:02:AD:8A:A7:F0:F0:F4:1B:A4:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aG0YQEk-7jRfjAKtiqfw8PQbpFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2e:c3:20:ea:92:1a:9f:c5:b5:f6:3b:e1:37:d0:5e:f1:15:dd:
8c:21:e1:17:01:59:ff:9c:0c:95:9a:ce:64:04:41:e6:1b:10:
df:6a:8f:80:99:fd:67:0b:c6:9e:44:01:30:7c:72:9f:a2:f9:
67:82:2d:3c:ca:12:44:02:8d:da:b5:03:69:9e:2a:eb:2a:5e:
0f:fb:eb:46:d7:29:af:d2:f8:26:02:40:fa:d1:45:89:22:f2:
2c:48:14:58:cd:c6:b1:2c:0e:be:e4:08:fd:44:fc:05:51:4f:
28:36:f1:ca:18:db:f2:5f:5c:0d:8a:83:bb:ce:85:d9:c4:d8:
17:7d:a7:21:cf:e1:a3:81:58:b2:5e:cb:05:99:ab:f7:72:74:
98:ca:23:a7:51:79:71:31:c4:e3:35:39:c2:c3:51:c3:92:1d:
25:30:92:04:d1:db:f0:d2:ee:2f:6f:be:a1:10:df:8b:7d:1c:
af:62:85:48:b4:df:ef:53:48:45:1f:60:a6:01:e0:c4:e5:ec:
84:d1:bd:a7:52:8d:32:c5:7d:31:1d:58:1b:d3:3c:0a:d9:cd:
1b:18:51:66:3c:6f:be:23:32:2d:1f:9b:53:b9:c8:80:1a:14:
7f:db:de:c8:8a:24:62:f3:9e:13:13:5b:86:7a:61:0f:b4:8f:
d8:f4:2c:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4vYK4ltBqwdiPChLnXuVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NmQxODQwNDkzZWVlMzQ1ZjhjMDJhZDhhYTdmMGYwZjQx
YmE0NTAwHhcNMjYwNDE3MTAwMDU4WhcNMjYwNDE4MTAwMDU4WjAzMTEwLwYDVQQD
Eyg1ZDUzNDg4OTQyZDg0Yjc2NDhlNjdhZTMxNTU0ZTg2NTJhNGEzOWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2NzfRM7c/nJTqhW0lbAvQ5wNV6pX
UDNC9KZcepolwebkBZ6lExCl3jz8d4UKWMOsQSdLhNF/9oBMqoLsuoOy85pd0E47
BSAwQXZ4cUjGpUpFlCzhsbSbC+2KnbtM2AKF+l7tbjxxrbzPW4DHDgBlpF/ClZa3
1hSKgeL3InXILd7v4Dq/KI+LBj5/bzbJ+w5tH/+ymEoplYFNsnzDNGHa/VH/ekT+
eX8qK6b6xsGF6Iwp2c/XgNV42C/GZ+viFwYC8P1x1I5ur5aGiBsulsBIVVLSOYNn
SbLZrubpp6KyQQ2LG9/pHO7wOc6gU43SGsH3Qnt624riE++TqokXpP5iGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF1TSIlC2Et2SOZ64xVU6GUqSjmvMB8GA1UdIwQY
MBaAFGhtGEBJPu40X4wCrYqn8PD0G6RQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUcwWVFFay03alJmakFLdGlxZnc4UFFicEZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9lNDJlY2YtNzhmZi00YjU4LTg3NjAt
ODI2ZDA1Y2NmZTI1LzEvYUcwWVFFay03alJmakFLdGlxZnc4UFFicEZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9lNDJlY2YtNzhmZi00YjU4LTg3NjAtODI2ZDA1Y2NmZTI1
LzEvYUcwWVFFay03alJmakFLdGlxZnc4UFFicEZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALsMg6pIa
n8W19jvhN9Be8RXdjCHhFwFZ/5wMlZrOZARB5hsQ32qPgJn9ZwvGnkQBMHxyn6L5
Z4ItPMoSRAKN2rUDaZ4q6ypeD/vrRtcpr9L4JgJA+tFFiSLyLEgUWM3GsSwOvuQI
/UT8BVFPKDbxyhjb8l9cDYqDu86F2cTYF32nIc/ho4FYsl7LBZmr93J0mMojp1F5
cTHE4zU5wsNRw5IdJTCSBNHb8NLuL2++oRDfi30cr2KFSLTf71NIRR9gpgHgxOXs
hNG9p1KNMsV9MR1YG9M8CtnNGxhRZjxvviMyLR+bU7nIgBoUf9veyIokYvOeExNb
hnphD7SP2PQsRQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 14:42:10 2026 by rpki-client