Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.mft
File: aOlYF0Bglex8tceyhrETM0l7lFE.mft (raw, json)
Hash identifier: ofOS7KHxQwoizMSXO9OcOs/qLk+Ln0knQpaEjIf5CPQ=
Subject key identifier: E0:81:2F:A9:8C:C3:94:F4:62:3B:32:45:5F:24:B7:C6:C2:D2:B9:FF
Authority key identifier: 68:E9:58:17:40:60:95:EC:7C:B5:C7:B2:86:B1:13:33:49:7B:94:51
Certificate issuer: /CN=68e95817406095ec7cb5c7b286b11333497b9451
Certificate serial: 019CACB4B15B259129EE3C00D7EC2A27665A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aOlYF0Bglex8tceyhrETM0l7lFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.mft
Manifest number: 0A53
Signing time: Mon 02 Mar 2026 04:00:48 +0000
Manifest this update: Mon 02 Mar 2026 04:00:48 +0000
Manifest next update: Tue 03 Mar 2026 04:00:48 +0000
Files and hashes: 1: MCQJgOH0F61zyqort3aDkrCqcME.roa (hash: dFlLGTPXyNVZq9IJXBt9j7cJ/cyhu9qP1civtpo4hwY=)
2: aOlYF0Bglex8tceyhrETM0l7lFE.crl (hash: M+bb5XHmEEzKPY3+f6jpTx0q8MGwf/xghnv1r2dQP5E=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.mft
rsync://rpki.ripe.net/repository/DEFAULT/aOlYF0Bglex8tceyhrETM0l7lFE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:b4:b1:5b:25:91:29:ee:3c:00:d7:ec:2a:27:66:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68e95817406095ec7cb5c7b286b11333497b9451
Validity
Not Before: Mar 2 04:00:48 2026 GMT
Not After : Mar 3 04:00:48 2026 GMT
Subject: CN=e0812fa98cc394f4623b32455f24b7c6c2d2b9ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:90:d5:49:83:a3:58:de:e5:17:b7:3d:f2:6f:
5b:bb:8d:f7:70:85:eb:c6:c0:6e:1f:c9:2f:43:ba:
77:ea:6d:72:23:97:5e:31:e7:3a:5e:d6:04:94:1b:
bd:9f:e6:fb:0b:6f:5d:a9:6d:74:d3:86:3b:34:49:
0d:73:7d:02:1c:5f:43:16:48:9a:77:74:41:27:5a:
a5:74:37:3a:e6:4f:e5:2a:6e:ea:92:23:17:e3:6b:
a3:af:eb:8a:da:5a:f3:d7:7e:b5:c1:0e:33:bc:ae:
29:fa:68:c1:37:9e:11:9c:7a:d0:0b:95:86:3a:8a:
d3:81:6c:58:38:c1:d1:95:08:6e:73:4d:23:77:0f:
5b:94:df:17:9e:69:29:fb:f1:ef:e6:e9:36:97:59:
9a:aa:2a:96:a8:39:82:17:0d:5a:e4:51:64:91:23:
01:cb:9f:b8:3a:2f:06:95:33:f5:79:56:63:d8:68:
1d:5a:ed:e3:72:d2:ea:68:e0:dc:90:51:86:1b:cc:
6f:1f:7e:6e:e1:51:24:eb:da:d8:68:93:dd:64:d9:
89:e0:e0:34:05:84:d5:07:d5:a3:d1:5f:4c:c0:bc:
13:6c:bb:74:45:0b:a9:52:3c:4f:69:bd:21:24:e4:
49:03:1e:05:37:62:7c:31:55:bf:18:03:5d:53:53:
a1:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:81:2F:A9:8C:C3:94:F4:62:3B:32:45:5F:24:B7:C6:C2:D2:B9:FF
X509v3 Authority Key Identifier:
keyid:68:E9:58:17:40:60:95:EC:7C:B5:C7:B2:86:B1:13:33:49:7B:94:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aOlYF0Bglex8tceyhrETM0l7lFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
12:71:2d:35:a2:19:78:ec:2e:d7:07:1f:3f:4e:1b:56:d6:5e:
07:8d:ec:44:4e:d3:0c:72:c7:27:44:ae:27:24:51:11:54:76:
38:ef:00:04:3a:cd:90:26:14:98:8a:c2:82:21:96:fe:13:56:
1d:29:9f:a3:b9:c7:7f:cd:fa:28:77:a9:3a:99:fd:30:9c:83:
93:a5:09:e3:b3:71:cc:af:5e:24:6e:c2:e0:f4:79:61:ef:35:
18:74:8f:8f:a4:0b:f9:3f:f6:7d:7b:26:54:0f:11:bf:cf:a6:
90:f5:2d:0f:50:7e:d8:1e:43:03:2e:21:b8:5d:3a:6b:9b:8c:
81:c5:f6:e6:38:a3:7f:86:a7:e8:23:73:76:c3:b5:78:61:60:
51:15:38:a1:99:53:20:95:f0:2e:8c:06:ba:05:dc:eb:1a:6c:
3e:bc:ca:05:a6:fa:4a:d7:60:13:3a:e8:de:27:02:47:73:05:
19:29:24:ec:b1:ee:1d:f6:f0:c8:53:79:65:5b:1b:a8:5d:7b:
e9:cc:5b:e5:25:1a:47:fd:af:21:2a:84:b2:7f:c4:ed:5a:27:
da:3c:04:0b:b5:82:79:f9:20:8e:47:33:2c:c9:00:33:ac:75:
1e:ac:bc:18:37:73:99:f6:24:08:55:16:6a:7a:25:9b:e6:b0:
78:40:77:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZystLFbJZEp7jwA1+wqJ2ZaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZTk1ODE3NDA2MDk1ZWM3Y2I1YzdiMjg2YjExMzMzNDk3
Yjk0NTEwHhcNMjYwMzAyMDQwMDQ4WhcNMjYwMzAzMDQwMDQ4WjAzMTEwLwYDVQQD
EyhlMDgxMmZhOThjYzM5NGY0NjIzYjMyNDU1ZjI0YjdjNmMyZDJiOWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA65DVSYOjWN7lF7c98m9bu433cIXr
xsBuH8kvQ7p36m1yI5deMec6XtYElBu9n+b7C29dqW1004Y7NEkNc30CHF9DFkia
d3RBJ1qldDc65k/lKm7qkiMX42ujr+uK2lrz1361wQ4zvK4p+mjBN54RnHrQC5WG
OorTgWxYOMHRlQhuc00jdw9blN8Xnmkp+/Hv5uk2l1maqiqWqDmCFw1a5FFkkSMB
y5+4Oi8GlTP1eVZj2GgdWu3jctLqaODckFGGG8xvH35u4VEk69rYaJPdZNmJ4OA0
BYTVB9Wj0V9MwLwTbLt0RQupUjxPab0hJORJAx4FN2J8MVW/GANdU1OhbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOCBL6mMw5T0YjsyRV8kt8bC0rn/MB8GA1UdIwQY
MBaAFGjpWBdAYJXsfLXHsoaxEzNJe5RRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU9sWUYwQmdsZXg4dGNleWhyRVRNMGw3bEZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy80YTVkNzEtZTExZC00ZDMyLWI1OTct
MDE5ZWM5ZDlhNzU4LzEvYU9sWUYwQmdsZXg4dGNleWhyRVRNMGw3bEZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy80YTVkNzEtZTExZC00ZDMyLWI1OTctMDE5ZWM5ZDlhNzU4
LzEvYU9sWUYwQmdsZXg4dGNleWhyRVRNMGw3bEZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEnEtNaIZ
eOwu1wcfP04bVtZeB43sRE7TDHLHJ0SuJyRREVR2OO8ABDrNkCYUmIrCgiGW/hNW
HSmfo7nHf836KHepOpn9MJyDk6UJ47NxzK9eJG7C4PR5Ye81GHSPj6QL+T/2fXsm
VA8Rv8+mkPUtD1B+2B5DAy4huF06a5uMgcX25jijf4an6CNzdsO1eGFgURU4oZlT
IJXwLowGugXc6xpsPrzKBab6StdgEzro3icCR3MFGSkk7LHuHfbwyFN5ZVsbqF17
6cxb5SUaR/2vISqEsn/E7Von2jwEC7WCefkgjkczLMkAM6x1Hqy8GDdzmfYkCFUW
anolm+aweEB3oQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:19:58 2026 by rpki-client