Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/53aca2-e888-421c-b59a-c958bf4f8991/1/ajqLdK1O1nN5ep9rd0nCI0VpedA.mft
File: ajqLdK1O1nN5ep9rd0nCI0VpedA.mft (raw, json)
Hash identifier: p6n7xNZCRpUp4/To/NL7xPXMvP2ISm16oEgq1UnVw8E=
Subject key identifier: B4:71:AE:39:76:08:26:95:C4:85:4A:03:1E:27:BB:7D:AB:8A:58:F5
Authority key identifier: 6A:3A:8B:74:AD:4E:D6:73:79:7A:9F:6B:77:49:C2:23:45:69:79:D0
Certificate issuer: /CN=6a3a8b74ad4ed673797a9f6b7749c223456979d0
Certificate serial: 019CAA8FB383B9A734B0B61BDB357DFD3EDB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ajqLdK1O1nN5ep9rd0nCI0VpedA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/53aca2-e888-421c-b59a-c958bf4f8991/1/ajqLdK1O1nN5ep9rd0nCI0VpedA.mft
Manifest number: 1709
Signing time: Sun 01 Mar 2026 18:01:10 +0000
Manifest this update: Sun 01 Mar 2026 18:01:10 +0000
Manifest next update: Mon 02 Mar 2026 18:01:10 +0000
Files and hashes: 1: WiR_mQTYvksNuDh5PyOkyT_J_1s.roa (hash: zaouvXmVUtph8h3UF1IqoXJQFtK55FqMyr4EuKbD7oI=)
2: ajqLdK1O1nN5ep9rd0nCI0VpedA.crl (hash: MR0goeQyh8l48u3DTBsyribICR2TZNOBE/RuS7Fg3Og=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/53aca2-e888-421c-b59a-c958bf4f8991/1/ajqLdK1O1nN5ep9rd0nCI0VpedA.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/53aca2-e888-421c-b59a-c958bf4f8991/1/ajqLdK1O1nN5ep9rd0nCI0VpedA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ajqLdK1O1nN5ep9rd0nCI0VpedA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:8f:b3:83:b9:a7:34:b0:b6:1b:db:35:7d:fd:3e:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a3a8b74ad4ed673797a9f6b7749c223456979d0
Validity
Not Before: Mar 1 18:01:10 2026 GMT
Not After : Mar 2 18:01:10 2026 GMT
Subject: CN=b471ae3976082695c4854a031e27bb7dab8a58f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:7a:13:c8:d5:ec:39:40:81:9d:d4:26:84:56:
a6:c1:9b:62:ee:65:08:7e:51:7c:40:47:1b:7a:8c:
0a:31:79:23:d1:0a:b2:cf:0f:7e:21:34:91:92:41:
ca:83:c2:4d:59:e0:8b:24:03:85:fc:14:14:78:a1:
a2:16:8f:8d:84:d8:fd:e5:88:eb:91:2b:3b:7c:5a:
d5:9b:ff:f4:f3:af:14:a4:74:f6:79:e5:62:7d:d1:
ad:b6:d0:68:77:f8:6f:d6:80:63:ff:e9:28:ac:1b:
e4:1e:b1:97:28:a4:11:a3:d5:5f:7f:7a:c0:6e:c6:
3e:f7:84:5f:65:a4:b5:55:da:dc:3a:0e:67:ab:c5:
61:00:f5:15:f9:e2:2b:8d:91:10:74:57:32:3e:12:
a4:6d:77:17:1f:b3:14:94:f2:42:6f:4e:34:a1:ab:
90:b2:92:3b:bc:c1:7f:05:0e:5d:26:45:bb:b8:2d:
8a:54:e3:b1:91:ae:6c:ee:e8:a4:ba:38:3a:86:09:
d3:5f:95:56:7e:a3:90:a4:e1:61:73:1c:c2:39:54:
1a:8b:d7:29:15:d9:e2:36:b2:19:72:13:4b:1c:2c:
d9:e5:56:4b:f0:37:8e:ce:33:7e:a2:a8:cb:53:1b:
97:82:0a:29:5a:a4:cb:a8:88:4b:1b:c6:bb:82:aa:
f7:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:71:AE:39:76:08:26:95:C4:85:4A:03:1E:27:BB:7D:AB:8A:58:F5
X509v3 Authority Key Identifier:
keyid:6A:3A:8B:74:AD:4E:D6:73:79:7A:9F:6B:77:49:C2:23:45:69:79:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ajqLdK1O1nN5ep9rd0nCI0VpedA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/53aca2-e888-421c-b59a-c958bf4f8991/1/ajqLdK1O1nN5ep9rd0nCI0VpedA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/53aca2-e888-421c-b59a-c958bf4f8991/1/ajqLdK1O1nN5ep9rd0nCI0VpedA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
34:6d:43:bb:19:0b:ec:84:1a:ce:87:df:0f:7d:14:9a:f1:de:
90:f3:69:e9:90:26:b6:11:2f:b0:1f:48:a5:32:9f:a3:dd:da:
28:e9:65:55:70:a4:22:bf:e6:a6:4c:66:d3:66:4a:f5:e3:fb:
b5:e3:3a:00:92:e2:08:62:d8:93:9c:f3:54:d6:bd:3d:f1:9b:
6f:fe:da:a4:25:8e:1e:06:9e:6a:9f:02:ba:51:8a:89:5a:19:
8d:e5:0f:91:67:e3:e6:7b:26:fd:3d:70:be:e1:ef:0a:34:cd:
47:d8:2a:af:0c:19:25:e6:6c:4d:1e:7e:b3:44:15:bd:71:2f:
ee:f6:3c:d5:c0:c0:03:5b:5d:49:01:50:83:a2:4f:a8:fa:1f:
f9:a6:ac:c7:46:7f:8c:bf:fd:2c:bb:52:f0:25:aa:61:61:c7:
fd:85:52:ff:b6:5d:67:bf:c9:3e:f4:cc:b6:15:ae:ef:c1:f1:
61:be:68:4a:8a:8e:5b:68:bf:86:45:47:74:94:31:f8:02:e3:
d0:48:02:d1:4f:46:7b:f8:ce:4a:1a:84:04:0a:c1:a6:c5:58:
31:56:42:01:4e:d1:50:dc:04:45:dc:6c:64:88:11:3d:37:c6:
2a:4a:a7:13:f5:a1:b4:8d:af:2a:32:38:d2:77:10:a0:4a:43:
0e:2a:17:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqj7ODuac0sLYb2zV9/T7bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhM2E4Yjc0YWQ0ZWQ2NzM3OTdhOWY2Yjc3NDljMjIzNDU2
OTc5ZDAwHhcNMjYwMzAxMTgwMTEwWhcNMjYwMzAyMTgwMTEwWjAzMTEwLwYDVQQD
EyhiNDcxYWUzOTc2MDgyNjk1YzQ4NTRhMDMxZTI3YmI3ZGFiOGE1OGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzXoTyNXsOUCBndQmhFamwZti7mUI
flF8QEcbeowKMXkj0Qqyzw9+ITSRkkHKg8JNWeCLJAOF/BQUeKGiFo+NhNj95Yjr
kSs7fFrVm//0868UpHT2eeVifdGtttBod/hv1oBj/+korBvkHrGXKKQRo9Vff3rA
bsY+94RfZaS1VdrcOg5nq8VhAPUV+eIrjZEQdFcyPhKkbXcXH7MUlPJCb040oauQ
spI7vMF/BQ5dJkW7uC2KVOOxka5s7uikujg6hgnTX5VWfqOQpOFhcxzCOVQai9cp
FdniNrIZchNLHCzZ5VZL8DeOzjN+oqjLUxuXggopWqTLqIhLG8a7gqr3LQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLRxrjl2CCaVxIVKAx4nu32rilj1MB8GA1UdIwQY
MBaAFGo6i3StTtZzeXqfa3dJwiNFaXnQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWpxTGRLMU8xbk41ZXA5cmQwbkNJMFZwZWRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81M2FjYTItZTg4OC00MjFjLWI1OWEt
Yzk1OGJmNGY4OTkxLzEvYWpxTGRLMU8xbk41ZXA5cmQwbkNJMFZwZWRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81M2FjYTItZTg4OC00MjFjLWI1OWEtYzk1OGJmNGY4OTkx
LzEvYWpxTGRLMU8xbk41ZXA5cmQwbkNJMFZwZWRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANG1DuxkL
7IQazoffD30UmvHekPNp6ZAmthEvsB9IpTKfo93aKOllVXCkIr/mpkxm02ZK9eP7
teM6AJLiCGLYk5zzVNa9PfGbb/7apCWOHgaeap8CulGKiVoZjeUPkWfj5nsm/T1w
vuHvCjTNR9gqrwwZJeZsTR5+s0QVvXEv7vY81cDAA1tdSQFQg6JPqPof+aasx0Z/
jL/9LLtS8CWqYWHH/YVS/7ZdZ7/JPvTMthWu78HxYb5oSoqOW2i/hkVHdJQx+ALj
0EgC0U9Ge/jOShqEBArBpsVYMVZCAU7RUNwERdxsZIgRPTfGKkqnE/WhtI2vKjI4
0ncQoEpDDioX6A==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:44:26 2026 by rpki-client