Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/141203-813f-4712-9bd7-bdf431eb94f0/1/aIEP_k-SA6EAZ31lGTtEJniaz1w.mft
File: aIEP_k-SA6EAZ31lGTtEJniaz1w.mft (raw, json)
Hash identifier: bhyBhYRfdYyDAIx3mNgi6qbEJ9PMoN09soyH898tVKw=
Subject key identifier: 9D:BF:12:4F:8B:4E:94:06:34:CF:22:5C:0F:C7:7F:D7:D4:F4:46:00
Authority key identifier: 68:81:0F:FE:4F:92:03:A1:00:67:7D:65:19:3B:44:26:78:9A:CF:5C
Certificate issuer: /CN=68810ffe4f9203a100677d65193b4426789acf5c
Certificate serial: 019D9BBE4CCFD7B365EA261C7D68C54FF151
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aIEP_k-SA6EAZ31lGTtEJniaz1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/141203-813f-4712-9bd7-bdf431eb94f0/1/aIEP_k-SA6EAZ31lGTtEJniaz1w.mft
Manifest number: 0CD4
Signing time: Fri 17 Apr 2026 14:00:33 +0000
Manifest this update: Fri 17 Apr 2026 14:00:33 +0000
Manifest next update: Sat 18 Apr 2026 14:00:33 +0000
Files and hashes: 1: 4kjooCn4utyvNqQOgFxK7-kKLu0.roa (hash: UOUVc0j6e6Ip7AZ/AsFrmNnJ9pEwnrKNZc+DelE5OzU=)
2: aIEP_k-SA6EAZ31lGTtEJniaz1w.crl (hash: 1uZzAaiNQ5bCRUMa/S/Vv4IDrUUNh7VPoj83IJlISfo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/141203-813f-4712-9bd7-bdf431eb94f0/1/aIEP_k-SA6EAZ31lGTtEJniaz1w.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/141203-813f-4712-9bd7-bdf431eb94f0/1/aIEP_k-SA6EAZ31lGTtEJniaz1w.mft
rsync://rpki.ripe.net/repository/DEFAULT/aIEP_k-SA6EAZ31lGTtEJniaz1w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 14:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:be:4c:cf:d7:b3:65:ea:26:1c:7d:68:c5:4f:f1:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68810ffe4f9203a100677d65193b4426789acf5c
Validity
Not Before: Apr 17 14:00:33 2026 GMT
Not After : Apr 18 14:00:33 2026 GMT
Subject: CN=9dbf124f8b4e940634cf225c0fc77fd7d4f44600
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e3:4c:25:14:b5:c4:74:54:51:cd:c8:48:34:
f0:82:5b:b0:01:9b:b6:c8:fe:64:8f:9e:08:a8:70:
46:26:d2:07:55:56:80:c3:e9:ca:a0:92:6b:24:04:
75:32:68:30:e9:51:9b:c0:d5:47:25:1c:7c:f5:fe:
a9:6e:21:0c:75:a7:22:f0:2e:51:f7:22:a6:16:ff:
20:04:6c:6a:ef:0c:6c:82:17:bd:91:44:55:28:e1:
07:a8:ee:84:b6:da:51:30:14:0a:9c:07:c3:2b:14:
48:67:83:8c:b9:74:d7:03:f2:3f:65:95:e2:d9:ad:
33:72:cb:5f:d0:ce:c0:cd:0f:78:76:cc:0f:74:db:
dd:8d:70:ec:b9:0d:d5:21:bf:37:78:f0:f7:c2:15:
b4:ee:56:ee:cb:2e:a8:8b:35:0c:ba:00:0e:5d:b0:
e9:d6:bf:fb:64:10:91:bb:1e:aa:23:39:07:da:08:
2c:d2:2e:48:8d:1f:4f:3b:0d:30:8e:5b:f3:90:50:
fb:69:6a:39:eb:f1:d3:f3:34:6e:ad:15:b5:d1:9e:
f8:bf:89:51:86:45:03:e7:7e:2f:7b:c8:2a:98:6d:
2f:c8:f3:7a:94:81:11:a4:3e:ba:78:64:37:0e:3c:
12:78:f6:b7:7a:38:4e:73:e2:aa:d9:53:29:42:18:
c2:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:BF:12:4F:8B:4E:94:06:34:CF:22:5C:0F:C7:7F:D7:D4:F4:46:00
X509v3 Authority Key Identifier:
keyid:68:81:0F:FE:4F:92:03:A1:00:67:7D:65:19:3B:44:26:78:9A:CF:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aIEP_k-SA6EAZ31lGTtEJniaz1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/141203-813f-4712-9bd7-bdf431eb94f0/1/aIEP_k-SA6EAZ31lGTtEJniaz1w.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/141203-813f-4712-9bd7-bdf431eb94f0/1/aIEP_k-SA6EAZ31lGTtEJniaz1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a3:29:dc:51:8c:88:a1:b8:48:c5:a2:70:fe:34:5d:45:53:52:
a7:b2:60:4a:68:0e:e4:99:20:ae:03:31:5d:06:50:8a:6a:71:
ee:a2:01:d8:a5:89:08:e6:d7:4d:1b:6b:a2:17:60:4c:c0:26:
b8:a7:ad:dc:07:08:51:23:c6:5c:0f:10:ce:96:4a:51:a6:31:
0d:fa:c7:fc:85:d4:e0:b8:c0:c8:ba:f4:0f:51:88:a4:f0:d6:
33:ea:b3:fa:03:44:e7:a3:1f:a5:a1:4f:81:58:d7:53:9a:dd:
a6:e5:6c:b3:4f:84:0b:8a:0a:d4:bf:ee:96:94:eb:ee:b1:8e:
3c:62:de:0e:ba:c5:ae:c3:2f:7f:1f:f5:fb:93:98:ce:ea:9d:
db:61:1f:a2:e2:49:86:a1:32:28:41:ee:d3:8e:7a:9c:ea:a8:
67:60:44:4a:f4:62:95:24:65:cf:eb:91:36:ba:5d:e7:ff:41:
ff:a2:3e:09:2a:24:fd:0d:4c:50:f3:5c:c5:35:c0:bc:b0:a9:
3b:d8:fd:e3:aa:87:4d:c6:ef:88:32:62:ce:0d:01:48:df:62:
71:7c:e9:da:30:74:e8:f6:1b:62:9d:30:ad:4b:88:61:f6:20:
20:6e:02:34:7b:24:4e:98:42:e4:65:f1:9e:4d:0a:a0:b1:73:
5b:8c:e0:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bvkzP17Nl6iYcfWjFT/FRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ODEwZmZlNGY5MjAzYTEwMDY3N2Q2NTE5M2I0NDI2Nzg5
YWNmNWMwHhcNMjYwNDE3MTQwMDMzWhcNMjYwNDE4MTQwMDMzWjAzMTEwLwYDVQQD
Eyg5ZGJmMTI0ZjhiNGU5NDA2MzRjZjIyNWMwZmM3N2ZkN2Q0ZjQ0NjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtONMJRS1xHRUUc3ISDTwgluwAZu2
yP5kj54IqHBGJtIHVVaAw+nKoJJrJAR1Mmgw6VGbwNVHJRx89f6pbiEMdaci8C5R
9yKmFv8gBGxq7wxsghe9kURVKOEHqO6EttpRMBQKnAfDKxRIZ4OMuXTXA/I/ZZXi
2a0zcstf0M7AzQ94dswPdNvdjXDsuQ3VIb83ePD3whW07lbuyy6oizUMugAOXbDp
1r/7ZBCRux6qIzkH2ggs0i5IjR9POw0wjlvzkFD7aWo56/HT8zRurRW10Z74v4lR
hkUD534ve8gqmG0vyPN6lIERpD66eGQ3DjwSePa3ejhOc+Kq2VMpQhjChwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ2/Ek+LTpQGNM8iXA/Hf9fU9EYAMB8GA1UdIwQY
MBaAFGiBD/5PkgOhAGd9ZRk7RCZ4ms9cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUlFUF9rLVNBNkVBWjMxbEdUdEVKbmlhejF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8xNDEyMDMtODEzZi00NzEyLTliZDct
YmRmNDMxZWI5NGYwLzEvYUlFUF9rLVNBNkVBWjMxbEdUdEVKbmlhejF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8xNDEyMDMtODEzZi00NzEyLTliZDctYmRmNDMxZWI5NGYw
LzEvYUlFUF9rLVNBNkVBWjMxbEdUdEVKbmlhejF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoyncUYyI
obhIxaJw/jRdRVNSp7JgSmgO5JkgrgMxXQZQimpx7qIB2KWJCObXTRtrohdgTMAm
uKet3AcIUSPGXA8QzpZKUaYxDfrH/IXU4LjAyLr0D1GIpPDWM+qz+gNE56MfpaFP
gVjXU5rdpuVss0+EC4oK1L/ulpTr7rGOPGLeDrrFrsMvfx/1+5OYzuqd22EfouJJ
hqEyKEHu0456nOqoZ2BESvRilSRlz+uRNrpd5/9B/6I+CSok/Q1MUPNcxTXAvLCp
O9j946qHTcbviDJizg0BSN9icXzp2jB06PYbYp0wrUuIYfYgIG4CNHskTphC5GXx
nk0KoLFzW4zgew==
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:56:28 2026 by rpki-client