Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
File: aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft (raw, json)
Hash identifier: ccM0hQuLIVY5GUoZQfBgRTskE0PmKO1H7U5Yiag2HvA=
Subject key identifier: 58:BB:BD:7E:94:0D:AE:92:13:8B:A7:46:97:5B:8A:90:CD:C5:8E:61
Authority key identifier: 68:A8:E9:3D:3F:59:0F:44:50:D1:DB:3C:20:74:59:82:44:35:3E:93
Certificate issuer: /CN=68a8e93d3f590f4450d1db3c2074598244353e93
Certificate serial: 019EC06D9E0D64C1F4C0858AB75E6A7B4848
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
Manifest number: 1966
Signing time: Sat 13 Jun 2026 10:01:09 +0000
Manifest this update: Sat 13 Jun 2026 10:01:09 +0000
Manifest next update: Sun 14 Jun 2026 10:01:09 +0000
Files and hashes: 1: aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl (hash: xQlCEdwcVigLYEW5B+/areIzYjDoyt8mZduIXDJMybU=)
2: bKFR-ExETl9kc_NczqQy1RxK9rs.roa (hash: plcIB/DfvBpq4QLItxVjsjUSKb2BA3Zq8rL1ma4T6FY=)
3: pRSgM7v51dj4_nnKyTIe5vKbqck.roa (hash: zoPAj53DpixsBYDFs95Rz1APyotRYxKBCaNS8cQmVuY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:c0:6d:9e:0d:64:c1:f4:c0:85:8a:b7:5e:6a:7b:48:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68a8e93d3f590f4450d1db3c2074598244353e93
Validity
Not Before: Jun 13 10:01:09 2026 GMT
Not After : Jun 14 10:01:09 2026 GMT
Subject: CN=58bbbd7e940dae92138ba746975b8a90cdc58e61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:5f:b2:a7:c3:d3:3a:85:e4:9f:14:71:be:3d:
05:bf:da:b6:25:65:7d:cc:8d:e9:8f:fb:d3:f2:43:
04:48:09:c5:4d:97:74:b1:30:6c:22:8b:89:19:aa:
00:55:0d:c7:a4:09:85:05:7e:f1:cd:4e:68:c0:a4:
45:2f:f5:7b:58:e9:41:e2:8c:66:12:ec:81:ee:49:
18:b9:9a:37:4c:05:b7:f9:e5:01:e5:07:c5:76:2d:
af:a8:42:c4:d4:d3:84:95:c4:9c:7d:4c:d0:fd:84:
8b:ae:71:c1:78:8e:db:ea:79:51:15:c3:0c:71:37:
96:34:1e:50:9f:cc:8d:46:30:8b:34:76:70:50:39:
f9:ab:ca:3b:3a:37:6d:39:47:de:31:4d:26:db:be:
6b:4b:9a:dd:12:72:b8:e5:97:21:ab:4c:1f:63:40:
1a:c5:ba:ce:65:5f:17:3a:27:fb:98:4e:92:fb:a2:
fb:b3:72:a5:dd:1e:ca:a3:be:eb:7e:40:d4:75:21:
a3:51:48:6b:3d:b8:01:6a:6c:73:aa:60:d4:74:1f:
e9:3a:37:cf:1b:76:35:a4:f6:c4:e1:5e:88:22:fe:
ab:c7:81:5f:a9:13:c6:64:c2:c0:2a:91:76:ef:bc:
16:f7:8a:5d:69:a0:ab:4e:6a:8e:f4:af:94:97:52:
46:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:BB:BD:7E:94:0D:AE:92:13:8B:A7:46:97:5B:8A:90:CD:C5:8E:61
X509v3 Authority Key Identifier:
keyid:68:A8:E9:3D:3F:59:0F:44:50:D1:DB:3C:20:74:59:82:44:35:3E:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
08:6d:41:5f:c0:9c:7e:c0:11:ad:7e:a2:80:8d:12:75:97:73:
1d:90:12:12:f3:2b:54:2d:1a:e9:16:36:5b:b4:2f:14:e5:f4:
6c:15:72:94:8f:e6:77:a3:d5:97:a8:77:96:6f:7a:10:fc:e8:
a4:81:05:21:9d:b4:80:dd:af:4d:b1:9f:d2:a9:6e:4f:2a:12:
d3:3a:9b:03:8b:51:7c:64:de:60:6d:fa:b0:e5:5d:62:af:aa:
5d:84:c6:11:93:83:c4:94:f4:65:14:ec:de:60:fb:e6:c3:f1:
1f:d6:89:be:4d:08:c7:1f:2c:c4:64:c0:60:b7:ca:3f:fb:55:
2d:4e:4d:49:de:28:63:85:da:a3:26:c4:31:a1:0b:ed:8f:e9:
70:65:c3:47:86:19:fe:fc:bc:fa:79:e8:cf:1b:ed:ea:7b:7d:
e8:4b:55:1a:5d:3b:46:43:93:f2:d7:31:96:a8:b4:06:2e:ae:
7c:02:2d:d2:97:ab:9b:f6:6e:4d:ee:c5:66:36:2a:9a:a8:08:
1a:e5:72:9b:95:2f:6c:62:b9:fc:9b:26:56:20:09:57:5b:69:
6b:74:f3:61:74:73:e5:6f:70:29:11:02:d9:3b:56:c8:da:c6:
1c:ce:c0:fa:9f:a2:7e:ea:d7:57:53:b7:e9:c5:15:97:ec:73:
72:b3:a0:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7AbZ4NZMH0wIWKt15qe0hIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YThlOTNkM2Y1OTBmNDQ1MGQxZGIzYzIwNzQ1OTgyNDQz
NTNlOTMwHhcNMjYwNjEzMTAwMTA5WhcNMjYwNjE0MTAwMTA5WjAzMTEwLwYDVQQD
Eyg1OGJiYmQ3ZTk0MGRhZTkyMTM4YmE3NDY5NzViOGE5MGNkYzU4ZTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1+yp8PTOoXknxRxvj0Fv9q2JWV9
zI3pj/vT8kMESAnFTZd0sTBsIouJGaoAVQ3HpAmFBX7xzU5owKRFL/V7WOlB4oxm
EuyB7kkYuZo3TAW3+eUB5QfFdi2vqELE1NOElcScfUzQ/YSLrnHBeI7b6nlRFcMM
cTeWNB5Qn8yNRjCLNHZwUDn5q8o7OjdtOUfeMU0m275rS5rdEnK45Zchq0wfY0Aa
xbrOZV8XOif7mE6S+6L7s3Kl3R7Ko77rfkDUdSGjUUhrPbgBamxzqmDUdB/pOjfP
G3Y1pPbE4V6IIv6rx4FfqRPGZMLAKpF277wW94pdaaCrTmqO9K+Ul1JG5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFi7vX6UDa6SE4unRpdbipDNxY5hMB8GA1UdIwQY
MBaAFGio6T0/WQ9EUNHbPCB0WYJENT6TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9iYjNiMjktODFlNS00NWEyLTgxZWMt
MjVkZDRjYmIzNjk4LzEvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9iYjNiMjktODFlNS00NWEyLTgxZWMtMjVkZDRjYmIzNjk4
LzEvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACG1BX8Cc
fsARrX6igI0SdZdzHZASEvMrVC0a6RY2W7QvFOX0bBVylI/md6PVl6h3lm96EPzo
pIEFIZ20gN2vTbGf0qluTyoS0zqbA4tRfGTeYG36sOVdYq+qXYTGEZODxJT0ZRTs
3mD75sPxH9aJvk0Ixx8sxGTAYLfKP/tVLU5NSd4oY4XaoybEMaEL7Y/pcGXDR4YZ
/vy8+nnozxvt6nt96EtVGl07RkOT8tcxlqi0Bi6ufAIt0perm/ZuTe7FZjYqmqgI
GuVym5UvbGK5/JsmViAJV1tpa3TzYXRz5W9wKREC2TtWyNrGHM7A+p+ifurXV1O3
6cUVl+xzcrOgYg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 13:22:54 2026 by rpki-client