Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.mft
File: aPYGg7N3JXQn279uzjXixYWjsB0.mft (raw, json)
Hash identifier: OoK2HU4QlWm2RwWnrFMOVH4s8KCHFJyE+LeTzjQpoqY=
Subject key identifier: 37:7E:4C:29:3D:5A:C5:1A:AC:2D:9E:D0:27:44:B5:E4:FB:1C:D6:32
Authority key identifier: 68:F6:06:83:B3:77:25:74:27:DB:BF:6E:CE:35:E2:C5:85:A3:B0:1D
Certificate issuer: /CN=68f60683b377257427dbbf6ece35e2c585a3b01d
Certificate serial: 019CAC0FDE42D7ADFC3D641E52ACA1D11BDA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aPYGg7N3JXQn279uzjXixYWjsB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.mft
Manifest number: 1847
Signing time: Mon 02 Mar 2026 01:00:46 +0000
Manifest this update: Mon 02 Mar 2026 01:00:46 +0000
Manifest next update: Tue 03 Mar 2026 01:00:46 +0000
Files and hashes: 1: aPYGg7N3JXQn279uzjXixYWjsB0.crl (hash: Tz/S6RHIEDWCaI9pEwh27kqGFL/sgVaMqcEFSZhO84w=)
2: eJ3f1i44Rqh5dEICPulbHl4WkkI.roa (hash: kZed20xL2+OJp4rVcGTuqnAX+7hPge7JicJ6LEk/ItE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/aPYGg7N3JXQn279uzjXixYWjsB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:0f:de:42:d7:ad:fc:3d:64:1e:52:ac:a1:d1:1b:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68f60683b377257427dbbf6ece35e2c585a3b01d
Validity
Not Before: Mar 2 01:00:46 2026 GMT
Not After : Mar 3 01:00:46 2026 GMT
Subject: CN=377e4c293d5ac51aac2d9ed02744b5e4fb1cd632
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:35:06:67:2a:36:be:44:80:40:ac:3a:d9:dc:
74:a9:30:cc:bf:8e:02:c7:95:4d:7e:ba:82:ff:36:
b3:8a:98:bb:af:78:a4:b9:c7:8d:7d:50:55:83:d6:
ae:cd:ce:61:bb:17:8b:45:ed:2b:b3:a2:a4:dd:b9:
5f:4e:cf:8f:a4:34:cb:a2:d9:a9:a6:20:c3:d5:6d:
d9:5d:2a:c4:2d:a3:82:25:a7:79:15:03:8f:51:e2:
fd:6d:62:97:5e:74:0f:d2:28:f9:fa:2c:b9:11:72:
87:c3:4b:76:ed:be:19:bf:a1:3e:95:40:fc:2f:d8:
35:69:6f:e3:10:4a:3e:6c:bc:cc:9f:34:2b:0a:97:
52:91:b0:b2:9d:e7:a5:b6:ab:db:5e:5c:71:65:ff:
24:e7:23:ff:40:28:eb:02:13:e1:64:fd:9e:bf:31:
62:70:74:6e:4e:fa:1a:0b:f9:e0:a3:5e:b5:7b:23:
c2:01:bd:49:91:60:b0:80:c5:db:2f:31:34:cd:3f:
31:2a:ae:33:13:f7:8c:e2:23:bc:23:c1:17:4a:d9:
40:54:c1:9a:13:51:4c:1d:e3:c7:cb:96:8a:ae:06:
60:36:cf:3e:15:50:cd:33:25:7e:86:59:30:eb:e9:
de:db:cc:b5:7c:63:6a:fe:51:96:8f:7e:a3:8c:81:
0d:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:7E:4C:29:3D:5A:C5:1A:AC:2D:9E:D0:27:44:B5:E4:FB:1C:D6:32
X509v3 Authority Key Identifier:
keyid:68:F6:06:83:B3:77:25:74:27:DB:BF:6E:CE:35:E2:C5:85:A3:B0:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aPYGg7N3JXQn279uzjXixYWjsB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
30:ba:3a:12:14:3e:72:0e:5a:6c:58:59:b7:80:73:a0:e9:5a:
f8:94:99:2e:16:0f:5b:cc:5c:7d:a5:73:fd:ef:c3:2b:2f:be:
08:0c:e7:61:3b:33:d7:cf:ce:ee:10:b4:20:e7:66:32:36:74:
7f:ef:49:0f:2b:83:b1:b5:74:9d:29:cb:60:62:d9:1f:30:b3:
ec:cc:06:45:0b:d8:17:0c:2a:3b:63:f0:4d:92:b0:72:0f:f7:
eb:00:94:5f:ff:75:b6:2a:a5:a6:2a:72:f9:72:a1:c2:13:87:
10:97:c6:00:ea:5c:67:e6:b8:c0:b8:23:3b:dd:0e:b2:09:1b:
16:29:3b:62:46:c3:52:62:84:99:56:6c:bf:f6:bd:d7:31:0d:
79:1b:ef:48:77:17:d0:2d:23:94:e6:e9:fa:43:7a:d9:dc:e1:
23:82:a3:b9:e9:32:0b:61:72:f3:9d:74:46:0c:91:1b:07:9c:
0f:38:f9:9f:59:a8:07:47:2c:1f:10:40:58:af:9f:36:61:bc:
6c:4f:ef:5e:10:74:c0:fa:fd:dd:cf:9a:84:d0:e5:01:d7:e9:
7e:35:31:9b:c7:89:36:51:20:96:c2:39:9a:51:f1:39:3e:8b:
94:8f:fb:1f:a4:83:6a:e0:4e:9c:29:46:69:41:ae:98:0e:77:
60:17:35:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysD95C1638PWQeUqyh0RvaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZjYwNjgzYjM3NzI1NzQyN2RiYmY2ZWNlMzVlMmM1ODVh
M2IwMWQwHhcNMjYwMzAyMDEwMDQ2WhcNMjYwMzAzMDEwMDQ2WjAzMTEwLwYDVQQD
EygzNzdlNGMyOTNkNWFjNTFhYWMyZDllZDAyNzQ0YjVlNGZiMWNkNjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzUGZyo2vkSAQKw62dx0qTDMv44C
x5VNfrqC/zazipi7r3ikuceNfVBVg9auzc5huxeLRe0rs6Kk3blfTs+PpDTLotmp
piDD1W3ZXSrELaOCJad5FQOPUeL9bWKXXnQP0ij5+iy5EXKHw0t27b4Zv6E+lUD8
L9g1aW/jEEo+bLzMnzQrCpdSkbCyneeltqvbXlxxZf8k5yP/QCjrAhPhZP2evzFi
cHRuTvoaC/ngo161eyPCAb1JkWCwgMXbLzE0zT8xKq4zE/eM4iO8I8EXStlAVMGa
E1FMHePHy5aKrgZgNs8+FVDNMyV+hlkw6+ne28y1fGNq/lGWj36jjIENdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDd+TCk9WsUarC2e0CdEteT7HNYyMB8GA1UdIwQY
MBaAFGj2BoOzdyV0J9u/bs414sWFo7AdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVBZR2c3TjNKWFFuMjc5dXpqWGl4WVdqc0IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8yZWI5NjktODYzYS00NjJkLTlmOWQt
MzU0NzQwMzZhOWQ3LzEvYVBZR2c3TjNKWFFuMjc5dXpqWGl4WVdqc0IwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi8yZWI5NjktODYzYS00NjJkLTlmOWQtMzU0NzQwMzZhOWQ3
LzEvYVBZR2c3TjNKWFFuMjc5dXpqWGl4WVdqc0IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMLo6EhQ+
cg5abFhZt4BzoOla+JSZLhYPW8xcfaVz/e/DKy++CAznYTsz18/O7hC0IOdmMjZ0
f+9JDyuDsbV0nSnLYGLZHzCz7MwGRQvYFwwqO2PwTZKwcg/36wCUX/91tiqlpipy
+XKhwhOHEJfGAOpcZ+a4wLgjO90OsgkbFik7YkbDUmKEmVZsv/a91zENeRvvSHcX
0C0jlObp+kN62dzhI4KjuekyC2Fy8510RgyRGwecDzj5n1moB0csHxBAWK+fNmG8
bE/vXhB0wPr93c+ahNDlAdfpfjUxm8eJNlEglsI5mlHxOT6LlI/7H6SDauBOnClG
aUGumA53YBc1jw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:59:58 2026 by rpki-client