Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.mft
File: aOlYF0Bglex8tceyhrETM0l7lFE.mft (raw, json)
Hash identifier: 9dKsnDiPSTAa+xko4F7l7fucv+N/QvM82MO/chShGCc=
Subject key identifier: CF:61:9F:14:13:0E:F1:E7:4D:5C:FA:57:BF:63:AA:13:39:6D:F6:24
Authority key identifier: 68:E9:58:17:40:60:95:EC:7C:B5:C7:B2:86:B1:13:33:49:7B:94:51
Certificate issuer: /CN=68e95817406095ec7cb5c7b286b11333497b9451
Certificate serial: 019D9850626DDE67DDFF9F5B4BAC0B100A89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aOlYF0Bglex8tceyhrETM0l7lFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.mft
Manifest number: 0ACD
Signing time: Thu 16 Apr 2026 22:01:37 +0000
Manifest this update: Thu 16 Apr 2026 22:01:37 +0000
Manifest next update: Fri 17 Apr 2026 22:01:37 +0000
Files and hashes: 1: MCQJgOH0F61zyqort3aDkrCqcME.roa (hash: dFlLGTPXyNVZq9IJXBt9j7cJ/cyhu9qP1civtpo4hwY=)
2: aOlYF0Bglex8tceyhrETM0l7lFE.crl (hash: QjNw54XWmQXC6Ymi+l1yWPLDnVThoIS1SIuSXoKA4m4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.mft
rsync://rpki.ripe.net/repository/DEFAULT/aOlYF0Bglex8tceyhrETM0l7lFE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:98:50:62:6d:de:67:dd:ff:9f:5b:4b:ac:0b:10:0a:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68e95817406095ec7cb5c7b286b11333497b9451
Validity
Not Before: Apr 16 22:01:37 2026 GMT
Not After : Apr 17 22:01:37 2026 GMT
Subject: CN=cf619f14130ef1e74d5cfa57bf63aa13396df624
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:04:3b:7f:a7:8c:80:7a:c5:d7:b7:be:30:9a:
6f:22:4a:03:49:81:e3:1b:e3:5b:fc:fc:0a:e6:b7:
44:8d:0c:dc:ff:34:19:8f:0c:4e:70:cd:7a:69:fd:
72:e2:53:a3:f1:37:d9:cc:59:0a:02:f0:65:a1:1d:
b2:90:a0:e5:7d:7a:e0:ad:b1:92:f6:a4:86:61:d6:
70:4e:0b:e6:7d:98:e3:85:93:5c:d2:df:8b:28:0d:
d3:c6:71:61:69:0f:e9:e0:29:ff:3d:e6:74:4c:cb:
f0:7a:dc:a6:e5:de:b3:79:60:a9:83:12:9c:26:7c:
56:39:9e:15:4a:74:68:d7:49:da:2b:a7:1e:9a:7f:
a5:e2:68:a6:fc:5c:80:b6:82:55:5e:0b:81:4d:43:
4c:e7:cd:01:bf:ab:3b:4c:cb:94:13:05:a2:43:a0:
20:2b:7a:e3:23:96:fe:8d:3b:3e:58:4e:07:de:74:
20:08:9e:41:e8:24:ba:e0:6e:0f:8f:96:83:5f:60:
a4:40:86:46:30:54:5c:59:a8:ea:14:bf:97:79:c8:
5b:77:78:69:c0:f1:ba:b7:71:9f:c5:e4:cd:74:fd:
03:61:70:e4:ed:18:e1:ed:27:9e:40:26:7f:a0:c6:
65:94:bf:06:7f:92:0b:95:63:f2:86:15:ab:b7:e6:
5b:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:61:9F:14:13:0E:F1:E7:4D:5C:FA:57:BF:63:AA:13:39:6D:F6:24
X509v3 Authority Key Identifier:
keyid:68:E9:58:17:40:60:95:EC:7C:B5:C7:B2:86:B1:13:33:49:7B:94:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aOlYF0Bglex8tceyhrETM0l7lFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
59:b4:e9:fa:04:fd:ca:2e:36:4b:36:0c:fc:12:1c:1d:6e:de:
b2:f1:47:50:0c:c3:be:87:5c:b0:bc:47:fc:b3:73:2c:77:f0:
51:f4:7f:53:bc:fa:f3:9b:71:0b:4b:f6:2d:17:57:83:79:62:
69:24:0f:7a:75:d1:9e:87:6d:07:60:6f:5f:79:fb:f8:e4:6e:
1b:cb:2b:d3:57:87:2d:6a:05:75:6f:3d:2a:f0:95:cd:7e:8d:
41:64:7d:be:5a:26:3e:1f:34:09:52:0c:14:d1:0f:39:22:a0:
ee:4a:92:2e:31:ef:72:65:41:e6:2a:24:bb:78:65:15:82:04:
5e:03:3e:23:30:0b:74:8d:46:1a:d2:0e:ff:9f:d1:58:f6:f5:
ac:c6:16:a1:5b:c9:9a:f4:fe:60:34:bc:d8:db:32:21:80:8e:
2f:e5:06:73:c4:87:c3:63:9f:86:0f:96:62:80:8e:8d:88:24:
df:ed:ca:86:fc:f7:1d:a6:40:c9:1a:54:5e:bd:db:d1:d9:e9:
10:4f:e3:c9:4c:d3:e0:f6:45:6e:4a:7d:6c:8e:0f:55:ae:62:
dd:e1:5b:ad:fb:c2:5f:fd:88:9c:d1:7c:57:3c:1e:fa:55:71:
05:54:70:84:c1:3a:07:64:dd:63:f8:ce:17:e4:42:04:cf:0c:
23:73:d4:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YUGJt3mfd/59bS6wLEAqJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZTk1ODE3NDA2MDk1ZWM3Y2I1YzdiMjg2YjExMzMzNDk3
Yjk0NTEwHhcNMjYwNDE2MjIwMTM3WhcNMjYwNDE3MjIwMTM3WjAzMTEwLwYDVQQD
EyhjZjYxOWYxNDEzMGVmMWU3NGQ1Y2ZhNTdiZjYzYWExMzM5NmRmNjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgQ7f6eMgHrF17e+MJpvIkoDSYHj
G+Nb/PwK5rdEjQzc/zQZjwxOcM16af1y4lOj8TfZzFkKAvBloR2ykKDlfXrgrbGS
9qSGYdZwTgvmfZjjhZNc0t+LKA3TxnFhaQ/p4Cn/PeZ0TMvwetym5d6zeWCpgxKc
JnxWOZ4VSnRo10naK6cemn+l4mim/FyAtoJVXguBTUNM580Bv6s7TMuUEwWiQ6Ag
K3rjI5b+jTs+WE4H3nQgCJ5B6CS64G4Pj5aDX2CkQIZGMFRcWajqFL+Xechbd3hp
wPG6t3GfxeTNdP0DYXDk7Rjh7SeeQCZ/oMZllL8Gf5ILlWPyhhWrt+Zb7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM9hnxQTDvHnTVz6V79jqhM5bfYkMB8GA1UdIwQY
MBaAFGjpWBdAYJXsfLXHsoaxEzNJe5RRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU9sWUYwQmdsZXg4dGNleWhyRVRNMGw3bEZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy80YTVkNzEtZTExZC00ZDMyLWI1OTct
MDE5ZWM5ZDlhNzU4LzEvYU9sWUYwQmdsZXg4dGNleWhyRVRNMGw3bEZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy80YTVkNzEtZTExZC00ZDMyLWI1OTctMDE5ZWM5ZDlhNzU4
LzEvYU9sWUYwQmdsZXg4dGNleWhyRVRNMGw3bEZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWbTp+gT9
yi42SzYM/BIcHW7esvFHUAzDvodcsLxH/LNzLHfwUfR/U7z685txC0v2LRdXg3li
aSQPenXRnodtB2BvX3n7+ORuG8sr01eHLWoFdW89KvCVzX6NQWR9vlomPh80CVIM
FNEPOSKg7kqSLjHvcmVB5ioku3hlFYIEXgM+IzALdI1GGtIO/5/RWPb1rMYWoVvJ
mvT+YDS82NsyIYCOL+UGc8SHw2Ofhg+WYoCOjYgk3+3Khvz3HaZAyRpUXr3b0dnp
EE/jyUzT4PZFbkp9bI4PVa5i3eFbrfvCX/2InNF8Vzwe+lVxBVRwhME6B2TdY/jO
F+RCBM8MI3PUAA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 07:24:19 2026 by rpki-client