Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/2fce5e-c915-4f02-ad3a-55eb5bb99e45/1/aL8cWiHDgluLhlFqGllxIbVLPMM.mft
File: aL8cWiHDgluLhlFqGllxIbVLPMM.mft (raw, json)
Hash identifier: gyUDbxErWVqAfiB7T3ZmYq+Lk538vC89P8kY4DyMbpY=
Subject key identifier: F7:09:25:BE:72:A3:5A:68:ED:8E:9E:35:C5:BC:F4:4F:4E:B2:43:22
Authority key identifier: 68:BF:1C:5A:21:C3:82:5B:8B:86:51:6A:1A:59:71:21:B5:4B:3C:C3
Certificate issuer: /CN=68bf1c5a21c3825b8b86516a1a597121b54b3cc3
Certificate serial: 019CAC0FD1E581BDE815B843A0082A40F349
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aL8cWiHDgluLhlFqGllxIbVLPMM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/2fce5e-c915-4f02-ad3a-55eb5bb99e45/1/aL8cWiHDgluLhlFqGllxIbVLPMM.mft
Manifest number: 1848
Signing time: Mon 02 Mar 2026 01:00:43 +0000
Manifest this update: Mon 02 Mar 2026 01:00:43 +0000
Manifest next update: Tue 03 Mar 2026 01:00:43 +0000
Files and hashes: 1: aL8cWiHDgluLhlFqGllxIbVLPMM.crl (hash: 63sw/WJlquKUrMpFMqeH9GSOxBhZEARsu/V1LTQgU58=)
2: xMiDA7uuRCcWzBnQjMU1cUXcoLc.roa (hash: 5dmso3IrpYxSnMbNzob1ZQb189IzqVbbdnmbtENfrFg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/2fce5e-c915-4f02-ad3a-55eb5bb99e45/1/aL8cWiHDgluLhlFqGllxIbVLPMM.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/2fce5e-c915-4f02-ad3a-55eb5bb99e45/1/aL8cWiHDgluLhlFqGllxIbVLPMM.mft
rsync://rpki.ripe.net/repository/DEFAULT/aL8cWiHDgluLhlFqGllxIbVLPMM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:0f:d1:e5:81:bd:e8:15:b8:43:a0:08:2a:40:f3:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68bf1c5a21c3825b8b86516a1a597121b54b3cc3
Validity
Not Before: Mar 2 01:00:43 2026 GMT
Not After : Mar 3 01:00:43 2026 GMT
Subject: CN=f70925be72a35a68ed8e9e35c5bcf44f4eb24322
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:94:f5:00:8a:ba:97:6b:88:7a:fd:c6:61:29:
8a:40:ac:40:fe:73:24:04:53:e5:e7:ce:c2:2f:b5:
72:01:99:5e:79:b0:0f:62:a6:26:ac:b0:9a:6d:a6:
64:e2:8c:09:33:e7:6c:ca:74:87:5f:86:d1:01:82:
6f:56:e9:a3:51:94:95:14:0d:12:9e:71:b8:ed:f3:
2e:95:41:bc:55:ea:64:29:d7:59:c9:b0:04:90:8d:
33:9e:25:3f:56:8a:d4:7a:d9:e0:56:35:f9:f2:fb:
6c:a0:97:18:d2:de:99:56:03:ee:40:06:28:a6:aa:
2b:74:40:45:fc:61:9b:9d:24:e3:83:4e:99:49:47:
c2:c1:48:58:42:b0:d4:df:8a:50:f9:60:97:fa:56:
72:fd:05:6e:57:ef:15:89:6e:c9:16:ae:b0:4d:de:
3c:43:61:a9:5e:d6:fc:41:76:3f:2c:72:d0:94:b6:
5e:40:a6:c2:ba:ba:95:63:56:36:2b:f2:86:b0:a8:
41:d9:d0:2d:71:e3:c0:cd:c0:31:75:44:20:a7:e5:
ad:ea:f2:4e:0d:eb:df:88:50:6f:b7:fc:79:32:86:
d7:c2:6f:31:6d:2f:60:c3:c9:1f:42:0a:04:95:f7:
0b:94:61:11:16:5e:22:73:38:b1:2c:de:be:5b:8c:
9b:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:09:25:BE:72:A3:5A:68:ED:8E:9E:35:C5:BC:F4:4F:4E:B2:43:22
X509v3 Authority Key Identifier:
keyid:68:BF:1C:5A:21:C3:82:5B:8B:86:51:6A:1A:59:71:21:B5:4B:3C:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aL8cWiHDgluLhlFqGllxIbVLPMM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/2fce5e-c915-4f02-ad3a-55eb5bb99e45/1/aL8cWiHDgluLhlFqGllxIbVLPMM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/2fce5e-c915-4f02-ad3a-55eb5bb99e45/1/aL8cWiHDgluLhlFqGllxIbVLPMM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0a:0b:84:8e:03:6a:e4:f5:0d:1c:79:87:2e:68:0c:79:25:a7:
93:f5:82:81:97:2b:d9:e5:e0:d5:a7:e8:9f:2a:d5:15:fc:9f:
c2:59:04:3f:ee:63:1d:72:67:83:6c:1b:6b:5e:a8:45:ee:02:
e6:20:b2:a8:a7:82:51:bc:1d:5b:35:84:15:a7:80:05:2f:b8:
49:61:38:46:bd:74:53:f5:21:40:8a:59:e7:79:85:69:58:63:
b1:f0:6f:d3:00:cf:88:80:2d:9e:27:22:cc:c4:8a:7b:2e:67:
d0:08:f0:c1:a2:86:56:db:0a:1a:9f:1b:f7:af:c4:44:f8:4d:
ef:08:db:92:d3:d5:34:43:be:60:d1:b1:79:93:34:c2:00:33:
54:03:22:83:ff:45:65:98:25:9f:16:c4:b3:88:12:85:e9:54:
05:83:24:e8:b4:52:65:1e:d8:89:bf:d9:83:87:88:91:26:b2:
e8:ea:6c:a6:38:d1:22:81:d0:c9:84:e8:f7:fc:a6:f4:69:77:
ab:f9:f8:de:39:5c:d0:44:2d:b5:5e:cb:ff:b9:83:05:0e:55:
52:e1:f0:9d:2f:f7:a6:0f:ac:39:d7:b5:26:ae:54:85:d8:b4:
a2:e3:dd:3e:6b:e1:cd:12:43:8d:b1:24:51:5b:21:12:7d:fe:
12:83:3f:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysD9Hlgb3oFbhDoAgqQPNJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YmYxYzVhMjFjMzgyNWI4Yjg2NTE2YTFhNTk3MTIxYjU0
YjNjYzMwHhcNMjYwMzAyMDEwMDQzWhcNMjYwMzAzMDEwMDQzWjAzMTEwLwYDVQQD
EyhmNzA5MjViZTcyYTM1YTY4ZWQ4ZTllMzVjNWJjZjQ0ZjRlYjI0MzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJT1AIq6l2uIev3GYSmKQKxA/nMk
BFPl587CL7VyAZleebAPYqYmrLCabaZk4owJM+dsynSHX4bRAYJvVumjUZSVFA0S
nnG47fMulUG8VepkKddZybAEkI0zniU/VorUetngVjX58vtsoJcY0t6ZVgPuQAYo
pqordEBF/GGbnSTjg06ZSUfCwUhYQrDU34pQ+WCX+lZy/QVuV+8ViW7JFq6wTd48
Q2GpXtb8QXY/LHLQlLZeQKbCurqVY1Y2K/KGsKhB2dAtcePAzcAxdUQgp+Wt6vJO
DevfiFBvt/x5MobXwm8xbS9gw8kfQgoElfcLlGERFl4iczixLN6+W4ybWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPcJJb5yo1po7Y6eNcW89E9OskMiMB8GA1UdIwQY
MBaAFGi/HFohw4Jbi4ZRahpZcSG1SzzDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUw4Y1dpSERnbHVMaGxGcUdsbHhJYlZMUE1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8yZmNlNWUtYzkxNS00ZjAyLWFkM2Et
NTVlYjViYjk5ZTQ1LzEvYUw4Y1dpSERnbHVMaGxGcUdsbHhJYlZMUE1NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8yZmNlNWUtYzkxNS00ZjAyLWFkM2EtNTVlYjViYjk5ZTQ1
LzEvYUw4Y1dpSERnbHVMaGxGcUdsbHhJYlZMUE1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACguEjgNq
5PUNHHmHLmgMeSWnk/WCgZcr2eXg1afonyrVFfyfwlkEP+5jHXJng2wba16oRe4C
5iCyqKeCUbwdWzWEFaeABS+4SWE4Rr10U/UhQIpZ53mFaVhjsfBv0wDPiIAtnici
zMSKey5n0AjwwaKGVtsKGp8b96/ERPhN7wjbktPVNEO+YNGxeZM0wgAzVAMig/9F
ZZglnxbEs4gShelUBYMk6LRSZR7Yib/Zg4eIkSay6OpspjjRIoHQyYTo9/ym9Gl3
q/n43jlc0EQttV7L/7mDBQ5VUuHwnS/3pg+sOde1Jq5Uhdi0ouPdPmvhzRJDjbEk
UVshEn3+EoM/NQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:30:20 2026 by rpki-client