Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
File: aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft (raw, json)
Hash identifier: 0Tsl44d/xYYqeye2EA0lxC0zoAmOGKI0KPJcpMP+cVw=
Subject key identifier: 3B:69:4E:0C:8B:0C:F0:76:96:ED:04:F8:9B:DB:8C:C0:1B:18:F8:F9
Authority key identifier: 68:A8:E9:3D:3F:59:0F:44:50:D1:DB:3C:20:74:59:82:44:35:3E:93
Certificate issuer: /CN=68a8e93d3f590f4450d1db3c2074598244353e93
Certificate serial: 019CA97D18C498B610DDBF6B2E92914B2CDC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
Manifest number: 1851
Signing time: Sun 01 Mar 2026 13:01:13 +0000
Manifest this update: Sun 01 Mar 2026 13:01:13 +0000
Manifest next update: Mon 02 Mar 2026 13:01:13 +0000
Files and hashes: 1: aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl (hash: 3y4vrKjJNquh4qwmyOYCo7wXuTSOHCgr2vcEPlnXAeM=)
2: bKFR-ExETl9kc_NczqQy1RxK9rs.roa (hash: plcIB/DfvBpq4QLItxVjsjUSKb2BA3Zq8rL1ma4T6FY=)
3: pRSgM7v51dj4_nnKyTIe5vKbqck.roa (hash: zoPAj53DpixsBYDFs95Rz1APyotRYxKBCaNS8cQmVuY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a9:7d:18:c4:98:b6:10:dd:bf:6b:2e:92:91:4b:2c:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68a8e93d3f590f4450d1db3c2074598244353e93
Validity
Not Before: Mar 1 13:01:13 2026 GMT
Not After : Mar 2 13:01:13 2026 GMT
Subject: CN=3b694e0c8b0cf07696ed04f89bdb8cc01b18f8f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:b6:78:55:a8:7a:1f:a7:5a:4d:3c:19:61:92:
ea:26:e3:2a:2e:63:2e:58:f3:84:ec:49:5d:12:bd:
1c:2a:ee:61:0d:04:2b:19:92:a3:4e:f9:f6:5e:c6:
65:0b:17:70:5c:7d:b2:e2:0d:27:a7:34:63:cb:d4:
8c:4b:f2:03:ce:10:1a:f3:21:14:ae:c7:18:4a:11:
69:73:4d:c3:8c:b1:f2:49:75:c9:a6:cc:32:dc:c2:
9f:05:37:e6:28:f4:a6:07:68:0c:9d:25:90:25:05:
e4:a6:56:37:ab:68:83:d2:2e:c5:15:1f:7b:5d:0f:
cc:7f:98:7a:30:b0:47:5d:4a:56:27:c3:e2:24:ed:
db:3d:81:43:a2:2a:c1:b1:b7:8f:54:0c:7a:03:99:
01:c4:e4:53:1b:92:7d:19:5a:0e:9e:a2:5f:13:1c:
6d:e4:35:ea:24:96:ad:e3:6c:07:be:68:b6:5c:27:
81:cb:a4:c3:a6:70:a9:3c:5c:dc:0b:34:79:2b:09:
bc:0f:cd:57:e3:82:e9:8a:a4:b4:e4:f0:cb:db:b9:
f0:91:82:a1:47:e3:99:1a:12:6d:da:e6:55:25:dd:
1a:59:b8:03:59:9b:84:80:18:01:cf:ac:a1:c6:fa:
1e:1a:79:6c:39:10:1a:49:c3:31:e1:81:27:8f:43:
db:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:69:4E:0C:8B:0C:F0:76:96:ED:04:F8:9B:DB:8C:C0:1B:18:F8:F9
X509v3 Authority Key Identifier:
keyid:68:A8:E9:3D:3F:59:0F:44:50:D1:DB:3C:20:74:59:82:44:35:3E:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
49:5d:14:6c:fc:3a:5f:0e:86:7a:0f:d5:83:35:ff:66:d4:fa:
15:b6:fe:c7:5b:fd:ec:8f:7b:eb:04:2f:22:d1:fd:f9:16:85:
40:ce:8a:a4:07:fa:0f:ec:e7:67:6b:82:f3:ca:ac:f3:a4:34:
d4:4d:00:bf:70:f7:82:ea:84:88:d9:6d:e7:57:92:ec:ed:48:
78:af:29:44:c8:d4:88:14:23:6c:ca:da:a9:c2:27:07:9f:7e:
48:71:b6:85:ed:99:b0:35:da:38:21:d0:89:52:63:3c:f9:d0:
98:69:4b:24:fe:41:bf:e3:08:97:72:e2:f2:36:41:20:b4:17:
a1:14:81:3a:46:f3:27:16:88:42:55:91:52:8d:80:ad:61:72:
e7:53:97:db:60:ae:f9:f3:7a:86:af:db:9f:74:4a:5a:67:b1:
20:22:80:76:12:36:70:9b:61:71:3f:28:b2:33:cb:b5:1b:46:
01:e5:4b:6a:61:de:24:c4:81:12:b7:91:f0:ae:b2:f0:91:14:
36:5d:00:19:69:15:69:ba:b6:71:b8:7a:04:f3:38:f2:a0:c5:
45:bc:85:dc:53:90:35:d9:1e:5c:48:1b:db:83:28:3b:0c:12:
fe:66:e6:65:c6:2e:52:e2:59:8f:85:55:bb:ef:80:25:30:2f:
f9:57:47:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZypfRjEmLYQ3b9rLpKRSyzcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YThlOTNkM2Y1OTBmNDQ1MGQxZGIzYzIwNzQ1OTgyNDQz
NTNlOTMwHhcNMjYwMzAxMTMwMTEzWhcNMjYwMzAyMTMwMTEzWjAzMTEwLwYDVQQD
EygzYjY5NGUwYzhiMGNmMDc2OTZlZDA0Zjg5YmRiOGNjMDFiMThmOGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLZ4Vah6H6daTTwZYZLqJuMqLmMu
WPOE7EldEr0cKu5hDQQrGZKjTvn2XsZlCxdwXH2y4g0npzRjy9SMS/IDzhAa8yEU
rscYShFpc03DjLHySXXJpswy3MKfBTfmKPSmB2gMnSWQJQXkplY3q2iD0i7FFR97
XQ/Mf5h6MLBHXUpWJ8PiJO3bPYFDoirBsbePVAx6A5kBxORTG5J9GVoOnqJfExxt
5DXqJJat42wHvmi2XCeBy6TDpnCpPFzcCzR5Kwm8D81X44LpiqS05PDL27nwkYKh
R+OZGhJt2uZVJd0aWbgDWZuEgBgBz6yhxvoeGnlsORAaScMx4YEnj0PbqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDtpTgyLDPB2lu0E+JvbjMAbGPj5MB8GA1UdIwQY
MBaAFGio6T0/WQ9EUNHbPCB0WYJENT6TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9iYjNiMjktODFlNS00NWEyLTgxZWMt
MjVkZDRjYmIzNjk4LzEvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9iYjNiMjktODFlNS00NWEyLTgxZWMtMjVkZDRjYmIzNjk4
LzEvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASV0UbPw6
Xw6Geg/VgzX/ZtT6Fbb+x1v97I976wQvItH9+RaFQM6KpAf6D+znZ2uC88qs86Q0
1E0Av3D3guqEiNlt51eS7O1IeK8pRMjUiBQjbMraqcInB59+SHG2he2ZsDXaOCHQ
iVJjPPnQmGlLJP5Bv+MIl3Li8jZBILQXoRSBOkbzJxaIQlWRUo2ArWFy51OX22Cu
+fN6hq/bn3RKWmexICKAdhI2cJthcT8osjPLtRtGAeVLamHeJMSBEreR8K6y8JEU
Nl0AGWkVabq2cbh6BPM48qDFRbyF3FOQNdkeXEgb24MoOwwS/mbmZcYuUuJZj4VV
u++AJTAv+VdHOA==
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:24:02 2026 by rpki-client