Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
File: aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft (raw, json)
Hash identifier: xD+7fHhbPlSMpfzi6dyJWLs2QShd/P1Ps2n34vS35oU=
Subject key identifier: B9:8B:68:43:F9:D1:12:70:D0:09:51:83:05:94:BD:89:80:8D:F3:5D
Authority key identifier: 68:A8:E9:3D:3F:59:0F:44:50:D1:DB:3C:20:74:59:82:44:35:3E:93
Certificate issuer: /CN=68a8e93d3f590f4450d1db3c2074598244353e93
Certificate serial: 019DA29D2886E1164C1A07CC8BEC68FC528F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
Manifest number: 18D2
Signing time: Sat 18 Apr 2026 22:01:41 +0000
Manifest this update: Sat 18 Apr 2026 22:01:41 +0000
Manifest next update: Sun 19 Apr 2026 22:01:41 +0000
Files and hashes: 1: aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl (hash: XRSZiPQl1D0lNyNFUDfqrBgowTtt+5AJgwwpqTPsvNg=)
2: bKFR-ExETl9kc_NczqQy1RxK9rs.roa (hash: plcIB/DfvBpq4QLItxVjsjUSKb2BA3Zq8rL1ma4T6FY=)
3: pRSgM7v51dj4_nnKyTIe5vKbqck.roa (hash: zoPAj53DpixsBYDFs95Rz1APyotRYxKBCaNS8cQmVuY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 Apr 2026 22:01:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a2:9d:28:86:e1:16:4c:1a:07:cc:8b:ec:68:fc:52:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68a8e93d3f590f4450d1db3c2074598244353e93
Validity
Not Before: Apr 18 22:01:41 2026 GMT
Not After : Apr 19 22:01:41 2026 GMT
Subject: CN=b98b6843f9d11270d00951830594bd89808df35d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:fa:36:72:7b:09:c7:86:fc:74:9a:76:ed:d3:
71:03:27:0a:2c:62:9c:db:a2:7a:f6:e9:94:34:4f:
27:a0:0c:bd:47:c8:29:13:33:fe:df:03:27:83:c9:
eb:47:03:a3:3e:f9:50:fe:23:80:bd:17:2b:0e:7f:
64:b4:d4:8f:a6:ae:fa:a3:70:e3:ff:12:a9:fb:98:
4e:7c:6d:3e:18:77:49:17:90:5c:a2:c9:9d:ac:52:
19:0e:08:db:9e:8f:30:1d:9d:39:ba:13:9e:76:af:
60:9a:c3:0d:48:5e:da:77:11:83:1d:53:13:f9:27:
c3:01:ee:31:f9:43:96:dc:90:e4:c0:d4:c2:e6:e4:
cf:02:e7:88:a3:ed:28:70:73:c5:55:cc:d4:72:93:
ed:50:71:b8:f4:78:67:9c:32:b7:02:07:00:87:d6:
39:ce:9e:d5:b6:c4:b6:d0:f2:4d:be:95:89:05:0d:
3b:ee:db:f4:b2:d2:00:55:96:a2:1a:90:41:16:a9:
b8:ef:e9:42:8b:f9:34:94:35:f7:17:14:82:f2:9b:
5b:ac:b3:d9:72:58:cd:2b:5e:5d:51:27:c0:60:2b:
86:a8:b6:54:c4:83:b1:58:9d:e2:02:49:d3:2e:f3:
14:4b:20:de:1c:6e:6a:f9:95:b1:be:c6:01:de:b4:
c9:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:8B:68:43:F9:D1:12:70:D0:09:51:83:05:94:BD:89:80:8D:F3:5D
X509v3 Authority Key Identifier:
keyid:68:A8:E9:3D:3F:59:0F:44:50:D1:DB:3C:20:74:59:82:44:35:3E:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
52:c4:df:a5:97:01:18:5c:b9:31:c5:72:b3:7f:65:8b:bf:6d:
fd:0f:7d:de:86:65:5e:f7:f2:bf:a9:cf:ea:93:59:54:5f:05:
8d:39:85:b1:95:6e:98:a7:ca:25:ef:06:b8:25:c9:07:6e:e4:
82:c7:81:82:a1:54:74:d1:d9:5b:55:b7:0f:da:5a:f5:e7:26:
47:cf:da:72:fc:aa:0a:69:da:88:16:eb:84:d0:f0:96:b0:10:
20:76:5a:94:f6:5f:a0:f7:45:01:d7:49:72:43:b3:9d:8b:97:
45:60:cc:4a:e9:bb:6c:f0:7c:8d:fd:69:f5:45:3c:b3:d6:20:
35:c9:2c:7e:8f:00:19:9e:15:c5:38:b4:2f:d4:65:6c:8c:5b:
6c:c7:32:c7:21:cc:c6:bf:c6:fd:6c:63:c5:db:da:d5:bf:eb:
12:ba:ed:d2:a7:25:7c:52:1f:ac:59:59:4a:c0:1b:2c:8e:4e:
a1:7e:ce:75:d1:d1:bd:09:7d:89:c9:46:1c:88:15:ef:fc:54:
a9:67:6a:a2:ce:04:b1:b0:19:7e:9f:fa:88:15:74:a2:a8:eb:
fa:5a:59:06:ef:b4:53:05:c1:30:f0:93:c5:67:f2:db:52:af:
75:30:a2:d5:64:65:11:20:5f:28:bf:40:dc:98:dc:e4:48:89:
65:c1:c0:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2inSiG4RZMGgfMi+xo/FKPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YThlOTNkM2Y1OTBmNDQ1MGQxZGIzYzIwNzQ1OTgyNDQz
NTNlOTMwHhcNMjYwNDE4MjIwMTQxWhcNMjYwNDE5MjIwMTQxWjAzMTEwLwYDVQQD
EyhiOThiNjg0M2Y5ZDExMjcwZDAwOTUxODMwNTk0YmQ4OTgwOGRmMzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvo2cnsJx4b8dJp27dNxAycKLGKc
26J69umUNE8noAy9R8gpEzP+3wMng8nrRwOjPvlQ/iOAvRcrDn9ktNSPpq76o3Dj
/xKp+5hOfG0+GHdJF5BcosmdrFIZDgjbno8wHZ05uhOedq9gmsMNSF7adxGDHVMT
+SfDAe4x+UOW3JDkwNTC5uTPAueIo+0ocHPFVczUcpPtUHG49HhnnDK3AgcAh9Y5
zp7VtsS20PJNvpWJBQ077tv0stIAVZaiGpBBFqm47+lCi/k0lDX3FxSC8ptbrLPZ
cljNK15dUSfAYCuGqLZUxIOxWJ3iAknTLvMUSyDeHG5q+ZWxvsYB3rTJKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLmLaEP50RJw0AlRgwWUvYmAjfNdMB8GA1UdIwQY
MBaAFGio6T0/WQ9EUNHbPCB0WYJENT6TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9iYjNiMjktODFlNS00NWEyLTgxZWMt
MjVkZDRjYmIzNjk4LzEvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9iYjNiMjktODFlNS00NWEyLTgxZWMtMjVkZDRjYmIzNjk4
LzEvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUsTfpZcB
GFy5McVys39li79t/Q993oZlXvfyv6nP6pNZVF8FjTmFsZVumKfKJe8GuCXJB27k
gseBgqFUdNHZW1W3D9pa9ecmR8/acvyqCmnaiBbrhNDwlrAQIHZalPZfoPdFAddJ
ckOznYuXRWDMSum7bPB8jf1p9UU8s9YgNcksfo8AGZ4VxTi0L9RlbIxbbMcyxyHM
xr/G/Wxjxdva1b/rErrt0qclfFIfrFlZSsAbLI5OoX7OddHRvQl9iclGHIgV7/xU
qWdqos4EsbAZfp/6iBV0oqjr+lpZBu+0UwXBMPCTxWfy21KvdTCi1WRlESBfKL9A
3Jjc5EiJZcHA3g==
-----END CERTIFICATE-----
Generated at Sun Apr 19 08:22:36 2026 by rpki-client