Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/9bafb1-0c42-425b-aa29-19c045c6a14f/1/0AL76fCkE2A-3vtzOlMfLiwOnAY.mft
File: 0AL76fCkE2A-3vtzOlMfLiwOnAY.mft (raw, json)
Hash identifier: wWDQmw8D8SeQJJJrlEYZ2beG7tI+c7wyf0JTIX653es=
Subject key identifier: 51:2D:25:48:E4:EC:49:08:6E:78:22:AE:39:22:54:39:E4:A5:D7:E8
Authority key identifier: D0:02:FB:E9:F0:A4:13:60:3E:DE:FB:73:3A:53:1F:2E:2C:0E:9C:06
Certificate issuer: /CN=d002fbe9f0a413603edefb733a531f2e2c0e9c06
Certificate serial: 019EBF91B290D7EECE00D95BDDD32CF517D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0AL76fCkE2A-3vtzOlMfLiwOnAY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/9bafb1-0c42-425b-aa29-19c045c6a14f/1/0AL76fCkE2A-3vtzOlMfLiwOnAY.mft
Manifest number: 1959
Signing time: Sat 13 Jun 2026 06:00:57 +0000
Manifest this update: Sat 13 Jun 2026 06:00:57 +0000
Manifest next update: Sun 14 Jun 2026 06:00:57 +0000
Files and hashes: 1: 0AL76fCkE2A-3vtzOlMfLiwOnAY.crl (hash: LMwl3z7mPAe8bFVJ2zBMgwRlM9t+AtyLVeTBscU91Kc=)
2: dsXROTd2qvJarDLFNerpFXp5tvM.roa (hash: g4jlzZr8kyp6l2Rwmj8PdLtnag5RCNjP07Ftz4rMi7Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/9bafb1-0c42-425b-aa29-19c045c6a14f/1/0AL76fCkE2A-3vtzOlMfLiwOnAY.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/9bafb1-0c42-425b-aa29-19c045c6a14f/1/0AL76fCkE2A-3vtzOlMfLiwOnAY.mft
rsync://rpki.ripe.net/repository/DEFAULT/0AL76fCkE2A-3vtzOlMfLiwOnAY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:bf:91:b2:90:d7:ee:ce:00:d9:5b:dd:d3:2c:f5:17:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d002fbe9f0a413603edefb733a531f2e2c0e9c06
Validity
Not Before: Jun 13 06:00:57 2026 GMT
Not After : Jun 14 06:00:57 2026 GMT
Subject: CN=512d2548e4ec49086e7822ae39225439e4a5d7e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:ef:a0:22:7f:4a:24:14:35:b9:fe:f6:9d:b1:
e9:0b:80:bf:71:83:d1:ec:7d:ee:97:13:93:4e:e8:
c6:88:fd:46:2a:6d:81:fb:05:a3:93:24:9c:16:fc:
8b:b1:54:5e:e9:7e:6b:3b:e8:25:59:59:4c:27:74:
f2:fb:d3:24:80:36:af:c9:8c:90:1c:ae:c8:66:e7:
89:7e:ce:c0:36:c8:d9:8d:4f:3d:2f:6b:38:79:de:
54:df:80:d9:37:70:56:79:33:0d:68:e2:d2:15:e2:
78:e2:5a:e7:6e:d7:bc:2d:cf:be:a0:bf:c0:f1:a7:
e4:1d:c9:9b:bb:b0:4c:6f:19:16:ac:44:b8:d5:cd:
44:7e:f5:ba:a6:af:31:3c:7a:76:56:8f:22:39:a8:
60:04:0d:44:0f:b6:34:dc:55:ef:cb:cd:99:8c:e2:
7f:76:3c:43:0a:57:8e:6e:f3:3b:00:af:a1:c5:6d:
0b:17:da:e0:d5:7a:6c:5a:9b:3c:7b:26:8a:cd:40:
99:36:4e:6c:cc:df:ca:9a:2b:03:5a:8a:17:25:8d:
4b:a8:37:84:1b:81:b4:ac:b4:97:05:65:56:04:98:
68:b2:4f:74:25:e3:af:db:c8:40:ac:49:3e:99:9c:
52:e2:b7:5d:1e:cc:d7:56:26:6d:8f:8f:e5:19:ab:
ad:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:2D:25:48:E4:EC:49:08:6E:78:22:AE:39:22:54:39:E4:A5:D7:E8
X509v3 Authority Key Identifier:
keyid:D0:02:FB:E9:F0:A4:13:60:3E:DE:FB:73:3A:53:1F:2E:2C:0E:9C:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0AL76fCkE2A-3vtzOlMfLiwOnAY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/9bafb1-0c42-425b-aa29-19c045c6a14f/1/0AL76fCkE2A-3vtzOlMfLiwOnAY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/9bafb1-0c42-425b-aa29-19c045c6a14f/1/0AL76fCkE2A-3vtzOlMfLiwOnAY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
74:54:7a:b2:34:41:b8:29:16:da:67:2c:d1:1d:56:48:59:b2:
38:3a:88:8a:fd:a9:67:0a:6c:dc:2e:be:91:55:e9:e7:95:11:
45:7f:68:e9:2c:05:00:1f:ac:c5:01:5c:82:c3:f3:92:f1:12:
ea:67:2d:51:eb:4b:09:c0:b4:2b:ad:c0:1b:75:14:e8:45:8c:
d8:e1:47:8e:19:40:bc:ba:af:8c:0c:c0:ee:f4:9a:40:59:ef:
f0:15:95:5b:7b:f5:05:e7:a0:8e:13:9b:e5:3c:a1:ef:f9:92:
fc:13:ea:50:b7:66:af:92:3a:1d:79:8e:b0:48:fe:99:ac:04:
d1:4d:64:a1:ee:1a:d7:b7:36:88:fb:eb:45:f1:c7:69:4d:25:
60:de:29:ad:7a:8b:b1:0e:13:87:92:b8:b0:6b:d9:a6:1a:96:
8a:9d:81:f9:12:a3:f9:76:4d:f8:b3:3a:11:50:4c:b7:cd:ca:
3f:bf:5a:58:30:03:47:14:54:87:72:c1:b9:71:6f:a4:85:5e:
f1:21:8b:c3:2b:d5:eb:de:2c:9d:1d:94:b8:27:88:77:f3:6d:
ae:b7:ba:3e:b8:76:94:c3:cc:c6:b0:bc:c3:78:88:a9:3d:4b:
9c:4a:10:15:22:0c:d8:2e:3b:6a:6e:ad:d0:20:f0:08:34:be:
9c:15:ae:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6/kbKQ1+7OANlb3dMs9RfUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMDJmYmU5ZjBhNDEzNjAzZWRlZmI3MzNhNTMxZjJlMmMw
ZTljMDYwHhcNMjYwNjEzMDYwMDU3WhcNMjYwNjE0MDYwMDU3WjAzMTEwLwYDVQQD
Eyg1MTJkMjU0OGU0ZWM0OTA4NmU3ODIyYWUzOTIyNTQzOWU0YTVkN2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0++gIn9KJBQ1uf72nbHpC4C/cYPR
7H3ulxOTTujGiP1GKm2B+wWjkyScFvyLsVRe6X5rO+glWVlMJ3Ty+9MkgDavyYyQ
HK7IZueJfs7ANsjZjU89L2s4ed5U34DZN3BWeTMNaOLSFeJ44lrnbte8Lc++oL/A
8afkHcmbu7BMbxkWrES41c1EfvW6pq8xPHp2Vo8iOahgBA1ED7Y03FXvy82ZjOJ/
djxDCleObvM7AK+hxW0LF9rg1XpsWps8eyaKzUCZNk5szN/KmisDWooXJY1LqDeE
G4G0rLSXBWVWBJhosk90JeOv28hArEk+mZxS4rddHszXViZtj4/lGautJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFEtJUjk7EkIbngirjkiVDnkpdfoMB8GA1UdIwQY
MBaAFNAC++nwpBNgPt77czpTHy4sDpwGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFMNzZmQ2tFMkEtM3Z0ek9sTWZMaXdPbkFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS85YmFmYjEtMGM0Mi00MjViLWFhMjkt
MTljMDQ1YzZhMTRmLzEvMEFMNzZmQ2tFMkEtM3Z0ek9sTWZMaXdPbkFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS85YmFmYjEtMGM0Mi00MjViLWFhMjktMTljMDQ1YzZhMTRm
LzEvMEFMNzZmQ2tFMkEtM3Z0ek9sTWZMaXdPbkFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdFR6sjRB
uCkW2mcs0R1WSFmyODqIiv2pZwps3C6+kVXp55URRX9o6SwFAB+sxQFcgsPzkvES
6mctUetLCcC0K63AG3UU6EWM2OFHjhlAvLqvjAzA7vSaQFnv8BWVW3v1BeegjhOb
5Tyh7/mS/BPqULdmr5I6HXmOsEj+mawE0U1koe4a17c2iPvrRfHHaU0lYN4prXqL
sQ4Th5K4sGvZphqWip2B+RKj+XZN+LM6EVBMt83KP79aWDADRxRUh3LBuXFvpIVe
8SGLwyvV694snR2UuCeId/Ntrre6Prh2lMPMxrC8w3iIqT1LnEoQFSIM2C47am6t
0CDwCDS+nBWuLQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:36:21 2026 by rpki-client