Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/f8ac99-0eaa-4f51-8d58-dbfaecdc7ea3/1/a-xOKcaEnF-AhCjmaFj08Oz0plQ.mft
File: a-xOKcaEnF-AhCjmaFj08Oz0plQ.mft (raw, json)
Hash identifier: n4M4TObF99ddstg29CvO9Q5156rkCv/mG48/OHER438=
Subject key identifier: A8:E1:ED:28:03:4D:DA:D8:F8:40:6F:36:EE:D9:22:0D:0F:F8:17:87
Authority key identifier: 6B:EC:4E:29:C6:84:9C:5F:80:84:28:E6:68:58:F4:F0:EC:F4:A6:54
Certificate issuer: /CN=6bec4e29c6849c5f808428e66858f4f0ecf4a654
Certificate serial: 019CAAC7123E92C280C780D948F9E5421450
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a-xOKcaEnF-AhCjmaFj08Oz0plQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/f8ac99-0eaa-4f51-8d58-dbfaecdc7ea3/1/a-xOKcaEnF-AhCjmaFj08Oz0plQ.mft
Manifest number: 0FB3
Signing time: Sun 01 Mar 2026 19:01:38 +0000
Manifest this update: Sun 01 Mar 2026 19:01:38 +0000
Manifest next update: Mon 02 Mar 2026 19:01:38 +0000
Files and hashes: 1: CyxtWweyEqgpd8gBxUUhj5fN2MI.roa (hash: E3T6yiukB1U6Qm/DfmLG5nf8+AunKSeI83VF6XZj4IY=)
2: a-xOKcaEnF-AhCjmaFj08Oz0plQ.crl (hash: tYxhWvObp6ExWyyn6Bt+fkRlN4fhpgjmjNokiFMyObU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/f8ac99-0eaa-4f51-8d58-dbfaecdc7ea3/1/a-xOKcaEnF-AhCjmaFj08Oz0plQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/f8ac99-0eaa-4f51-8d58-dbfaecdc7ea3/1/a-xOKcaEnF-AhCjmaFj08Oz0plQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/a-xOKcaEnF-AhCjmaFj08Oz0plQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:c7:12:3e:92:c2:80:c7:80:d9:48:f9:e5:42:14:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bec4e29c6849c5f808428e66858f4f0ecf4a654
Validity
Not Before: Mar 1 19:01:38 2026 GMT
Not After : Mar 2 19:01:38 2026 GMT
Subject: CN=a8e1ed28034ddad8f8406f36eed9220d0ff81787
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d1:80:6c:d2:c4:1c:1c:92:49:f7:0a:7a:6d:
5b:c4:4a:34:43:9e:9c:21:1c:48:dd:eb:bf:5a:41:
51:d4:78:77:2f:66:c9:1e:c4:02:20:0c:43:ad:36:
22:95:d1:41:b2:65:6d:c7:be:16:47:07:37:57:1f:
0a:4f:7c:67:db:dd:a3:8c:95:cd:f6:bc:76:43:db:
f9:97:15:4a:cf:c6:c3:9c:62:77:5d:32:0d:a3:ce:
bb:bf:b9:92:3c:63:f8:49:86:91:11:9d:5b:ce:d5:
51:7f:96:6e:7f:9c:34:06:b2:af:83:81:54:7c:d3:
34:ec:c5:4c:da:aa:7a:f4:fc:51:6d:3f:c2:3c:e5:
77:df:1e:14:d9:81:25:70:7b:ac:20:85:a4:2c:c4:
f0:89:88:de:30:5a:e9:b2:bd:9e:5f:ad:57:21:92:
f8:c6:0e:05:56:14:45:30:2d:f5:a3:31:84:51:8c:
e8:a0:8c:d4:9a:00:f3:a2:3c:6f:01:e7:62:9f:b0:
59:2b:96:85:99:bb:5a:8f:dd:9b:54:6f:4d:1a:ac:
f9:b9:27:09:c6:da:0c:80:fe:8e:77:33:6e:da:1a:
f1:d3:fe:5c:ba:73:d2:89:ae:83:49:3a:67:4d:ca:
f0:50:9f:9d:75:72:0f:9d:71:5b:bc:4c:a4:0a:c9:
b3:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:E1:ED:28:03:4D:DA:D8:F8:40:6F:36:EE:D9:22:0D:0F:F8:17:87
X509v3 Authority Key Identifier:
keyid:6B:EC:4E:29:C6:84:9C:5F:80:84:28:E6:68:58:F4:F0:EC:F4:A6:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a-xOKcaEnF-AhCjmaFj08Oz0plQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/f8ac99-0eaa-4f51-8d58-dbfaecdc7ea3/1/a-xOKcaEnF-AhCjmaFj08Oz0plQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/f8ac99-0eaa-4f51-8d58-dbfaecdc7ea3/1/a-xOKcaEnF-AhCjmaFj08Oz0plQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
40:5c:a6:e9:e5:46:c0:59:1f:e4:77:a7:12:30:f7:73:18:d9:
bc:50:45:99:77:65:c9:17:22:e5:30:1a:0d:70:b2:ea:a3:4f:
0c:f4:32:91:2e:26:c3:f6:bb:76:1f:57:69:3d:eb:0a:b0:c6:
46:50:6e:df:e0:8a:7d:a3:7d:fa:20:93:c3:e6:cc:57:dd:33:
f0:5a:49:a5:e7:a5:ce:ae:e8:c7:3d:22:45:af:ed:d2:3c:12:
07:38:7f:c1:ec:83:79:fb:54:57:d0:32:56:46:c8:29:04:b1:
bf:54:a0:d0:17:a5:a7:ab:fb:78:e1:f0:1e:44:8a:17:84:49:
f9:45:ab:d0:43:3b:e5:10:c6:09:67:d3:89:b3:55:2f:c1:28:
1f:84:18:2e:23:8d:ec:12:65:b3:7e:86:3b:c7:a9:9b:3c:72:
fb:0d:92:54:5a:41:45:90:aa:1d:4f:eb:e0:eb:bc:88:e1:30:
68:a7:3e:70:57:23:90:ce:1f:51:53:d0:44:71:b6:80:5b:23:
77:4a:e0:b9:7f:23:fc:4b:e6:64:5b:fd:a6:35:af:31:14:8a:
a0:28:1a:ea:38:dc:cc:44:fd:d2:31:30:aa:c6:41:5a:18:a6:
e7:bf:af:c2:c4:af:b0:02:98:3c:47:81:75:5e:a2:f0:96:df:
63:27:04:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxxI+ksKAx4DZSPnlQhRQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiZWM0ZTI5YzY4NDljNWY4MDg0MjhlNjY4NThmNGYwZWNm
NGE2NTQwHhcNMjYwMzAxMTkwMTM4WhcNMjYwMzAyMTkwMTM4WjAzMTEwLwYDVQQD
EyhhOGUxZWQyODAzNGRkYWQ4Zjg0MDZmMzZlZWQ5MjIwZDBmZjgxNzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudGAbNLEHBySSfcKem1bxEo0Q56c
IRxI3eu/WkFR1Hh3L2bJHsQCIAxDrTYildFBsmVtx74WRwc3Vx8KT3xn292jjJXN
9rx2Q9v5lxVKz8bDnGJ3XTINo867v7mSPGP4SYaREZ1bztVRf5Zuf5w0BrKvg4FU
fNM07MVM2qp69PxRbT/CPOV33x4U2YElcHusIIWkLMTwiYjeMFrpsr2eX61XIZL4
xg4FVhRFMC31ozGEUYzooIzUmgDzojxvAedin7BZK5aFmbtaj92bVG9NGqz5uScJ
xtoMgP6OdzNu2hrx0/5cunPSia6DSTpnTcrwUJ+ddXIPnXFbvEykCsmzNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKjh7SgDTdrY+EBvNu7ZIg0P+BeHMB8GA1UdIwQY
MBaAFGvsTinGhJxfgIQo5mhY9PDs9KZUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYS14T0tjYUVuRi1BaENqbWFGajA4T3owcGxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mOGFjOTktMGVhYS00ZjUxLThkNTgt
ZGJmYWVjZGM3ZWEzLzEvYS14T0tjYUVuRi1BaENqbWFGajA4T3owcGxRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mOGFjOTktMGVhYS00ZjUxLThkNTgtZGJmYWVjZGM3ZWEz
LzEvYS14T0tjYUVuRi1BaENqbWFGajA4T3owcGxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQFym6eVG
wFkf5HenEjD3cxjZvFBFmXdlyRci5TAaDXCy6qNPDPQykS4mw/a7dh9XaT3rCrDG
RlBu3+CKfaN9+iCTw+bMV90z8FpJpeelzq7oxz0iRa/t0jwSBzh/weyDeftUV9Ay
VkbIKQSxv1Sg0Belp6v7eOHwHkSKF4RJ+UWr0EM75RDGCWfTibNVL8EoH4QYLiON
7BJls36GO8epmzxy+w2SVFpBRZCqHU/r4Ou8iOEwaKc+cFcjkM4fUVPQRHG2gFsj
d0rguX8j/EvmZFv9pjWvMRSKoCga6jjczET90jEwqsZBWhim57+vwsSvsAKYPEeB
dV6i8JbfYycEPg==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:41:26 2026 by rpki-client